Windows Security System - nelze smazat

Zpráva

hazik · #1 Příspěvek od **hazik** » 29 črc 2012 13:31

Mám tu jeden PC, kde se objevil falešný antivir windows security system, zkoušel jsem všechny návody co jsem našel a nepodařilo se mi ho odstranit. Prosím Vás tedy o pomoc. Děkuji
Log:
Logfile of random's system information tool 1.09 (written by random/random)
Run by dung at 2012-07-29 14:29:41
Microsoft Windows 7 Home Premium
System drive C: has 1133 GB (79%) free of 1431 GB
Total RAM: 8191 MB (92% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3180577601-574283010-483730119-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3180577601-574283010-483730119-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\dung\AppData\Roaming\Mozilla\Firefox\Profiles\39ni5r9e.default

prefs.js - "browser.startup.homepage" - "http://search.imesh.com/"

"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.268 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6]
"Description"=Yahoo Messenger State Plugin
"Path"=C:\Program Files (x86)\Yahoo!\Shared\npYState.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\dung\AppData\Roaming\Mozilla\Firefox\Profiles\39ni5r9e.default\extensions\
{EEE6C361-6118-11DC-9C72-001320C79847}

C:\Users\dung\AppData\Roaming\Mozilla\Firefox\Profiles\39ni5r9e.default\searchplugins\
sweetim.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2011-01-21 1389880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
MediaBar - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll [2011-05-30 89008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
Babylon toolbar helper - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll [2011-08-14 270960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
UrlHelper Class - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll [2011-08-09 1235336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-02-11 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-16 192112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-05-30 4014280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-02-11 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2011-08-24 1299248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2011-01-21 163128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2011-01-21 1389880]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-20 988480]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]
{28387537-e3f9-4ed7-860c-11e69af4a8a0} - MediaBar - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll [2011-05-30 89008]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2010-06-21 1018680]
{98889811-442D-49dd-99D7-DC866BE87DBC} - Babylon Toolbar - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll [2011-08-14 237680]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2011-08-24 1299248]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-16 192112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"mor.exe"=C:\Users\dung\AppData\Local\Temp\mor.exe [2012-07-25 421888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWow64\webcheck.dll [2012-02-15 203776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=DivX.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-07-29 14:29:38 ----A---- C:\RSIT.exe
2012-07-29 14:21:23 ----D---- C:\rsit
2012-07-29 14:21:23 ----D---- C:\Program Files (x86)\trend micro
2012-07-29 13:14:17 ----D---- C:\Users\dung\AppData\Roaming\Malwarebytes
2012-07-29 13:14:11 ----D---- C:\ProgramData\Malwarebytes
2012-07-29 13:14:11 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-07-29 13:11:38 ----A---- C:\iExplore.exe
2012-07-29 13:03:28 ----A---- C:\rkill.exe
2012-07-29 13:03:27 ----A---- C:\mbam-setup.exe
2012-07-29 11:08:58 ----D---- C:\Windows\temp
2012-07-29 11:08:57 ----A---- C:\ComboFix.txt
2012-07-29 11:05:01 ----SHD---- C:\$RECYCLE.BIN
2012-07-29 10:55:49 ----A---- C:\Windows\ntbtlog.txt
2012-07-29 10:39:10 ----A---- C:\Windows\zip.exe
2012-07-29 10:39:10 ----A---- C:\Windows\SWSC.exe
2012-07-29 10:39:10 ----A---- C:\Windows\SWREG.exe
2012-07-29 10:39:10 ----A---- C:\Windows\sed.exe
2012-07-29 10:39:10 ----A---- C:\Windows\PEV.exe
2012-07-29 10:39:10 ----A---- C:\Windows\NIRCMD.exe
2012-07-29 10:39:10 ----A---- C:\Windows\MBR.exe
2012-07-29 10:39:10 ----A---- C:\Windows\grep.exe
2012-07-29 10:39:07 ----D---- C:\dddd
2012-07-29 10:38:31 ----D---- C:\Windows\ERDNT
2012-07-29 10:38:28 ----D---- C:\Qoobox
2012-07-26 20:12:21 ----D---- C:\Users\dung\AppData\Roaming\Spyware Terminator
2012-07-26 20:12:21 ----D---- C:\ProgramData\Spyware Terminator
2012-07-26 20:11:56 ----D---- C:\Program Files (x86)\Spyware Terminator
2012-07-26 19:49:13 ----D---- C:\Program Files (x86)\GridinSoft Trojan Killer
2012-07-26 19:34:17 ----D---- C:\Windows\pss
2012-07-12 22:30:38 ----A---- C:\Windows\SysWOW64\url.dll
2012-07-12 22:30:38 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2012-07-12 22:30:37 ----A---- C:\Windows\SysWOW64\urlmon.dll
2012-07-12 22:30:37 ----A---- C:\Windows\SysWOW64\ieui.dll
2012-07-12 22:30:37 ----A---- C:\Windows\SysWOW64\iertutil.dll
2012-07-12 22:30:36 ----A---- C:\Windows\SysWOW64\wininet.dll
2012-07-12 22:30:36 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2012-07-12 22:30:35 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2012-07-12 22:30:35 ----A---- C:\Windows\SysWOW64\jscript9.dll
2012-07-12 22:30:35 ----A---- C:\Windows\SysWOW64\jscript.dll
2012-07-12 22:30:34 ----A---- C:\Windows\SysWOW64\mshtml.dll
2012-07-12 22:30:32 ----A---- C:\Windows\SysWOW64\ieframe.dll
2012-07-12 18:15:01 ----A---- C:\Windows\SysWOW64\msxml6.dll
2012-07-12 18:15:01 ----A---- C:\Windows\SysWOW64\msxml3.dll
2012-07-12 18:14:57 ----A---- C:\Windows\SysWOW64\shell32.dll
2012-07-12 18:14:50 ----A---- C:\Windows\SysWOW64\schannel.dll
2012-07-12 18:14:50 ----A---- C:\Windows\SysWOW64\ncrypt.dll
2012-07-12 18:14:49 ----A---- C:\Windows\SysWOW64\sspicli.dll
2012-07-12 18:14:49 ----A---- C:\Windows\SysWOW64\secur32.dll
2012-07-12 18:14:36 ----A---- C:\Windows\SysWOW64\cryptsvc.dll
2012-07-12 18:14:36 ----A---- C:\Windows\SysWOW64\crypt32.dll
2012-07-12 18:14:35 ----A---- C:\Windows\SysWOW64\cryptnet.dll

======List of files/folders modified in the last 1 month======

2012-07-29 14:21:23 ----RD---- C:\Program Files (x86)
2012-07-29 13:14:11 ----D---- C:\ProgramData
2012-07-29 11:08:58 ----D---- C:\Windows
2012-07-29 11:04:57 ----A---- C:\Windows\system.ini
2012-07-29 11:02:27 ----D---- C:\Windows\SysWOW64\drivers
2012-07-29 11:02:27 ----D---- C:\Windows\SysWOW64
2012-07-29 11:02:27 ----D---- C:\Windows\AppPatch
2012-07-29 11:02:26 ----D---- C:\Program Files (x86)\Common Files
2012-07-29 10:46:09 ----D---- C:\Windows\Prefetch
2012-07-29 10:37:49 ----D---- C:\Users\dung\AppData\Roaming\Skype
2012-07-29 10:34:38 ----D---- C:\Users\dung\AppData\Roaming\skypePM
2012-07-27 21:00:04 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-07-27 18:30:04 ----SHD---- C:\Windows\Installer
2012-07-26 20:14:52 ----SHD---- C:\System Volume Information
2012-07-26 19:51:39 ----D---- C:\Windows\System32
2012-07-26 19:51:39 ----D---- C:\Windows\inf
2012-07-26 19:35:10 ----D---- C:\ProgramData\Norton
2012-07-26 19:35:08 ----D---- C:\Windows\Tasks
2012-07-26 19:35:08 ----D---- C:\ProgramData\Symantec
2012-07-26 19:24:36 ----D---- C:\Users\dung\AppData\Roaming\ExpressFiles
2012-07-22 21:06:18 ----D---- C:\Program Files (x86)\Common Files\Symantec Shared
2012-07-22 13:50:17 ----AT---- C:\Windows\SysWOW64\SIntfNT.dll
2012-07-22 13:50:17 ----AT---- C:\Windows\SysWOW64\SIntf32.dll
2012-07-22 13:50:17 ----AT---- C:\Windows\SysWOW64\SIntf16.dll
2012-07-18 07:40:06 ----D---- C:\Users\dung\AppData\Roaming\TS3Client
2012-07-18 07:40:03 ----D---- C:\Program Files (x86)\TeamSpeak 3 Client
2012-07-12 23:43:14 ----D---- C:\Windows\rescache
2012-07-12 22:37:13 ----D---- C:\Windows\winsxs
2012-07-12 22:34:18 ----D---- C:\Windows\SysWOW64\migration
2012-07-12 22:34:18 ----D---- C:\Windows\SysWOW64\cs-CZ
2012-07-12 22:34:18 ----D---- C:\Program Files (x86)\Internet Explorer
2012-07-12 22:32:53 ----D---- C:\ProgramData\Microsoft Help
2012-07-12 22:32:44 ----A---- C:\Windows\win.ini
2012-07-12 22:31:43 ----RSD---- C:\Windows\assembly

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ioatdma;Intel(R) QuickData Technology device; C:\Windows\System32\Drivers\ioatdma.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys []
S1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys []
S1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
S2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys []
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
S3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys []
S3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys []
S3 CamSuiteVAC;CamSuite Virtual Audio; C:\Windows\system32\DRIVERS\CamSuiteVAC.sys []
S3 catchme;catchme; \??\C:\dddd21433d\catchme.sys []
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys []
S3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
S3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys []
S3 ioatdma1;ioatdma1; C:\Windows\System32\Drivers\qd162x64.sys []
S3 ioatdma2;ioatdma2; C:\Windows\System32\Drivers\qd252x64.sys []
S3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys []
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys []
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys []
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; C:\Windows\System32\Drivers\nx6000.sys []
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys []
S3 NmPar;MosChip PCI Parallel Port; C:\Windows\system32\DRIVERS\NmPar.sys []
S3 nmserial;MosChip PCI Serial Port; C:\Windows\system32\DRIVERS\nmserial.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys []
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys []
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys []
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys []
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys []
S3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys []
S3 PAC7302;FaceCam 300; C:\Windows\system32\DRIVERS\PAC7302.SYS []
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys []
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%; C:\Windows\system32\DRIVERS\RTL8192su.sys []
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []
S3 X6va005;X6va005; \??\C:\Users\dung\AppData\Local\Temp\005A911.tmp []
S3 X6va007;X6va007; \??\C:\Users\dung\AppData\Local\Temp\00773F9.tmp []
S3 X6va008;X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 []
S3 X6va009;X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-12-10 75064]
S2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2011-12-14 214520]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-27 250056]
S4 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
S4 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
S4 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-04-06 349472]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-20 136176]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-20 136176]
S4 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-08-01 182768]
S4 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-06-21 246584]
S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-04-14 934176]
S4 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-18 113120]
S4 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS64.exe [2010-05-20 199536]
S4 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 12784]
S4 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S4 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
S4 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-05-30 3048136]
S4 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2012-06-22 1148664]
S4 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
S4 TuneUp.Defrag;@C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [2011-02-24 607048]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2009-10-30 1353544]
S4 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 YahooAUService;Yahoo! Updater; C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]

-----------------EOF-----------------

hazik · #2 Příspěvek od **hazik** » 29 črc 2012 13:55

Rkill:
This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 29.07.2012 at 14:07:32.
Operating System: Windows 7 Home Premium

Processes terminated by Rkill or while it was running:

C:\Windows\SysWOW64\rundll32.exe

Rkill completed on 29.07.2012 at 14:07:34.

Combofix:
ComboFix 12-07-27.03 - dung 29.07.2012 10:57:37.2.2 - x64 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.8191.7377 [GMT 2:00]
Spuštěný z: c:\users\dung\Desktop\dddd.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\dung\AppData\Local\Temp\mor.exe . . . . nemohl být smazán
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-28 do 2012-07-29 )))))))))))))))))))))))))))))))
.
.
2012-07-29 09:03 . 2012-07-29 09:03 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2012-07-29 09:03 . 2012-07-29 09:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-29 08:39 . 2012-07-29 08:52 -------- d-----w- C:\dddd
2012-07-26 18:12 . 2012-07-29 08:33 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2012-07-26 18:12 . 2012-07-27 16:30 -------- d-----w- c:\programdata\Spyware Terminator
2012-07-26 18:12 . 2012-07-26 18:12 -------- d-----w- c:\users\dung\AppData\Roaming\Spyware Terminator
2012-07-26 18:11 . 2012-07-26 18:12 -------- d-----w- c:\program files (x86)\Spyware Terminator
2012-07-26 17:49 . 2012-07-26 18:09 -------- d-----w- c:\program files (x86)\GridinSoft Trojan Killer
2012-07-25 19:41 . 2012-07-25 19:41 44464 ----a-w- c:\windows\system32\drivers\eb75d1b145d6a7c9.sys
2012-07-12 20:32 . 2012-06-12 03:02 3147264 ----a-w- c:\windows\system32\win32k.sys
2012-07-12 16:15 . 2012-06-06 05:50 2003968 ----a-w- c:\windows\system32\msxml6.dll
2012-07-12 16:15 . 2012-06-06 05:50 1880064 ----a-w- c:\windows\system32\msxml3.dll
2012-07-12 16:15 . 2012-06-06 05:09 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-07-12 16:15 . 2012-06-06 05:09 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-27 19:00 . 2012-05-20 04:57 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-27 19:00 . 2011-06-08 06:58 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-22 11:50 . 2011-03-22 17:27 21840 ----atw- c:\windows\SysWow64\SIntfNT.dll
2012-07-22 11:50 . 2011-03-22 17:27 17212 ----atw- c:\windows\SysWow64\SIntf32.dll
2012-07-22 11:50 . 2011-03-22 17:27 12067 ----atw- c:\windows\SysWow64\SIntf16.dll
2012-06-29 10:04 . 2012-07-25 05:11 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4171BC7D-7880-47E6-ACD0-C8F6E186C84E}\mpengine.dll
2012-06-02 22:19 . 2012-06-21 15:33 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 15:34 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 15:34 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 15:34 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 15:33 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 15:34 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 15:33 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-21 15:33 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-21 15:33 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 05:27 . 2012-07-12 16:14 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 04:48 . 2012-07-12 16:14 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-05-31 10:25 . 2010-08-10 12:16 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-05-04 10:52 . 2012-06-13 14:32 5505392 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:08 . 2012-06-13 14:32 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:08 . 2012-06-13 14:32 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-29_08.48.00 )))))))))))))))))))))))))))))))))))))))))
.
- 2012-07-29 08:47 . 2012-07-29 08:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-29 09:04 . 2012-07-29 09:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-29 09:04 . 2012-07-29 09:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-07-29 08:47 . 2012-07-29 08:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files (x86)\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll" [2011-01-21 213816]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\YTNavAssist.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{A31F34A1-EBD2-45A2-BF6D-231C1B987CC8}]
[HKEY_CLASSES_ROOT\YTNavAssist.YTNavAssistPlugin]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
2011-05-30 13:35 89008 ----a-w- c:\progra~2\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
2011-08-09 12:35 1235336 ----a-w- c:\progra~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2011-08-24 17:21 1299248 ----a-r- c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{28387537-e3f9-4ed7-860c-11e69af4a8a0}"= "c:\progra~2\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll" [2011-05-30 89008]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2011-08-24 1299248]
.
[HKEY_CLASSES_ROOT\clsid\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mor.exe"="c:\users\dung\AppData\Local\Temp\mor.exe" [2012-07-25 421888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\IMESHA~1\MediaBar\Datamngr\datamngr.dll c:\progra~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer6"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"HP Software Update"=c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys [2012-07-29 51496]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-05-27 6856192]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-05-27 264192]
R3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2010-11-15 121832]
R3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2010-11-15 364520]
R3 CamSuiteVAC;CamSuite Virtual Audio;c:\windows\system32\DRIVERS\CamSuiteVAC.sys [2008-09-18 56320]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [2010-04-05 301232]
R3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 ioatdma1;ioatdma1;c:\windows\System32\Drivers\qd162x64.sys [2009-11-16 40144]
R3 ioatdma2;ioatdma2;c:\windows\System32\Drivers\qd252x64.sys [2009-11-16 47824]
R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2009-06-11 60416]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2010-05-20 36720]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 NmPar;MosChip PCI Parallel Port;c:\windows\system32\DRIVERS\NmPar.sys [x]
R3 nmserial;MosChip PCI Serial Port;c:\windows\system32\DRIVERS\nmserial.sys [x]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [2008-05-02 23552]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-02-24 78336]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-07-08 694888]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-02-18 51712]
R3 X6va005;X6va005;c:\users\dung\AppData\Local\Temp\005A911.tmp [x]
R3 X6va007;X6va007;c:\users\dung\AppData\Local\Temp\00773F9.tmp [x]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
R3 X6va009;X6va009;c:\windows\SysWOW64\Drivers\X6va009 [x]
R4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-27 250056]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-27 203264]
R4 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R4 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-20 136176]
R4 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-20 136176]
R4 ICQ Service;ICQ Service;c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-06-21 246584]
R4 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-18 113120]
R4 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-05-30 3048136]
R4 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [2012-06-21 1148664]
R4 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
R4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2009-10-30 1353544]
R4 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-10 1255736]
S0 ioatdma;Intel(R) QuickData Technology device;c:\windows\System32\Drivers\ioatdma.sys [2009-11-16 46792]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-03-15 254528]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - eb75d1b145d6a7c9
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-20 19:00]
.
2012-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-20 13:21]
.
2012-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-20 13:21]
.
2012-07-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3180577601-574283010-483730119-1000Core.job
- c:\users\dung\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-13 12:31]
.
2012-07-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3180577601-574283010-483730119-1000UA.job
- c:\users\dung\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-13 12:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
2011-08-09 12:35 1792904 ----a-w- c:\progra~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll c:\progra~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://home.sweetim.com
mStart Page = hxxp://home.sweetim.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\dung\AppData\Roaming\Mozilla\Firefox\Profiles\39ni5r9e.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - SweetIM Search
FF - prefs.js: browser.startup.homepage - hxxp://search.imesh.com/
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109130
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 08138156000000000000000b6aee9de7
FF - user.js: extensions.BabylonToolbar_i.hardId - 08138156000000000000000b6aee9de7
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15374
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.178:37
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\dung\AppData\Local\Temp\005A911.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va007]
"ImagePath"="\??\c:\users\dung\AppData\Local\Temp\00773F9.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va009]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va009"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eb75d1b145d6a7c9]
"ImagePath"="\SystemRoot\System32\Drivers\eb75d1b145d6a7c9.sys"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3180577601-574283010-483730119-1000\Software\SecuROM\License information*]
"datasecu"=hex:fe,90,97,77,dd,d1,26,3c,56,71,36,f0,6e,b0,99,d7,87,f1,d3,5e,88,
da,77,74,61,ac,78,b4,fc,8a,28,06,15,a0,6c,74,7d,e4,32,b4,3a,10,a2,9d,bc,9c,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-07-29 11:08:57 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-29 09:08
ComboFix2.txt 2012-07-29 08:52
.
Před spuštěním: Volných bajtů: 1 188 024 426 496
Po spuštění: Volných bajtů: 1 187 926 880 256
.
- - End Of File - - 054A0B328A40695D6496FAA06985C9A9

Mbam:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.62.0.1300
www.malwarebytes.org

Verze databáze: v2012.07.03.05

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
dung :: DUNG-PC [administrátor]

Ochrana: Zakázána

29.7.2012 14:08:49
mbam-log-2012-07-29 (14-08-49).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 210806
Uplynulý čas: 2 minut, 48 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

hazik · #3 Příspěvek od **hazik** » 29 črc 2012 14:55

Velice se Vám omlouvám a děkuji za pomoc. TDSsKiller nebyl použit.

Log:
ComboFix 12-07-29.02 - dung 29.07.2012 15:26:59.3.2 - x64 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.8191.7348 [GMT 2:00]
Spuštěný z: C:\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\iexplore.exe
c:\users\dung\AppData\Local\Temp\mor.exe . . . . nemohl být smazán
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-28 do 2012-07-29 )))))))))))))))))))))))))))))))
.
.
2012-07-29 13:32 . 2012-07-29 13:32 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2012-07-29 13:32 . 2012-07-29 13:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-29 12:29 . 2012-07-29 12:12 781383 ----a-w- C:\RSIT.exe
2012-07-29 12:21 . 2012-07-29 12:21 -------- d-----w- C:\rsit
2012-07-29 12:21 . 2012-07-29 12:21 -------- d-----w- c:\program files (x86)\trend micro
2012-07-29 11:14 . 2012-07-29 11:14 -------- d-----w- c:\users\dung\AppData\Roaming\Malwarebytes
2012-07-29 11:14 . 2012-07-29 11:14 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-29 11:14 . 2012-07-29 11:14 -------- d-----w- c:\programdata\Malwarebytes
2012-07-29 11:14 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-29 11:03 . 2012-07-29 10:11 1012656 ----a-w- C:\rkill.exe
2012-07-29 11:03 . 2012-07-29 10:10 10651816 ----a-w- C:\mbam-setup.exe
2012-07-29 08:39 . 2012-07-29 08:52 -------- d-----w- C:\dddd
2012-07-26 18:12 . 2012-07-29 08:33 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2012-07-26 18:12 . 2012-07-27 16:30 -------- d-----w- c:\programdata\Spyware Terminator
2012-07-26 18:12 . 2012-07-26 18:12 -------- d-----w- c:\users\dung\AppData\Roaming\Spyware Terminator
2012-07-26 18:11 . 2012-07-26 18:12 -------- d-----w- c:\program files (x86)\Spyware Terminator
2012-07-26 17:49 . 2012-07-26 18:09 -------- d-----w- c:\program files (x86)\GridinSoft Trojan Killer
2012-07-25 19:41 . 2012-07-25 19:41 44464 ----a-w- c:\windows\system32\drivers\eb75d1b145d6a7c9.sys
2012-07-12 20:32 . 2012-06-12 03:02 3147264 ----a-w- c:\windows\system32\win32k.sys
2012-07-12 16:15 . 2012-06-06 05:50 2003968 ----a-w- c:\windows\system32\msxml6.dll
2012-07-12 16:15 . 2012-06-06 05:50 1880064 ----a-w- c:\windows\system32\msxml3.dll
2012-07-12 16:15 . 2012-06-06 05:09 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-07-12 16:15 . 2012-06-06 05:09 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-27 19:00 . 2012-05-20 04:57 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-27 19:00 . 2011-06-08 06:58 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-22 11:50 . 2011-03-22 17:27 21840 ----atw- c:\windows\SysWow64\SIntfNT.dll
2012-07-22 11:50 . 2011-03-22 17:27 17212 ----atw- c:\windows\SysWow64\SIntf32.dll
2012-07-22 11:50 . 2011-03-22 17:27 12067 ----atw- c:\windows\SysWow64\SIntf16.dll
2012-06-29 10:04 . 2012-07-25 05:11 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4171BC7D-7880-47E6-ACD0-C8F6E186C84E}\mpengine.dll
2012-06-02 22:19 . 2012-06-21 15:33 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 15:34 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 15:34 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 15:34 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 15:33 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 15:34 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 15:33 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-21 15:33 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-21 15:33 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 05:27 . 2012-07-12 16:14 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 04:48 . 2012-07-12 16:14 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-05-31 10:25 . 2010-08-10 12:16 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-05-04 10:52 . 2012-06-13 14:32 5505392 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:08 . 2012-06-13 14:32 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:08 . 2012-06-13 14:32 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-29_08.48.00 )))))))))))))))))))))))))))))))))))))))))
.
- 2012-07-29 08:47 . 2012-07-29 08:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-29 13:33 . 2012-07-29 13:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-29 13:33 . 2012-07-29 13:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-07-29 08:47 . 2012-07-29 08:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files (x86)\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll" [2011-01-21 213816]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\YTNavAssist.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{A31F34A1-EBD2-45A2-BF6D-231C1B987CC8}]
[HKEY_CLASSES_ROOT\YTNavAssist.YTNavAssistPlugin]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
2011-05-30 13:35 89008 ----a-w- c:\progra~2\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
2011-08-09 12:35 1235336 ----a-w- c:\progra~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2011-08-24 17:21 1299248 ----a-r- c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{28387537-e3f9-4ed7-860c-11e69af4a8a0}"= "c:\progra~2\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll" [2011-05-30 89008]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2011-08-24 1299248]
.
[HKEY_CLASSES_ROOT\clsid\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mor.exe"="c:\users\dung\AppData\Local\Temp\mor.exe" [2012-07-25 421888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\IMESHA~1\MediaBar\Datamngr\datamngr.dll c:\progra~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer6"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"HP Software Update"=c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
R2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys [2012-07-29 51496]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-05-27 6856192]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-05-27 264192]
R3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2010-11-15 121832]
R3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2010-11-15 364520]
R3 CamSuiteVAC;CamSuite Virtual Audio;c:\windows\system32\DRIVERS\CamSuiteVAC.sys [2008-09-18 56320]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [2010-04-05 301232]
R3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 ioatdma1;ioatdma1;c:\windows\System32\Drivers\qd162x64.sys [2009-11-16 40144]
R3 ioatdma2;ioatdma2;c:\windows\System32\Drivers\qd252x64.sys [2009-11-16 47824]
R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2009-06-11 60416]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2010-05-20 36720]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 NmPar;MosChip PCI Parallel Port;c:\windows\system32\DRIVERS\NmPar.sys [x]
R3 nmserial;MosChip PCI Serial Port;c:\windows\system32\DRIVERS\nmserial.sys [x]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [2008-05-02 23552]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-02-24 78336]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-07-08 694888]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-02-18 51712]
R3 X6va005;X6va005;c:\users\dung\AppData\Local\Temp\005A911.tmp [x]
R3 X6va007;X6va007;c:\users\dung\AppData\Local\Temp\00773F9.tmp [x]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
R3 X6va009;X6va009;c:\windows\SysWOW64\Drivers\X6va009 [x]
R4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-27 250056]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-27 203264]
R4 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R4 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-20 136176]
R4 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-20 136176]
R4 ICQ Service;ICQ Service;c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-06-21 246584]
R4 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-18 113120]
R4 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-05-30 3048136]
R4 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [2012-06-21 1148664]
R4 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
R4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2009-10-30 1353544]
R4 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-10 1255736]
S0 ioatdma;Intel(R) QuickData Technology device;c:\windows\System32\Drivers\ioatdma.sys [2009-11-16 46792]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-03-15 254528]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - eb75d1b145d6a7c9
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-20 19:00]
.
2012-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-20 13:21]
.
2012-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-20 13:21]
.
2012-07-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3180577601-574283010-483730119-1000Core.job
- c:\users\dung\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-13 12:31]
.
2012-07-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3180577601-574283010-483730119-1000UA.job
- c:\users\dung\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-13 12:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
2011-08-09 12:35 1792904 ----a-w- c:\progra~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll c:\progra~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://home.sweetim.com
mStart Page = hxxp://home.sweetim.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\dung\AppData\Roaming\Mozilla\Firefox\Profiles\39ni5r9e.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - SweetIM Search
FF - prefs.js: browser.startup.homepage - hxxp://search.imesh.com/
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109130
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 08138156000000000000000b6aee9de7
FF - user.js: extensions.BabylonToolbar_i.hardId - 08138156000000000000000b6aee9de7
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15374
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.178:37
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\dung\AppData\Local\Temp\005A911.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va007]
"ImagePath"="\??\c:\users\dung\AppData\Local\Temp\00773F9.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va009]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va009"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eb75d1b145d6a7c9]
"ImagePath"="\SystemRoot\System32\Drivers\eb75d1b145d6a7c9.sys"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3180577601-574283010-483730119-1000\Software\SecuROM\License information*]
"datasecu"=hex:fe,90,97,77,dd,d1,26,3c,56,71,36,f0,6e,b0,99,d7,87,f1,d3,5e,88,
da,77,74,61,ac,78,b4,fc,8a,28,06,15,a0,6c,74,7d,e4,32,b4,3a,10,a2,9d,bc,9c,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-07-29 15:38:02 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-29 13:38
ComboFix2.txt 2012-07-29 09:08
ComboFix3.txt 2012-07-29 08:52
.
Před spuštěním: Volných bajtů: 1 187 989 061 632
Po spuštění: Volných bajtů: 1 187 646 791 680
.
- - End Of File - - D5ADE495110A6EA8AC67ED7B210219BE

hazik · #4 Příspěvek od **hazik** » 29 črc 2012 15:48

16:42:18.0008 1804 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
16:42:18.0024 1804 ============================================================
16:42:18.0024 1804 Current date / time: 2012/07/29 16:42:18.0024
16:42:18.0024 1804 SystemInfo:
16:42:18.0024 1804
16:42:18.0024 1804 OS Version: 6.1.7600 ServicePack: 0.0
16:42:18.0024 1804 Product type: Workstation
16:42:18.0024 1804 ComputerName: DUNG-PC
16:42:18.0024 1804 UserName: dung
16:42:18.0024 1804 Windows directory: C:\Windows
16:42:18.0024 1804 System windows directory: C:\Windows
16:42:18.0024 1804 Running under WOW64
16:42:18.0024 1804 Processor architecture: Intel x64
16:42:18.0024 1804 Number of processors: 2
16:42:18.0024 1804 Page size: 0x1000
16:42:18.0024 1804 Boot type: Safe boot
16:42:18.0024 1804 ============================================================
16:42:22.0548 1804 !crdlk
16:42:22.0563 1804 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
16:42:22.0563 1804 Drive \Device\Harddisk1\DR3 - Size: 0x7B200000 (1.92 Gb), SectorSize: 0x200, Cylinders: 0xFB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:42:22.0563 1804 ============================================================
16:42:22.0563 1804 \Device\Harddisk0\DR0:
16:42:22.0563 1804 MBR partitions:
16:42:22.0563 1804 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
16:42:22.0563 1804 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0xAEA22800
16:42:22.0563 1804 \Device\Harddisk1\DR3:
16:42:22.0563 1804 MBR partitions:
16:42:22.0563 1804 \Device\Harddisk1\DR3\Partition0: MBR, Type 0x6, StartLBA 0x20, BlocksNum 0x3D8FE0
16:42:22.0563 1804 ============================================================
16:42:22.0594 1804 C: <-> \Device\Harddisk0\DR0\Partition1
16:42:22.0594 1804 ============================================================
16:42:22.0594 1804 Initialize success
16:42:22.0594 1804 ============================================================
16:42:47.0617 1836 ============================================================
16:42:47.0617 1836 Scan started
16:42:47.0617 1836 Mode: Manual; SigCheck; TDLFS;
16:42:47.0617 1836 ============================================================
16:42:47.0976 1836 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
16:42:48.0069 1836 1394ohci - ok
16:42:48.0147 1836 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
16:42:48.0163 1836 ACPI - ok
16:42:48.0194 1836 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
16:42:48.0241 1836 AcpiPmi - ok
16:42:48.0366 1836 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:42:48.0381 1836 AdobeFlashPlayerUpdateSvc - ok
16:42:48.0428 1836 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:42:48.0444 1836 adp94xx - ok
16:42:48.0490 1836 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:42:48.0490 1836 adpahci - ok
16:42:48.0522 1836 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:42:48.0537 1836 adpu320 - ok
16:42:48.0568 1836 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:42:48.0678 1836 AeLookupSvc - ok
16:42:48.0740 1836 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
16:42:48.0787 1836 AFD - ok
16:42:48.0834 1836 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
16:42:48.0849 1836 agp440 - ok
16:42:48.0865 1836 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:42:48.0896 1836 ALG - ok
16:42:48.0912 1836 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
16:42:48.0927 1836 aliide - ok
16:42:48.0974 1836 AMD External Events Utility (f687d4976eff550fb0be45a5cb19f18f) C:\Windows\system32\atiesrxx.exe
16:42:49.0052 1836 AMD External Events Utility - ok
16:42:49.0068 1836 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
16:42:49.0083 1836 amdide - ok
16:42:49.0099 1836 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:42:49.0130 1836 AmdK8 - ok
16:42:49.0442 1836 amdkmdag (74687c33c4ad25a975bbb1ea1e8b3884) C:\Windows\system32\DRIVERS\atikmdag.sys
16:42:49.0520 1836 amdkmdag - ok
16:42:49.0645 1836 amdkmdap (c7f56ed86327a78e7f8a5cc503a98bd6) C:\Windows\system32\DRIVERS\atikmpag.sys
16:42:49.0660 1836 amdkmdap - ok
16:42:49.0707 1836 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:42:49.0738 1836 AmdPPM - ok
16:42:49.0770 1836 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
16:42:49.0785 1836 amdsata - ok
16:42:49.0816 1836 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:42:49.0832 1836 amdsbs - ok
16:42:49.0848 1836 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
16:42:49.0863 1836 amdxata - ok
16:42:49.0894 1836 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
16:42:49.0926 1836 AppID - ok
16:42:49.0972 1836 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:42:50.0019 1836 AppIDSvc - ok
16:42:50.0050 1836 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
16:42:50.0066 1836 Appinfo - ok
16:42:50.0206 1836 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:42:50.0206 1836 Apple Mobile Device - ok
16:42:50.0238 1836 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:42:50.0253 1836 arc - ok
16:42:50.0284 1836 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:42:50.0300 1836 arcsas - ok
16:42:50.0331 1836 asmthub3 (e3b9c89d2ed4a538ab2fc6ec76fa2b17) C:\Windows\system32\DRIVERS\asmthub3.sys
16:42:50.0362 1836 asmthub3 - ok
16:42:50.0409 1836 asmtxhci (88ce83be5176020be39194a6369af2c2) C:\Windows\system32\DRIVERS\asmtxhci.sys
16:42:50.0440 1836 asmtxhci - ok
16:42:50.0472 1836 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:42:50.0518 1836 AsyncMac - ok
16:42:50.0550 1836 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
16:42:50.0550 1836 atapi - ok
16:42:50.0628 1836 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
16:42:50.0690 1836 AudioEndpointBuilder - ok
16:42:50.0706 1836 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
16:42:50.0737 1836 AudioSrv - ok
16:42:50.0768 1836 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
16:42:50.0830 1836 AxInstSV - ok
16:42:50.0862 1836 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:42:50.0893 1836 b06bdrv - ok
16:42:50.0924 1836 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:42:50.0940 1836 b57nd60a - ok
16:42:51.0033 1836 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
16:42:51.0049 1836 BBSvc - ok
16:42:51.0080 1836 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:42:51.0111 1836 BDESVC - ok
16:42:51.0127 1836 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:42:51.0174 1836 Beep - ok
16:42:51.0361 1836 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
16:42:51.0408 1836 BFE - ok
16:42:51.0470 1836 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
16:42:51.0532 1836 BITS - ok
16:42:51.0579 1836 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:42:51.0579 1836 blbdrive - ok
16:42:51.0673 1836 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
16:42:51.0673 1836 Bonjour Service - ok
16:42:51.0704 1836 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
16:42:51.0751 1836 bowser - ok
16:42:51.0782 1836 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:42:51.0813 1836 BrFiltLo - ok
16:42:51.0829 1836 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:42:51.0829 1836 BrFiltUp - ok
16:42:51.0860 1836 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
16:42:51.0907 1836 BridgeMP - ok
16:42:51.0938 1836 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
16:42:51.0969 1836 Browser - ok
16:42:52.0000 1836 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:42:52.0016 1836 Brserid - ok
16:42:52.0047 1836 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:42:52.0063 1836 BrSerWdm - ok
16:42:52.0078 1836 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:42:52.0110 1836 BrUsbMdm - ok
16:42:52.0141 1836 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:42:52.0156 1836 BrUsbSer - ok
16:42:52.0188 1836 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:42:52.0219 1836 BTHMODEM - ok
16:42:52.0266 1836 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:42:52.0297 1836 bthserv - ok
16:42:52.0344 1836 CamSuiteVAC (bcdb579f30335f20aaddc873aba669e8) C:\Windows\system32\DRIVERS\CamSuiteVAC.sys
16:42:52.0344 1836 CamSuiteVAC - ok
16:42:52.0359 1836 catchme - ok
16:42:52.0406 1836 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:42:52.0437 1836 cdfs - ok
16:42:52.0468 1836 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
16:42:52.0484 1836 cdrom - ok
16:42:52.0500 1836 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
16:42:52.0546 1836 CertPropSvc - ok
16:42:52.0578 1836 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:42:52.0593 1836 circlass - ok
16:42:52.0624 1836 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:42:52.0640 1836 CLFS - ok
16:42:52.0718 1836 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:42:52.0718 1836 clr_optimization_v2.0.50727_32 - ok
16:42:52.0765 1836 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:42:52.0780 1836 clr_optimization_v2.0.50727_64 - ok
16:42:52.0812 1836 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:42:52.0843 1836 CmBatt - ok
16:42:52.0858 1836 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
16:42:52.0858 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\cmdide.sys. md5: e19d3f095812725d88f9001985b94edd
16:42:52.0874 1836 cmdide ( LockedFile.Multi.Generic ) - warning
16:42:52.0874 1836 cmdide - detected LockedFile.Multi.Generic (1)
16:42:52.0921 1836 CNG (ca7720b73446fddec5c69519c1174c98) C:\Windows\system32\Drivers\cng.sys
16:42:52.0921 1836 Suspicious file (NoAccess): C:\Windows\system32\Drivers\cng.sys. md5: ca7720b73446fddec5c69519c1174c98
16:42:52.0921 1836 CNG ( LockedFile.Multi.Generic ) - warning
16:42:52.0921 1836 CNG - detected LockedFile.Multi.Generic (1)
16:42:52.0952 1836 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:42:52.0952 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\compbatt.sys. md5: 102de219c3f61415f964c88e9085ad14
16:42:52.0952 1836 Compbatt ( LockedFile.Multi.Generic ) - warning
16:42:52.0952 1836 Compbatt - detected LockedFile.Multi.Generic (1)
16:42:52.0999 1836 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
16:42:52.0999 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\CompositeBus.sys. md5: f26b3a86f6fa87ca360b879581ab4123
16:42:52.0999 1836 CompositeBus ( LockedFile.Multi.Generic ) - warning
16:42:52.0999 1836 CompositeBus - detected LockedFile.Multi.Generic (1)
16:42:53.0014 1836 COMSysApp - ok
16:42:53.0030 1836 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:42:53.0030 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\crcdisk.sys. md5: 1c827878a998c18847245fe1f34ee597
16:42:53.0046 1836 crcdisk ( LockedFile.Multi.Generic ) - warning
16:42:53.0046 1836 crcdisk - detected LockedFile.Multi.Generic (1)
16:42:53.0092 1836 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
16:42:53.0108 1836 CryptSvc - ok
16:42:53.0170 1836 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
16:42:53.0202 1836 DcomLaunch - ok
16:42:53.0264 1836 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:42:53.0295 1836 defragsvc - ok
16:42:53.0326 1836 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
16:42:53.0326 1836 Suspicious file (NoAccess): C:\Windows\system32\Drivers\dfsc.sys. md5: 9c253ce7311ca60fc11c774692a13208
16:42:53.0326 1836 DfsC ( LockedFile.Multi.Generic ) - warning
16:42:53.0326 1836 DfsC - detected LockedFile.Multi.Generic (1)
16:42:53.0373 1836 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
16:42:53.0436 1836 Dhcp - ok
16:42:53.0467 1836 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:42:53.0498 1836 discache - ok
16:42:53.0560 1836 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:42:53.0560 1836 Disk - ok
16:42:53.0607 1836 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
16:42:53.0623 1836 Dnscache - ok
16:42:53.0670 1836 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
16:42:53.0701 1836 dot3svc - ok
16:42:53.0732 1836 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
16:42:53.0763 1836 DPS - ok
16:42:53.0794 1836 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:42:53.0810 1836 drmkaud - ok
16:42:53.0857 1836 dtsoftbus01 (fb9bef3401ee5ecc2603311b9c64f44a) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
16:42:53.0872 1836 dtsoftbus01 - ok
16:42:53.0966 1836 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
16:42:53.0982 1836 DXGKrnl - ok
16:42:54.0028 1836 e1kexpress (60c5b36e07be8b3af3911c3d10303cfe) C:\Windows\system32\DRIVERS\e1k62x64.sys
16:42:54.0028 1836 e1kexpress - ok
16:42:54.0060 1836 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:42:54.0106 1836 EapHost - ok
16:42:54.0122 1836 Suspicious service (NoAccess): eb75d1b145d6a7c9
16:42:54.0169 1836 eb75d1b145d6a7c9 (bea9db301c415509b88d77be9415e9fd) C:\Windows\System32\Drivers\eb75d1b145d6a7c9.sys
16:42:54.0169 1836 Suspicious file (NoAccess): C:\Windows\System32\Drivers\eb75d1b145d6a7c9.sys. md5: bea9db301c415509b88d77be9415e9fd
16:42:54.0200 1836 eb75d1b145d6a7c9 ( LockedService.Multi.Generic ) - warning
16:42:54.0200 1836 eb75d1b145d6a7c9 - detected LockedService.Multi.Generic (1)
16:42:54.0356 1836 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:42:54.0403 1836 ebdrv - ok
16:42:54.0512 1836 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
16:42:54.0543 1836 EFS - ok
16:42:54.0606 1836 ehRecvr (3d69fae60ede442e004611a4ee4db44c) C:\Windows\ehome\ehRecvr.exe
16:42:54.0637 1836 ehRecvr - ok
16:42:54.0668 1836 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:42:54.0699 1836 ehSched - ok
16:42:54.0793 1836 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:42:54.0808 1836 elxstor - ok
16:42:54.0824 1836 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
16:42:54.0855 1836 ErrDev - ok
16:42:54.0902 1836 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:42:54.0933 1836 EventSystem - ok
16:42:54.0980 1836 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:42:55.0027 1836 exfat - ok
16:42:55.0058 1836 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:42:55.0089 1836 fastfat - ok
16:42:55.0136 1836 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
16:42:55.0167 1836 Fax - ok
16:42:55.0183 1836 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:42:55.0198 1836 fdc - ok
16:42:55.0230 1836 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:42:55.0276 1836 fdPHost - ok
16:42:55.0292 1836 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:42:55.0323 1836 FDResPub - ok
16:42:55.0339 1836 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:42:55.0354 1836 FileInfo - ok
16:42:55.0386 1836 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:42:55.0432 1836 Filetrace - ok
16:42:55.0464 1836 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:42:55.0464 1836 flpydisk - ok
16:42:55.0495 1836 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
16:42:55.0510 1836 FltMgr - ok
16:42:55.0588 1836 FontCache (bc00505cfda789ed3be95d2ff38c4875) C:\Windows\system32\FntCache.dll
16:42:55.0635 1836 FontCache - ok
16:42:55.0682 1836 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:42:55.0682 1836 FontCache3.0.0.0 - ok
16:42:55.0729 1836 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:42:55.0744 1836 FsDepends - ok
16:42:55.0776 1836 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
16:42:55.0791 1836 Fs_Rec - ok
16:42:55.0807 1836 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:42:55.0822 1836 fvevol - ok
16:42:55.0854 1836 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:42:55.0869 1836 gagp30kx - ok
16:42:55.0932 1836 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:42:55.0947 1836 GEARAspiWDM - ok
16:42:56.0010 1836 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
16:42:56.0041 1836 gpsvc - ok
16:42:56.0134 1836 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:42:56.0150 1836 gupdate - ok
16:42:56.0181 1836 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:42:56.0197 1836 gupdatem - ok
16:42:56.0244 1836 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:42:56.0259 1836 gusvc - ok
16:42:56.0306 1836 hamachi (f8f0851d336c3b88dbd7232b6348e09a) C:\Windows\system32\DRIVERS\hamachi.sys
16:42:56.0322 1836 hamachi - ok
16:42:56.0415 1836 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:42:56.0446 1836 hcw85cir - ok
16:42:56.0493 1836 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
16:42:56.0509 1836 HdAudAddService - ok
16:42:56.0556 1836 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:42:56.0571 1836 HDAudBus - ok
16:42:56.0602 1836 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
16:42:56.0618 1836 HECIx64 - ok
16:42:56.0649 1836 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:42:56.0665 1836 HidBatt - ok
16:42:56.0696 1836 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:42:56.0727 1836 HidBth - ok
16:42:56.0758 1836 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:42:56.0758 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\hidir.sys. md5: 0a77d29f311b88cfae3b13f9c1a73825
16:42:56.0758 1836 HidIr ( LockedFile.Multi.Generic ) - warning
16:42:56.0758 1836 HidIr - detected LockedFile.Multi.Generic (1)
16:42:56.0790 1836 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
16:42:56.0821 1836 hidserv - ok
16:42:56.0852 1836 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
16:42:56.0852 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\hidusb.sys. md5: b3bf6b5b50006def50b66306d99fcf6f
16:42:56.0852 1836 HidUsb ( LockedFile.Multi.Generic ) - warning
16:42:56.0852 1836 HidUsb - detected LockedFile.Multi.Generic (1)
16:42:56.0899 1836 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
16:42:56.0930 1836 hkmsvc - ok
16:42:56.0961 1836 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
16:42:56.0977 1836 HomeGroupListener - ok
16:42:57.0024 1836 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
16:42:57.0055 1836 HomeGroupProvider - ok
16:42:57.0086 1836 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
16:42:57.0086 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\HpSAMD.sys. md5: 0886d440058f203eba0e1825e4355914
16:42:57.0086 1836 HpSAMD ( LockedFile.Multi.Generic ) - warning
16:42:57.0086 1836 HpSAMD - detected LockedFile.Multi.Generic (1)
16:42:57.0148 1836 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
16:42:57.0148 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\HTTP.sys. md5: cee049cac4efa7f4e1e4ad014414a5d4
16:42:57.0148 1836 HTTP ( LockedFile.Multi.Generic ) - warning
16:42:57.0148 1836 HTTP - detected LockedFile.Multi.Generic (1)
16:42:57.0180 1836 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
16:42:57.0180 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\hwpolicy.sys. md5: f17766a19145f111856378df337a5d79
16:42:57.0180 1836 hwpolicy ( LockedFile.Multi.Generic ) - warning
16:42:57.0180 1836 hwpolicy - detected LockedFile.Multi.Generic (1)
16:42:57.0211 1836 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:42:57.0211 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\i8042prt.sys. md5: fa55c73d4affa7ee23ac4be53b4592d3
16:42:57.0211 1836 i8042prt ( LockedFile.Multi.Generic ) - warning
16:42:57.0211 1836 i8042prt - detected LockedFile.Multi.Generic (1)
16:42:57.0258 1836 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
16:42:57.0258 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\iaStorV.sys. md5: d83efb6fd45df9d55e9a1afc63640d50
16:42:57.0258 1836 iaStorV ( LockedFile.Multi.Generic ) - warning
16:42:57.0258 1836 iaStorV - detected LockedFile.Multi.Generic (1)
16:42:57.0367 1836 ICQ Service (5674d8166366fba6a14e279cdf584829) C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
16:42:57.0367 1836 ICQ Service - ok
16:42:57.0492 1836 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:42:57.0523 1836 idsvc - ok
16:42:57.0850 1836 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:42:57.0960 1836 igfx - ok
16:42:58.0022 1836 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:42:58.0038 1836 iirsp - ok
16:42:58.0100 1836 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
16:42:58.0147 1836 IKEEXT - ok
16:42:58.0194 1836 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
16:42:58.0194 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\Impcd.sys. md5: dd587a55390ed2295bce6d36ad567da9
16:42:58.0194 1836 Impcd ( LockedFile.Multi.Generic ) - warning
16:42:58.0194 1836 Impcd - detected LockedFile.Multi.Generic (1)
16:42:58.0240 1836 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
16:42:58.0240 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\intelide.sys. md5: f00f20e70c6ec3aa366910083a0518aa
16:42:58.0240 1836 intelide ( LockedFile.Multi.Generic ) - warning
16:42:58.0240 1836 intelide - detected LockedFile.Multi.Generic (1)
16:42:58.0256 1836 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:42:58.0256 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\intelppm.sys. md5: ada036632c664caa754079041cf1f8c1
16:42:58.0256 1836 intelppm ( LockedFile.Multi.Generic ) - warning
16:42:58.0256 1836 intelppm - detected LockedFile.Multi.Generic (1)
16:42:58.0287 1836 ioatdma (4dc8ed5a6a5affdc68f9371032b5424b) C:\Windows\system32\Drivers\ioatdma.sys
16:42:58.0287 1836 Suspicious file (NoAccess): C:\Windows\system32\Drivers\ioatdma.sys. md5: 4dc8ed5a6a5affdc68f9371032b5424b
16:42:58.0303 1836 ioatdma ( LockedFile.Multi.Generic ) - warning
16:42:58.0303 1836 ioatdma - detected LockedFile.Multi.Generic (1)
16:42:58.0350 1836 ioatdma1 (e45575812630b049ce0f679d87561a4d) C:\Windows\System32\Drivers\qd162x64.sys
16:42:58.0350 1836 Suspicious file (NoAccess): C:\Windows\System32\Drivers\qd162x64.sys. md5: e45575812630b049ce0f679d87561a4d
16:42:58.0350 1836 ioatdma1 ( LockedFile.Multi.Generic ) - warning
16:42:58.0350 1836 ioatdma1 - detected LockedFile.Multi.Generic (1)
16:42:58.0412 1836 ioatdma2 (8b5b74cb8b26bdff096708d5e463712e) C:\Windows\System32\Drivers\qd252x64.sys
16:42:58.0412 1836 Suspicious file (NoAccess): C:\Windows\System32\Drivers\qd252x64.sys. md5: 8b5b74cb8b26bdff096708d5e463712e
16:42:58.0412 1836 ioatdma2 ( LockedFile.Multi.Generic ) - warning
16:42:58.0412 1836 ioatdma2 - detected LockedFile.Multi.Generic (1)
16:42:58.0443 1836 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:42:58.0490 1836 IPBusEnum - ok
16:42:58.0537 1836 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:42:58.0537 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ipfltdrv.sys. md5: 722dd294df62483cecaae6e094b4d695
16:42:58.0537 1836 IpFilterDriver ( LockedFile.Multi.Generic ) - warning
16:42:58.0537 1836 IpFilterDriver - detected LockedFile.Multi.Generic (1)
16:42:58.0584 1836 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
16:42:58.0630 1836 iphlpsvc - ok
16:42:58.0662 1836 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:42:58.0662 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\IPMIDrv.sys. md5: e2b4a4494db7cb9b89b55ca268c337c5
16:42:58.0662 1836 IPMIDRV ( LockedFile.Multi.Generic ) - warning
16:42:58.0662 1836 IPMIDRV - detected LockedFile.Multi.Generic (1)
16:42:58.0693 1836 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:42:58.0693 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\ipnat.sys. md5: af9b39a7e7b6caa203b3862582e9f2d0
16:42:58.0693 1836 IPNAT ( LockedFile.Multi.Generic ) - warning
16:42:58.0693 1836 IPNAT - detected LockedFile.Multi.Generic (1)
16:42:58.0802 1836 iPod Service (a3bda1a8a016b5e5a525bcf684894ebe) C:\Program Files\iPod\bin\iPodService.exe
16:42:58.0818 1836 iPod Service - ok
16:42:58.0833 1836 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:42:58.0833 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\irenum.sys. md5: 3abf5e7213eb28966d55d58b515d5ce9
16:42:58.0849 1836 IRENUM ( LockedFile.Multi.Generic ) - warning
16:42:58.0849 1836 IRENUM - detected LockedFile.Multi.Generic (1)
16:42:58.0864 1836 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
16:42:58.0864 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\isapnp.sys. md5: 2f7b28dc3e1183e5eb418df55c204f38
16:42:58.0864 1836 isapnp ( LockedFile.Multi.Generic ) - warning
16:42:58.0864 1836 isapnp - detected LockedFile.Multi.Generic (1)
16:42:58.0896 1836 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
16:42:58.0896 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\msiscsi.sys. md5: fa4d2557de56d45b0a346f93564be6e1
16:42:58.0896 1836 iScsiPrt ( LockedFile.Multi.Generic ) - warning
16:42:58.0896 1836 iScsiPrt - detected LockedFile.Multi.Generic (1)
16:42:58.0942 1836 itecir (357f61a9f84d39dd7d9b4f783772baf2) C:\Windows\system32\DRIVERS\itecir.sys
16:42:58.0942 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\itecir.sys. md5: 357f61a9f84d39dd7d9b4f783772baf2
16:42:58.0942 1836 itecir ( LockedFile.Multi.Generic ) - warning
16:42:58.0942 1836 itecir - detected LockedFile.Multi.Generic (1)
16:42:58.0958 1836 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:42:58.0958 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\kbdclass.sys. md5: bc02336f1cba7dcc7d1213bb588a68a5
16:42:58.0958 1836 kbdclass ( LockedFile.Multi.Generic ) - warning
16:42:58.0958 1836 kbdclass - detected LockedFile.Multi.Generic (1)
16:42:58.0989 1836 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
16:42:58.0989 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\kbdhid.sys. md5: 6def98f8541e1b5dceb2c822a11f7323
16:42:58.0989 1836 kbdhid ( LockedFile.Multi.Generic ) - warning
16:42:58.0989 1836 kbdhid - detected LockedFile.Multi.Generic (1)
16:42:59.0052 1836 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:42:59.0067 1836 KeyIso - ok
16:42:59.0114 1836 KSecDD (4f4b5fde429416877de7143044582eb5) C:\Windows\system32\Drivers\ksecdd.sys
16:42:59.0114 1836 Suspicious file (NoAccess): C:\Windows\system32\Drivers\ksecdd.sys. md5: 4f4b5fde429416877de7143044582eb5
16:42:59.0114 1836 KSecDD ( LockedFile.Multi.Generic ) - warning
16:42:59.0114 1836 KSecDD - detected LockedFile.Multi.Generic (1)
16:42:59.0130 1836 KSecPkg (6f40465a44ecdc1731befafec5bdd03c) C:\Windows\system32\Drivers\ksecpkg.sys
16:42:59.0130 1836 Suspicious file (NoAccess): C:\Windows\system32\Drivers\ksecpkg.sys. md5: 6f40465a44ecdc1731befafec5bdd03c
16:42:59.0145 1836 KSecPkg ( LockedFile.Multi.Generic ) - warning
16:42:59.0145 1836 KSecPkg - detected LockedFile.Multi.Generic (1)
16:42:59.0161 1836 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:42:59.0161 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\ksthunk.sys. md5: 6869281e78cb31a43e969f06b57347c4
16:42:59.0176 1836 ksthunk ( LockedFile.Multi.Generic ) - warning
16:42:59.0176 1836 ksthunk - detected LockedFile.Multi.Generic (1)
16:42:59.0223 1836 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:42:59.0270 1836 KtmRm - ok
16:42:59.0332 1836 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll
16:42:59.0348 1836 LanmanServer - ok
16:42:59.0395 1836 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
16:42:59.0442 1836 LanmanWorkstation - ok
16:42:59.0473 1836 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:42:59.0473 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\lltdio.sys. md5: 1538831cf8ad2979a04c423779465827
16:42:59.0473 1836 lltdio ( LockedFile.Multi.Generic ) - warning
16:42:59.0473 1836 lltdio - detected LockedFile.Multi.Generic (1)
16:42:59.0504 1836 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:42:59.0551 1836 lltdsvc - ok
16:42:59.0566 1836 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:42:59.0598 1836 lmhosts - ok
16:42:59.0629 1836 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:42:59.0629 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\lsi_fc.sys. md5: 1a93e54eb0ece102495a51266dcdb6a6
16:42:59.0629 1836 LSI_FC ( LockedFile.Multi.Generic ) - warning
16:42:59.0629 1836 LSI_FC - detected LockedFile.Multi.Generic (1)
16:42:59.0660 1836 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:42:59.0660 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\lsi_sas.sys. md5: 1047184a9fdc8bdbff857175875ee810
16:42:59.0660 1836 LSI_SAS ( LockedFile.Multi.Generic ) - warning
16:42:59.0660 1836 LSI_SAS - detected LockedFile.Multi.Generic (1)
16:42:59.0691 1836 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:42:59.0691 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\lsi_sas2.sys. md5: 30f5c0de1ee8b5bc9306c1f0e4a75f93
16:42:59.0691 1836 LSI_SAS2 ( LockedFile.Multi.Generic ) - warning
16:42:59.0691 1836 LSI_SAS2 - detected LockedFile.Multi.Generic (1)
16:42:59.0722 1836 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:42:59.0722 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\lsi_scsi.sys. md5: 0504eacaff0d3c8aed161c4b0d369d4a
16:42:59.0722 1836 LSI_SCSI ( LockedFile.Multi.Generic ) - warning
16:42:59.0722 1836 LSI_SCSI - detected LockedFile.Multi.Generic (1)
16:42:59.0754 1836 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:42:59.0754 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\luafv.sys. md5: 43d0f98e1d56ccddb0d5254cff7b356e
16:42:59.0754 1836 luafv ( LockedFile.Multi.Generic ) - warning
16:42:59.0754 1836 luafv - detected LockedFile.Multi.Generic (1)
16:42:59.0816 1836 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
16:42:59.0816 1836 MBAMProtector - ok
16:42:59.0925 1836 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:42:59.0956 1836 MBAMService - ok
16:42:59.0988 1836 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
16:43:00.0019 1836 Mcx2Svc - ok
16:43:00.0050 1836 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:43:00.0050 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\megasas.sys. md5: a55805f747c6edb6a9080d7c633bd0f4
16:43:00.0050 1836 megasas ( LockedFile.Multi.Generic ) - warning
16:43:00.0050 1836 megasas - detected LockedFile.Multi.Generic (1)
16:43:00.0081 1836 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:43:00.0081 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\MegaSR.sys. md5: baf74ce0072480c3b6b7c13b2a94d6b3
16:43:00.0097 1836 MegaSR ( LockedFile.Multi.Generic ) - warning
16:43:00.0097 1836 MegaSR - detected LockedFile.Multi.Generic (1)
16:43:00.0175 1836 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
16:43:00.0190 1836 Microsoft Office Groove Audit Service - ok
16:43:00.0222 1836 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:43:00.0253 1836 MMCSS - ok
16:43:00.0284 1836 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:43:00.0284 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\modem.sys. md5: 800ba92f7010378b09f9ed9270f07137
16:43:00.0284 1836 Modem ( LockedFile.Multi.Generic ) - warning
16:43:00.0284 1836 Modem - detected LockedFile.Multi.Generic (1)
16:43:00.0315 1836 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:43:00.0315 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\monitor.sys. md5: b03d591dc7da45ece20b3b467e6aadaa
16:43:00.0315 1836 monitor ( LockedFile.Multi.Generic ) - warning
16:43:00.0315 1836 monitor - detected LockedFile.Multi.Generic (1)
16:43:00.0346 1836 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:43:00.0346 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mouclass.sys. md5: 7d27ea49f3c1f687d357e77a470aea99
16:43:00.0346 1836 mouclass ( LockedFile.Multi.Generic ) - warning
16:43:00.0346 1836 mouclass - detected LockedFile.Multi.Generic (1)
16:43:00.0393 1836 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:43:00.0393 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mouhid.sys. md5: d3bf052c40b0c4166d9fd86a4288c1e6
16:43:00.0393 1836 mouhid ( LockedFile.Multi.Generic ) - warning
16:43:00.0393 1836 mouhid - detected LockedFile.Multi.Generic (1)
16:43:00.0424 1836 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
16:43:00.0424 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\mountmgr.sys. md5: 791af66c4d0e7c90a3646066386fb571
16:43:00.0424 1836 mountmgr ( LockedFile.Multi.Generic ) - warning
16:43:00.0424 1836 mountmgr - detected LockedFile.Multi.Generic (1)
16:43:00.0518 1836 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:43:00.0534 1836 MozillaMaintenance - ok
16:43:00.0580 1836 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
16:43:00.0596 1836 MpFilter - ok
16:43:00.0627 1836 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
16:43:00.0627 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mpio.sys. md5: 609d1d87649ecc19796f4d76d4c15cea
16:43:00.0627 1836 mpio ( LockedFile.Multi.Generic ) - warning
16:43:00.0627 1836 mpio - detected LockedFile.Multi.Generic (1)
16:43:00.0658 1836 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
16:43:00.0658 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\MpNWMon.sys. md5: 8fbf6b31fe8af1833d93c5913d5b4d55
16:43:00.0658 1836 MpNWMon ( LockedFile.Multi.Generic ) - warning
16:43:00.0658 1836 MpNWMon - detected LockedFile.Multi.Generic (1)
16:43:00.0690 1836 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:43:00.0690 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\mpsdrv.sys. md5: 6c38c9e45ae0ea2fa5e551f2ed5e978f
16:43:00.0690 1836 mpsdrv ( LockedFile.Multi.Generic ) - warning
16:43:00.0690 1836 mpsdrv - detected LockedFile.Multi.Generic (1)
16:43:00.0752 1836 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
16:43:00.0814 1836 MpsSvc - ok
16:43:00.0846 1836 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
16:43:00.0846 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\mrxdav.sys. md5: 30524261bb51d96d6fcbac20c810183c
16:43:00.0861 1836 MRxDAV ( LockedFile.Multi.Generic ) - warning
16:43:00.0861 1836 MRxDAV - detected LockedFile.Multi.Generic (1)
16:43:00.0908 1836 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:43:00.0908 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mrxsmb.sys. md5: 040d62a9d8ad28922632137acdd984f2
16:43:00.0908 1836 mrxsmb ( LockedFile.Multi.Generic ) - warning
16:43:00.0908 1836 mrxsmb - detected LockedFile.Multi.Generic (1)
16:43:00.0955 1836 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:43:00.0955 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mrxsmb10.sys. md5: f0067552f8f9b33d7c59403ab808a3cb
16:43:00.0955 1836 mrxsmb10 ( LockedFile.Multi.Generic ) - warning
16:43:00.0955 1836 mrxsmb10 - detected LockedFile.Multi.Generic (1)
16:43:00.0986 1836 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:43:00.0986 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mrxsmb20.sys. md5: 3c142d31de9f2f193218a53fe2632051
16:43:00.0986 1836 mrxsmb20 ( LockedFile.Multi.Generic ) - warning
16:43:00.0986 1836 mrxsmb20 - detected LockedFile.Multi.Generic (1)
16:43:01.0017 1836 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
16:43:01.0017 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\msahci.sys. md5: 5c37497276e3b3a5488b23a326a754b7
16:43:01.0017 1836 msahci ( LockedFile.Multi.Generic ) - warning
16:43:01.0017 1836 msahci - detected LockedFile.Multi.Generic (1)
16:43:01.0064 1836 MSCamSvc (a592a054d78750b4d73abaa4c94decdf) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
16:43:01.0064 1836 MSCamSvc - ok
16:43:01.0111 1836 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
16:43:01.0111 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\msdsm.sys. md5: 8d27b597229aed79430fb9db3bcbfbd0
16:43:01.0111 1836 msdsm ( LockedFile.Multi.Generic ) - warning
16:43:01.0111 1836 msdsm - detected LockedFile.Multi.Generic (1)
16:43:01.0158 1836 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:43:01.0173 1836 MSDTC - ok
16:43:01.0189 1836 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:43:01.0189 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\Msfs.sys. md5: aa3fb40e17ce1388fa1bedab50ea8f96
16:43:01.0204 1836 Msfs ( LockedFile.Multi.Generic ) - warning
16:43:01.0204 1836 Msfs - detected LockedFile.Multi.Generic (1)
16:43:01.0220 1836 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:43:01.0220 1836 Suspicious file (NoAccess): C:\Windows\System32\drivers\mshidkmdf.sys. md5: f9d215a46a8b9753f61767fa72a20326
16:43:01.0220 1836 mshidkmdf ( LockedFile.Multi.Generic ) - warning
16:43:01.0220 1836 mshidkmdf - detected LockedFile.Multi.Generic (1)
16:43:01.0282 1836 MSHUSBVideo (55218f924e55fd2786ed40edf4ed79c3) C:\Windows\system32\Drivers\nx6000.sys
16:43:01.0282 1836 Suspicious file (NoAccess): C:\Windows\system32\Drivers\nx6000.sys. md5: 55218f924e55fd2786ed40edf4ed79c3
16:43:01.0282 1836 MSHUSBVideo ( LockedFile.Multi.Generic ) - warning
16:43:01.0282 1836 MSHUSBVideo - detected LockedFile.Multi.Generic (1)
16:43:01.0298 1836 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
16:43:01.0298 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\msisadrv.sys. md5: d916874bbd4f8b07bfb7fa9b3ccae29d
16:43:01.0298 1836 msisadrv ( LockedFile.Multi.Generic ) - warning
16:43:01.0298 1836 msisadrv - detected LockedFile.Multi.Generic (1)
16:43:01.0345 1836 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:43:01.0376 1836 MSiSCSI - ok
16:43:01.0392 1836 msiserver - ok
16:43:01.0454 1836 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:43:01.0454 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSKSSRV.sys. md5: 49ccf2c4fea34ffad8b1b59d49439366
16:43:01.0454 1836 MSKSSRV ( LockedFile.Multi.Generic ) - warning
16:43:01.0454 1836 MSKSSRV - detected LockedFile.Multi.Generic (1)
16:43:01.0532 1836 MsMpSvc (157e9e498206a3366baa7e4697bdd947) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
16:43:01.0548 1836 MsMpSvc - ok
16:43:01.0563 1836 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:43:01.0563 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSPCLOCK.sys. md5: bdd71ace35a232104ddd349ee70e1ab3
16:43:01.0563 1836 MSPCLOCK ( LockedFile.Multi.Generic ) - warning
16:43:01.0563 1836 MSPCLOCK - detected LockedFile.Multi.Generic (1)
16:43:01.0594 1836 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:43:01.0594 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSPQM.sys. md5: 4ed981241db27c3383d72092b618a1d0
16:43:01.0594 1836 MSPQM ( LockedFile.Multi.Generic ) - warning
16:43:01.0594 1836 MSPQM - detected LockedFile.Multi.Generic (1)
16:43:01.0626 1836 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
16:43:01.0626 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\MsRPC.sys. md5: 89cb141aa8616d8c6a4610fa26c60964
16:43:01.0626 1836 MsRPC ( LockedFile.Multi.Generic ) - warning
16:43:01.0626 1836 MsRPC - detected LockedFile.Multi.Generic (1)
16:43:01.0657 1836 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
16:43:01.0657 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mssmbios.sys. md5: 0eed230e37515a0eaee3c2e1bc97b288
16:43:01.0657 1836 mssmbios ( LockedFile.Multi.Generic ) - warning
16:43:01.0657 1836 mssmbios - detected LockedFile.Multi.Generic (1)
16:43:01.0688 1836 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:43:01.0688 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSTEE.sys. md5: 2e66f9ecb30b4221a318c92ac2250779
16:43:01.0688 1836 MSTEE ( LockedFile.Multi.Generic ) - warning
16:43:01.0688 1836 MSTEE - detected LockedFile.Multi.Generic (1)
16:43:01.0735 1836 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:43:01.0735 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\MTConfig.sys. md5: 7ea404308934e675bffde8edf0757bcd
16:43:01.0735 1836 MTConfig ( LockedFile.Multi.Generic ) - warning
16:43:01.0735 1836 MTConfig - detected LockedFile.Multi.Generic (1)
16:43:01.0797 1836 MTsensor (2219a3d695405e7ba2186ba6b9ede14a) C:\Windows\system32\DRIVERS\ASACPI.sys
16:43:01.0797 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ASACPI.sys. md5: 2219a3d695405e7ba2186ba6b9ede14a
16:43:01.0797 1836 MTsensor ( LockedFile.Multi.Generic ) - warning
16:43:01.0797 1836 MTsensor - detected LockedFile.Multi.Generic (1)
16:43:01.0813 1836 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:43:01.0813 1836 Suspicious file (NoAccess): C:\Windows\system32\Drivers\mup.sys. md5: f9a18612fd3526fe473c1bda678d61c8
16:43:01.0813 1836 Mup ( LockedFile.Multi.Generic ) - warning
16:43:01.0813 1836 Mup - detected LockedFile.Multi.Generic (1)
16:43:01.0875 1836 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
16:43:01.0906 1836 napagent - ok
16:43:01.0969 1836 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:43:01.0969 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\nwifi.sys. md5: 1ea3749c4114db3e3161156ffffa6b33
16:43:01.0984 1836 NativeWifiP ( LockedFile.Multi.Generic ) - warning
16:43:01.0984 1836 NativeWifiP - detected LockedFile.Multi.Generic (1)
16:43:02.0031 1836 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
16:43:02.0031 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\ndis.sys. md5: cad515dbd07d082bb317d9928ce8962c
16:43:02.0047 1836 NDIS ( LockedFile.Multi.Generic ) - warning
16:43:02.0047 1836 NDIS - detected LockedFile.Multi.Generic (1)
16:43:02.0078 1836 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:43:02.0078 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndiscap.sys. md5: 9f9a1f53aad7da4d6fef5bb73ab811ac
16:43:02.0094 1836 NdisCap ( LockedFile.Multi.Generic ) - warning
16:43:02.0094 1836 NdisCap - detected LockedFile.Multi.Generic (1)
16:43:02.0109 1836 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:43:02.0109 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndistapi.sys. md5: 30639c932d9fef22b31268fe25a1b6e5
16:43:02.0109 1836 NdisTapi ( LockedFile.Multi.Generic ) - warning
16:43:02.0109 1836 NdisTapi - detected LockedFile.Multi.Generic (1)
16:43:02.0125 1836 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
16:43:02.0125 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndisuio.sys. md5: f105ba1e22bf1f2ee8f005d4305e4bec
16:43:02.0140 1836 Ndisuio ( LockedFile.Multi.Generic ) - warning
16:43:02.0140 1836 Ndisuio - detected LockedFile.Multi.Generic (1)
16:43:02.0172 1836 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
16:43:02.0172 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndiswan.sys. md5: 557dfab9ca1fcb036ac77564c010dad3
16:43:02.0172 1836 NdisWan ( LockedFile.Multi.Generic ) - warning
16:43:02.0172 1836 NdisWan - detected LockedFile.Multi.Generic (1)
16:43:02.0187 1836 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
16:43:02.0187 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\NDProxy.sys. md5: 659b74fb74b86228d6338d643cd3e3cf
16:43:02.0187 1836 NDProxy ( LockedFile.Multi.Generic ) - warning
16:43:02.0187 1836 NDProxy - detected LockedFile.Multi.Generic (1)
16:43:02.0203 1836 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:43:02.0203 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\netbios.sys. md5: 86743d9f5d2b1048062b14b1d84501c4
16:43:02.0234 1836 NetBIOS ( LockedFile.Multi.Generic ) - warning
16:43:02.0234 1836 NetBIOS - detected LockedFile.Multi.Generic (1)
16:43:02.0265 1836 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
16:43:02.0265 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\netbt.sys. md5: 9162b273a44ab9dce5b44362731d062a
16:43:02.0265 1836 NetBT ( LockedFile.Multi.Generic ) - warning
16:43:02.0265 1836 NetBT - detected LockedFile.Multi.Generic (1)
16:43:02.0328 1836 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:43:02.0343 1836 Netlogon - ok
16:43:02.0374 1836 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:43:02.0421 1836 Netman - ok
16:43:02.0468 1836 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:43:02.0546 1836 netprofm - ok
16:43:02.0640 1836 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:43:02.0655 1836 NetTcpPortSharing - ok
16:43:02.0702 1836 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:43:02.0702 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\nfrd960.sys. md5: 77889813be4d166cdab78ddba990da92
16:43:02.0702 1836 nfrd960 ( LockedFile.Multi.Generic ) - warning
16:43:02.0702 1836 nfrd960 - detected LockedFile.Multi.Generic (1)
16:43:02.0733 1836 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:43:02.0733 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\NisDrvWFP.sys. md5: 5f7d72cbcdd025af1f38fdeee5646968
16:43:02.0749 1836 NisDrv ( LockedFile.Multi.Generic ) - warning
16:43:02.0749 1836 NisDrv - detected LockedFile.Multi.Generic (1)
16:43:02.0842 1836 NisSrv (566ddd5d82520da01d75f81428ac4c38) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
16:43:02.0842 1836 NisSrv - ok
16:43:02.0889 1836 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
16:43:02.0920 1836 NlaSvc - ok
16:43:02.0936 1836 NmPar - ok
16:43:02.0983 1836 nmserial - ok
16:43:03.0030 1836 nmwcd (907b5e1e4a592e5edc5e4ccbde4863c2) C:\Windows\system32\drivers\ccdcmbx64.sys
16:43:03.0030 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\ccdcmbx64.sys. md5: 907b5e1e4a592e5edc5e4ccbde4863c2
16:43:03.0030 1836 nmwcd ( LockedFile.Multi.Generic ) - warning
16:43:03.0030 1836 nmwcd - detected LockedFile.Multi.Generic (1)
16:43:03.0061 1836 nmwcdcx64 (216bdf8b1017bb52692c9ee3c1e50597) C:\Windows\system32\drivers\ccdcmbox64.sys
16:43:03.0061 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\ccdcmbox64.sys. md5: 216bdf8b1017bb52692c9ee3c1e50597
16:43:03.0076 1836 nmwcdcx64 ( LockedFile.Multi.Generic ) - warning
16:43:03.0076 1836 nmwcdcx64 - detected LockedFile.Multi.Generic (1)
16:43:03.0076 1836 nmwcdx64 (907b5e1e4a592e5edc5e4ccbde4863c2) C:\Windows\system32\drivers\ccdcmbx64.sys
16:43:03.0076 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\ccdcmbx64.sys. md5: 907b5e1e4a592e5edc5e4ccbde4863c2
16:43:03.0092 1836 nmwcdx64 ( LockedFile.Multi.Generic ) - warning
16:43:03.0092 1836 nmwcdx64 - detected LockedFile.Multi.Generic (1)
16:43:03.0108 1836 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:43:03.0108 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\Npfs.sys. md5: 1e4c4ab5c9b8dd13179bbdc75a2a01f7
16:43:03.0123 1836 Npfs ( LockedFile.Multi.Generic ) - warning
16:43:03.0123 1836 Npfs - detected LockedFile.Multi.Generic (1)
16:43:03.0139 1836 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:43:03.0186 1836 nsi - ok
16:43:03.0201 1836 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:43:03.0201 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\nsiproxy.sys. md5: e7f5ae18af4168178a642a9247c63001
16:43:03.0201 1836 nsiproxy ( LockedFile.Multi.Generic ) - warning
16:43:03.0201 1836 nsiproxy - detected LockedFile.Multi.Generic (1)
16:43:03.0295 1836 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
16:43:03.0295 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\Ntfs.sys. md5: 356698a13c4630d5b31c37378d469196
16:43:03.0295 1836 Ntfs ( LockedFile.Multi.Generic ) - warning
16:43:03.0295 1836 Ntfs - detected LockedFile.Multi.Generic (1)
16:43:03.0420 1836 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:43:03.0420 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\Null.sys. md5: 9899284589f75fa8724ff3d16aed75c1
16:43:03.0420 1836 Null ( LockedFile.Multi.Generic ) - warning
16:43:03.0420 1836 Null - detected LockedFile.Multi.Generic (1)
16:43:03.0466 1836 nusb3hub (088cd71003f21f96f01c63955150a1fb) C:\Windows\system32\DRIVERS\nusb3hub.sys
16:43:03.0466 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\nusb3hub.sys. md5: 088cd71003f21f96f01c63955150a1fb
16:43:03.0466 1836 nusb3hub ( LockedFile.Multi.Generic ) - warning
16:43:03.0466 1836 nusb3hub - detected LockedFile.Multi.Generic (1)
16:43:03.0498 1836 nusb3xhc (f6d625ff7b56bb6ea063f0d3a5bbc996) C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:43:03.0498 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\nusb3xhc.sys. md5: f6d625ff7b56bb6ea063f0d3a5bbc996
16:43:03.0498 1836 nusb3xhc ( LockedFile.Multi.Generic ) - warning
16:43:03.0498 1836 nusb3xhc - detected LockedFile.Multi.Generic (1)
16:43:03.0544 1836 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
16:43:03.0544 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\nvraid.sys. md5: 3e38712941e9bb4ddbee00affe3fed3d
16:43:03.0560 1836 nvraid ( LockedFile.Multi.Generic ) - warning
16:43:03.0560 1836 nvraid - detected LockedFile.Multi.Generic (1)
16:43:03.0591 1836 nvsmu (a3ac469ad99ac3fd63afccfc29a90fa9) C:\Windows\system32\DRIVERS\nvsmu.sys
16:43:03.0591 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\nvsmu.sys. md5: a3ac469ad99ac3fd63afccfc29a90fa9
16:43:03.0591 1836 nvsmu ( LockedFile.Multi.Generic ) - warning
16:43:03.0591 1836 nvsmu - detected LockedFile.Multi.Generic (1)
16:43:03.0638 1836 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
16:43:03.0638 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\nvstor.sys. md5: 477dc4d6deb99be37084c9ac6d013da1
16:43:03.0638 1836 nvstor ( LockedFile.Multi.Generic ) - warning
16:43:03.0638 1836 nvstor - detected LockedFile.Multi.Generic (1)
16:43:03.0669 1836 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
16:43:03.0669 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\nv_agp.sys. md5: 270d7cd42d6e3979f6dd0146650f0e05
16:43:03.0669 1836 nv_agp ( LockedFile.Multi.Generic ) - warning
16:43:03.0669 1836 nv_agp - detected LockedFile.Multi.Generic (1)
16:43:03.0825 1836 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:43:03.0841 1836 odserv - ok
16:43:03.0856 1836 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
16:43:03.0856 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ohci1394.sys. md5: 3589478e4b22ce21b41fa1bfc0b8b8a0

hazik · #5 Příspěvek od **hazik** » 29 črc 2012 15:54

16:43:03.0856 1836 ohci1394 ( LockedFile.Multi.Generic ) - warning
16:43:03.0856 1836 ohci1394 - detected LockedFile.Multi.Generic (1)
16:43:03.0903 1836 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:43:03.0903 1836 ose - ok
16:43:03.0966 1836 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:43:03.0997 1836 p2pimsvc - ok
16:43:04.0044 1836 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:43:04.0059 1836 p2psvc - ok
16:43:04.0122 1836 PAC7302 (0950875bc5f7348b263b2a3fc56cba34) C:\Windows\system32\DRIVERS\PAC7302.SYS
16:43:04.0122 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\PAC7302.SYS. md5: 0950875bc5f7348b263b2a3fc56cba34
16:43:04.0122 1836 PAC7302 ( LockedFile.Multi.Generic ) - warning
16:43:04.0122 1836 PAC7302 - detected LockedFile.Multi.Generic (1)
16:43:04.0153 1836 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:43:04.0153 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\parport.sys. md5: 0086431c29c35be1dbc43f52cc273887
16:43:04.0168 1836 Parport ( LockedFile.Multi.Generic ) - warning
16:43:04.0168 1836 Parport - detected LockedFile.Multi.Generic (1)
16:43:04.0200 1836 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
16:43:04.0200 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\partmgr.sys. md5: 90061b1acfe8ccaa5345750ffe08d8b8
16:43:04.0200 1836 partmgr ( LockedFile.Multi.Generic ) - warning
16:43:04.0200 1836 partmgr - detected LockedFile.Multi.Generic (1)
16:43:04.0231 1836 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:43:04.0246 1836 PcaSvc - ok
16:43:04.0293 1836 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
16:43:04.0293 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\pci.sys. md5: f36f6504009f2fb0dfd1b17a116ad74b
16:43:04.0293 1836 pci ( LockedFile.Multi.Generic ) - warning
16:43:04.0293 1836 pci - detected LockedFile.Multi.Generic (1)
16:43:04.0324 1836 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
16:43:04.0324 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\pciide.sys. md5: b5b8b5ef2e5cb34df8dcf8831e3534fa
16:43:04.0324 1836 pciide ( LockedFile.Multi.Generic ) - warning
16:43:04.0324 1836 pciide - detected LockedFile.Multi.Generic (1)
16:43:04.0356 1836 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:43:04.0356 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\pcmcia.sys. md5: b2e81d4e87ce48589f98cb8c05b01f2f
16:43:04.0356 1836 pcmcia ( LockedFile.Multi.Generic ) - warning
16:43:04.0356 1836 pcmcia - detected LockedFile.Multi.Generic (1)
16:43:04.0402 1836 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:43:04.0402 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\pcw.sys. md5: d6b9c2e1a11a3a4b26a182ffef18f603
16:43:04.0402 1836 pcw ( LockedFile.Multi.Generic ) - warning
16:43:04.0402 1836 pcw - detected LockedFile.Multi.Generic (1)
16:43:04.0449 1836 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:43:04.0449 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\peauth.sys. md5: 68769c3356b3be5d1c732c97b9a80d6e
16:43:04.0449 1836 PEAUTH ( LockedFile.Multi.Generic ) - warning
16:43:04.0449 1836 PEAUTH - detected LockedFile.Multi.Generic (1)
16:43:04.0512 1836 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:43:04.0527 1836 PerfHost - ok
16:43:04.0621 1836 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
16:43:04.0668 1836 pla - ok
16:43:04.0730 1836 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
16:43:04.0761 1836 PlugPlay - ok
16:43:04.0777 1836 PnkBstrA - ok
16:43:04.0808 1836 PnkBstrB - ok
16:43:04.0855 1836 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:43:04.0870 1836 PNRPAutoReg - ok
16:43:04.0917 1836 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:43:04.0933 1836 PNRPsvc - ok
16:43:04.0980 1836 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
16:43:05.0026 1836 PolicyAgent - ok
16:43:05.0073 1836 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:43:05.0104 1836 Power - ok
16:43:05.0136 1836 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
16:43:05.0151 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\raspptp.sys. md5: 27cc19e81ba5e3403c48302127bda717
16:43:05.0151 1836 PptpMiniport ( LockedFile.Multi.Generic ) - warning
16:43:05.0151 1836 PptpMiniport - detected LockedFile.Multi.Generic (1)
16:43:05.0167 1836 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:43:05.0182 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\processr.sys. md5: 0d922e23c041efb1c3fac2a6f943c9bf
16:43:05.0182 1836 Processor ( LockedFile.Multi.Generic ) - warning
16:43:05.0182 1836 Processor - detected LockedFile.Multi.Generic (1)
16:43:05.0214 1836 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
16:43:05.0229 1836 ProfSvc - ok
16:43:05.0276 1836 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:43:05.0276 1836 ProtectedStorage - ok
16:43:05.0323 1836 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
16:43:05.0323 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\pacer.sys. md5: ee992183bd8eaefd9973f352e587a299
16:43:05.0323 1836 Psched ( LockedFile.Multi.Generic ) - warning
16:43:05.0323 1836 Psched - detected LockedFile.Multi.Generic (1)
16:43:05.0432 1836 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:43:05.0432 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ql2300.sys. md5: a53a15a11ebfd21077463ee2c7afeef0
16:43:05.0432 1836 ql2300 ( LockedFile.Multi.Generic ) - warning
16:43:05.0432 1836 ql2300 - detected LockedFile.Multi.Generic (1)
16:43:05.0526 1836 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:43:05.0526 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ql40xx.sys. md5: 4f6d12b51de1aaeff7dc58c4d75423c8
16:43:05.0526 1836 ql40xx ( LockedFile.Multi.Generic ) - warning
16:43:05.0526 1836 ql40xx - detected LockedFile.Multi.Generic (1)
16:43:05.0557 1836 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:43:05.0572 1836 QWAVE - ok
16:43:05.0588 1836 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:43:05.0588 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\qwavedrv.sys. md5: 76707bb36430888d9ce9d705398adb6c
16:43:05.0604 1836 QWAVEdrv ( LockedFile.Multi.Generic ) - warning
16:43:05.0604 1836 QWAVEdrv - detected LockedFile.Multi.Generic (1)
16:43:05.0635 1836 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:43:05.0635 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rasacd.sys. md5: 5a0da8ad5762fa2d91678a8a01311704
16:43:05.0635 1836 RasAcd ( LockedFile.Multi.Generic ) - warning
16:43:05.0635 1836 RasAcd - detected LockedFile.Multi.Generic (1)
16:43:05.0666 1836 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:43:05.0666 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\AgileVpn.sys. md5: 7ecff9b22276b73f43a99a15a6094e90
16:43:05.0666 1836 RasAgileVpn ( LockedFile.Multi.Generic ) - warning
16:43:05.0666 1836 RasAgileVpn - detected LockedFile.Multi.Generic (1)
16:43:05.0697 1836 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:43:05.0744 1836 RasAuto - ok
16:43:05.0775 1836 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:43:05.0775 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rasl2tp.sys. md5: 87a6e852a22991580d6d39adc4790463
16:43:05.0775 1836 Rasl2tp ( LockedFile.Multi.Generic ) - warning
16:43:05.0775 1836 Rasl2tp - detected LockedFile.Multi.Generic (1)
16:43:05.0822 1836 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
16:43:05.0853 1836 RasMan - ok
16:43:05.0869 1836 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:43:05.0869 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\raspppoe.sys. md5: 855c9b1cd4756c5e9a2aa58a15f58c25
16:43:05.0869 1836 RasPppoe ( LockedFile.Multi.Generic ) - warning
16:43:05.0869 1836 RasPppoe - detected LockedFile.Multi.Generic (1)
16:43:05.0900 1836 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:43:05.0900 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rassstp.sys. md5: e8b1e447b008d07ff47d016c2b0eeecb
16:43:05.0900 1836 RasSstp ( LockedFile.Multi.Generic ) - warning
16:43:05.0900 1836 RasSstp - detected LockedFile.Multi.Generic (1)
16:43:05.0931 1836 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
16:43:05.0931 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rdbss.sys. md5: 3bac8142102c15d59a87757c1d41dce5
16:43:05.0931 1836 rdbss ( LockedFile.Multi.Generic ) - warning
16:43:05.0931 1836 rdbss - detected LockedFile.Multi.Generic (1)
16:43:05.0962 1836 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:43:05.0962 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rdpbus.sys. md5: 302da2a0539f2cf54d7c6cc30c1f2d8d
16:43:05.0962 1836 rdpbus ( LockedFile.Multi.Generic ) - warning
16:43:05.0962 1836 rdpbus - detected LockedFile.Multi.Generic (1)
16:43:05.0994 1836 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:43:05.0994 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\RDPCDD.sys. md5: cea6cc257fc9b7715f1c2b4849286d24
16:43:05.0994 1836 RDPCDD ( LockedFile.Multi.Generic ) - warning
16:43:05.0994 1836 RDPCDD - detected LockedFile.Multi.Generic (1)
16:43:06.0009 1836 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:43:06.0009 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\rdpencdd.sys. md5: bb5971a4f00659529a5c44831af22365
16:43:06.0009 1836 RDPENCDD ( LockedFile.Multi.Generic ) - warning
16:43:06.0009 1836 RDPENCDD - detected LockedFile.Multi.Generic (1)
16:43:06.0056 1836 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:43:06.0056 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\rdprefmp.sys. md5: 216f3fa57533d98e1f74ded70113177a
16:43:06.0056 1836 RDPREFMP ( LockedFile.Multi.Generic ) - warning
16:43:06.0056 1836 RDPREFMP - detected LockedFile.Multi.Generic (1)
16:43:06.0103 1836 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys
16:43:06.0103 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\RDPWD.sys. md5: 447de7e3dea39d422c1504f245b668b1
16:43:06.0103 1836 RDPWD ( LockedFile.Multi.Generic ) - warning
16:43:06.0103 1836 RDPWD - detected LockedFile.Multi.Generic (1)
16:43:06.0150 1836 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
16:43:06.0150 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\rdyboost.sys. md5: 634b9a2181d98f15941236886164ec8b
16:43:06.0181 1836 rdyboost ( LockedFile.Multi.Generic ) - warning
16:43:06.0181 1836 rdyboost - detected LockedFile.Multi.Generic (1)
16:43:06.0212 1836 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:43:06.0243 1836 RemoteAccess - ok
16:43:06.0274 1836 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:43:06.0306 1836 RemoteRegistry - ok
16:43:06.0337 1836 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:43:06.0384 1836 RpcEptMapper - ok
16:43:06.0415 1836 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:43:06.0415 1836 RpcLocator - ok
16:43:06.0477 1836 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
16:43:06.0493 1836 RpcSs - ok
16:43:06.0524 1836 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:43:06.0524 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rspndr.sys. md5: ddc86e4f8e7456261e637e3552e804ff
16:43:06.0524 1836 rspndr ( LockedFile.Multi.Generic ) - warning
16:43:06.0524 1836 rspndr - detected LockedFile.Multi.Generic (1)
16:43:06.0571 1836 RTL8167 (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:43:06.0571 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\Rt64win7.sys. md5: 4b42bc58294e83a6a92ec8b88c14c4a3
16:43:06.0571 1836 RTL8167 ( LockedFile.Multi.Generic ) - warning
16:43:06.0571 1836 RTL8167 - detected LockedFile.Multi.Generic (1)
16:43:06.0649 1836 RTL8192su (4ce333ac701c4bd2e3eff721c0db2526) C:\Windows\system32\DRIVERS\RTL8192su.sys
16:43:06.0649 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\RTL8192su.sys. md5: 4ce333ac701c4bd2e3eff721c0db2526
16:43:06.0649 1836 RTL8192su ( LockedFile.Multi.Generic ) - warning
16:43:06.0649 1836 RTL8192su - detected LockedFile.Multi.Generic (1)
16:43:06.0680 1836 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:43:06.0696 1836 SamSs - ok
16:43:06.0742 1836 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
16:43:06.0742 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\sbp2port.sys. md5: e3bbb89983daf5622c1d50cf49f28227
16:43:06.0758 1836 sbp2port ( LockedFile.Multi.Generic ) - warning
16:43:06.0758 1836 sbp2port - detected LockedFile.Multi.Generic (1)
16:43:06.0789 1836 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:43:06.0820 1836 SCardSvr - ok
16:43:06.0852 1836 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
16:43:06.0852 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\scfilter.sys. md5: c94da20c7e3ba1dca269bc8460d98387
16:43:06.0852 1836 scfilter ( LockedFile.Multi.Generic ) - warning
16:43:06.0852 1836 scfilter - detected LockedFile.Multi.Generic (1)
16:43:06.0930 1836 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
16:43:06.0961 1836 Schedule - ok
16:43:06.0992 1836 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
16:43:07.0023 1836 SCPolicySvc - ok
16:43:07.0039 1836 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
16:43:07.0070 1836 SDRSVC - ok
16:43:07.0195 1836 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
16:43:07.0195 1836 SeaPort - ok
16:43:07.0242 1836 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:43:07.0242 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\secdrv.sys. md5: 3ea8a16169c26afbeb544e0e48421186
16:43:07.0242 1836 secdrv ( LockedFile.Multi.Generic ) - warning
16:43:07.0242 1836 secdrv - detected LockedFile.Multi.Generic (1)
16:43:07.0273 1836 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
16:43:07.0304 1836 seclogon - ok
16:43:07.0335 1836 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
16:43:07.0366 1836 SENS - ok
16:43:07.0398 1836 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:43:07.0413 1836 SensrSvc - ok
16:43:07.0429 1836 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:43:07.0429 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\serenum.sys. md5: cb624c0035412af0debec78c41f5ca1b
16:43:07.0429 1836 Serenum ( LockedFile.Multi.Generic ) - warning
16:43:07.0429 1836 Serenum - detected LockedFile.Multi.Generic (1)
16:43:07.0460 1836 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:43:07.0460 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\serial.sys. md5: c1d8e28b2c2adfaec4ba89e9fda69bd6
16:43:07.0476 1836 Serial ( LockedFile.Multi.Generic ) - warning
16:43:07.0476 1836 Serial - detected LockedFile.Multi.Generic (1)
16:43:07.0522 1836 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:43:07.0522 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\sermouse.sys. md5: 1c545a7d0691cc4a027396535691c3e3
16:43:07.0522 1836 sermouse ( LockedFile.Multi.Generic ) - warning
16:43:07.0522 1836 sermouse - detected LockedFile.Multi.Generic (1)
16:43:07.0569 1836 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
16:43:07.0585 1836 SessionEnv - ok
16:43:07.0616 1836 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
16:43:07.0616 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\sffdisk.sys. md5: a554811bcd09279536440c964ae35bbf
16:43:07.0616 1836 sffdisk ( LockedFile.Multi.Generic ) - warning
16:43:07.0616 1836 sffdisk - detected LockedFile.Multi.Generic (1)
16:43:07.0647 1836 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:43:07.0647 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\sffp_mmc.sys. md5: ff414f0baefeba59bc6c04b3db0b87bf
16:43:07.0647 1836 sffp_mmc ( LockedFile.Multi.Generic ) - warning
16:43:07.0647 1836 sffp_mmc - detected LockedFile.Multi.Generic (1)
16:43:07.0663 1836 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
16:43:07.0663 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\sffp_sd.sys. md5: 178298f767fe638c9fedcbdef58bb5e4
16:43:07.0663 1836 sffp_sd ( LockedFile.Multi.Generic ) - warning
16:43:07.0663 1836 sffp_sd - detected LockedFile.Multi.Generic (1)
16:43:07.0694 1836 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:43:07.0694 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\sfloppy.sys. md5: a9d601643a1647211a1ee2ec4e433ff4
16:43:07.0694 1836 sfloppy ( LockedFile.Multi.Generic ) - warning
16:43:07.0694 1836 sfloppy - detected LockedFile.Multi.Generic (1)
16:43:07.0756 1836 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:43:07.0788 1836 SharedAccess - ok
16:43:07.0850 1836 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
16:43:07.0881 1836 ShellHWDetection - ok
16:43:07.0912 1836 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:43:07.0912 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\SiSRaid2.sys. md5: 843caf1e5fde1ffd5ff768f23a51e2e1
16:43:07.0912 1836 SiSRaid2 ( LockedFile.Multi.Generic ) - warning
16:43:07.0912 1836 SiSRaid2 - detected LockedFile.Multi.Generic (1)
16:43:07.0944 1836 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:43:07.0944 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\sisraid4.sys. md5: 6a6c106d42e9ffff8b9fcb4f754f6da4
16:43:07.0944 1836 SiSRaid4 ( LockedFile.Multi.Generic ) - warning
16:43:07.0944 1836 SiSRaid4 - detected LockedFile.Multi.Generic (1)
16:43:08.0162 1836 Skype C2C Service (4ca43b85f22c7739311788b651a779cb) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
16:43:08.0209 1836 Skype C2C Service - ok
16:43:08.0334 1836 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:43:08.0334 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\smb.sys. md5: 548260a7b8654e024dc30bf8a7c5baa4
16:43:08.0334 1836 Smb ( LockedFile.Multi.Generic ) - warning
16:43:08.0334 1836 Smb - detected LockedFile.Multi.Generic (1)
16:43:08.0396 1836 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:43:08.0412 1836 SNMPTRAP - ok
16:43:08.0443 1836 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:43:08.0443 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\spldr.sys. md5: b9e31e5cacdfe584f34f730a677803f9
16:43:08.0443 1836 spldr ( LockedFile.Multi.Generic ) - warning
16:43:08.0443 1836 spldr - detected LockedFile.Multi.Generic (1)
16:43:08.0505 1836 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
16:43:08.0536 1836 Spooler - ok
16:43:08.0692 1836 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
16:43:08.0755 1836 sppsvc - ok
16:43:08.0833 1836 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:43:08.0864 1836 sppuinotify - ok
16:43:08.0926 1836 sp_rsdrv2 (b9657a0aff28c1cb114acc0cb93ee4bb) C:\Windows\system32\DRIVERS\stflt.sys
16:43:08.0926 1836 sp_rsdrv2 - ok
16:43:08.0973 1836 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
16:43:08.0973 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\srv.sys. md5: 2408c0366d96bcdf63e8f1c78e4a29c5
16:43:09.0004 1836 srv ( LockedFile.Multi.Generic ) - warning
16:43:09.0004 1836 srv - detected LockedFile.Multi.Generic (1)
16:43:09.0051 1836 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
16:43:09.0051 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\srv2.sys. md5: 76548f7b818881b47d8d1ae1be9c11f8
16:43:09.0051 1836 srv2 ( LockedFile.Multi.Generic ) - warning
16:43:09.0051 1836 srv2 - detected LockedFile.Multi.Generic (1)
16:43:09.0082 1836 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
16:43:09.0082 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\srvnet.sys. md5: 0af6e19d39c70844c5caa8fb0183c36e
16:43:09.0082 1836 srvnet ( LockedFile.Multi.Generic ) - warning
16:43:09.0082 1836 srvnet - detected LockedFile.Multi.Generic (1)
16:43:09.0114 1836 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:43:09.0160 1836 SSDPSRV - ok
16:43:09.0192 1836 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:43:09.0223 1836 SstpSvc - ok
16:43:09.0348 1836 ST2012_Svc (c504af1a54ef90ba47d2f75d3c8d3f24) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
16:43:09.0363 1836 ST2012_Svc - ok
16:43:09.0457 1836 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:43:09.0457 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\stexstor.sys. md5: f3817967ed533d08327dc73bc4d5542a
16:43:09.0457 1836 stexstor ( LockedFile.Multi.Generic ) - warning
16:43:09.0457 1836 stexstor - detected LockedFile.Multi.Generic (1)
16:43:09.0504 1836 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
16:43:09.0519 1836 stisvc - ok
16:43:09.0550 1836 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
16:43:09.0550 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\swenum.sys. md5: d01ec09b6711a5f8e7e6564a4d0fbc90
16:43:09.0550 1836 swenum ( LockedFile.Multi.Generic ) - warning
16:43:09.0550 1836 swenum - detected LockedFile.Multi.Generic (1)
16:43:09.0597 1836 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:43:09.0644 1836 swprv - ok
16:43:09.0722 1836 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
16:43:09.0769 1836 SysMain - ok
16:43:09.0862 1836 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
16:43:09.0878 1836 TabletInputService - ok
16:43:09.0925 1836 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
16:43:09.0956 1836 TapiSrv - ok
16:43:09.0987 1836 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:43:10.0034 1836 TBS - ok
16:43:10.0159 1836 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
16:43:10.0174 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\tcpip.sys. md5: 624c5b3aa4c99b3184bb922d9ece3ff0
16:43:10.0190 1836 Tcpip ( LockedFile.Multi.Generic ) - warning
16:43:10.0190 1836 Tcpip - detected LockedFile.Multi.Generic (1)
16:43:10.0299 1836 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
16:43:10.0299 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tcpip.sys. md5: 624c5b3aa4c99b3184bb922d9ece3ff0
16:43:10.0315 1836 TCPIP6 ( LockedFile.Multi.Generic ) - warning
16:43:10.0315 1836 TCPIP6 - detected LockedFile.Multi.Generic (1)
16:43:10.0362 1836 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
16:43:10.0362 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\tcpipreg.sys. md5: 76d078af6f587b162d50210f761eb9ed
16:43:10.0362 1836 tcpipreg ( LockedFile.Multi.Generic ) - warning
16:43:10.0362 1836 tcpipreg - detected LockedFile.Multi.Generic (1)
16:43:10.0408 1836 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:43:10.0408 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\tdpipe.sys. md5: 3371d21011695b16333a3934340c4e7c
16:43:10.0408 1836 TDPIPE ( LockedFile.Multi.Generic ) - warning
16:43:10.0408 1836 TDPIPE - detected LockedFile.Multi.Generic (1)
16:43:10.0440 1836 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
16:43:10.0440 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\tdtcp.sys. md5: 7518f7bcfd4b308abc9192bacaf6c970
16:43:10.0440 1836 TDTCP ( LockedFile.Multi.Generic ) - warning
16:43:10.0440 1836 TDTCP - detected LockedFile.Multi.Generic (1)
16:43:10.0471 1836 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
16:43:10.0471 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tdx.sys. md5: 079125c4b17b01fcaeebce0bcb290c0f
16:43:10.0471 1836 tdx ( LockedFile.Multi.Generic ) - warning
16:43:10.0471 1836 tdx - detected LockedFile.Multi.Generic (1)
16:43:10.0658 1836 TeamViewer6 (1c46c27e9f1938b9589859c70450d275) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
16:43:10.0705 1836 TeamViewer6 - ok
16:43:10.0767 1836 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
16:43:10.0767 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\termdd.sys. md5: c448651339196c0e869a355171875522
16:43:10.0767 1836 TermDD ( LockedFile.Multi.Generic ) - warning
16:43:10.0767 1836 TermDD - detected LockedFile.Multi.Generic (1)
16:43:10.0845 1836 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
16:43:10.0876 1836 TermService - ok
16:43:10.0923 1836 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:43:10.0939 1836 Themes - ok
16:43:10.0986 1836 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:43:11.0017 1836 THREADORDER - ok
16:43:11.0048 1836 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:43:11.0079 1836 TrkWks - ok
16:43:11.0142 1836 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
16:43:11.0173 1836 TrustedInstaller - ok
16:43:11.0188 1836 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:43:11.0188 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tssecsrv.sys. md5: 61b96c26131e37b24e93327a0bd1fb95
16:43:11.0204 1836 tssecsrv ( LockedFile.Multi.Generic ) - warning
16:43:11.0204 1836 tssecsrv - detected LockedFile.Multi.Generic (1)
16:43:11.0329 1836 TuneUp.Defrag (b66983b129d26c8d13e4055db5134be5) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
16:43:11.0344 1836 TuneUp.Defrag - ok
16:43:11.0469 1836 TuneUp.UtilitiesSvc (06057242ae20de851dfcbb6863f1c9bc) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
16:43:11.0485 1836 TuneUp.UtilitiesSvc - ok
16:43:11.0516 1836 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys
16:43:11.0516 1836 Suspicious file (NoAccess): C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys. md5: dcc94c51d27c7ec0dadeca8f64c94fcf
16:43:11.0516 1836 TuneUpUtilitiesDrv ( LockedFile.Multi.Generic ) - warning
16:43:11.0516 1836 TuneUpUtilitiesDrv - detected LockedFile.Multi.Generic (1)
16:43:11.0610 1836 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
16:43:11.0610 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tunnel.sys. md5: 3836171a2cdf3af8ef10856db9835a70
16:43:11.0610 1836 tunnel ( LockedFile.Multi.Generic ) - warning
16:43:11.0610 1836 tunnel - detected LockedFile.Multi.Generic (1)
16:43:11.0672 1836 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:43:11.0672 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\uagp35.sys. md5: b4dd609bd7e282bfc683cec7eaaaad67
16:43:11.0688 1836 uagp35 ( LockedFile.Multi.Generic ) - warning
16:43:11.0688 1836 uagp35 - detected LockedFile.Multi.Generic (1)
16:43:11.0734 1836 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
16:43:11.0734 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\udfs.sys. md5: d47baead86c65d4f4069d7ce0a4edceb
16:43:11.0734 1836 udfs ( LockedFile.Multi.Generic ) - warning
16:43:11.0734 1836 udfs - detected LockedFile.Multi.Generic (1)
16:43:11.0781 1836 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:43:11.0812 1836 UI0Detect - ok
16:43:11.0828 1836 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
16:43:11.0828 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\uliagpkx.sys. md5: 4bfe1bc28391222894cbf1e7d0e42320
16:43:11.0828 1836 uliagpkx ( LockedFile.Multi.Generic ) - warning
16:43:11.0828 1836 uliagpkx - detected LockedFile.Multi.Generic (1)
16:43:11.0859 1836 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
16:43:11.0859 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\umbus.sys. md5: eab6c35e62b1b0db0d1b48b671d3a117
16:43:11.0859 1836 umbus ( LockedFile.Multi.Generic ) - warning
16:43:11.0859 1836 umbus - detected LockedFile.Multi.Generic (1)
16:43:11.0890 1836 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:43:11.0890 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\umpass.sys. md5: b2e8e8cb557b156da5493bbddcc1474d
16:43:11.0906 1836 UmPass ( LockedFile.Multi.Generic ) - warning
16:43:11.0906 1836 UmPass - detected LockedFile.Multi.Generic (1)
16:43:11.0937 1836 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:43:11.0984 1836 upnphost - ok
16:43:12.0015 1836 upperdev (f49988fbf59413b974b1380d6f743ebc) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
16:43:12.0015 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys. md5: f49988fbf59413b974b1380d6f743ebc
16:43:12.0031 1836 upperdev ( LockedFile.Multi.Generic ) - warning
16:43:12.0031 1836 upperdev - detected LockedFile.Multi.Generic (1)
16:43:12.0062 1836 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
16:43:12.0062 1836 Suspicious file (NoAccess): C:\Windows\system32\Drivers\usbaapl64.sys. md5: 54d4b48d443e7228bf64cf7cdc3118ac
16:43:12.0078 1836 USBAAPL64 ( LockedFile.Multi.Generic ) - warning
16:43:12.0078 1836 USBAAPL64 - detected LockedFile.Multi.Generic (1)
16:43:12.0109 1836 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
16:43:12.0109 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\usbaudio.sys. md5: 77b01bc848298223a95d4ec23e1785a1
16:43:12.0109 1836 usbaudio ( LockedFile.Multi.Generic ) - warning
16:43:12.0109 1836 usbaudio - detected LockedFile.Multi.Generic (1)
16:43:12.0140 1836 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
16:43:12.0140 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbccgp.sys. md5: b26afb54a534d634523c4fb66765b026
16:43:12.0140 1836 usbccgp ( LockedFile.Multi.Generic ) - warning
16:43:12.0140 1836 usbccgp - detected LockedFile.Multi.Generic (1)
16:43:12.0171 1836 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
16:43:12.0171 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbcir.sys. md5: af0892a803fdda7492f595368e3b68e7
16:43:12.0171 1836 usbcir ( LockedFile.Multi.Generic ) - warning
16:43:12.0171 1836 usbcir - detected LockedFile.Multi.Generic (1)
16:43:12.0202 1836 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
16:43:12.0202 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbehci.sys. md5: 2ea4aff7be7eb4632e3aa8595b0803b5
16:43:12.0202 1836 usbehci ( LockedFile.Multi.Generic ) - warning
16:43:12.0202 1836 usbehci - detected LockedFile.Multi.Generic (1)
16:43:12.0234 1836 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
16:43:12.0234 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbhub.sys. md5: 4c9042b8df86c1e8e6240c218b99b39b
16:43:12.0234 1836 usbhub ( LockedFile.Multi.Generic ) - warning
16:43:12.0234 1836 usbhub - detected LockedFile.Multi.Generic (1)
16:43:12.0265 1836 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
16:43:12.0265 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbohci.sys. md5: 58e546bbaf87664fc57e0f6081e4f609
16:43:12.0265 1836 usbohci ( LockedFile.Multi.Generic ) - warning
16:43:12.0265 1836 usbohci - detected LockedFile.Multi.Generic (1)
16:43:12.0296 1836 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:43:12.0296 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbprint.sys. md5: 73188f58fb384e75c4063d29413cee3d
16:43:12.0296 1836 usbprint ( LockedFile.Multi.Generic ) - warning
16:43:12.0296 1836 usbprint - detected LockedFile.Multi.Generic (1)
16:43:12.0327 1836 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
16:43:12.0327 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbscan.sys. md5: aaa2513c8aed8b54b189fd0c6b1634c0
16:43:12.0327 1836 usbscan ( LockedFile.Multi.Generic ) - warning
16:43:12.0327 1836 usbscan - detected LockedFile.Multi.Generic (1)
16:43:12.0358 1836 usbser (0f0c72a657c622286013788b886968ad) C:\Windows\system32\DRIVERS\usbser.sys
16:43:12.0358 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbser.sys. md5: 0f0c72a657c622286013788b886968ad
16:43:12.0374 1836 usbser ( LockedFile.Multi.Generic ) - warning
16:43:12.0374 1836 usbser - detected LockedFile.Multi.Generic (1)
16:43:12.0405 1836 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:43:12.0405 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\USBSTOR.SYS. md5: 080d3820da6c046be82fc8b45a893e83
16:43:12.0405 1836 USBSTOR ( LockedFile.Multi.Generic ) - warning
16:43:12.0405 1836 USBSTOR - detected LockedFile.Multi.Generic (1)
16:43:12.0436 1836 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
16:43:12.0436 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbuhci.sys. md5: 81fb2216d3a60d1284455d511797db3d
16:43:12.0436 1836 usbuhci ( LockedFile.Multi.Generic ) - warning
16:43:12.0436 1836 usbuhci - detected LockedFile.Multi.Generic (1)
16:43:12.0468 1836 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\Windows\system32\Drivers\usbvideo.sys
16:43:12.0468 1836 Suspicious file (NoAccess): C:\Windows\system32\Drivers\usbvideo.sys. md5: d501e12614b00a3252073101d6a1a74b
16:43:12.0468 1836 usbvideo ( LockedFile.Multi.Generic ) - warning
16:43:12.0468 1836 usbvideo - detected LockedFile.Multi.Generic (1)
16:43:12.0514 1836 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:43:12.0546 1836 UxSms - ok
16:43:12.0624 1836 UxTuneUp (dcc46aa99a1db65296d1fe5b30cfe0cf) C:\Windows\System32\uxtuneup.dll
16:43:12.0624 1836 UxTuneUp - ok
16:43:12.0655 1836 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:43:12.0670 1836 VaultSvc - ok
16:43:12.0686 1836 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
16:43:12.0702 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\vdrvroot.sys. md5: c5c876ccfc083ff3b128f933823e87bd
16:43:12.0702 1836 vdrvroot ( LockedFile.Multi.Generic ) - warning
16:43:12.0702 1836 vdrvroot - detected LockedFile.Multi.Generic (1)
16:43:12.0748 1836 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
16:43:12.0780 1836 vds - ok
16:43:12.0795 1836 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:43:12.0795 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\vgapnp.sys. md5: da4da3f5e02943c2dc8c6ed875de68dd
16:43:12.0795 1836 vga ( LockedFile.Multi.Generic ) - warning
16:43:12.0795 1836 vga - detected LockedFile.Multi.Generic (1)
16:43:12.0811 1836 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:43:12.0811 1836 Suspicious file (NoAccess): C:\Windows\System32\drivers\vga.sys. md5: 53e92a310193cb3c03bea963de7d9cfc
16:43:12.0811 1836 VgaSave ( LockedFile.Multi.Generic ) - warning
16:43:12.0811 1836 VgaSave - detected LockedFile.Multi.Generic (1)
16:43:12.0858 1836 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
16:43:12.0858 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\vhdmp.sys. md5: c82e748660f62a242b2dfac1442f22a4
16:43:12.0858 1836 vhdmp ( LockedFile.Multi.Generic ) - warning
16:43:12.0858 1836 vhdmp - detected LockedFile.Multi.Generic (1)
16:43:12.0889 1836 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
16:43:12.0889 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\viaide.sys. md5: e5689d93ffe4e5d66c0178761240dd54

hazik · #6 Příspěvek od **hazik** » 29 črc 2012 15:55

16:43:12.0889 1836 viaide ( LockedFile.Multi.Generic ) - warning
16:43:12.0889 1836 viaide - detected LockedFile.Multi.Generic (1)
16:43:12.0904 1836 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
16:43:12.0904 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\volmgr.sys. md5: 2b1a3dae2b4e70dbba822b7a03fbd4a3
16:43:12.0904 1836 volmgr ( LockedFile.Multi.Generic ) - warning
16:43:12.0904 1836 volmgr - detected LockedFile.Multi.Generic (1)
16:43:12.0951 1836 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
16:43:12.0951 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\volmgrx.sys. md5: 99b0cbb569ca79acaed8c91461d765fb
16:43:12.0967 1836 volmgrx ( LockedFile.Multi.Generic ) - warning
16:43:12.0967 1836 volmgrx - detected LockedFile.Multi.Generic (1)
16:43:12.0998 1836 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
16:43:12.0998 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\volsnap.sys. md5: 58f82eed8ca24b461441f9c3e4f0bf5c
16:43:12.0998 1836 volsnap ( LockedFile.Multi.Generic ) - warning
16:43:12.0998 1836 volsnap - detected LockedFile.Multi.Generic (1)
16:43:13.0045 1836 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:43:13.0045 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\vsmraid.sys. md5: 5e2016ea6ebaca03c04feac5f330d997
16:43:13.0045 1836 vsmraid ( LockedFile.Multi.Generic ) - warning
16:43:13.0045 1836 vsmraid - detected LockedFile.Multi.Generic (1)
16:43:13.0138 1836 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
16:43:13.0185 1836 VSS - ok
16:43:13.0263 1836 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:43:13.0263 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\vwifibus.sys. md5: 36d4720b72b5c5d9cb2b9c29e9df67a1
16:43:13.0263 1836 vwifibus ( LockedFile.Multi.Generic ) - warning
16:43:13.0263 1836 vwifibus - detected LockedFile.Multi.Generic (1)
16:43:13.0294 1836 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:43:13.0294 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\vwififlt.sys. md5: 6a3d66263414ff0d6fa754c646612f3f
16:43:13.0310 1836 vwififlt ( LockedFile.Multi.Generic ) - warning
16:43:13.0310 1836 vwififlt - detected LockedFile.Multi.Generic (1)
16:43:13.0341 1836 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:43:13.0388 1836 W32Time - ok
16:43:13.0419 1836 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:43:13.0419 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wacompen.sys. md5: 4e9440f4f152a7b944cb1663d3935a3e
16:43:13.0419 1836 WacomPen ( LockedFile.Multi.Generic ) - warning
16:43:13.0419 1836 WacomPen - detected LockedFile.Multi.Generic (1)
16:43:13.0466 1836 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:43:13.0466 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wanarp.sys. md5: 47ca49400643effd3f1c9a27e1d69324
16:43:13.0466 1836 WANARP ( LockedFile.Multi.Generic ) - warning
16:43:13.0466 1836 WANARP - detected LockedFile.Multi.Generic (1)
16:43:13.0482 1836 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:43:13.0482 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wanarp.sys. md5: 47ca49400643effd3f1c9a27e1d69324
16:43:13.0482 1836 Wanarpv6 ( LockedFile.Multi.Generic ) - warning
16:43:13.0482 1836 Wanarpv6 - detected LockedFile.Multi.Generic (1)
16:43:13.0575 1836 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:43:13.0606 1836 WatAdminSvc - ok
16:43:13.0700 1836 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
16:43:13.0731 1836 wbengine - ok
16:43:13.0809 1836 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:43:13.0825 1836 WbioSrvc - ok
16:43:13.0872 1836 wcncsvc (8321c2ca3b62b61b293cda3451984468) C:\Windows\System32\wcncsvc.dll
16:43:13.0887 1836 wcncsvc - ok
16:43:13.0903 1836 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:43:13.0934 1836 WcsPlugInService - ok
16:43:13.0996 1836 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:43:13.0996 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wd.sys. md5: 72889e16ff12ba0f235467d6091b17dc
16:43:14.0012 1836 Wd ( LockedFile.Multi.Generic ) - warning
16:43:14.0012 1836 Wd - detected LockedFile.Multi.Generic (1)
16:43:14.0074 1836 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:43:14.0074 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\Wdf01000.sys. md5: 441bd2d7b4f98134c3a4f9fa570fd250
16:43:14.0074 1836 Wdf01000 ( LockedFile.Multi.Generic ) - warning
16:43:14.0074 1836 Wdf01000 - detected LockedFile.Multi.Generic (1)
16:43:14.0106 1836 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:43:14.0121 1836 WdiServiceHost - ok
16:43:14.0137 1836 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:43:14.0152 1836 WdiSystemHost - ok
16:43:14.0184 1836 WebClient (8a438cbb8c032a0c798b0c642ffbe572) C:\Windows\System32\webclnt.dll
16:43:14.0215 1836 WebClient - ok
16:43:14.0262 1836 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:43:14.0293 1836 Wecsvc - ok
16:43:14.0324 1836 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:43:14.0355 1836 wercplsupport - ok
16:43:14.0402 1836 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:43:14.0449 1836 WerSvc - ok
16:43:14.0464 1836 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:43:14.0464 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wfplwf.sys. md5: 611b23304bf067451a9fdee01fbdd725
16:43:14.0480 1836 WfpLwf ( LockedFile.Multi.Generic ) - warning
16:43:14.0480 1836 WfpLwf - detected LockedFile.Multi.Generic (1)
16:43:14.0496 1836 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:43:14.0496 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\wimmount.sys. md5: 05ecaec3e4529a7153b3136ceb49f0ec
16:43:14.0511 1836 WIMMount ( LockedFile.Multi.Generic ) - warning
16:43:14.0511 1836 WIMMount - detected LockedFile.Multi.Generic (1)
16:43:14.0558 1836 WinDefend - ok
16:43:14.0574 1836 WinHttpAutoProxySvc - ok
16:43:14.0652 1836 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:43:14.0698 1836 Winmgmt - ok
16:43:14.0823 1836 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
16:43:14.0886 1836 WinRM - ok
16:43:15.0010 1836 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
16:43:15.0010 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\WinUsb.sys. md5: 817eaff5d38674edd7713b9dfb8e9791
16:43:15.0026 1836 WinUsb ( LockedFile.Multi.Generic ) - warning
16:43:15.0026 1836 WinUsb - detected LockedFile.Multi.Generic (1)
16:43:15.0088 1836 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:43:15.0151 1836 Wlansvc - ok
16:43:15.0198 1836 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
16:43:15.0198 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wmiacpi.sys. md5: f6ff8944478594d0e414d3f048f0d778
16:43:15.0198 1836 WmiAcpi ( LockedFile.Multi.Generic ) - warning
16:43:15.0198 1836 WmiAcpi - detected LockedFile.Multi.Generic (1)
16:43:15.0276 1836 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:43:15.0307 1836 wmiApSrv - ok
16:43:15.0338 1836 WMPNetworkSvc - ok
16:43:15.0369 1836 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:43:15.0369 1836 WPCSvc - ok
16:43:15.0416 1836 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
16:43:15.0447 1836 WPDBusEnum - ok
16:43:15.0463 1836 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:43:15.0463 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\ws2ifsl.sys. md5: 6bcc1d7d2fd2453957c5479a32364e52
16:43:15.0463 1836 ws2ifsl ( LockedFile.Multi.Generic ) - warning
16:43:15.0463 1836 ws2ifsl - detected LockedFile.Multi.Generic (1)
16:43:15.0510 1836 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
16:43:15.0541 1836 wscsvc - ok
16:43:15.0541 1836 WSearch - ok
16:43:15.0681 1836 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
16:43:15.0728 1836 wuauserv - ok
16:43:15.0837 1836 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
16:43:15.0837 1836 Suspicious file (NoAccess): C:\Windows\system32\drivers\WudfPf.sys. md5: 7cadc74271dd6461c452c271b30bd378
16:43:15.0837 1836 WudfPf ( LockedFile.Multi.Generic ) - warning
16:43:15.0837 1836 WudfPf - detected LockedFile.Multi.Generic (1)
16:43:15.0868 1836 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:43:15.0868 1836 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\WUDFRd.sys. md5: 3b197af0fff08aa66b6b2241ca538d64
16:43:15.0868 1836 WUDFRd ( LockedFile.Multi.Generic ) - warning
16:43:15.0868 1836 WUDFRd - detected LockedFile.Multi.Generic (1)
16:43:15.0900 1836 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
16:43:15.0931 1836 wudfsvc - ok
16:43:15.0978 1836 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:43:16.0009 1836 WwanSvc - ok
16:43:16.0102 1836 X6va005 - ok
16:43:16.0118 1836 X6va007 - ok
16:43:16.0196 1836 X6va008 - ok
16:43:16.0227 1836 X6va009 - ok
16:43:16.0305 1836 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
16:43:16.0321 1836 YahooAUService - ok
16:43:16.0352 1836 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:43:16.0586 1836 \Device\Harddisk0\DR0 - ok
16:43:16.0586 1836 MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk1\DR3
16:43:18.0333 1836 \Device\Harddisk1\DR3 - ok
16:43:18.0333 1836 Boot (0x1200) (f096a872a78108a8ad1df216b21348b8) \Device\Harddisk0\DR0\Partition0
16:43:18.0333 1836 \Device\Harddisk0\DR0\Partition0 - ok
16:43:18.0333 1836 Boot (0x1200) (3373340f691cbc7169ccb4c1caa6512b) \Device\Harddisk0\DR0\Partition1
16:43:18.0333 1836 \Device\Harddisk0\DR0\Partition1 - ok
16:43:18.0349 1836 Boot (0x1200) (2348cc66d5be9c574f9ae6cf52aa2be1) \Device\Harddisk1\DR3\Partition0
16:43:18.0349 1836 \Device\Harddisk1\DR3\Partition0 - ok
16:43:18.0349 1836 ============================================================
16:43:18.0349 1836 Scan finished
16:43:18.0349 1836 ============================================================
16:43:18.0364 1828 Detected object count: 192
16:43:18.0364 1828 Actual detected object count: 192
16:43:37.0381 1828 cmdide ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0381 1828 cmdide ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0381 1828 CNG ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0381 1828 CNG ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0381 1828 Compbatt ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0381 1828 Compbatt ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0381 1828 CompositeBus ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0381 1828 CompositeBus ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0396 1828 crcdisk ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0396 1828 crcdisk ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0396 1828 DfsC ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0396 1828 DfsC ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0396 1828 eb75d1b145d6a7c9 ( LockedService.Multi.Generic ) - skipped by user
16:43:37.0396 1828 eb75d1b145d6a7c9 ( LockedService.Multi.Generic ) - User select action: Skip
16:43:37.0396 1828 HidIr ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0396 1828 HidIr ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0396 1828 HidUsb ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0396 1828 HidUsb ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0396 1828 HpSAMD ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0396 1828 HpSAMD ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0396 1828 HTTP ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0396 1828 HTTP ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0396 1828 hwpolicy ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0396 1828 hwpolicy ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0412 1828 i8042prt ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0412 1828 i8042prt ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0412 1828 iaStorV ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0412 1828 iaStorV ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0412 1828 Impcd ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0412 1828 Impcd ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0412 1828 intelide ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0412 1828 intelide ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0412 1828 intelppm ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0412 1828 intelppm ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0412 1828 ioatdma ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0412 1828 ioatdma ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0412 1828 ioatdma1 ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0412 1828 ioatdma1 ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0412 1828 ioatdma2 ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0412 1828 ioatdma2 ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0428 1828 IpFilterDriver ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0428 1828 IpFilterDriver ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0428 1828 IPMIDRV ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0428 1828 IPMIDRV ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0428 1828 IPNAT ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0428 1828 IPNAT ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0428 1828 IRENUM ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0428 1828 IRENUM ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0428 1828 isapnp ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0428 1828 isapnp ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0428 1828 iScsiPrt ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0428 1828 iScsiPrt ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0428 1828 itecir ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0428 1828 itecir ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0428 1828 kbdclass ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0428 1828 kbdclass ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0443 1828 kbdhid ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0443 1828 kbdhid ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0443 1828 KSecDD ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0443 1828 KSecDD ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0443 1828 KSecPkg ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0443 1828 KSecPkg ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0443 1828 ksthunk ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0443 1828 ksthunk ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0443 1828 lltdio ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0443 1828 lltdio ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0443 1828 LSI_FC ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0443 1828 LSI_FC ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0459 1828 LSI_SAS ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0459 1828 LSI_SAS ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0459 1828 LSI_SAS2 ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0459 1828 LSI_SAS2 ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0459 1828 LSI_SCSI ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0459 1828 LSI_SCSI ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0459 1828 luafv ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0459 1828 luafv ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0459 1828 megasas ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0459 1828 megasas ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0459 1828 MegaSR ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0459 1828 MegaSR ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0459 1828 Modem ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0459 1828 Modem ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0459 1828 monitor ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0459 1828 monitor ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0474 1828 mouclass ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0474 1828 mouclass ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0474 1828 mouhid ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0474 1828 mouhid ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0490 1828 mountmgr ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0490 1828 mountmgr ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0490 1828 mpio ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0490 1828 mpio ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0490 1828 MpNWMon ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0490 1828 MpNWMon ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0490 1828 mpsdrv ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0490 1828 mpsdrv ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0490 1828 MRxDAV ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0490 1828 MRxDAV ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0506 1828 mrxsmb ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0506 1828 mrxsmb ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0506 1828 mrxsmb10 ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0506 1828 mrxsmb10 ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0506 1828 mrxsmb20 ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0506 1828 mrxsmb20 ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0506 1828 msahci ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0506 1828 msahci ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0506 1828 msdsm ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0506 1828 msdsm ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0506 1828 Msfs ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0506 1828 Msfs ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0521 1828 mshidkmdf ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0521 1828 mshidkmdf ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0521 1828 MSHUSBVideo ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0521 1828 MSHUSBVideo ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0521 1828 msisadrv ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0521 1828 msisadrv ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0537 1828 MSKSSRV ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0537 1828 MSKSSRV ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0537 1828 MSPCLOCK ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0537 1828 MSPCLOCK ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0537 1828 MSPQM ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0537 1828 MSPQM ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0537 1828 MsRPC ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0537 1828 MsRPC ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0537 1828 mssmbios ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0537 1828 mssmbios ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0537 1828 MSTEE ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0537 1828 MSTEE ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0537 1828 MTConfig ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0537 1828 MTConfig ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0552 1828 MTsensor ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0552 1828 MTsensor ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0552 1828 Mup ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0552 1828 Mup ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0552 1828 NativeWifiP ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0552 1828 NativeWifiP ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0552 1828 NDIS ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0552 1828 NDIS ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0552 1828 NdisCap ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0552 1828 NdisCap ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0552 1828 NdisTapi ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0552 1828 NdisTapi ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0568 1828 Ndisuio ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0568 1828 Ndisuio ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0568 1828 NdisWan ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0568 1828 NdisWan ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0568 1828 NDProxy ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0568 1828 NDProxy ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0568 1828 NetBIOS ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0568 1828 NetBIOS ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0584 1828 NetBT ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0584 1828 NetBT ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0584 1828 nfrd960 ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0584 1828 nfrd960 ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0599 1828 NisDrv ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0599 1828 NisDrv ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0599 1828 nmwcd ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0599 1828 nmwcd ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0599 1828 nmwcdcx64 ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0599 1828 nmwcdcx64 ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0615 1828 nmwcdx64 ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0615 1828 nmwcdx64 ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0615 1828 Npfs ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0615 1828 Npfs ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0615 1828 nsiproxy ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0615 1828 nsiproxy ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0615 1828 Ntfs ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0615 1828 Ntfs ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0630 1828 Null ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0630 1828 Null ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0630 1828 nusb3hub ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0630 1828 nusb3hub ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0630 1828 nusb3xhc ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0630 1828 nusb3xhc ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0630 1828 nvraid ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0630 1828 nvraid ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0646 1828 nvsmu ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0646 1828 nvsmu ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0646 1828 nvstor ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0646 1828 nvstor ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0646 1828 nv_agp ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0646 1828 nv_agp ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0662 1828 ohci1394 ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0662 1828 ohci1394 ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0662 1828 PAC7302 ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0662 1828 PAC7302 ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0662 1828 Parport ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0662 1828 Parport ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0662 1828 partmgr ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0662 1828 partmgr ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0677 1828 pci ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0677 1828 pci ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0677 1828 pciide ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0677 1828 pciide ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0677 1828 pcmcia ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0677 1828 pcmcia ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0677 1828 pcw ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0677 1828 pcw ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0693 1828 PEAUTH ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0693 1828 PEAUTH ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0693 1828 PptpMiniport ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0693 1828 PptpMiniport ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0693 1828 Processor ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0693 1828 Processor ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0708 1828 Psched ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0708 1828 Psched ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0708 1828 ql2300 ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0708 1828 ql2300 ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0708 1828 ql40xx ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0708 1828 ql40xx ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0724 1828 QWAVEdrv ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0724 1828 QWAVEdrv ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0724 1828 RasAcd ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0724 1828 RasAcd ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0724 1828 RasAgileVpn ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0724 1828 RasAgileVpn ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0740 1828 Rasl2tp ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0740 1828 Rasl2tp ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0740 1828 RasPppoe ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0740 1828 RasPppoe ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0740 1828 RasSstp ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0740 1828 RasSstp ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0755 1828 rdbss ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0755 1828 rdbss ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0755 1828 rdpbus ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0755 1828 rdpbus ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0755 1828 RDPCDD ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0755 1828 RDPCDD ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0755 1828 RDPENCDD ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0755 1828 RDPENCDD ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0755 1828 RDPREFMP ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0755 1828 RDPREFMP ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0755 1828 RDPWD ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0755 1828 RDPWD ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0771 1828 rdyboost ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0771 1828 rdyboost ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0771 1828 rspndr ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0771 1828 rspndr ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0771 1828 RTL8167 ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0771 1828 RTL8167 ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0771 1828 RTL8192su ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0771 1828 RTL8192su ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0771 1828 sbp2port ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0771 1828 sbp2port ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0771 1828 scfilter ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0771 1828 scfilter ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0786 1828 secdrv ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0786 1828 secdrv ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0786 1828 Serenum ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0786 1828 Serenum ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0786 1828 Serial ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0786 1828 Serial ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0786 1828 sermouse ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0786 1828 sermouse ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0802 1828 sffdisk ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0802 1828 sffdisk ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0802 1828 sffp_mmc ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0802 1828 sffp_mmc ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0802 1828 sffp_sd ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0802 1828 sffp_sd ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0818 1828 sfloppy ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0818 1828 sfloppy ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0818 1828 SiSRaid2 ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0818 1828 SiSRaid2 ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0818 1828 SiSRaid4 ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0818 1828 SiSRaid4 ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0818 1828 Smb ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0833 1828 Smb ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0833 1828 spldr ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0833 1828 spldr ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0833 1828 srv ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0833 1828 srv ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0833 1828 srv2 ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0833 1828 srv2 ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0833 1828 srvnet ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0833 1828 srvnet ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0833 1828 stexstor ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0833 1828 stexstor ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0849 1828 swenum ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0849 1828 swenum ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0849 1828 Tcpip ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0849 1828 Tcpip ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0849 1828 TCPIP6 ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0849 1828 TCPIP6 ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0849 1828 tcpipreg ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0849 1828 tcpipreg ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0849 1828 TDPIPE ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0849 1828 TDPIPE ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0849 1828 TDTCP ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0849 1828 TDTCP ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0864 1828 tdx ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0864 1828 tdx ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0864 1828 TermDD ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0864 1828 TermDD ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0864 1828 tssecsrv ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0864 1828 tssecsrv ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0864 1828 TuneUpUtilitiesDrv ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0864 1828 TuneUpUtilitiesDrv ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0864 1828 tunnel ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0864 1828 tunnel ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0864 1828 uagp35 ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0864 1828 uagp35 ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0864 1828 udfs ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0880 1828 udfs ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0880 1828 uliagpkx ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0880 1828 uliagpkx ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0880 1828 umbus ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0880 1828 umbus ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0880 1828 UmPass ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0880 1828 UmPass ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0880 1828 upperdev ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0880 1828 upperdev ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0896 1828 USBAAPL64 ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0896 1828 USBAAPL64 ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0896 1828 usbaudio ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0896 1828 usbaudio ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0896 1828 usbccgp ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0896 1828 usbccgp ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0896 1828 usbcir ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0896 1828 usbcir ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0896 1828 usbehci ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0896 1828 usbehci ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0896 1828 usbhub ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0896 1828 usbhub ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0896 1828 usbohci ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0896 1828 usbohci ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0896 1828 usbprint ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0896 1828 usbprint ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0911 1828 usbscan ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0911 1828 usbscan ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0911 1828 usbser ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0911 1828 usbser ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0911 1828 USBSTOR ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0911 1828 USBSTOR ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0927 1828 usbuhci ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0927 1828 usbuhci ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0927 1828 usbvideo ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0927 1828 usbvideo ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0927 1828 vdrvroot ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0927 1828 vdrvroot ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0927 1828 vga ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0927 1828 vga ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0927 1828 VgaSave ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0927 1828 VgaSave ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0942 1828 vhdmp ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0942 1828 vhdmp ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0942 1828 viaide ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0942 1828 viaide ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0942 1828 volmgr ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0942 1828 volmgr ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0942 1828 volmgrx ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0942 1828 volmgrx ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0942 1828 volsnap ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0942 1828 volsnap ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0942 1828 vsmraid ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0942 1828 vsmraid ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0958 1828 vwifibus ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0958 1828 vwifibus ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0958 1828 vwififlt ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0958 1828 vwififlt ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0958 1828 WacomPen ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0958 1828 WacomPen ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0958 1828 WANARP ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0958 1828 WANARP ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0974 1828 Wanarpv6 ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0974 1828 Wanarpv6 ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0974 1828 Wd ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0974 1828 Wd ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0974 1828 Wdf01000 ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0974 1828 Wdf01000 ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0974 1828 WfpLwf ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0974 1828 WfpLwf ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0974 1828 WIMMount ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0974 1828 WIMMount ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0974 1828 WinUsb ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0974 1828 WinUsb ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0974 1828 WmiAcpi ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0974 1828 WmiAcpi ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0974 1828 ws2ifsl ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0974 1828 ws2ifsl ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0989 1828 WudfPf ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0989 1828 WudfPf ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:37.0989 1828 WUDFRd ( LockedFile.Multi.Generic ) - skipped by user
16:43:37.0989 1828 WUDFRd ( LockedFile.Multi.Generic ) - User select action: Skip
16:43:50.0438 1800 Deinitialize success

hazik · #7 Příspěvek od **hazik** » 29 črc 2012 16:40

ComboFix 12-07-29.02 - dung 29.07.2012 17:29:37.4.2 - x64 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.8191.7298 [GMT 2:00]
Spuštěný z: F:\ComboFix.exe
Použité ovládací přepínače :: c:\users\dung\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\dung\AppData\Local\Temp\mor.exe . . . . nemohl být smazán
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_EB75D1B145D6A7C9
-------\Service_eb75d1b145d6a7c9
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-28 do 2012-07-29 )))))))))))))))))))))))))))))))
.
.
2012-07-29 15:32 . 2012-07-29 15:32 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2012-07-29 15:32 . 2012-07-29 15:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-29 14:18 . 2012-07-29 14:18 512 ----a-w- C:\PhysicalMBR.bin
2012-07-29 12:29 . 2012-07-29 12:12 781383 ----a-w- C:\RSIT.exe
2012-07-29 12:21 . 2012-07-29 12:21 -------- d-----w- C:\rsit
2012-07-29 12:21 . 2012-07-29 12:21 -------- d-----w- c:\program files (x86)\trend micro
2012-07-29 11:14 . 2012-07-29 11:14 -------- d-----w- c:\users\dung\AppData\Roaming\Malwarebytes
2012-07-29 11:14 . 2012-07-29 11:14 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-29 11:14 . 2012-07-29 11:14 -------- d-----w- c:\programdata\Malwarebytes
2012-07-29 11:14 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-29 11:03 . 2012-07-29 10:11 1012656 ----a-w- C:\rkill.exe
2012-07-29 11:03 . 2012-07-29 10:10 10651816 ----a-w- C:\mbam-setup.exe
2012-07-29 08:39 . 2012-07-29 08:52 -------- d-----w- C:\dddd
2012-07-26 18:12 . 2012-07-29 08:33 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2012-07-26 18:12 . 2012-07-27 16:30 -------- d-----w- c:\programdata\Spyware Terminator
2012-07-26 18:12 . 2012-07-26 18:12 -------- d-----w- c:\users\dung\AppData\Roaming\Spyware Terminator
2012-07-26 18:11 . 2012-07-26 18:12 -------- d-----w- c:\program files (x86)\Spyware Terminator
2012-07-26 17:49 . 2012-07-26 18:09 -------- d-----w- c:\program files (x86)\GridinSoft Trojan Killer
2012-07-25 19:41 . 2012-07-25 19:41 44464 ----a-w- c:\windows\system32\drivers\eb75d1b145d6a7c9.sys
2012-07-25 05:11 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4171BC7D-7880-47E6-ACD0-C8F6E186C84E}\mpengine.dll
2012-07-12 20:32 . 2012-06-12 03:02 3147264 ----a-w- c:\windows\system32\win32k.sys
2012-07-12 16:15 . 2012-06-06 05:50 2003968 ----a-w- c:\windows\system32\msxml6.dll
2012-07-12 16:15 . 2012-06-06 05:50 1880064 ----a-w- c:\windows\system32\msxml3.dll
2012-07-12 16:15 . 2012-06-06 05:09 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-07-12 16:15 . 2012-06-06 05:09 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-27 19:00 . 2012-05-20 04:57 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-27 19:00 . 2011-06-08 06:58 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-22 11:50 . 2011-03-22 17:27 21840 ----atw- c:\windows\SysWow64\SIntfNT.dll
2012-07-22 11:50 . 2011-03-22 17:27 17212 ----atw- c:\windows\SysWow64\SIntf32.dll
2012-07-22 11:50 . 2011-03-22 17:27 12067 ----atw- c:\windows\SysWow64\SIntf16.dll
2012-06-02 22:19 . 2012-06-21 15:33 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 15:34 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 15:34 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 15:34 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 15:33 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 15:34 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 15:33 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-21 15:33 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-21 15:33 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 05:27 . 2012-07-12 16:14 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 04:48 . 2012-07-12 16:14 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-05-31 10:25 . 2010-08-10 12:16 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-05-04 10:52 . 2012-06-13 14:32 5505392 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:08 . 2012-06-13 14:32 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:08 . 2012-06-13 14:32 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-29_08.48.00 )))))))))))))))))))))))))))))))))))))))))
.
- 2012-07-29 08:47 . 2012-07-29 08:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-29 15:33 . 2012-07-29 15:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-29 15:33 . 2012-07-29 15:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-07-29 08:47 . 2012-07-29 08:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files (x86)\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll" [2011-01-21 213816]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\YTNavAssist.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{A31F34A1-EBD2-45A2-BF6D-231C1B987CC8}]
[HKEY_CLASSES_ROOT\YTNavAssist.YTNavAssistPlugin]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
2011-05-30 13:35 89008 ----a-w- c:\progra~2\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
2011-08-09 12:35 1235336 ----a-w- c:\progra~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2011-08-24 17:21 1299248 ----a-r- c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{28387537-e3f9-4ed7-860c-11e69af4a8a0}"= "c:\progra~2\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll" [2011-05-30 89008]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2011-08-24 1299248]
.
[HKEY_CLASSES_ROOT\clsid\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mor.exe"="c:\users\dung\AppData\Local\Temp\mor.exe" [2012-07-25 421888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\IMESHA~1\MediaBar\Datamngr\datamngr.dll c:\progra~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer6"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"HP Software Update"=c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
R2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys [2012-07-29 51496]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-05-27 6856192]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-05-27 264192]
R3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2010-11-15 121832]
R3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2010-11-15 364520]
R3 CamSuiteVAC;CamSuite Virtual Audio;c:\windows\system32\DRIVERS\CamSuiteVAC.sys [2008-09-18 56320]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [2010-04-05 301232]
R3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 ioatdma1;ioatdma1;c:\windows\System32\Drivers\qd162x64.sys [2009-11-16 40144]
R3 ioatdma2;ioatdma2;c:\windows\System32\Drivers\qd252x64.sys [2009-11-16 47824]
R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2009-06-11 60416]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2010-05-20 36720]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 NmPar;MosChip PCI Parallel Port;c:\windows\system32\DRIVERS\NmPar.sys [x]
R3 nmserial;MosChip PCI Serial Port;c:\windows\system32\DRIVERS\nmserial.sys [x]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [2008-05-02 23552]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-02-24 78336]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-07-08 694888]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-02-18 51712]
R3 X6va005;X6va005;c:\users\dung\AppData\Local\Temp\005A911.tmp [x]
R3 X6va007;X6va007;c:\users\dung\AppData\Local\Temp\00773F9.tmp [x]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
R3 X6va009;X6va009;c:\windows\SysWOW64\Drivers\X6va009 [x]
R4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-27 250056]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-27 203264]
R4 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R4 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-20 136176]
R4 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-20 136176]
R4 ICQ Service;ICQ Service;c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-06-21 246584]
R4 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-18 113120]
R4 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-05-30 3048136]
R4 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [2012-06-21 1148664]
R4 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
R4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2009-10-30 1353544]
R4 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-10 1255736]
S0 ioatdma;Intel(R) QuickData Technology device;c:\windows\System32\Drivers\ioatdma.sys [2009-11-16 46792]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-03-15 254528]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - EB75D1B145D6A7C9
*Deregistered* - eb75d1b145d6a7c9
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-20 19:00]
.
2012-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-20 13:21]
.
2012-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-20 13:21]
.
2012-07-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3180577601-574283010-483730119-1000Core.job
- c:\users\dung\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-13 12:31]
.
2012-07-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3180577601-574283010-483730119-1000UA.job
- c:\users\dung\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-13 12:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
2011-08-09 12:35 1792904 ----a-w- c:\progra~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF16060.3XE" [2009-07-14 344576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"combofix"="c:\combofix\CF16060.3XE" [2009-07-14 344576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll c:\progra~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://home.sweetim.com
mStart Page = hxxp://home.sweetim.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\dung\AppData\Roaming\Mozilla\Firefox\Profiles\39ni5r9e.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - SweetIM Search
FF - prefs.js: browser.startup.homepage - hxxp://search.imesh.com/
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109130
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 08138156000000000000000b6aee9de7
FF - user.js: extensions.BabylonToolbar_i.hardId - 08138156000000000000000b6aee9de7
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15374
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.178:37
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\dung\AppData\Local\Temp\005A911.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va007]
"ImagePath"="\??\c:\users\dung\AppData\Local\Temp\00773F9.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va009]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va009"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eb75d1b145d6a7c9]
"ImagePath"="\SystemRoot\System32\Drivers\eb75d1b145d6a7c9.sys"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3180577601-574283010-483730119-1000\Software\SecuROM\License information*]
"datasecu"=hex:fe,90,97,77,dd,d1,26,3c,56,71,36,f0,6e,b0,99,d7,87,f1,d3,5e,88,
da,77,74,61,ac,78,b4,fc,8a,28,06,15,a0,6c,74,7d,e4,32,b4,3a,10,a2,9d,bc,9c,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-07-29 17:37:39 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-29 15:37
ComboFix2.txt 2012-07-29 13:38
ComboFix3.txt 2012-07-29 09:08
ComboFix4.txt 2012-07-29 08:52
.
Před spuštěním: Volných bajtů: 1 187 706 503 168
Po spuštění: Volných bajtů: 1 187 468 832 768
.
- - End Of File - - 52E9642D24063278AB1D48DAA9FF03E0

hazik · #8 Příspěvek od **hazik** » 29 črc 2012 17:09

Jojo jen musím zajet koupit cd... Jinak běhám sem tam, takže trohou zmatek...

hazik · #9 Příspěvek od **hazik** » 29 črc 2012 23:58

Tak jsem tu. Omlouvám se za zdržení...

hazik · #10 Příspěvek od **hazik** » 30 črc 2012 10:20

Podařilo se mi nabootovat cd, otevřu z plochy ikonku OTLpe, vyběhne mi choose windows directory a když dám vybrat C tak napíše target is not windows 2000 or later. Co s tím děkuji

hazik · #11 Příspěvek od **hazik** » 30 črc 2012 10:57

Tak snad se podařilo...
OTL logfile created on: 7/30/2012 12:29:05 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium (Version = 6.1.7600) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files (x86)
Drive C: | 200.00 Mb Total Space | 171.86 Mb Free Space | 85.93% Space Free | Partition Type: NTFS
Drive D: | 1.92 Gb Total Space | 0.94 Gb Free Space | 48.70% Space Free | Partition Type: FAT
Drive E: | 1397.07 Gb Total Space | 1105.75 Gb Free Space | 79.15% Space Free | Partition Type: NTFS
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/27 11:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [Disabled] -- E:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 11:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Disabled] -- E:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/05/27 12:59:40 | 000,203,264 | ---- | M] (AMD) [Disabled] -- E:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/05/20 10:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Disabled] -- E:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2009/10/30 10:01:08 | 000,036,168 | ---- | M] (TuneUp Software) [Disabled] -- E:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- E:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/07/27 15:00:04 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [Disabled] -- E:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/03 07:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto] -- E:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/06/21 18:09:56 | 001,148,664 | ---- | M] (Crawler.com) [Disabled] -- E:\Program Files (x86)\Spyware Terminator\st_rsser64.exe -- (ST2012_Svc)
SRV - [2012/06/18 08:57:26 | 000,113,120 | ---- | M] (Mozilla Foundation) [Disabled] -- E:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/30 07:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Disabled] -- E:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2011/12/14 13:36:42 | 000,214,520 | ---- | M] () [Auto] -- E:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2011/12/10 11:45:23 | 000,075,064 | ---- | M] () [Auto] -- E:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/08/30 12:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Disabled] -- E:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011/02/28 13:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [Disabled] -- E:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 05:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Disabled] -- E:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/02/24 12:06:39 | 000,607,048 | ---- | M] (TuneUp Software) [Disabled] -- E:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag) @C:\Program Files (x86)
SRV - [2010/06/21 11:47:04 | 000,246,584 | ---- | M] () [Disabled] -- E:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009/10/30 10:08:24 | 001,353,544 | ---- | M] (TuneUp Software) [Disabled] -- E:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2009/10/30 10:01:00 | 000,030,024 | ---- | M] (TuneUp Software) [Disabled] -- E:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- E:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled] -- E:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/29 04:33:17 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto] -- E:\Windows\System32\drivers\stflt.sys -- (sp_rsdrv2)
DRV:64bit: - [2012/07/25 15:41:35 | 000,044,464 | ---- | M] () [Kernel | Boot] -- E:\Windows\System32\Drivers\eb75d1b145d6a7c9.sys -- (eb75d1b145d6a7c9)
DRV:64bit: - [2012/07/03 07:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand] -- E:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/04/14 03:27:23 | 000,033,344 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2011/08/17 03:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand] -- E:\Windows\System32\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2011/08/17 03:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand] -- E:\Windows\System32\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011/04/27 09:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/03/15 12:09:29 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System] -- E:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/02/18 11:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/11/15 07:05:02 | 000,364,520 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2010/11/15 07:05:00 | 000,121,832 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2010/07/08 09:18:38 | 000,694,888 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- E:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
DRV:64bit: - [2010/06/23 05:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand] -- E:\Windows\System32\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/05/27 13:39:12 | 006,856,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/05/27 12:25:36 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/05/20 10:26:28 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2010/04/26 21:30:52 | 000,184,968 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/04/05 18:37:42 | 000,301,232 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\e1k62x64.sys -- (e1kexpress) Intel(R)
DRV:64bit: - [2010/02/26 11:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/24 05:10:16 | 000,078,336 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009/11/16 02:27:48 | 000,047,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- E:\Windows\System32\Drivers\qd252x64.sys -- (ioatdma2)
DRV:64bit: - [2009/11/16 02:27:44 | 000,046,792 | ---- | M] (Intel Corporation) [Kernel | Boot] -- E:\Windows\System32\drivers\ioatdma.sys -- (ioatdma) Intel(R)
DRV:64bit: - [2009/11/16 01:45:22 | 000,040,144 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- E:\Windows\System32\Drivers\qd162x64.sys -- (ioatdma1)
DRV:64bit: - [2009/09/17 00:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009/07/13 20:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009/06/10 22:50:06 | 000,060,416 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\itecir.sys -- (itecir)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- E:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/05/13 21:26:24 | 000,015,416 | ---- | M] () [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009/04/28 05:07:52 | 000,532,480 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\PAC7302.SYS -- (PAC7302)
DRV:64bit: - [2008/09/18 15:54:48 | 000,056,320 | ---- | M] () [Kernel | On_Demand] -- E:\Windows\System32\drivers\CamSuiteVAC.sys -- (CamSuiteVAC)
DRV:64bit: - [2008/05/02 05:58:50 | 000,008,704 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- E:\Windows\System32\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2008/05/02 05:58:48 | 000,023,552 | ---- | M] (Nokia) [Kernel | On_Demand] -- E:\Windows\System32\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV - [2009/10/14 02:24:44 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand] -- E:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\dung_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKU\dung_ON_E\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\dung_ON_E\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - Reg Error: Key error. File not found
IE - HKU\dung_ON_E\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\dung_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\dung_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "SweetIM Search"
FF - prefs.js..browser.startup.homepage: "http://search.imesh.com/"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "http://search.imesh.com/"

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\System32\Macromed\Flash\NPSWF64_11_3_300_268.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: E:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: E:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: E:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: E:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: E:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: E:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: E:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: E:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: E:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: E:\Users\dung\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: E:\Users\dung\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: E:\Users\dung\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: E:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/02/28 13:26:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/02/28 13:26:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 08:57:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/19 02:47:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 08:57:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/19 02:47:24 | 000,000,000 | ---D | M]

[2011/12/12 12:47:54 | 000,000,000 | ---D | M] (No name found) -- E:\Users\dung\AppData\Roaming\Mozilla\Extensions
[2012/05/04 01:12:29 | 000,000,000 | ---D | M] (No name found) -- E:\Users\dung\AppData\Roaming\Mozilla\Firefox\Profiles\39ni5r9e.default\extensions
[2012/03/13 10:41:55 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- E:\Users\dung\AppData\Roaming\Mozilla\Firefox\Profiles\39ni5r9e.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2012/03/13 10:41:48 | 000,003,915 | ---- | M] () -- E:\Users\dung\AppData\Roaming\Mozilla\Firefox\Profiles\39ni5r9e.default\searchplugins\sweetim.xml
[2012/04/08 19:57:11 | 000,000,000 | ---D | M] (No name found) -- E:\Program Files (x86)\Mozilla Firefox\extensions
[2012/06/05 12:29:31 | 000,000,000 | ---D | M] (Skype Click to Call) -- E:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) --
[2012/06/18 08:57:26 | 000,085,472 | ---- | M] (Mozilla Foundation) -- E:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/02/04 03:37:24 | 000,002,310 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/04/21 14:44:25 | 000,002,208 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012/04/21 14:44:25 | 000,000,638 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012/04/21 14:44:25 | 000,001,367 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012/04/21 14:44:25 | 000,000,654 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012/04/21 14:44:25 | 000,001,179 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2012/07/29 11:33:41 | 000,000,027 | ---- | M]) - E:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - E:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\x64\IEBHO.dll (iMesh, Inc)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - E:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - E:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - E:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll ()
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - E:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - E:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - E:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - E:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - E:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - E:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - E:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - E:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - E:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - E:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - E:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - E:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - E:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - E:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - E:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - E:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\dung_ON_E\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKU\dung_ON_E\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - E:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\dung_ON_E\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - E:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\dung_ON_E\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - E:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKU\dung_ON_E..\Run: [mor.exe] E:\Users\dung\AppData\Local\Temp\mor.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\dung_ON_E\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\dung_ON_E\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\LocalService_ON_E\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\NetworkService_ON_E\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\systemprofile_ON_E\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - E:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - E:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - E:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - E:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15:64bit: - dung_ON_E\..Trusted Domains: allwinsecuritysys.com ([]* in Local intranet)
O15:64bit: - dung_ON_E\..Trusted Domains: ieframe.dll ([]* in Local intranet)
O15:64bit: - dung_ON_E\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll) - E:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\x64\datamngr.dll (iMesh, Inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll) - E:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\x64\IEBHO.dll (iMesh, Inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\datamngr.dll) - E:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\datamngr.dll (iMesh, Inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) - E:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - E:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - E:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - E:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: UxTuneUp - E:\Windows\System32\uxtuneup.dll (TuneUp Software)

Drivers32:64bit: aux - E:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: aux1 - E:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi - E:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi1 - E:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midimapper - E:\Windows\System32\midimap.dll (Microsoft Corporation)
Drivers32:64bit: mixer - E:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer1 - E:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer2 - E:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer3 - E:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer4 - E:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer5 - E:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer6 - E:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: msacm.imaadpcm - E:\Windows\System32\imaadp32.acm (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - E:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.msadpcm - E:\Windows\System32\msadp32.acm (Microsoft Corporation)
Drivers32:64bit: msacm.msg711 - E:\Windows\System32\msg711.acm (Microsoft Corporation)
Drivers32:64bit: msacm.msgsm610 - E:\Windows\System32\msgsm32.acm (Microsoft Corporation)
Drivers32:64bit: MSVideo8 - E:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.FPS1 - E:\Windows\System32\frapsv64.dll (Beepa P/L)
Drivers32:64bit: vidc.i420 - E:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.IYUV - E:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.mrle - E:\Windows\System32\msrle32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.msvc - E:\Windows\System32\msvidc32.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.UYVY - E:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.YUY2 - E:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.YVU9 - E:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.YVYU - E:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32:64bit: wave - E:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave1 - E:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave2 - E:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave3 - E:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave4 - E:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave5 - E:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave6 - E:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wavemapper - E:\Windows\System32\msacm32.drv (Microsoft Corporation)
Drivers32: msacm.l3acm - E:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - E:\Windows\SysWow64\vfwwdm32.dll (Microsoft Corporation)
Drivers32: VIDC.FPS1 - frapsv64.dll File not found

SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MsMpSvc - E:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - E:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
PhysicalDisk0 MBR saved to E:\Physical0MBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012/07/30 05:03:17 | 098,077,435 | ---- | C] (Igor Pavlov) -- E:\Users\dung\Desktop\OTLPEStd.exe
[2012/07/29 11:37:41 | 000,000,000 | ---D | C] -- E:\Windows\temp
[2012/07/29 11:37:41 | 000,000,000 | ---D | C] -- E:\Windows\system32\config\systemprofile\AppData\Local\temp
[2012/07/29 11:33:48 | 000,000,000 | -HSD | C] -- E:\$RECYCLE.BIN
[2012/07/29 10:41:58 | 002,136,664 | ---- | C] (Kaspersky Lab ZAO) -- E:\Users\dung\Desktop\tdsskiller.exe
[2012/07/29 10:15:42 | 000,597,504 | ---- | C] (OldTimer Tools) -- E:\Users\dung\Desktop\OTL.exe
[2012/07/29 10:15:03 | 000,000,000 | ---D | C] -- E:\Users\dung\Desktop\a
[2012/07/29 09:25:48 | 004,721,417 | R--- | C] (Swearware) -- E:\ComboFix.exe
[2012/07/29 08:21:23 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\trend micro
[2012/07/29 08:21:23 | 000,000,000 | ---D | C] -- E:\rsit
[2012/07/29 08:05:58 | 000,000,000 | ---D | C] -- E:\Users\dung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Security System
[2012/07/29 07:14:17 | 000,000,000 | ---D | C] -- E:\Users\dung\AppData\Roaming\Malwarebytes
[2012/07/29 07:14:12 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/29 07:14:11 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- E:\Windows\System32\drivers\mbam.sys
[2012/07/29 07:14:11 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/07/29 07:14:11 | 000,000,000 | ---D | C] -- E:\ProgramData\Malwarebytes
[2012/07/29 07:03:27 | 010,651,816 | ---- | C] (Malwarebytes Corporation ) -- E:\mbam-setup.exe
[2012/07/29 04:39:10 | 000,518,144 | ---- | C] (SteelWerX) -- E:\Windows\SWREG.exe
[2012/07/29 04:39:10 | 000,406,528 | ---- | C] (SteelWerX) -- E:\Windows\SWSC.exe
[2012/07/29 04:39:10 | 000,060,416 | ---- | C] (NirSoft) -- E:\Windows\NIRCMD.exe
[2012/07/29 04:39:07 | 000,000,000 | ---D | C] -- E:\dddd
[2012/07/29 04:38:31 | 000,000,000 | ---D | C] -- E:\Windows\ERDNT
[2012/07/29 04:38:28 | 000,000,000 | ---D | C] -- E:\Qoobox
[2012/07/26 14:12:22 | 000,051,496 | ---- | C] (Windows (R) Win 7 DDK provider) -- E:\Windows\System32\drivers\stflt.sys
[2012/07/26 14:12:21 | 000,000,000 | ---D | C] -- E:\Users\dung\AppData\Roaming\Spyware Terminator
[2012/07/26 14:12:21 | 000,000,000 | ---D | C] -- E:\ProgramData\Spyware Terminator
[2012/07/26 14:12:20 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
[2012/07/26 14:11:56 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Spyware Terminator
[2012/07/26 14:11:48 | 000,937,224 | ---- | C] (Crawler.com ) -- E:\Users\dung\Desktop\SpywareTerminatorSetup.exe
[2012/07/26 13:49:17 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Trojan Killer
[2012/07/26 13:49:13 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\GridinSoft Trojan Killer
[2012/07/26 13:34:17 | 000,000,000 | ---D | C] -- E:\Windows\pss
[2012/07/12 16:30:38 | 000,237,056 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\url.dll
[2012/07/12 16:30:38 | 000,231,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\url.dll
[2012/07/12 16:30:38 | 000,096,768 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\mshtmled.dll
[2012/07/12 16:30:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\mshtmled.dll
[2012/07/12 16:30:37 | 000,248,320 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\ieui.dll
[2012/07/12 16:30:37 | 000,176,640 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ieui.dll
[2012/07/12 16:30:36 | 000,173,056 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\ieUnatt.exe
[2012/07/12 16:30:36 | 000,142,848 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ieUnatt.exe
[2012/07/12 16:30:35 | 002,311,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\jscript9.dll
[2012/07/12 16:30:35 | 001,800,192 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\jscript9.dll
[2012/07/12 16:30:35 | 001,494,528 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\inetcpl.cpl
[2012/07/12 16:30:35 | 001,427,968 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\inetcpl.cpl
[2012/07/12 16:30:35 | 000,818,688 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\jscript.dll
[2012/07/12 16:30:35 | 000,716,800 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\jscript.dll
[2012/07/12 12:14:51 | 000,307,200 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\ncrypt.dll
[2012/07/12 12:14:50 | 000,219,136 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ncrypt.dll
[2012/07/12 12:14:36 | 001,460,224 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\crypt32.dll
[2012/07/12 12:14:36 | 000,140,288 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\cryptnet.dll

========== Files - Modified Within 30 Days ==========

[2012/07/30 12:30:24 | 000,000,512 | ---- | M] () -- E:\Physical0MBR.bin
[2012/07/30 05:08:34 | 000,067,584 | --S- | M] () -- E:\Windows\bootstat.dat
[2012/07/30 05:01:14 | 2146,738,175 | -HS- | M] () -- E:\hiberfil.sys
[2012/07/30 04:55:50 | 098,077,435 | ---- | M] (Igor Pavlov) -- E:\Users\dung\Desktop\OTLPEStd.exe
[2012/07/29 11:33:41 | 000,000,027 | ---- | M] () -- E:\Windows\System32\drivers\etc\hosts
[2012/07/29 11:28:13 | 000,000,612 | ---- | M] () -- E:\Users\dung\Desktop\ComboFix – zástupce.lnk
[2012/07/29 10:41:22 | 000,131,712 | ---- | M] () -- E:\Users\dung\Desktop\log.zip
[2012/07/29 10:18:47 | 000,000,512 | ---- | M] () -- E:\PhysicalMBR.bin
[2012/07/29 10:13:50 | 002,136,664 | ---- | M] (Kaspersky Lab ZAO) -- E:\Users\dung\Desktop\tdsskiller.exe
[2012/07/29 10:12:38 | 000,597,504 | ---- | M] (OldTimer Tools) -- E:\Users\dung\Desktop\OTL.exe
[2012/07/29 09:23:50 | 004,721,417 | R--- | M] (Swearware) -- E:\ComboFix.exe
[2012/07/29 08:12:48 | 000,020,128 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/29 08:12:48 | 000,020,128 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/29 08:12:14 | 000,781,383 | ---- | M] () -- E:\Users\dung\Desktop\RSIT.exe
[2012/07/29 08:12:14 | 000,781,383 | ---- | M] () -- E:\RSIT.exe
[2012/07/29 08:07:15 | 000,000,948 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/29 08:06:09 | 000,000,944 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/29 07:14:12 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/29 06:11:16 | 001,012,656 | ---- | M] () -- E:\rkill.exe
[2012/07/29 06:10:38 | 010,651,816 | ---- | M] (Malwarebytes Corporation ) -- E:\mbam-setup.exe
[2012/07/29 04:51:26 | 000,000,958 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3180577601-574283010-483730119-1000UA.job
[2012/07/29 04:33:17 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) -- E:\Windows\System32\drivers\stflt.sys
[2012/07/28 17:00:00 | 000,000,914 | ---- | M] () -- E:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/27 15:00:04 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\SysWow64\FlashPlayerApp.exe
[2012/07/27 15:00:04 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/07/26 14:12:21 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
[2012/07/26 14:10:30 | 000,937,224 | ---- | M] (Crawler.com ) -- E:\Users\dung\Desktop\SpywareTerminatorSetup.exe
[2012/07/26 13:51:39 | 000,627,776 | ---- | M] () -- E:\Windows\System32\perfh005.dat
[2012/07/26 13:51:39 | 000,611,996 | ---- | M] () -- E:\Windows\System32\perfh009.dat
[2012/07/26 13:51:39 | 000,120,794 | ---- | M] () -- E:\Windows\System32\perfc005.dat
[2012/07/26 13:51:39 | 000,105,214 | ---- | M] () -- E:\Windows\System32\perfc009.dat
[2012/07/26 13:49:17 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Trojan Killer
[2012/07/26 13:34:17 | 000,000,000 | R--D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2012/07/26 01:51:00 | 000,000,906 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3180577601-574283010-483730119-1000Core.job
[2012/07/25 15:41:35 | 000,044,464 | ---- | M] () -- E:\Windows\System32\drivers\eb75d1b145d6a7c9.sys
[2012/07/22 07:50:17 | 000,021,840 | ---- | M] () -- E:\Windows\SysWow64\SIntfNT.dll
[2012/07/22 07:50:17 | 000,017,212 | ---- | M] () -- E:\Windows\SysWow64\SIntf32.dll
[2012/07/22 07:50:17 | 000,012,067 | ---- | M] () -- E:\Windows\SysWow64\SIntf16.dll
[2012/07/22 03:50:44 | 000,000,000 | -H-- | M] () -- E:\Windows\System32\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2012/07/12 16:36:31 | 000,414,200 | ---- | M] () -- E:\Windows\System32\FNTCACHE.DAT
[2012/07/03 07:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- E:\Windows\System32\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2012/07/30 12:30:24 | 000,000,512 | ---- | C] () -- E:\Physical0MBR.bin
[2012/07/29 11:28:13 | 000,000,612 | ---- | C] () -- E:\Users\dung\Desktop\ComboFix – zástupce.lnk
[2012/07/29 10:40:20 | 000,131,712 | ---- | C] () -- E:\Users\dung\Desktop\log.zip
[2012/07/29 10:18:47 | 000,000,512 | ---- | C] () -- E:\PhysicalMBR.bin
[2012/07/29 08:29:38 | 000,781,383 | ---- | C] () -- E:\RSIT.exe
[2012/07/29 08:21:20 | 000,781,383 | ---- | C] () -- E:\Users\dung\Desktop\RSIT.exe
[2012/07/29 07:03:28 | 001,012,656 | ---- | C] () -- E:\rkill.exe
[2012/07/29 04:39:10 | 000,256,000 | ---- | C] () -- E:\Windows\PEV.exe
[2012/07/29 04:39:10 | 000,208,896 | ---- | C] () -- E:\Windows\MBR.exe
[2012/07/29 04:39:10 | 000,098,816 | ---- | C] () -- E:\Windows\sed.exe
[2012/07/29 04:39:10 | 000,080,412 | ---- | C] () -- E:\Windows\grep.exe
[2012/07/29 04:39:10 | 000,068,096 | ---- | C] () -- E:\Windows\zip.exe
[2012/07/25 15:41:35 | 000,044,464 | ---- | C] () -- E:\Windows\System32\drivers\eb75d1b145d6a7c9.sys
[2012/07/22 03:50:44 | 000,000,000 | -H-- | C] () -- E:\Windows\System32\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2011/12/10 11:45:17 | 000,214,520 | ---- | C] () -- E:\Windows\SysWow64\PnkBstrB.exe
[2011/12/06 12:35:12 | 000,000,293 | ---- | C] () -- E:\Windows\game.ini
[2011/08/29 15:27:32 | 000,000,056 | ---- | C] () -- E:\Windows\SpeedGear.INI
[2011/08/26 17:09:07 | 000,000,000 | ---- | C] () -- E:\Users\dung\AppData\Local\{4CDC81EC-1D7A-4A14-ACD4-2B08C8C08A5A}
[2011/03/22 16:36:56 | 000,038,134 | ---- | C] () -- E:\Windows\DIIUnin.dat
[2011/03/22 13:27:05 | 000,021,840 | ---- | C] () -- E:\Windows\SysWow64\SIntfNT.dll
[2011/03/22 13:27:05 | 000,017,212 | ---- | C] () -- E:\Windows\SysWow64\SIntf32.dll
[2011/03/22 13:27:05 | 000,012,067 | ---- | C] () -- E:\Windows\SysWow64\SIntf16.dll
[2011/03/15 12:24:09 | 000,075,064 | ---- | C] () -- E:\Windows\SysWow64\PnkBstrA.exe
[2011/03/05 08:40:29 | 000,000,048 | -H-- | C] () -- E:\Windows\SysWow64\ezsidmv.dat
[2011/03/01 15:18:56 | 000,003,584 | ---- | C] () -- E:\Users\dung\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/24 12:16:46 | 001,479,290 | ---- | C] () -- E:\Windows\SysWow64\PerfStringBackup.INI
[2011/02/20 09:47:11 | 000,000,885 | ---- | C] () -- E:\Windows\SysWow64\SP7302.ini
[2011/02/02 11:04:13 | 000,000,000 | ---- | C] () -- E:\Windows\ativpsrm.bin
[2010/08/10 08:02:19 | 000,165,376 | ---- | C] () -- E:\Windows\SysWow64\unrar.dll
[2010/08/10 08:02:19 | 000,000,038 | ---- | C] () -- E:\Windows\avisplitter.ini
[2010/08/10 08:02:18 | 000,790,528 | ---- | C] () -- E:\Windows\SysWow64\xvidcore.dll
[2010/08/10 08:02:18 | 000,134,144 | ---- | C] () -- E:\Windows\SysWow64\xvidvfw.dll
[2010/08/10 08:02:18 | 000,108,032 | ---- | C] () -- E:\Windows\SysWow64\ff_vfw.dll
[2010/04/29 11:37:26 | 000,002,137 | ---- | C] () -- E:\Windows\SysWow64\atipblag.dat
[2010/04/21 12:14:56 | 000,127,868 | ---- | C] () -- E:\Windows\SysWow64\igcompkrng575.bin
[2010/04/21 12:14:54 | 000,870,560 | ---- | C] () -- E:\Windows\SysWow64\igkrng575.bin
[2010/04/21 12:14:54 | 000,104,636 | ---- | C] () -- E:\Windows\SysWow64\igfcg575m.bin
[2010/04/21 11:22:50 | 000,208,896 | ---- | C] () -- E:\Windows\SysWow64\iglhsip32.dll
[2010/04/21 11:22:50 | 000,143,360 | ---- | C] () -- E:\Windows\SysWow64\iglhcp32.dll
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- E:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- E:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- E:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- E:\Windows\mib.bin
[2009/07/13 20:02:54 | 000,245,248 | ---- | C] () -- E:\Windows\SysWow64\DShowRdpFilter.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- E:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- E:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- E:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- E:\Windows\SysWow64\mlang.dat
[2008/10/28 12:40:48 | 000,173,552 | ---- | C] () -- E:\Windows\SysWow64\xlive.dll.cat

========== LOP Check ==========

[2011/08/29 15:27:16 | 000,000,000 | ---D | M] -- E:\ProgramData\Babylon
[2011/08/29 15:31:38 | 000,000,000 | ---D | M] -- E:\ProgramData\BabylonUpdater
[2011/08/29 15:31:14 | 000,000,000 | ---D | M] -- E:\ProgramData\boost_interprocess
[2011/12/07 09:13:42 | 000,000,000 | ---D | M] -- E:\ProgramData\DAEMON Tools Lite
[2011/02/12 16:37:05 | 000,000,000 | -HSD | M] -- E:\ProgramData\Data aplikací
[2011/02/12 16:37:05 | 000,000,000 | -HSD | M] -- E:\ProgramData\Dokumenty
[2011/04/13 11:38:14 | 000,000,000 | ---D | M] -- E:\ProgramData\ICQ
[2011/02/12 16:37:05 | 000,000,000 | -HSD | M] -- E:\ProgramData\Nabídka Start
[2011/02/12 16:37:05 | 000,000,000 | -HSD | M] -- E:\ProgramData\Oblíbené položky
[2011/02/12 16:37:05 | 000,000,000 | -HSD | M] -- E:\ProgramData\Plocha
[2012/06/16 08:20:28 | 000,000,000 | ---D | M] -- E:\ProgramData\PMB Files
[2012/07/27 12:30:10 | 000,000,000 | ---D | M] -- E:\ProgramData\Spyware Terminator
[2012/03/13 10:41:41 | 000,000,000 | ---D | M] -- E:\ProgramData\SweetIM
[2012/05/03 13:38:32 | 000,000,000 | ---D | M] -- E:\ProgramData\TEMP
[2011/02/24 12:06:15 | 000,000,000 | ---D | M] -- E:\ProgramData\TuneUp Software
[2011/03/08 17:16:25 | 000,000,000 | ---D | M] -- E:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011/02/24 12:05:52 | 000,000,000 | -HSD | M] -- E:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2011/02/12 16:37:05 | 000,000,000 | -HSD | M] -- E:\ProgramData\Šablony
[2012/07/26 02:06:08 | 000,032,578 | ---- | M] () -- E:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< DRIVES >

< MD5 for: ACPI.SYS >
[2009/07/13 21:52:21 | 000,334,416 | ---- | M] (Microsoft Corporation) MD5=6F11E88748CDEFD2F76AA215F97DDFE5 -- E:\Windows\System32\drivers\acpi.sys
[2009/07/13 21:52:21 | 000,334,416 | ---- | M] (Microsoft Corporation) MD5=6F11E88748CDEFD2F76AA215F97DDFE5 -- E:\Windows\System32\DriverStore\FileRepository\acpi.inf_amd64_neutral_2a841284c9de8962\acpi.sys
[2009/07/13 21:52:21 | 000,334,416 | ---- | M] (Microsoft Corporation) MD5=6F11E88748CDEFD2F76AA215F97DDFE5 -- E:\Windows\winsxs\amd64_acpi.inf_31bf3856ad364e35_6.1.7600.16385_none_7e7db5aae7b8d5ef\acpi.sys
[2010/11/20 09:32:46 | 000,334,208 | ---- | M] (Microsoft Corporation) MD5=D81D9E70B8A6DD14D42D7B4EFA65D5F2 -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_acpi.inf_31bf3856ad364e35_6.1.7601.17514_none_80aec972e4a75989\acpi.sys

< MD5 for: AFD.SYS >
[2011/12/27 23:59:24 | 000,498,688 | ---- | M] (Microsoft Corporation) MD5=1C7857B62DE5994A75B054A9FD4C3825 -- E:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17752_none_35e10b89752ee0f5\afd.sys
[2011/12/28 00:01:36 | 000,498,176 | ---- | M] (Microsoft Corporation) MD5=36A14FD1A23F57046361733B792CA8DB -- E:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21887_none_364f3a028e605345\afd.sys
[2011/04/24 22:44:02 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=6EF20DDF3172E97D69F596FB90602F29 -- E:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16802_none_3430bc3977dfec2d\afd.sys
[2009/07/13 19:21:42 | 000,500,224 | ---- | M] (Microsoft Corporation) MD5=B9384E03479D2506BC924C16A3DB87BC -- E:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16385_none_33dd3439781e25f7\afd.sys
[2011/12/28 00:01:12 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=CCA39961E76B491DDF44B1E90FC8971D -- E:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.21115_none_34b263fe91032456\afd.sys
[2010/11/20 05:23:34 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=D31DC7A16DEA4A9BAF179F3D6FBDB38C -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_360e4801750ca991\afd.sys
[2011/04/24 22:34:03 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=D5B031C308A409A0A576BFF4CF083D30 -- E:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_3618198975057170\afd.sys
[2011/12/27 23:59:11 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=DB9D6C6B2CD95A9CA414D045B627422E -- E:\Windows\System32\drivers\afd.sys
[2011/12/27 23:59:11 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=DB9D6C6B2CD95A9CA414D045B627422E -- E:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16937_none_34154fcd77f3bbda\afd.sys
[2011/04/24 23:09:35 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=F4AD06143EAC303F55D0E86C40802976 -- E:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_3695e61e8e2c13d4\afd.sys
[2011/04/24 22:44:27 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=FBFF8B7C9D116229E9208A0D1CAEB49B -- E:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.20951_none_3483491e9126fe55\afd.sys

< MD5 for: AGP440.SYS >
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- E:\Windows\System32\drivers\AGP440.sys
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- E:\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- E:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- E:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- E:\Windows\ERDNT\cache64\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- E:\Windows\System32\drivers\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- E:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- E:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- E:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/20 09:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009/07/13 21:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- E:\Windows\SysWOW64\autochk.exe
[2009/07/13 21:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- E:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/13 21:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- E:\Windows\System32\autochk.exe
[2009/07/13 21:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- E:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010/11/20 08:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/13 19:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- E:\Windows\System32\drivers\cdrom.sys
[2009/07/13 19:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- E:\Windows\System32\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009/07/13 19:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- E:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010/11/20 05:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CMD.EXE >
[2010/11/20 09:24:33 | 000,345,088 | ---- | M] (Microsoft Corporation) MD5=5746BD7E255DD6A8AFA06F7C42C1BA41 -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-commandprompt_31bf3856ad364e35_6.1.7601.17514_none_e932cc2c30fc13b0\cmd.exe
[2009/07/13 21:39:01 | 000,344,576 | ---- | M] (Microsoft Corporation) MD5=6960D29ABE74341FAB8300DB3E6F883D -- E:\Windows\System32\cmd.exe
[2009/07/13 21:39:01 | 000,344,576 | ---- | M] (Microsoft Corporation) MD5=6960D29ABE74341FAB8300DB3E6F883D -- E:\Windows\winsxs\amd64_microsoft-windows-commandprompt_31bf3856ad364e35_6.1.7600.16385_none_e701b864340d9016\cmd.exe
[2009/07/13 21:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) MD5=8AE6DD9A6D246004DA047F704F0CC487 -- E:\Windows\SysWOW64\cmd.exe
[2009/07/13 21:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) MD5=8AE6DD9A6D246004DA047F704F0CC487 -- E:\Windows\winsxs\wow64_microsoft-windows-commandprompt_31bf3856ad364e35_6.1.7600.16385_none_f15662b6686e5211\cmd.exe
[2010/11/20 08:17:00 | 000,302,592 | ---- | M] (Microsoft Corporation) MD5=AD7B9C14083B52BC532FBA5948342B98 -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-commandprompt_31bf3856ad364e35_6.1.7601.17514_none_f387767e655cd5ab\cmd.exe

< MD5 for: CNGAUDIT.DLL >
[2009/07/13 21:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- E:\Windows\ERDNT\cache86\cngaudit.dll
[2009/07/13 21:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- E:\Windows\SysWOW64\cngaudit.dll
[2009/07/13 21:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- E:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/13 21:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- E:\Windows\ERDNT\cache64\cngaudit.dll
[2009/07/13 21:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- E:\Windows\System32\cngaudit.dll
[2009/07/13 21:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- E:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012/04/24 00:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- E:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010/11/20 09:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012/04/24 00:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- E:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012/04/24 01:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- E:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2012/04/24 00:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- E:\Windows\ERDNT\cache86\cryptsvc.dll
[2012/04/24 00:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- E:\Windows\SysWOW64\cryptsvc.dll
[2012/04/24 00:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- E:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2009/07/13 21:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- E:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009/07/13 21:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- E:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010/11/20 08:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012/04/24 01:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- E:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2012/04/24 01:36:46 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=CE8BF1423AEE47DA5275FBC8AD3BD642 -- E:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_d2773c98cda297d3\cryptsvc.dll
[2012/04/24 01:59:45 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=F02786B66375292E58C8777082D4396D -- E:\Windows\ERDNT\cache64\cryptsvc.dll
[2012/04/24 01:59:45 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=F02786B66375292E58C8777082D4396D -- E:\Windows\System32\cryptsvc.dll
[2012/04/24 01:59:45 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=F02786B66375292E58C8777082D4396D -- E:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_d24deecfb43ce339\cryptsvc.dll
[2012/04/24 00:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- E:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll

hazik · #12 Příspěvek od **hazik** » 30 črc 2012 10:59

< MD5 for: CSRSS.EXE >
[2009/07/13 21:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- E:\Windows\System32\csrss.exe
[2009/07/13 21:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- E:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe

< MD5 for: EXPLORER.EXE >
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- E:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- E:\Windows\SysWOW64\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- E:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 02:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- E:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009/10/31 02:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- E:\Windows\ERDNT\cache86\explorer.exe
[2009/10/31 02:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- E:\Windows\explorer.exe
[2009/10/31 02:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- E:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 01:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- E:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 02:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- E:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 01:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- E:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- E:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- E:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009/08/03 02:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- E:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: FASTFAT.SYS >
[2009/07/13 19:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- E:\Windows\System32\drivers\fastfat.sys
[2009/07/13 19:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- E:\Windows\winsxs\amd64_microsoft-windows-fat_31bf3856ad364e35_6.1.7600.16385_none_0aa81d2771152f86\fastfat.sys

< MD5 for: HAL.DLL >
[2009/07/13 21:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- E:\Windows\System32\hal.dll
[2009/07/13 21:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- E:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010/11/20 09:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: I8042PRT.SYS >
[2009/07/13 19:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- E:\Windows\System32\drivers\i8042prt.sys
[2009/07/13 19:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- E:\Windows\System32\DriverStore\FileRepository\keyboard.inf_amd64_neutral_423c286802951189\i8042prt.sys
[2009/07/13 19:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- E:\Windows\System32\DriverStore\FileRepository\msmouse.inf_amd64_neutral_7a5f47d3150cc0eb\i8042prt.sys
[2009/07/13 19:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- E:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7600.16385_none_f3435f7ff2a9f325\i8042prt.sys
[2009/07/13 19:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- E:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bf\i8042prt.sys
[2009/07/13 19:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- E:\Windows\winsxs\amd64_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_aa28fd23ec0c39f9\i8042prt.sys

< MD5 for: IASTORV.SYS >
[2010/11/20 09:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2009/07/13 21:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- E:\Windows\System32\drivers\iaStorV.sys
[2009/07/13 21:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- E:\Windows\System32\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/13 21:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- E:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009/07/13 21:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- E:\Windows\System32\drivers\isapnp.sys
[2009/07/13 21:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- E:\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009/07/13 21:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- E:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009/07/13 21:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- E:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: KBDCLASS.SYS >
[2009/07/13 21:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- E:\Windows\ERDNT\cache64\kbdclass.sys
[2009/07/13 21:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- E:\Windows\System32\drivers\kbdclass.sys
[2009/07/13 21:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- E:\Windows\System32\DriverStore\FileRepository\keyboard.inf_amd64_neutral_423c286802951189\kbdclass.sys
[2009/07/13 21:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- E:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7600.16385_none_f3435f7ff2a9f325\kbdclass.sys
[2009/07/13 21:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- E:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bf\kbdclass.sys

< MD5 for: LSASS.EXE >
[2009/07/13 21:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- E:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009/07/13 21:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- E:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009/07/13 21:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- E:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009/07/13 21:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- E:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011/11/17 02:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- E:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2011/11/17 03:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- E:\Windows\ERDNT\cache64\lsass.exe
[2011/11/17 03:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- E:\Windows\System32\lsass.exe
[2011/11/17 03:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- E:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe
[2011/11/17 03:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- E:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_02756f8b7653d554\lsass.exe
[2012/06/04 03:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- E:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2012/06/02 01:30:31 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=BF63CE11A25F3509129888710D5111FC -- E:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_0309de288f695654\lsass.exe
[2011/11/17 02:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- E:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011/11/17 02:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- E:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011/11/17 02:42:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D21BD47E528CD62E79311FB5DF0150E6 -- E:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe

< MD5 for: NDIS.SYS >
[2010/11/20 09:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009/07/13 21:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- E:\Windows\ERDNT\cache64\ndis.sys
[2009/07/13 21:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- E:\Windows\System32\drivers\ndis.sys
[2009/07/13 21:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- E:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009/07/13 21:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- E:\Windows\ERDNT\cache64\netlogon.dll
[2009/07/13 21:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- E:\Windows\System32\netlogon.dll
[2009/07/13 21:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- E:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 09:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 08:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/13 21:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- E:\Windows\ERDNT\cache86\netlogon.dll
[2009/07/13 21:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- E:\Windows\SysWOW64\netlogon.dll
[2009/07/13 21:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- E:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NTFS.SYS >
[2010/11/20 09:33:46 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=05D78AA5CB5F3F5C31160BDB955D0B7C -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_04972f2c338b23d4\ntfs.sys
[2009/07/13 21:48:27 | 001,659,984 | ---- | M] (Microsoft Corporation) MD5=356698A13C4630D5B31C37378D469196 -- E:\Windows\ERDNT\cache64\ntfs.sys
[2009/07/13 21:48:27 | 001,659,984 | ---- | M] (Microsoft Corporation) MD5=356698A13C4630D5B31C37378D469196 -- E:\Windows\System32\drivers\ntfs.sys
[2009/07/13 21:48:27 | 001,659,984 | ---- | M] (Microsoft Corporation) MD5=356698A13C4630D5B31C37378D469196 -- E:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16385_none_02661b64369ca03a\ntfs.sys

< MD5 for: NTKRNLPA.EXE >
[2011/04/09 02:02:25 | 003,967,872 | ---- | M] (Microsoft Corporation) MD5=102A6182087B18C795664BCD22EB52E9 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17592_none_6ddf4b9812a7d84d\ntkrnlpa.exe
[2011/06/23 00:32:02 | 003,967,872 | ---- | M] (Microsoft Corporation) MD5=11486D4317D57C6F5E4DC902EF75D811 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20994_none_6c848dd72e9d3c00\ntkrnlpa.exe
[2010/11/20 08:30:06 | 003,966,848 | ---- | M] (Microsoft Corporation) MD5=144BD78C6103C8616DE047B3532142DB -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17514_none_6e37cb8c12652b73\ntkrnlpa.exe
[2011/06/23 00:38:05 | 003,957,120 | ---- | M] (Microsoft Corporation) MD5=1F969255E068D451BAC2D4FB0BD8C9C3 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16841_none_6c2dffca1559c47c\ntkrnlpa.exe
[2010/02/27 08:07:48 | 003,954,568 | ---- | M] (Microsoft Corporation) MD5=20926A3F64BFFCD92BAA5ECE9D65CC4A -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16539_none_6c40cc54154a7bce\ntkrnlpa.exe
[2011/06/23 01:55:25 | 003,967,872 | ---- | M] (Microsoft Corporation) MD5=3624D782F8B061B6FBA3A35E2FE53CFD -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21755_none_6e972ad72ba2517f\ntkrnlpa.exe
[2012/05/04 06:08:16 | 003,958,128 | ---- | M] (Microsoft Corporation) MD5=406FC11EC77CD41740E6C4A7DE2BE627 -- E:\Windows\ERDNT\cache86\ntkrnlpa.exe
[2012/05/04 06:08:16 | 003,958,128 | ---- | M] (Microsoft Corporation) MD5=406FC11EC77CD41740E6C4A7DE2BE627 -- E:\Windows\SysWOW64\ntkrnlpa.exe
[2012/05/04 06:08:16 | 003,958,128 | ---- | M] (Microsoft Corporation) MD5=406FC11EC77CD41740E6C4A7DE2BE627 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.17017_none_6c544b52153c391c\ntkrnlpa.exe
[2012/05/04 06:03:53 | 003,968,368 | ---- | M] (Microsoft Corporation) MD5=4A56DB06360F59130CAED69FA7526F0A -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17835_none_6e2331b012747421\ntkrnlpa.exe
[2011/04/09 02:21:36 | 003,967,360 | ---- | M] (Microsoft Corporation) MD5=83515CDDB47B08F65F1EC7451778C3CD -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20941_none_6cb79c952e776446\ntkrnlpa.exe
[2010/10/27 00:33:37 | 003,966,848 | ---- | M] (Microsoft Corporation) MD5=8E641A407A795DFB7B3A34053EF8DB39 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20826_none_6cd23bf92e62adf0\ntkrnlpa.exe
[2012/03/31 00:39:37 | 003,968,368 | ---- | M] (Microsoft Corporation) MD5=8F6D5704D7522AAB8B4B82C0D35D9184 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17803_none_6e41a0e0125deda0\ntkrnlpa.exe
[2012/03/31 00:37:34 | 003,971,952 | ---- | M] (Microsoft Corporation) MD5=93358348D0B79812CAAA83A1377E4449 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21955_none_6e972ea32ba24bcd\ntkrnlpa.exe
[2011/04/09 02:01:20 | 003,967,872 | ---- | M] (Microsoft Corporation) MD5=9CF7F5D025183FA10E130445BC071B70 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21701_none_6ec9394b2b7d606e\ntkrnlpa.exe
[2012/04/02 00:46:44 | 003,958,128 | ---- | M] (Microsoft Corporation) MD5=9D19079820928D72A5708A668B5B62AE -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16988_none_6c09c4061573e2c8\ntkrnlpa.exe
[2011/06/23 00:33:57 | 003,967,872 | ---- | M] (Microsoft Corporation) MD5=A4A8EF2ACE5FA5863AA0B04C9BBFECA7 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17640_none_6e135c8612811711\ntkrnlpa.exe
[2010/10/27 00:43:37 | 003,957,120 | ---- | M] (Microsoft Corporation) MD5=A6DCF9F73F2FCA7A96D9585817A08B43 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16695_none_6bfbed8a157ebb3f\ntkrnlpa.exe
[2012/05/04 06:03:53 | 003,971,952 | ---- | M] (Microsoft Corporation) MD5=AFF886D9D718D3747E5031816C0DA7D2 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21987_none_6e78bf732bb8d24e\ntkrnlpa.exe
[2012/05/04 06:03:46 | 003,970,928 | ---- | M] (Microsoft Corporation) MD5=B8B8ED76D2C7F85F343A284E1DD19B9A -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21207_none_6ce8b9ef2e51ba1c\ntkrnlpa.exe
[2012/03/31 00:43:25 | 003,970,928 | ---- | M] (Microsoft Corporation) MD5=C6D1D128DE4148E35B6C04B6892EB71A -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21179_none_6c9f09292e88b33a\ntkrnlpa.exe
[2009/07/13 21:20:44 | 003,954,768 | ---- | M] (Microsoft Corporation) MD5=E2A8596576873BC5D509031DECD8C95D -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16385_none_6c06b7c41576a7d9\ntkrnlpa.exe
[2011/04/09 02:13:06 | 003,957,632 | ---- | M] (Microsoft Corporation) MD5=EEDB427EAC109E0711642B65C229BC59 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16792_none_6bf8ee9215816c61\ntkrnlpa.exe
[2010/02/27 07:46:27 | 003,954,568 | ---- | M] (Microsoft Corporation) MD5=FC781D4359B553D62CBAD9F658E68784 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20655_none_6cb0c81f2e7bee1e\ntkrnlpa.exe

< MD5 for: NTOSKRNL.EXE >
[2012/03/31 02:05:57 | 005,559,664 | ---- | M] (Microsoft Corporation) MD5=03B5C6DBA5A770CEEFD1615E380C6BC3 -- E:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17803_none_ca603c63cabb5ed6\ntoskrnl.exe
[2011/04/09 02:21:32 | 003,911,552 | ---- | M] (Microsoft Corporation) MD5=0F4A148499CC6FA5D84A0F1587869051 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20941_none_6cb79c952e776446\ntoskrnl.exe
[2011/06/23 01:31:31 | 005,474,688 | ---- | M] (Microsoft Corporation) MD5=12EC6D619756240886680523392EEF9C -- E:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20994_none_c8a3295ae6faad36\ntoskrnl.exe
[2010/11/20 08:30:06 | 003,911,040 | ---- | M] (Microsoft Corporation) MD5=2088D9994332583EDB3C561DE31EA5AD -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17514_none_6e37cb8c12652b73\ntoskrnl.exe
[2011/04/09 02:54:07 | 005,475,712 | ---- | M] (Microsoft Corporation) MD5=240D89BBE5BCD168D748D6C12B6FE884 -- E:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20941_none_c8d63818e6d4d57c\ntoskrnl.exe
[2012/05/04 07:06:22 | 005,559,664 | ---- | M] (Microsoft Corporation) MD5=2819BB6417B85D38169A4F151463A815 -- E:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17835_none_ca41cd33cad1e557\ntoskrnl.exe
[2012/03/31 00:39:37 | 003,913,072 | ---- | M] (Microsoft Corporation) MD5=28F44480E411C3DDF04B63F6560E6EF4 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17803_none_6e41a0e0125deda0\ntoskrnl.exe
[2012/03/31 00:37:33 | 003,916,656 | ---- | M] (Microsoft Corporation) MD5=2E02A17E8965AD671E4987E503AD38B1 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21955_none_6e972ea32ba24bcd\ntoskrnl.exe
[2012/05/04 06:08:15 | 003,902,320 | ---- | M] (Microsoft Corporation) MD5=3D58BF0B376A9968B70B9EB293BE3739 -- E:\Windows\ERDNT\cache86\ntoskrnl.exe
[2012/05/04 06:08:15 | 003,902,320 | ---- | M] (Microsoft Corporation) MD5=3D58BF0B376A9968B70B9EB293BE3739 -- E:\Windows\SysWOW64\ntoskrnl.exe
[2012/05/04 06:08:15 | 003,902,320 | ---- | M] (Microsoft Corporation) MD5=3D58BF0B376A9968B70B9EB293BE3739 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.17017_none_6c544b52153c391c\ntoskrnl.exe
[2010/02/27 07:46:28 | 003,899,784 | ---- | M] (Microsoft Corporation) MD5=466FD46F58768E56F7B841681014EFF1 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20655_none_6cb0c81f2e7bee1e\ntoskrnl.exe
[2012/05/04 06:03:50 | 003,913,072 | ---- | M] (Microsoft Corporation) MD5=53483A0B2DE3617E832F1DBAF9620F39 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17835_none_6e2331b012747421\ntoskrnl.exe
[2011/06/23 01:43:12 | 005,561,216 | ---- | M] (Microsoft Corporation) MD5=577841951E8BAD6EA8288106693CD39F -- E:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17640_none_ca31f809cade8847\ntoskrnl.exe
[2011/04/09 02:02:25 | 003,912,576 | ---- | M] (Microsoft Corporation) MD5=5D21C487F79F8245E799071589E035BF -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17592_none_6ddf4b9812a7d84d\ntoskrnl.exe
[2012/03/31 01:52:37 | 005,473,136 | ---- | M] (Microsoft Corporation) MD5=5E6017E5814B3BC366A5A7A88538D0FC -- E:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21179_none_c8bda4ace6e62470\ntoskrnl.exe
[2011/06/23 00:32:02 | 003,911,552 | ---- | M] (Microsoft Corporation) MD5=638A384E9968036D42BDBDE499A1C8B8 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20994_none_6c848dd72e9d3c00\ntoskrnl.exe
[2012/04/02 00:46:44 | 003,902,320 | ---- | M] (Microsoft Corporation) MD5=678AD0F9DB55F9127851CD631456F483 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16988_none_6c09c4061573e2c8\ntoskrnl.exe
[2012/05/04 06:51:47 | 005,561,200 | ---- | M] (Microsoft Corporation) MD5=6A692DB27A943B463E97B749DD34F3DA -- E:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21987_none_ca975af6e4164384\ntoskrnl.exe
[2012/03/31 01:39:18 | 005,561,200 | ---- | M] (Microsoft Corporation) MD5=708A4C721CEE6B3845B5A54477D873CF -- E:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21955_none_cab5ca26e3ffbd03\ntoskrnl.exe
[2010/10/27 00:43:38 | 003,901,824 | ---- | M] (Microsoft Corporation) MD5=776201760B5692F10DDA3BE85B54F213 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16695_none_6bfbed8a157ebb3f\ntoskrnl.exe
[2012/05/04 06:03:46 | 003,915,632 | ---- | M] (Microsoft Corporation) MD5=7A77B0BB0E658AEDC1C99B6DBCB360A1 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21207_none_6ce8b9ef2e51ba1c\ntoskrnl.exe
[2010/02/27 11:28:56 | 005,485,448 | ---- | M] (Microsoft Corporation) MD5=7B7253D90EF53BAFCDC96C888B1DB4F3 -- E:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20655_none_c8cf63a2e6d95f54\ntoskrnl.exe
[2011/06/23 01:55:25 | 003,912,576 | ---- | M] (Microsoft Corporation) MD5=90EFDB506F6140EEA9DEE398D9449D86 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21755_none_6e972ad72ba2517f\ntoskrnl.exe
[2012/04/02 01:34:04 | 005,504,880 | ---- | M] (Microsoft Corporation) MD5=9579F84C40B3BE205C9FD4CCDD99B6B7 -- E:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16988_none_c8285f89cdd153fe\ntoskrnl.exe
[2011/04/09 02:50:20 | 005,562,240 | ---- | M] (Microsoft Corporation) MD5=99C2715F138E7ED2F489AB796DD3B53C -- E:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21701_none_cae7d4cee3dad1a4\ntoskrnl.exe
[2009/07/13 21:48:28 | 005,511,248 | ---- | M] (Microsoft Corporation) MD5=9E722B768E33D26AD8FA7D642E707443 -- E:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16385_none_c8255347cdd4190f\ntoskrnl.exe
[2012/05/04 06:03:53 | 003,916,656 | ---- | M] (Microsoft Corporation) MD5=A37A39568C8EC9A17D1B7471445B81A8 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21987_none_6e78bf732bb8d24e\ntoskrnl.exe
[2009/07/13 21:20:44 | 003,899,472 | ---- | M] (Microsoft Corporation) MD5=B9D673F7707219DFD264891A26C21ECB -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16385_none_6c06b7c41576a7d9\ntoskrnl.exe
[2012/05/04 06:52:22 | 005,505,392 | ---- | M] (Microsoft Corporation) MD5=BD31B81BFA2E89680315AB15D0D58671 -- E:\Windows\ERDNT\cache64\ntoskrnl.exe
[2012/05/04 06:52:22 | 005,505,392 | ---- | M] (Microsoft Corporation) MD5=BD31B81BFA2E89680315AB15D0D58671 -- E:\Windows\System32\ntoskrnl.exe
[2012/05/04 06:52:22 | 005,505,392 | ---- | M] (Microsoft Corporation) MD5=BD31B81BFA2E89680315AB15D0D58671 -- E:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.17017_none_c872e6d5cd99aa52\ntoskrnl.exe
[2012/05/04 12:52:23 | 005,473,136 | ---- | M] (Microsoft Corporation) MD5=C4C870BD7F081C7AAC4DA553CD17E0F1 -- E:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21207_none_c9075572e6af2b52\ntoskrnl.exe
[2010/10/27 00:33:37 | 003,911,552 | ---- | M] (Microsoft Corporation) MD5=C6169F5FDC8399E0C6C0729AB6EF2EF8 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20826_none_6cd23bf92e62adf0\ntoskrnl.exe
[2010/11/20 09:33:46 | 005,563,776 | ---- | M] (Microsoft Corporation) MD5=C6CEC3E6CC9842B73501C70AA64C00FE -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17514_none_ca56670fcac29ca9\ntoskrnl.exe
[2011/06/23 01:22:01 | 005,561,728 | ---- | M] (Microsoft Corporation) MD5=CE6AF5EC2DB1567B6297ADCB56B39B5D -- E:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21755_none_cab5c65ae3ffc2b5\ntoskrnl.exe
[2011/04/09 02:01:20 | 003,912,576 | ---- | M] (Microsoft Corporation) MD5=D385343510B75545EC5DB3A64C2D2492 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21701_none_6ec9394b2b7d606e\ntoskrnl.exe
[2011/04/09 03:02:55 | 005,562,240 | ---- | M] (Microsoft Corporation) MD5=D60D9BCEAE5870A67E6C167F4681877B -- E:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17592_none_c9fde71bcb054983\ntoskrnl.exe
[2012/03/31 00:43:25 | 003,915,632 | ---- | M] (Microsoft Corporation) MD5=D909EAFA618BC9DB2615303DA3D9C830 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21179_none_6c9f09292e88b33a\ntoskrnl.exe
[2011/04/09 02:13:06 | 003,901,824 | ---- | M] (Microsoft Corporation) MD5=D9FD1D6337F15AAF2012C69909615DB5 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16792_none_6bf8ee9215816c61\ntoskrnl.exe
[2010/02/27 08:07:48 | 003,899,280 | ---- | M] (Microsoft Corporation) MD5=DD2ED3246F5F4E4B07F385A9520C3C7C -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16539_none_6c40cc54154a7bce\ntoskrnl.exe
[2011/06/23 00:38:04 | 003,902,336 | ---- | M] (Microsoft Corporation) MD5=DFB0E9F902FDAB7CD2E180E4072D45DD -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16841_none_6c2dffca1559c47c\ntoskrnl.exe
[2011/04/09 02:45:48 | 005,509,504 | ---- | M] (Microsoft Corporation) MD5=E03A9AC0273182895DCB3693A36785C9 -- E:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16792_none_c8178a15cddedd97\ntoskrnl.exe
[2010/10/27 01:18:36 | 005,510,528 | ---- | M] (Microsoft Corporation) MD5=E2EA143288BFF3D6B3AEB88C3BC02DAF -- E:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16695_none_c81a890dcddc2c75\ntoskrnl.exe
[2010/10/27 01:23:11 | 005,477,248 | ---- | M] (Microsoft Corporation) MD5=E6FC5686F6BB6F0CEB1107E6D064A944 -- E:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20826_none_c8f0d77ce6c01f26\ntoskrnl.exe
[2011/06/23 01:29:39 | 005,507,968 | ---- | M] (Microsoft Corporation) MD5=EBECACD545E280FE7A0A2CBFC0AC29BD -- E:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16841_none_c84c9b4dcdb735b2\ntoskrnl.exe
[2011/06/23 00:33:57 | 003,912,576 | ---- | M] (Microsoft Corporation) MD5=FB58ABD5E1F75A2CF713C9DFF0EC0804 -- E:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17640_none_6e135c8612811711\ntoskrnl.exe
[2010/02/27 11:17:00 | 005,509,008 | ---- | M] (Microsoft Corporation) MD5=FD787551F58F9686CEC6353F693EF571 -- E:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16539_none_c85f67d7cda7ed04\ntoskrnl.exe

< MD5 for: NVRAID.SYS >
[2009/07/13 21:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- E:\Windows\System32\drivers\nvraid.sys
[2009/07/13 21:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- E:\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009/07/13 21:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- E:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010/11/20 09:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009/07/13 21:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- E:\Windows\System32\drivers\nvstor.sys
[2009/07/13 21:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- E:\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/13 21:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- E:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2010/11/20 09:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: REGEDIT.EXE >
[2009/07/13 21:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- E:\Windows\ERDNT\cache86\regedit.exe
[2009/07/13 21:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- E:\Windows\regedit.exe
[2009/07/13 21:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- E:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[2009/07/13 21:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- E:\Windows\SysWOW64\regedit.exe
[2009/07/13 21:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- E:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe

< MD5 for: SCECLI.DLL >
[2009/07/13 21:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- E:\Windows\ERDNT\cache86\scecli.dll
[2009/07/13 21:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- E:\Windows\SysWOW64\scecli.dll
[2009/07/13 21:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- E:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/13 21:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- E:\Windows\ERDNT\cache64\scecli.dll
[2009/07/13 21:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- E:\Windows\System32\scecli.dll
[2009/07/13 21:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- E:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 08:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 09:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- E:\Windows\ERDNT\cache64\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- E:\Windows\System32\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- E:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SMSS.EXE >
[2009/07/13 21:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- E:\Windows\System32\smss.exe
[2009/07/13 21:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- E:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SPOOLSV.EXE >
[2010/08/20 01:38:12 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=8547491BE7086EE317163365D83A37D2 -- E:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.20785_none_32ca3745f45762fc\spoolsv.exe
[2009/07/13 21:39:44 | 000,558,080 | ---- | M] (Microsoft Corporation) MD5=89E8550C5862999FCF482EA562B0E98E -- E:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_324094c8db39cbbd\spoolsv.exe
[2010/11/20 09:25:21 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=B96C17B5DC1424D56EEA3A99E97428CD -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_3471a890d8284f57\spoolsv.exe
[2010/08/21 02:29:47 | 000,558,592 | ---- | M] (Microsoft Corporation) MD5=F8E1FA03CB70D54A9892AC88B91D1E7B -- E:\Windows\ERDNT\cache64\spoolsv.exe
[2010/08/21 02:29:47 | 000,558,592 | ---- | M] (Microsoft Corporation) MD5=F8E1FA03CB70D54A9892AC88B91D1E7B -- E:\Windows\System32\spoolsv.exe
[2010/08/21 02:29:47 | 000,558,592 | ---- | M] (Microsoft Corporation) MD5=F8E1FA03CB70D54A9892AC88B91D1E7B -- E:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16661_none_3252392adb2d25f4\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- E:\Windows\ERDNT\cache86\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- E:\Windows\SysWOW64\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- E:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/07/03 07:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- E:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- E:\Windows\ERDNT\cache64\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- E:\Windows\System32\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- E:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 01:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011/09/29 13:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010/11/20 09:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011/06/21 02:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010/06/14 02:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2012/03/30 06:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011/04/25 01:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012/03/30 07:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- E:\Windows\ERDNT\cache64\tcpip.sys
[2012/03/30 07:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- E:\Windows\System32\drivers\tcpip.sys
[2012/03/30 07:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2010/04/09 07:06:28 | 001,898,376 | ---- | M] (Microsoft Corporation) MD5=7FC877A25796D8ADF539E64703FCA7E1 -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_0f2ca8c580036f65\tcpip.sys
[2012/03/30 06:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010/06/14 02:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009/07/13 21:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011/04/25 01:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011/06/21 02:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2010/04/09 03:56:29 | 001,892,232 | ---- | M] (Microsoft Corporation) MD5=A9C0F786AC1F736891D05CE0A1D29DEB -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_0f9ea52499331463\tcpip.sys
[2011/09/29 12:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012/03/30 07:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011/04/25 02:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011/06/21 02:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011/06/21 02:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011/09/29 12:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011/09/29 12:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- E:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: TDX.SYS >
[2009/07/13 19:21:15 | 000,099,840 | ---- | M] (Microsoft Corporation) MD5=079125C4B17B01FCAEEBCE0BCB290C0F -- E:\Windows\ERDNT\cache64\tdx.sys
[2009/07/13 19:21:15 | 000,099,840 | ---- | M] (Microsoft Corporation) MD5=079125C4B17B01FCAEEBCE0BCB290C0F -- E:\Windows\System32\drivers\tdx.sys
[2009/07/13 19:21:15 | 000,099,840 | ---- | M] (Microsoft Corporation) MD5=079125C4B17B01FCAEEBCE0BCB290C0F -- E:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_4632b9f2f5c6af5e\tdx.sys
[2010/11/20 05:21:56 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806 -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_4863cdbaf2b532f8\tdx.sys

< MD5 for: USER32.DLL >
[2010/11/20 08:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009/07/13 21:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- E:\Windows\ERDNT\cache64\user32.dll
[2009/07/13 21:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- E:\Windows\System32\user32.dll
[2009/07/13 21:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- E:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009/07/13 21:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- E:\Windows\ERDNT\cache86\user32.dll
[2009/07/13 21:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- E:\Windows\SysWOW64\user32.dll
[2009/07/13 21:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- E:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010/11/20 09:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll

< MD5 for: USERINIT.EXE >
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- E:\Windows\ERDNT\cache86\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- E:\Windows\SysWOW64\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- E:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- E:\Windows\ERDNT\cache64\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- E:\Windows\System32\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- E:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WDF01000.SYS >
[2009/07/13 21:45:55 | 000,654,928 | ---- | M] (Microsoft Corporation) MD5=441BD2D7B4F98134C3A4F9FA570FD250 -- E:\Windows\System32\drivers\Wdf01000.sys
[2009/07/13 21:45:55 | 000,654,928 | ---- | M] (Microsoft Corporation) MD5=441BD2D7B4F98134C3A4F9FA570FD250 -- E:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.1.7600.16385_none_d24809e1379d1f91\Wdf01000.sys

< MD5 for: WIN32K.SYS >
[2012/01/14 00:00:52 | 003,148,288 | ---- | M] (Microsoft Corporation) MD5=0777AD78CEF3B17D12C3A1988282952B -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21898_none_1750a188ca8132fd\win32k.sys
[2011/06/10 23:01:45 | 003,139,072 | ---- | M] (Microsoft Corporation) MD5=0DF3BD068DBB6BB760F28932D4D7F78E -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.20983_none_15701116cd572f46\win32k.sys
[2011/03/02 23:52:08 | 003,135,488 | ---- | M] (Microsoft Corporation) MD5=0E7FBAD1692AACF9E0FF7E6624CC8B4C -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17570_none_16d49e79b15a964b\win32k.sys
[2011/03/02 23:58:32 | 003,133,440 | ---- | M] (Microsoft Corporation) MD5=11D256F453BE218C3C2AEB35B7633EA3 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16772_none_14f04207b4325d0d\win32k.sys
[2012/05/14 21:25:43 | 003,148,800 | ---- | M] (Microsoft Corporation) MD5=1D7EDEAD6891810BCF8566B2319A8B11 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21995_none_174da290ca83e41f\win32k.sys
[2012/01/14 00:06:27 | 003,145,728 | ---- | M] (Microsoft Corporation) MD5=275D3946B0EC22BA13FE299E97ABF606 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17762_none_16e172c5b150a756\win32k.sys
[2012/01/14 00:05:42 | 003,148,288 | ---- | M] (Microsoft Corporation) MD5=2A6231EDD1728E97E5C73A4C995331EF -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21127_none_15b4cbcecd231d65\win32k.sys
[2011/09/05 23:07:02 | 003,134,976 | ---- | M] (Microsoft Corporation) MD5=31FB6EBACF9245B3A02E10F408EFF7B6 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16878_none_14f645a9b42cf23e\win32k.sys
[2010/05/01 11:04:07 | 003,124,224 | ---- | M] (Microsoft Corporation) MD5=333F53E52C29577D65D7328D4A95FFF1 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.20704_none_15c78cf4cd156ec7\win32k.sys
[2011/11/24 00:45:10 | 003,146,752 | ---- | M] (Microsoft Corporation) MD5=338E48AB7810E1B223DFECD82C44F5A3 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21866_none_176f10b8ca6aac7c\win32k.sys
[2011/01/05 00:00:16 | 003,127,808 | ---- | M] (Microsoft Corporation) MD5=33DD4577B4BA2CF6BD1D1096DCBB0A49 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16732_none_151b81b7b411ed49\win32k.sys
[2012/01/14 00:02:25 | 003,143,168 | ---- | M] (Microsoft Corporation) MD5=39FF1BFDC0D5868E8D032EA349D30F51 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16948_none_1516b753b4149b92\win32k.sys
[2011/11/24 00:52:41 | 003,146,240 | ---- | M] (Microsoft Corporation) MD5=3AD5AEA8772DBEB548D0863714D7959D -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21097_none_15691a74cd5be3d5\win32k.sys
[2011/03/03 00:00:45 | 003,137,536 | ---- | M] (Microsoft Corporation) MD5=3B166F6F8AFBB1B4C1FDDAB0149C3BCE -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.20914_none_15bcc0d4cd1d8506\win32k.sys
[2011/09/29 00:03:32 | 003,144,704 | ---- | M] (Microsoft Corporation) MD5=3C8CD264F784BD3BBA3F3A815BEBDE48 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17697_none_16c6028db1647cb5\win32k.sys
[2012/04/01 23:01:19 | 003,143,680 | ---- | M] (Microsoft Corporation) MD5=44DC57624E27B6EF3EA24F4892CB2620 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16988_none_14eb77a3b4350b56\win32k.sys
[2012/06/11 23:08:36 | 003,148,800 | ---- | M] (Microsoft Corporation) MD5=511166D3F5D7EBA36DE48C4F5E195886 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17860_none_16df7417b15271cf\win32k.sys
[2011/11/24 01:00:47 | 003,141,632 | ---- | M] (Microsoft Corporation) MD5=55CF26CF771B086A393750BD494FD6FC -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16920_none_152454dbb40b98f8\win32k.sys
[2011/01/04 23:57:31 | 003,129,344 | ---- | M] (Microsoft Corporation) MD5=643E6764B18CB3266357FD0AB649F7A8 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21634_none_178d7c1cca542bad\win32k.sys
[2011/09/05 23:03:17 | 003,138,048 | ---- | M] (Microsoft Corporation) MD5=671FE77C7083C752AB414EC331F24DCB -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17685_none_16ced1e5b15e2e16\win32k.sys
[2011/06/10 22:56:44 | 003,134,464 | ---- | M] (Microsoft Corporation) MD5=69762AB7ADF33748394701B8AA66CD81 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16830_none_15198309b413b7c2\win32k.sys
[2012/02/03 00:16:03 | 003,143,168 | ---- | M] (Microsoft Corporation) MD5=69E8CE6F62B82861014343CE10D2B294 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16957_none_150ae71db41d9e2c\win32k.sys
[2011/11/24 00:52:09 | 003,145,216 | ---- | M] (Microsoft Corporation) MD5=6E810D7C1E3881289733924CE9763B92 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17730_none_16ffe1f5b13a20d5\win32k.sys
[2010/05/01 11:07:05 | 003,122,176 | ---- | M] (Microsoft Corporation) MD5=718F3491CF541569956BAA4C6E7B351E -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16585_none_14e86f2db437cab5\win32k.sys
[2011/06/10 23:07:25 | 003,137,536 | ---- | M] (Microsoft Corporation) MD5=7A1BCE8E431CE1083E6807D43C1B0661 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17630_none_16ffe00fb13a23ae\win32k.sys
[2011/05/27 23:06:53 | 003,137,536 | ---- | M] (Microsoft Corporation) MD5=7C14AC6D4068D7DAB8BB3AEEA208CD61 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.20975_none_157ce196cd4d4603\win32k.sys
[2012/06/11 23:02:52 | 003,147,264 | ---- | M] (Microsoft Corporation) MD5=7FF70301AB5176FC3B72BD6C9B8BF888 -- E:\Windows\System32\win32k.sys
[2012/06/11 23:02:52 | 003,147,264 | ---- | M] (Microsoft Corporation) MD5=7FF70301AB5176FC3B72BD6C9B8BF888 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.17039_none_15225fabb40bcc3a\win32k.sys
[2012/03/30 22:56:14 | 003,148,800 | ---- | M] (Microsoft Corporation) MD5=88592AB8F8AE4F7264A936AEE682BBE5 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21955_none_1778e240ca63745b\win32k.sys
[2011/09/29 00:47:30 | 003,146,752 | ---- | M] (Microsoft Corporation) MD5=9A490D3113AD482914F98F0AA9254DB4 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21828_none_179c50fcca486f66\win32k.sys
[2011/09/05 23:45:20 | 003,140,096 | ---- | M] (Microsoft Corporation) MD5=9C7D0FD37532F0CE69C2F01B35364355 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21811_none_17a01ee2ca46a214\win32k.sys
[2011/01/04 23:59:01 | 003,129,344 | ---- | M] (Microsoft Corporation) MD5=9F9B2A0552CD7FCD1B6A29B94A6AABE1 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.20873_none_157adf1ccd4f162e\win32k.sys
[2012/05/14 21:32:33 | 003,146,752 | ---- | M] (Microsoft Corporation) MD5=A0360F2DEFCBC40497A4F3D0599FE71A -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17842_none_16f71483b1406c9b\win32k.sys
[2012/02/03 00:34:34 | 003,145,728 | ---- | M] (Microsoft Corporation) MD5=A3A7E9D10745A7CAC5F346370B81D08B -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17772_none_16d6a2d9b158c347\win32k.sys
[2012/06/11 23:04:59 | 003,151,360 | ---- | M] (Microsoft Corporation) MD5=A8191824CC60305DD2313D7A74F95EDD -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21231_none_15a3fc0ccd309e73\win32k.sys
[2010/11/20 05:53:33 | 003,126,272 | ---- | M] (Microsoft Corporation) MD5=A89392A32BA98468710FD7E38318934B -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17514_none_17197f29b1265401\win32k.sys
[2011/05/27 23:06:58 | 003,135,488 | ---- | M] (Microsoft Corporation) MD5=A8BB4C5B9D529FBE01C90024E0A7820E -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17622_none_170cb08fb1303a6b\win32k.sys
[2011/05/27 22:58:42 | 003,138,048 | ---- | M] (Microsoft Corporation) MD5=AA7F3250AE93B4312C31FE97AA46745F -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21735_none_178e7e4cca53422b\win32k.sys
[2012/03/30 23:05:06 | 003,148,800 | ---- | M] (Microsoft Corporation) MD5=B132D7E1E53C5835B13E5F23394C3202 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21179_none_1580bcc6cd49dbc8\win32k.sys
[2011/09/29 00:09:30 | 003,141,120 | ---- | M] (Microsoft Corporation) MD5=B4F75A848859C8F7D8E87186A8C097ED -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16889_none_14ec7607b4342786\win32k.sys
[2012/05/14 21:33:51 | 003,148,800 | ---- | M] (Microsoft Corporation) MD5=B6044DA39F692DDE4AE382053E22A229 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21215_none_15bd9d0ccd1ccbed\win32k.sys
[2012/06/11 22:58:04 | 003,151,872 | ---- | M] (Microsoft Corporation) MD5=BC91C50C20709D85A2137E689DC3ED19 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22016_none_17a4fa5cca425130\win32k.sys
[2011/09/28 23:59:10 | 003,145,216 | ---- | M] (Microsoft Corporation) MD5=CAE946DC6B153BF6236610F64FA7D5E5 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21060_none_15828832cd49dea1\win32k.sys
[2011/09/05 23:06:32 | 003,139,072 | ---- | M] (Microsoft Corporation) MD5=CBECF661F412259CEE15CA82F0341D5E -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21046_none_159e29c6cd343ec9\win32k.sys
[2009/07/13 19:40:40 | 003,122,176 | ---- | M] (Microsoft Corporation) MD5=CBEF2EB83438ED9FC39411CC8378B0E7 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16385_none_14e86b61b437d067\win32k.sys
[2012/02/03 00:15:32 | 003,148,288 | ---- | M] (Microsoft Corporation) MD5=D743EB3F1917EE3D2861064D8A53E07F -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21914_none_17a321a6ca43eb40\win32k.sys
[2011/06/10 22:54:15 | 003,140,096 | ---- | M] (Microsoft Corporation) MD5=D9DC465D72719EB413FDD056B0F25EED -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21744_none_1782ae16ca5c44c5\win32k.sys
[2011/03/02 23:48:54 | 003,137,536 | ---- | M] (Microsoft Corporation) MD5=E5043EE4E7762CBF2E8D69E7D7E726E1 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21673_none_17613c22ca75821a\win32k.sys
[2012/05/14 21:32:20 | 003,144,192 | ---- | M] (Microsoft Corporation) MD5=E794341563033721CE10B4F43FC07F4C -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.17024_none_15282e25b4083196\win32k.sys
[2012/02/03 00:16:04 | 003,148,288 | ---- | M] (Microsoft Corporation) MD5=EFD614BE4E92D24E63F22AB1ED545A58 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21143_none_159b2acecd36efeb\win32k.sys
[2012/03/30 23:10:03 | 003,146,240 | ---- | M] (Microsoft Corporation) MD5=F4C456F9235ED440B81107E951555411 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17803_none_1723547db11f162e\win32k.sys
[2011/05/27 23:07:01 | 003,133,952 | ---- | M] (Microsoft Corporation) MD5=F5CC1F57DA292EA574B4AD5B1FCBC2A3 -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16821_none_1525533fb40ab528\win32k.sys
[2011/01/05 02:56:24 | 003,129,344 | ---- | M] (Microsoft Corporation) MD5=F7755E762C67E2AFF6087AB5D2CE7A7A -- E:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17535_none_1704df9bb135a53a\win32k.sys

< MD5 for: WINLOGON.EXE >
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- E:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012/07/03 07:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- E:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 03:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- E:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- E:\Windows\ERDNT\cache64\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- E:\Windows\System32\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- E:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

hazik · #13 Příspěvek od **hazik** » 30 črc 2012 11:00

< MD5 for: WINSRV.DLL >
[2011/07/16 01:26:18 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=0CB6EBF4B461A6043353C570BD72A1E1 -- E:\Windows\System32\winsrv.dll
[2011/07/16 01:26:18 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=0CB6EBF4B461A6043353C570BD72A1E1 -- E:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.16850_none_128f0019b5f25b8f\winsrv.dll
[2011/05/14 03:11:21 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=1A589228B6DC007120F877DBBD6CB79D -- E:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21728_none_15276bfecc16de2a\winsrv.dll
[2011/05/14 03:41:26 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=3739AA2F57FE492EA976E20C56CDF2F4 -- E:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.16816_none_12c04185b5cc83d5\winsrv.dll
[2011/05/14 03:24:33 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=3A8135A7DED2FA0DAD3BDE1B14865A8A -- E:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17617_none_14a79ed5b2f20918\winsrv.dll
[2009/07/13 21:41:56 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=457B44AB6D502E55F64A867D4F35C76C -- E:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.16385_none_12738849b6063c52\winsrv.dll
[2011/06/03 02:59:23 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=55917E3ABDDC20D0AAEAC49F5CE67462 -- E:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.20978_none_130aff5ccf18fdf3\winsrv.dll
[2011/06/24 01:26:55 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=6D408ABD60A995A2DAB4BAAE38BCA04F -- E:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.20995_none_12f25ea6cf2be9d0\winsrv.dll
[2011/06/24 01:27:05 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=C13D05A015346DED3D722BE285814495 -- E:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21756_none_1504fba6cc30ff4f\winsrv.dll
[2010/11/20 09:27:28 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=E0406AEF04B088D1C49FC78D0546F689 -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17514_none_14a49c11b2f4bfec\winsrv.dll
[2011/06/24 01:34:53 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=EB6A48CC998E1090E44E8E7F1009A640 -- E:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17641_none_14812d55b30fc4e1\winsrv.dll

< MD5 for: WS2_32.DLL >
[2010/11/20 09:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009/07/13 21:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- E:\Windows\ERDNT\cache64\ws2_32.dll
[2009/07/13 21:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- E:\Windows\System32\ws2_32.dll
[2009/07/13 21:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- E:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010/11/20 08:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- E:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009/07/13 21:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- E:\Windows\ERDNT\cache86\ws2_32.dll
[2009/07/13 21:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- E:\Windows\SysWOW64\ws2_32.dll
[2009/07/13 21:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- E:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< MD5 for: WSCRIPT.EXE >
[2009/07/13 21:39:57 | 000,168,960 | ---- | M] (Microsoft Corporation) MD5=8886E0697B0A93C521F99099EF643450 -- E:\Windows\System32\wscript.exe
[2009/07/13 21:39:57 | 000,168,960 | ---- | M] (Microsoft Corporation) MD5=8886E0697B0A93C521F99099EF643450 -- E:\Windows\winsxs\amd64_microsoft-windows-scripting_31bf3856ad364e35_6.1.7600.16385_none_a45d44bd1a0af822\wscript.exe
[2009/07/13 21:14:49 | 000,141,824 | ---- | M] (Microsoft Corporation) MD5=D1AB72DB2BEDD2F255D35DA3DA0D4B16 -- E:\Windows\SysWOW64\wscript.exe
[2009/07/13 21:14:49 | 000,141,824 | ---- | M] (Microsoft Corporation) MD5=D1AB72DB2BEDD2F255D35DA3DA0D4B16 -- E:\Windows\winsxs\wow64_microsoft-windows-scripting_31bf3856ad364e35_6.1.7600.16385_none_aeb1ef0f4e6bba1d\wscript.exe

< %systemroot%\system32\logevent.dll /md5 >

< %systemroot%\system32\sceclt.dll /md5 >

< %systemroot%\system32\ntelogon.dll /md5 >

< %systemroot%\system32\consrv.dll /md5 >

< %systemroot%\system32\logevent.dll /md5 /64 >

< %systemroot%\system32\sceclt.dll /md5 /64 >

< %systemroot%\system32\ntelogon.dll /md5 /64 >

< %systemroot%\system32\consrv.dll /md5 /64 >

< %systemroot%\system32\drivers\*.sys /md5 >
[2009/07/13 20:06:38 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=64EDD3F59DB321947969FDF1DD747323 -- E:\Windows\system32\drivers\1394bus.sys
[2009/07/13 20:07:13 | 000,227,840 | ---- | M] (Microsoft Corporation) MD5=1B00662092F9F9568B995902F0CC40D5 -- E:\Windows\system32\drivers\1394ohci.sys
[2009/07/13 21:52:21 | 000,334,416 | ---- | M] (Microsoft Corporation) MD5=6F11E88748CDEFD2F76AA215F97DDFE5 -- E:\Windows\system32\drivers\acpi.sys
[2009/07/13 19:27:17 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=63B05A0420CE4BF0E4AF6DCC7CADA254 -- E:\Windows\system32\drivers\acpipmi.sys
[2009/07/13 21:52:21 | 000,491,088 | ---- | M] (Adaptec, Inc.) MD5=2F6B34B83843F0C5118B63AC634F5BF4 -- E:\Windows\system32\drivers\adp94xx.sys
[2009/07/13 21:52:21 | 000,339,536 | ---- | M] (Adaptec, Inc.) MD5=597F78224EE9224EA1A13D6350CED962 -- E:\Windows\system32\drivers\adpahci.sys
[2009/07/13 21:52:21 | 000,182,864 | ---- | M] (Adaptec, Inc.) MD5=E109549C90F62FB570B9540C4B148E54 -- E:\Windows\system32\drivers\adpu320.sys
[2011/12/27 23:59:11 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=DB9D6C6B2CD95A9CA414D045B627422E -- E:\Windows\system32\drivers\afd.sys
[2009/07/13 20:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=7ECFF9B22276B73F43A99A15A6094E90 -- E:\Windows\system32\drivers\agilevpn.sys
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- E:\Windows\system32\drivers\AGP440.sys
[2009/07/13 21:52:21 | 000,015,440 | ---- | M] (Acer Laboratories Inc.) MD5=5812713A477A3AD7363C7438CA2EE038 -- E:\Windows\system32\drivers\aliide.sys
[2009/07/13 21:52:21 | 000,015,440 | ---- | M] (Microsoft Corporation) MD5=1FF8B4431C353CE385C875F194924C0C -- E:\Windows\system32\drivers\amdide.sys
[2009/07/13 19:19:25 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=7024F087CFF1833A806193EF9D22CDA9 -- E:\Windows\system32\drivers\amdk8.sys
[2009/07/13 19:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) MD5=1E56388B3FE0D031C44144EB8C4D6217 -- E:\Windows\system32\drivers\amdppm.sys
[2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) MD5=7A4B413614C055935567CF88A9734D38 -- E:\Windows\system32\drivers\amdsata.sys
[2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) MD5=F67F933E79241ED32FF46A4F29B5120B -- E:\Windows\system32\drivers\amdsbs.sys
[2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) MD5=B4AD0CACBAB298671DD6F6EF7E20679D -- E:\Windows\system32\drivers\amdxata.sys
[2009/07/13 19:52:39 | 000,061,440 | ---- | M] (Microsoft Corporation) MD5=42FD751B27FA0E9C69BB39F39E409594 -- E:\Windows\system32\drivers\appid.sys
[2009/07/13 21:52:21 | 000,087,632 | ---- | M] (Adaptec, Inc.) MD5=C484F8CEB1717C540242531DB7845C4E -- E:\Windows\system32\drivers\arc.sys
[2009/07/13 21:52:21 | 000,097,856 | ---- | M] (Adaptec, Inc.) MD5=019AF6924AEFE7839F61C830227FE79C -- E:\Windows\system32\drivers\arcsas.sys
[2009/05/13 21:26:24 | 000,015,416 | ---- | M] () MD5=2219A3D695405E7BA2186BA6B9EDE14A -- E:\Windows\system32\drivers\ASACPI.sys
[2010/11/15 07:05:00 | 000,121,832 | ---- | M] (ASMedia Technology Inc) MD5=E3B9C89D2ED4A538AB2FC6EC76FA2B17 -- E:\Windows\system32\drivers\asmthub3.sys
[2010/11/15 07:05:02 | 000,364,520 | ---- | M] (ASMedia Technology Inc) MD5=88CE83BE5176020BE39194A6369AF2C2 -- E:\Windows\system32\drivers\asmtxhci.sys
[2009/07/13 20:10:13 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=769765CE2CC62867468CEA93969B2242 -- E:\Windows\system32\drivers\asyncmac.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- E:\Windows\system32\drivers\atapi.sys
[2009/07/13 21:52:21 | 000,155,728 | ---- | M] (Microsoft Corporation) MD5=AA2186F7944104A16D6ED176ED462CEC -- E:\Windows\system32\drivers\ataport.sys
[2010/05/27 13:39:12 | 006,856,192 | ---- | M] (ATI Technologies Inc.) MD5=74687C33C4AD25A975BBB1EA1E8B3884 -- E:\Windows\system32\drivers\atikmdag.sys
[2010/05/27 12:25:36 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) MD5=C7F56ED86327A78E7F8A5CC503A98BD6 -- E:\Windows\system32\drivers\atikmpag.sys
[2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) MD5=B5ACE6968304A3900EEB1EBFD9622DF2 -- E:\Windows\system32\drivers\b57nd60a.sys
[2009/07/13 21:52:21 | 000,028,240 | ---- | M] (Microsoft Corporation) MD5=F4DE2AE7A9E1BADAC70BC71EA2C17612 -- E:\Windows\system32\drivers\battc.sys
[2009/07/13 20:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- E:\Windows\system32\drivers\beep.sys
[2009/07/13 19:35:59 | 000,045,056 | ---- | M] (Microsoft Corporation) MD5=61583EE3C3A17003C4ACD0475646B4D3 -- E:\Windows\system32\drivers\blbdrive.sys
[2011/02/23 01:15:06 | 000,090,624 | ---- | M] (Microsoft Corporation) MD5=19D20159708E152267E53B66677A4995 -- E:\Windows\system32\drivers\bowser.sys
[2009/06/10 16:41:06 | 000,018,432 | ---- | M] (Brother Industries, Ltd.) MD5=F09EEE9EDC320B5E1501F749FDE686C8 -- E:\Windows\system32\drivers\BrFiltLo.sys
[2009/06/10 16:41:06 | 000,008,704 | ---- | M] (Brother Industries, Ltd.) MD5=B114D3098E9BDB8BEA8B053685831BE6 -- E:\Windows\system32\drivers\BrFiltUp.sys
[2009/07/13 21:01:48 | 000,095,232 | ---- | M] (Microsoft Corporation) MD5=5C2F352A4E961D72518261257AAE204B -- E:\Windows\system32\drivers\bridge.sys
[2009/07/13 21:19:07 | 000,286,720 | ---- | M] (Brother Industries Ltd.) MD5=43BEA8D483BF1870F018E2D02E06A5BD -- E:\Windows\system32\drivers\BrSerId.sys
[2009/06/10 16:41:10 | 000,047,104 | ---- | M] (Brother Industries Ltd.) MD5=A6ECA2151B08A09CACECA35C07F05B42 -- E:\Windows\system32\drivers\BrSerWdm.sys
[2009/06/10 16:41:10 | 000,014,976 | ---- | M] (Brother Industries Ltd.) MD5=B79968002C277E869CF38BD22CD61524 -- E:\Windows\system32\drivers\BrUsbMdm.sys
[2009/06/10 16:41:10 | 000,014,720 | ---- | M] (Brother Industries Ltd.) MD5=A87528880231C54E75EA7A44943B38BF -- E:\Windows\system32\drivers\BrUsbSer.sys
[2009/07/13 20:06:52 | 000,072,192 | ---- | M] (Microsoft Corporation) MD5=9DA669F11D1F894AB4EB69BF546A42E8 -- E:\Windows\system32\drivers\bthmodem.sys
[2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) MD5=3E5B191307609F7514148C6832BB0842 -- E:\Windows\system32\drivers\bxvbda.sys
[2008/09/18 15:54:48 | 000,056,320 | ---- | M] () MD5=BCDB579F30335F20AADDC873ABA669E8 -- E:\Windows\system32\drivers\CamSuiteVAC.sys
[2008/05/02 05:58:48 | 000,023,552 | ---- | M] (Nokia) MD5=216BDF8B1017BB52692C9EE3C1E50597 -- E:\Windows\system32\drivers\ccdcmbox64.sys
[2011/08/17 03:58:16 | 000,019,968 | ---- | M] (Nokia) MD5=907B5E1E4A592E5EDC5E4CCBDE4863C2 -- E:\Windows\system32\drivers\ccdcmbx64.sys
[2009/07/13 19:19:47 | 000,092,160 | ---- | M] (Microsoft Corporation) MD5=B8BD2BB284668C84865658C77574381A -- E:\Windows\system32\drivers\cdfs.sys
[2009/07/13 19:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- E:\Windows\system32\drivers\cdrom.sys
[2009/07/13 20:06:34 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=D7CD5C4E1B71FA62050515314CFB52CF -- E:\Windows\system32\drivers\circlass.sys
[2009/07/13 21:52:21 | 000,178,752 | ---- | M] (Microsoft Corporation) MD5=62F1ED63F0CB0B5A2F65D15A6490C2FD -- E:\Windows\system32\drivers\Classpnp.sys
[2009/07/13 19:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) MD5=0840155D0BDDF1190F84A663C284BD33 -- E:\Windows\system32\drivers\CmBatt.sys
[2009/07/13 21:52:31 | 000,017,488 | ---- | M] (CMD Technology, Inc.) MD5=E19D3F095812725D88F9001985B94EDD -- E:\Windows\system32\drivers\cmdide.sys
[2012/06/02 01:37:45 | 000,459,216 | ---- | M] (Microsoft Corporation) MD5=CA7720B73446FDDEC5C69519C1174C98 -- E:\Windows\system32\drivers\cng.sys
[2009/07/13 21:52:31 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=102DE219C3F61415F964C88E9085AD14 -- E:\Windows\system32\drivers\compbatt.sys
[2009/07/13 20:00:34 | 000,038,912 | ---- | M] (Microsoft Corporation) MD5=F26B3A86F6FA87CA360B879581AB4123 -- E:\Windows\system32\drivers\CompositeBus.sys
[2009/07/13 21:47:48 | 000,039,504 | ---- | M] (Microsoft Corporation) MD5=3E588B60EC061686BA05D33574A344C6 -- E:\Windows\system32\drivers\crashdmp.sys
[2009/07/13 21:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) MD5=1C827878A998C18847245FE1F34EE597 -- E:\Windows\system32\drivers\crcdisk.sys
[2011/04/26 22:57:40 | 000,102,400 | ---- | M] (Microsoft Corporation) MD5=9C253CE7311CA60FC11C774692A13208 -- E:\Windows\system32\drivers\dfsc.sys
[2009/07/13 19:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) MD5=13096B05847EC78F0977F2C0F79E9AB3 -- E:\Windows\system32\drivers\discache.sys
[2009/07/13 21:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- E:\Windows\system32\drivers\disk.sys
[2009/07/13 21:47:48 | 000,027,216 | ---- | M] (Microsoft Corporation) MD5=77A4B22C0BE4568872521DD5E4279CEE -- E:\Windows\system32\drivers\Diskdump.sys
[2009/07/13 21:01:25 | 000,116,224 | ---- | M] (Microsoft Corporation) MD5=21D26064AEDB4988F785BB4A3A2C051E -- E:\Windows\system32\drivers\drmk.sys
[2009/07/13 20:06:16 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=9B19F34400D24DF84C858A421C205754 -- E:\Windows\system32\drivers\drmkaud.sys
[2011/03/15 12:09:29 | 000,254,528 | ---- | M] (DT Soft Ltd) MD5=FB9BEF3401EE5ECC2603311B9C64F44A -- E:\Windows\system32\drivers\dtsoftbus01.sys
[2009/07/13 21:47:48 | 000,028,736 | ---- | M] (Microsoft Corporation) MD5=839B5FE3D48E9F35B22C21A3D5103F6C -- E:\Windows\system32\drivers\Dumpata.sys
[2009/07/13 21:43:14 | 000,055,128 | ---- | M] (Microsoft Corporation) MD5=814DB88F2641691575A455CF25354098 -- E:\Windows\system32\drivers\dumpfve.sys
[2009/07/13 19:38:28 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=BF24D6F2ED97FE830BFD52B246F98E67 -- E:\Windows\system32\drivers\dxapi.sys
[2009/07/13 19:38:28 | 000,098,816 | ---- | M] (Microsoft Corporation) MD5=FEDE0629ECB23650D48989517D4914DA -- E:\Windows\system32\drivers\dxg.sys
[2012/02/14 18:08:01 | 000,982,912 | ---- | M] (Microsoft Corporation) MD5=1633B9ABF52784A1331476397A48CBEF -- E:\Windows\system32\drivers\dxgkrnl.sys
[2012/02/14 18:08:01 | 000,265,088 | ---- | M] (Microsoft Corporation) MD5=3238B9078E0766AB5E62DC737A809ADB -- E:\Windows\system32\drivers\dxgmms1.sys
[2010/04/05 18:37:42 | 000,301,232 | ---- | M] (Intel Corporation) MD5=60C5B36E07BE8B3AF3911C3D10303CFE -- E:\Windows\system32\drivers\e1k62x64.sys
[2012/07/25 15:41:35 | 000,044,464 | ---- | M] () MD5=BEA9DB301C415509B88D77BE9415E9FD -- E:\Windows\system32\drivers\eb75d1b145d6a7c9.sys
[2009/07/13 21:47:48 | 000,530,496 | ---- | M] (Emulex) MD5=0E5DA5369A0FCAEA12456DD852545184 -- E:\Windows\system32\drivers\elxstor.sys
[2009/07/13 19:31:04 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=34A3C54752046E79A126E15C51DB409B -- E:\Windows\system32\drivers\errdev.sys
[2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) MD5=DC5D737F51BE844D8C82C695EB17372F -- E:\Windows\system32\drivers\evbda.sys
[2009/07/13 19:23:29 | 000,195,072 | ---- | M] (Microsoft Corporation) MD5=A510C654EC00C1E9BDD91EEB3A59823B -- E:\Windows\system32\drivers\exfat.sys
[2009/07/13 19:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- E:\Windows\system32\drivers\fastfat.sys
[2009/07/13 20:00:54 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=D765D19CD8EF61F650C384F62FAC00AB -- E:\Windows\system32\drivers\fdc.sys
[2009/07/13 21:47:48 | 000,070,224 | ---- | M] (Microsoft Corporation) MD5=655661BE46B5F5F3FD454E2C3095B930 -- E:\Windows\system32\drivers\fileinfo.sys
[2009/07/13 19:25:40 | 000,034,304 | ---- | M] (Microsoft Corporation) MD5=5F671AB5BC87EEA04EC38A6CD5962A47 -- E:\Windows\system32\drivers\filetrace.sys
[2009/07/13 20:00:54 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=C172A0F53008EAEB8EA33FE10E177AF5 -- E:\Windows\system32\drivers\flpydisk.sys
[2009/07/13 21:47:47 | 000,290,368 | ---- | M] (Microsoft Corporation) MD5=F7866AF72ABBAF84B1FA5AA195378C59 -- E:\Windows\system32\drivers\fltMgr.sys
[2009/07/13 21:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) MD5=D43703496149971890703B4B1B723EAC -- E:\Windows\system32\drivers\fsdepends.sys
[2012/03/01 02:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) MD5=D3E3F93D67821A2DB2B3D9FAC2DC2064 -- E:\Windows\system32\drivers\fs_rec.sys
[2009/09/26 02:20:38 | 000,223,448 | ---- | M] (Microsoft Corporation) MD5=AE87BA80D0EC3B57126ED2CDC15B24ED -- E:\Windows\system32\drivers\fvevol.sys
[2009/07/13 21:47:48 | 000,288,336 | ---- | M] (Microsoft Corporation) MD5=50555005E22A56AEF10BE607472D0BDC -- E:\Windows\system32\drivers\FWPKCLNT.SYS
[2009/07/13 21:47:48 | 000,065,088 | ---- | M] (Microsoft Corporation) MD5=8C778D335C9D272CFD3298AB02ABE3B6 -- E:\Windows\system32\drivers\GAGP30KX.SYS
[2009/05/18 08:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) MD5=E403AACF8C7BB11375122D2464560311 -- E:\Windows\system32\drivers\GEARAspiWDM.sys
[2012/04/14 03:27:23 | 000,033,344 | ---- | M] (LogMeIn, Inc.) MD5=F8F0851D336C3B88DBD7232B6348E09A -- E:\Windows\system32\drivers\hamachi.sys
[2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) MD5=F2523EF6460FC42405B12248338AB2F0 -- E:\Windows\system32\drivers\hcw85cir.sys
[2009/07/13 20:06:13 | 000,122,368 | ---- | M] (Microsoft Corporation) MD5=0A49913402747A0B67DE940FB42CBDBB -- E:\Windows\system32\drivers\hdaudbus.sys
[2009/07/13 20:07:00 | 000,350,208 | ---- | M] (Microsoft Corporation) MD5=6410F6F415B2A5A9037224C41DA8BF12 -- E:\Windows\system32\drivers\HdAudio.sys
[2009/09/17 00:54:54 | 000,056,344 | ---- | M] (Intel Corporation) MD5=B6AC71AAA2B10848F57FC49D55A651AF -- E:\Windows\system32\drivers\HECIx64.sys
[2009/07/13 19:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=78E86380454A7B10A5EB255DC44A355F -- E:\Windows\system32\drivers\hidbatt.sys
[2009/07/13 20:06:52 | 000,100,864 | ---- | M] (Microsoft Corporation) MD5=7FD2A313F7AFE5C4DAB14798C48DD104 -- E:\Windows\system32\drivers\hidbth.sys
[2009/07/13 20:06:21 | 000,076,288 | ---- | M] (Microsoft Corporation) MD5=685FEC2407FC121EB937CB658B3C0F35 -- E:\Windows\system32\drivers\hidclass.sys
[2009/07/13 20:06:23 | 000,046,592 | ---- | M] (Microsoft Corporation) MD5=0A77D29F311B88CFAE3B13F9C1A73825 -- E:\Windows\system32\drivers\hidir.sys
[2009/07/13 20:06:17 | 000,032,896 | ---- | M] (Microsoft Corporation) MD5=49EE2E52E6CD03947DAD72F65367BE06 -- E:\Windows\system32\drivers\hidparse.sys
[2009/07/13 20:06:22 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=B3BF6B5B50006DEF50B66306D99FCF6F -- E:\Windows\system32\drivers\hidusb.sys
[2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) MD5=0886D440058F203EBA0E1825E4355914 -- E:\Windows\system32\drivers\HpSAMD.sys
[2009/07/13 19:22:20 | 000,751,616 | ---- | M] (Microsoft Corporation) MD5=CEE049CAC4EFA7F4E1E4AD014414A5D4 -- E:\Windows\system32\drivers\http.sys
[2009/07/13 21:48:04 | 000,014,416 | ---- | M] (Microsoft Corporation) MD5=F17766A19145F111856378DF337A5D79 -- E:\Windows\system32\drivers\hwpolicy.sys
[2009/07/13 19:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- E:\Windows\system32\drivers\i8042prt.sys
[2010/03/17 22:49:06 | 000,154,088 | ---- | M] (Intel Corporation) MD5=CE8EB53B5111042525620CA91A968447 -- E:\Windows\system32\drivers\iANSW60e.sys
[2009/07/13 21:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- E:\Windows\system32\drivers\iaStorV.sys
[2009/06/10 16:37:05 | 006,108,416 | ---- | M] (Intel Corporation) MD5=A87261EF1546325B559374F5689CF5BC -- E:\Windows\system32\drivers\igdkmd64.sys
[2009/07/13 21:48:04 | 000,044,112 | ---- | M] (Intel Corp./ICP vortex GmbH) MD5=5C18831C61933628F5BB0EA2675B9D21 -- E:\Windows\system32\drivers\iirsp.sys
[2010/02/26 11:32:12 | 000,158,976 | ---- | M] (Intel Corporation) MD5=DD587A55390ED2295BCE6D36AD567DA9 -- E:\Windows\system32\drivers\Impcd.sys
[2009/07/13 21:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) MD5=F00F20E70C6EC3AA366910083A0518AA -- E:\Windows\system32\drivers\intelide.sys
[2009/07/13 19:19:25 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=ADA036632C664CAA754079041CF1F8C1 -- E:\Windows\system32\drivers\intelppm.sys
[2009/11/16 02:27:44 | 000,046,792 | ---- | M] (Intel Corporation) MD5=4DC8ED5A6A5AFFDC68F9371032B5424B -- E:\Windows\system32\drivers\ioatdma.sys
[2009/07/13 20:10:04 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=722DD294DF62483CECAAE6E094B4D695 -- E:\Windows\system32\drivers\ipfltdrv.sys
[2009/07/13 19:47:45 | 000,078,848 | ---- | M] (Microsoft Corporation) MD5=E2B4A4494DB7CB9B89B55CA268C337C5 -- E:\Windows\system32\drivers\IPMIDrv.sys
[2009/07/13 20:10:03 | 000,116,224 | ---- | M] (Microsoft Corporation) MD5=AF9B39A7E7B6CAA203B3862582E9F2D0 -- E:\Windows\system32\drivers\ipnat.sys
[2010/03/23 18:47:26 | 000,034,472 | ---- | M] (Intel Corporation ) MD5=81B0C6C43AB4909395E66E9805ED20F2 -- E:\Windows\system32\drivers\iqvw64e.sys
[2009/07/13 20:09:02 | 000,120,320 | ---- | M] (Microsoft Corporation) MD5=05360B1EA5A2ABF620D1D96EBD8BD8F1 -- E:\Windows\system32\drivers\irda.sys
[2009/07/13 20:08:59 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=3ABF5E7213EB28966D55D58B515D5CE9 -- E:\Windows\system32\drivers\irenum.sys
[2009/07/13 21:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- E:\Windows\system32\drivers\isapnp.sys
[2009/06/10 22:50:06 | 000,060,416 | ---- | M] (ITE Tech. Inc. ) MD5=357F61A9F84D39DD7D9B4F783772BAF2 -- E:\Windows\system32\drivers\itecir.sys
[2009/07/13 21:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- E:\Windows\system32\drivers\kbdclass.sys
[2009/07/13 20:00:20 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=6DEF98F8541E1B5DCEB2C822A11F7323 -- E:\Windows\system32\drivers\kbdhid.sys
[2009/07/13 20:00:33 | 000,243,200 | ---- | M] (Microsoft Corporation) MD5=3E099CC843C4233E5AF147C8EA8BA32B -- E:\Windows\system32\drivers\ks.sys
[2012/06/02 01:38:26 | 000,095,088 | ---- | M] (Microsoft Corporation) MD5=4F4B5FDE429416877DE7143044582EB5 -- E:\Windows\system32\drivers\ksecdd.sys
[2012/06/02 01:38:24 | 000,152,432 | ---- | M] (Microsoft Corporation) MD5=6F40465A44ECDC1731BEFAFEC5BDD03C -- E:\Windows\system32\drivers\ksecpkg.sys
[2009/07/13 20:00:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=6869281E78CB31A43E969F06B57347C4 -- E:\Windows\system32\drivers\ksthunk.sys
[2009/07/13 20:08:51 | 000,060,928 | ---- | M] (Microsoft Corporation) MD5=1538831CF8AD2979A04C423779465827 -- E:\Windows\system32\drivers\lltdio.sys
[2009/07/13 21:48:04 | 000,114,752 | ---- | M] (LSI Corporation) MD5=1A93E54EB0ECE102495A51266DCDB6A6 -- E:\Windows\system32\drivers\lsi_fc.sys
[2009/07/13 21:48:04 | 000,106,560 | ---- | M] (LSI Corporation) MD5=1047184A9FDC8BDBFF857175875EE810 -- E:\Windows\system32\drivers\lsi_sas.sys
[2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) MD5=30F5C0DE1EE8B5BC9306C1F0E4A75F93 -- E:\Windows\system32\drivers\lsi_sas2.sys
[2009/07/13 21:48:04 | 000,115,776 | ---- | M] (LSI Corporation) MD5=0504EACAFF0D3C8AED161C4B0D369D4A -- E:\Windows\system32\drivers\lsi_scsi.sys
[2009/07/13 19:26:13 | 000,113,152 | ---- | M] (Microsoft Corporation) MD5=43D0F98E1D56CCDDB0D5254CFF7B356E -- E:\Windows\system32\drivers\luafv.sys
[2012/07/03 07:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) MD5=DC8490812A3B72811AE534F423B4C206 -- E:\Windows\system32\drivers\mbam.sys
[2009/07/13 20:01:06 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=3C9F072F9DCA856B9FB7A20CBD4281AC -- E:\Windows\system32\drivers\mcd.sys
[2009/07/13 21:48:04 | 000,035,392 | ---- | M] (LSI Corporation) MD5=A55805F747C6EDB6A9080D7C633BD0F4 -- E:\Windows\system32\drivers\megasas.sys
[2009/07/13 21:48:04 | 000,284,736 | ---- | M] (LSI Corporation, Inc.) MD5=BAF74CE0072480C3B6B7C13B2A94D6B3 -- E:\Windows\system32\drivers\MegaSR.sys
[2009/07/13 20:10:48 | 000,040,448 | ---- | M] (Microsoft Corporation) MD5=800BA92F7010378B09F9ED9270F07137 -- E:\Windows\system32\drivers\modem.sys
[2009/07/13 19:38:52 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=B03D591DC7DA45ECE20B3B467E6AADAA -- E:\Windows\system32\drivers\monitor.sys
[2009/07/13 21:48:27 | 000,049,216 | ---- | M] (Microsoft Corporation) MD5=7D27EA49F3C1F687D357E77A470AEA99 -- E:\Windows\system32\drivers\mouclass.sys
[2009/07/13 20:00:20 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D3BF052C40B0C4166D9FD86A4288C1E6 -- E:\Windows\system32\drivers\mouhid.sys
[2009/07/13 21:48:27 | 000,094,784 | ---- | M] (Microsoft Corporation) MD5=791AF66C4D0E7C90A3646066386FB571 -- E:\Windows\system32\drivers\mountmgr.sys
[2011/04/18 07:18:50 | 000,189,440 | ---- | M] (Microsoft Corporation) MD5=C177A7EBF5E8A0B596F618870516CAB8 -- E:\Windows\system32\drivers\MpFilter.sys
[2009/07/13 21:48:27 | 000,155,216 | ---- | M] (Microsoft Corporation) MD5=609D1D87649ECC19796F4D76D4C15CEA -- E:\Windows\system32\drivers\mpio.sys
[2011/04/18 07:18:50 | 000,040,832 | ---- | M] (Microsoft Corporation) MD5=8FBF6B31FE8AF1833D93C5913D5B4D55 -- E:\Windows\system32\drivers\MpNWMon.sys
[2009/07/13 20:08:25 | 000,077,312 | ---- | M] (Microsoft Corporation) MD5=6C38C9E45AE0EA2FA5E551F2ED5E978F -- E:\Windows\system32\drivers\mpsdrv.sys
[2009/07/13 19:23:57 | 000,140,800 | ---- | M] (Microsoft Corporation) MD5=30524261BB51D96D6FCBAC20C810183C -- E:\Windows\system32\drivers\mrxdav.sys
[2011/05/03 22:51:08 | 000,157,696 | ---- | M] (Microsoft Corporation) MD5=040D62A9D8AD28922632137ACDD984F2 -- E:\Windows\system32\drivers\mrxsmb.sys
[2011/07/08 22:44:55 | 000,287,744 | ---- | M] (Microsoft Corporation) MD5=F0067552F8F9B33D7C59403AB808A3CB -- E:\Windows\system32\drivers\mrxsmb10.sys
[2011/05/03 22:51:05 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3C142D31DE9F2F193218A53FE2632051 -- E:\Windows\system32\drivers\mrxsmb20.sys
[2009/07/13 21:48:27 | 000,030,272 | ---- | M] (Microsoft Corporation) MD5=5C37497276E3B3A5488B23A326A754B7 -- E:\Windows\system32\drivers\msahci.sys
[2009/07/13 21:48:27 | 000,140,352 | ---- | M] (Microsoft Corporation) MD5=8D27B597229AED79430FB9DB3BCBFBD0 -- E:\Windows\system32\drivers\msdsm.sys
[2009/07/13 19:19:47 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=AA3FB40E17CE1388FA1BEDAB50EA8F96 -- E:\Windows\system32\drivers\msfs.sys
[2009/07/13 20:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=F9D215A46A8B9753F61767FA72A20326 -- E:\Windows\system32\drivers\mshidkmdf.sys
[2009/07/13 21:48:27 | 000,015,424 | ---- | M] (Microsoft Corporation) MD5=D916874BBD4F8B07BFB7FA9B3CCAE29D -- E:\Windows\system32\drivers\msisadrv.sys
[2009/07/13 21:48:27 | 000,224,832 | ---- | M] (Microsoft Corporation) MD5=FA4D2557DE56D45B0A346F93564BE6E1 -- E:\Windows\system32\drivers\msiscsi.sys
[2009/07/13 20:00:18 | 000,011,136 | ---- | M] (Microsoft Corporation) MD5=49CCF2C4FEA34FFAD8B1B59D49439366 -- E:\Windows\system32\drivers\mskssrv.sys
[2009/07/13 20:00:17 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=BDD71ACE35A232104DDD349EE70E1AB3 -- E:\Windows\system32\drivers\mspclock.sys
[2009/07/13 20:00:17 | 000,006,784 | ---- | M] (Microsoft Corporation) MD5=4ED981241DB27C3383D72092B618A1D0 -- E:\Windows\system32\drivers\mspqm.sys
[2009/07/13 21:48:26 | 000,367,168 | ---- | M] (Microsoft Corporation) MD5=89CB141AA8616D8C6A4610FA26C60964 -- E:\Windows\system32\drivers\msrpc.sys
[2009/07/13 21:48:27 | 000,032,320 | ---- | M] (Microsoft Corporation) MD5=0EED230E37515A0EAEE3C2E1BC97B288 -- E:\Windows\system32\drivers\mssmbios.sys
[2009/07/13 20:00:17 | 000,008,064 | ---- | M] (Microsoft Corporation) MD5=2E66F9ECB30B4221A318C92AC2250779 -- E:\Windows\system32\drivers\mstee.sys
[2009/07/13 20:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=7EA404308934E675BFFDE8EDF0757BCD -- E:\Windows\system32\drivers\MTConfig.sys
[2009/07/13 21:48:27 | 000,060,496 | ---- | M] (Microsoft Corporation) MD5=F9A18612FD3526FE473C1BDA678D61C8 -- E:\Windows\system32\drivers\mup.sys
[2009/07/13 21:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- E:\Windows\system32\drivers\ndis.sys
[2009/07/13 20:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=9F9A1F53AAD7DA4D6FEF5BB73AB811AC -- E:\Windows\system32\drivers\ndiscap.sys
[2009/07/13 20:10:00 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=30639C932D9FEF22B31268FE25A1B6E5 -- E:\Windows\system32\drivers\ndistapi.sys
[2009/07/13 20:09:25 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=F105BA1E22BF1F2EE8F005D4305E4BEC -- E:\Windows\system32\drivers\ndisuio.sys
[2009/07/13 20:10:13 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=557DFAB9CA1FCB036AC77564C010DAD3 -- E:\Windows\system32\drivers\ndiswan.sys
[2009/07/13 20:10:05 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=659B74FB74B86228D6338D643CD3E3CF -- E:\Windows\system32\drivers\ndproxy.sys
[2009/07/13 20:09:26 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=86743D9F5D2B1048062B14B1D84501C4 -- E:\Windows\system32\drivers\netbios.sys
[2009/07/13 19:21:29 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=9162B273A44AB9DCE5B44362731D062A -- E:\Windows\system32\drivers\netbt.sys
[2010/04/09 07:06:09 | 000,374,664 | ---- | M] (Microsoft Corporation) MD5=02903EB9D9308541D032417ACDFB975C -- E:\Windows\system32\drivers\netio.sys
[2009/07/13 21:48:26 | 000,051,264 | ---- | M] (IBM Corporation) MD5=77889813BE4D166CDAB78DDBA990DA92 -- E:\Windows\system32\drivers\nfrd960.sys
[2011/04/27 09:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) MD5=5F7D72CBCDD025AF1F38FDEEE5646968 -- E:\Windows\system32\drivers\NisDrvWFP.sys
[2009/07/13 19:19:48 | 000,044,032 | ---- | M] (Microsoft Corporation) MD5=1E4C4AB5C9B8DD13179BBDC75A2A01F7 -- E:\Windows\system32\drivers\npfs.sys
[2009/07/13 19:21:02 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=E7F5AE18AF4168178A642A9247C63001 -- E:\Windows\system32\drivers\nsiproxy.sys
[2009/07/13 21:48:27 | 001,659,984 | ---- | M] (Microsoft Corporation) MD5=356698A13C4630D5B31C37378D469196 -- E:\Windows\system32\drivers\ntfs.sys
[2009/07/13 19:19:38 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=9899284589F75FA8724FF3D16AED75C1 -- E:\Windows\system32\drivers\null.sys
[2010/02/24 05:10:16 | 000,078,336 | ---- | M] (NEC Electronics Corporation) MD5=088CD71003F21F96F01C63955150A1FB -- E:\Windows\system32\drivers\nusb3hub.sys
[2010/04/26 21:30:52 | 000,184,968 | ---- | M] (Renesas Electronics Corporation) MD5=F6D625FF7B56BB6EA063F0D3A5BBC996 -- E:\Windows\system32\drivers\nusb3xhc.sys
[2009/07/13 21:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- E:\Windows\system32\drivers\nvraid.sys
[2008/08/24 15:23:08 | 000,028,192 | ---- | M] (NVIDIA Corporation) MD5=A3AC469AD99AC3FD63AFCCFC29A90FA9 -- E:\Windows\system32\drivers\nvsmu.sys
[2009/07/13 21:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- E:\Windows\system32\drivers\nvstor.sys
[2009/07/13 21:48:26 | 000,122,960 | ---- | M] (Microsoft Corporation) MD5=270D7CD42D6E3979F6DD0146650F0E05 -- E:\Windows\system32\drivers\NV_AGP.SYS
[2009/07/13 20:07:23 | 000,318,976 | ---- | M] (Microsoft Corporation) MD5=1EA3749C4114DB3E3161156FFFFA6B33 -- E:\Windows\system32\drivers\nwifi.sys
[2010/05/20 10:26:28 | 000,036,720 | ---- | M] (Microsoft Corporation) MD5=55218F924E55FD2786ED40EDF4ED79C3 -- E:\Windows\system32\drivers\nx6000.sys
[2009/07/13 20:06:45 | 000,072,832 | ---- | M] (Microsoft Corporation) MD5=3589478E4B22CE21B41FA1BFC0B8B8A0 -- E:\Windows\system32\drivers\ohci1394.sys
[2009/04/28 05:07:52 | 000,532,480 | ---- | M] (PixArt Imaging Inc.) MD5=0950875BC5F7348B263B2A3FC56CBA34 -- E:\Windows\system32\drivers\PAC7302.SYS
[2009/07/13 20:09:42 | 000,131,584 | ---- | M] (Microsoft Corporation) MD5=EE992183BD8EAEFD9973F352E587A299 -- E:\Windows\system32\drivers\pacer.sys
[2009/07/13 20:00:41 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=0086431C29C35BE1DBC43F52CC273887 -- E:\Windows\system32\drivers\parport.sys
[2012/03/17 03:55:58 | 000,075,632 | ---- | M] (Microsoft Corporation) MD5=90061B1ACFE8CCAA5345750FFE08D8B8 -- E:\Windows\system32\drivers\partmgr.sys
[2009/07/13 21:45:45 | 000,183,872 | ---- | M] (Microsoft Corporation) MD5=F36F6504009F2FB0DFD1B17A116AD74B -- E:\Windows\system32\drivers\pci.sys
[2009/07/13 21:45:45 | 000,012,352 | ---- | M] (Microsoft Corporation) MD5=B5B8B5EF2E5CB34DF8DCF8831E3534FA -- E:\Windows\system32\drivers\pciide.sys
[2009/07/13 21:45:46 | 000,048,720 | ---- | M] (Microsoft Corporation) MD5=144497DAA145BA0F7BE896064146C058 -- E:\Windows\system32\drivers\pciidex.sys
[2009/07/13 21:45:45 | 000,220,752 | ---- | M] (Microsoft Corporation) MD5=B2E81D4E87CE48589F98CB8C05B01F2F -- E:\Windows\system32\drivers\pcmcia.sys
[2009/07/13 21:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=D6B9C2E1A11A3A4B26A182FFEF18F603 -- E:\Windows\system32\drivers\pcw.sys
[2009/07/13 21:01:19 | 000,651,264 | ---- | M] (Microsoft Corporation) MD5=68769C3356B3BE5D1C732C97B9A80D6E -- E:\Windows\system32\drivers\PEAuth.sys
[2009/07/13 20:06:29 | 000,230,400 | ---- | M] (Microsoft Corporation) MD5=32E11315B5126921FFD9074840EF13D3 -- E:\Windows\system32\drivers\portcls.sys
[2009/07/13 19:19:25 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=0D922E23C041EFB1C3FAC2A6F943C9BF -- E:\Windows\system32\drivers\processr.sys
[2009/11/16 02:27:46 | 000,040,144 | ---- | M] (Intel Corporation) MD5=F5B9183A7F10E8E08BC33D2EABE73739 -- E:\Windows\system32\drivers\qd160x64.sys
[2009/11/16 01:45:22 | 000,040,144 | ---- | M] (Intel Corporation) MD5=E45575812630B049CE0F679D87561A4D -- E:\Windows\system32\drivers\qd162x64.sys
[2009/11/16 02:27:48 | 000,047,824 | ---- | M] (Intel Corporation) MD5=8B5B74CB8B26BDFF096708D5E463712E -- E:\Windows\system32\drivers\qd252x64.sys
[2009/11/16 02:27:48 | 000,041,168 | ---- | M] (Intel Corporation) MD5=501A619CAA9C40AFAC89F6F00F278682 -- E:\Windows\system32\drivers\qd260x64.sys
[2009/11/16 01:45:26 | 000,042,192 | ---- | M] (Intel Corporation) MD5=2C23820DD9E81199E60F553EB50BC449 -- E:\Windows\system32\drivers\qd262x64.sys
[2009/07/13 21:45:46 | 001,524,816 | ---- | M] (QLogic Corporation) MD5=A53A15A11EBFD21077463EE2C7AFEEF0 -- E:\Windows\system32\drivers\ql2300.sys
[2009/07/13 21:45:45 | 000,128,592 | ---- | M] (QLogic Corporation) MD5=4F6D12B51DE1AAEFF7DC58C4D75423C8 -- E:\Windows\system32\drivers\ql40xx.sys
[2009/07/13 20:09:48 | 000,046,592 | ---- | M] (Microsoft Corporation) MD5=76707BB36430888D9CE9D705398ADB6C -- E:\Windows\system32\drivers\qwavedrv.sys
[2009/07/13 20:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=5A0DA8AD5762FA2D91678A8A01311704 -- E:\Windows\system32\drivers\rasacd.sys
[2009/07/13 20:10:12 | 000,130,048 | ---- | M] (Microsoft Corporation) MD5=87A6E852A22991580D6D39ADC4790463 -- E:\Windows\system32\drivers\rasl2tp.sys
[2009/07/13 20:10:17 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=855C9B1CD4756C5E9A2AA58A15F58C25 -- E:\Windows\system32\drivers\raspppoe.sys
[2009/07/13 20:10:18 | 000,111,616 | ---- | M] (Microsoft Corporation) MD5=27CC19E81BA5E3403C48302127BDA717 -- E:\Windows\system32\drivers\raspptp.sys
[2009/07/13 20:10:25 | 000,083,968 | ---- | M] (Microsoft Corporation) MD5=E8B1E447B008D07FF47D016C2B0EEECB -- E:\Windows\system32\drivers\rassstp.sys
[2009/07/13 19:24:10 | 000,309,248 | ---- | M] (Microsoft Corporation) MD5=3BAC8142102C15D59A87757C1D41DCE5 -- E:\Windows\system32\drivers\rdbss.sys
[2009/07/13 20:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=302DA2A0539F2CF54D7C6CC30C1F2D8D -- E:\Windows\system32\drivers\rdpbus.sys
[2009/07/13 20:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=CEA6CC257FC9B7715F1C2B4849286D24 -- E:\Windows\system32\drivers\RDPCDD.sys
[2009/07/13 20:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BB5971A4F00659529A5C44831AF22365 -- E:\Windows\system32\drivers\RDPENCDD.sys
[2009/07/13 20:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=216F3FA57533D98E1F74DED70113177A -- E:\Windows\system32\drivers\RDPREFMP.sys
[2012/04/27 23:50:40 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=447DE7E3DEA39D422C1504F245B668B1 -- E:\Windows\system32\drivers\rdpwd.sys
[2009/07/13 21:45:46 | 000,214,096 | ---- | M] (Microsoft Corporation) MD5=634B9A2181D98F15941236886164EC8B -- E:\Windows\system32\drivers\rdyboost.sys
[2009/07/13 20:09:15 | 000,145,920 | ---- | M] (Microsoft Corporation) MD5=77B3B747EB2413072B8E4306018D0C9B -- E:\Windows\system32\drivers\rmcast.sys
[2009/07/13 20:09:48 | 000,041,472 | ---- | M] (Microsoft Corporation) MD5=FC6D5C50D846B795335DEB3FCE8B33F3 -- E:\Windows\system32\drivers\RNDISMP.sys
[2009/07/13 20:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=388D3DD1A6457280F3BADBA9F3ACD6B1 -- E:\Windows\system32\drivers\rootmdm.sys
[2009/07/13 20:08:51 | 000,076,800 | ---- | M] (Microsoft Corporation) MD5=DDC86E4F8E7456261E637E3552E804FF -- E:\Windows\system32\drivers\rspndr.sys
[2010/06/23 05:10:56 | 000,344,680 | ---- | M] (Realtek ) MD5=4B42BC58294E83A6A92EC8B88C14C4A3 -- E:\Windows\system32\drivers\Rt64win7.sys
[2010/07/08 09:18:38 | 000,694,888 | ---- | M] (Realtek Semiconductor Corporation ) MD5=4CE333AC701C4BD2E3EFF721C0DB2526 -- E:\Windows\system32\drivers\RTL8192su.sys
[2009/07/13 21:45:45 | 000,104,016 | ---- | M] (Microsoft Corporation) MD5=E3BBB89983DAF5622C1D50CF49F28227 -- E:\Windows\system32\drivers\sbp2port.sys
[2009/07/13 19:50:17 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=C94DA20C7E3BA1DCA269BC8460D98387 -- E:\Windows\system32\drivers\scfilter.sys
[2009/07/13 21:45:46 | 000,171,600 | ---- | M] (Microsoft Corporation) MD5=AD3A6838A059D65FB55D2F61CF0A6C1F -- E:\Windows\system32\drivers\scsiport.sys
[2009/06/10 16:37:19 | 000,023,040 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) MD5=3EA8A16169C26AFBEB544E0E48421186 -- E:\Windows\system32\drivers\secdrv.sys
[2009/07/13 20:00:33 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=CB624C0035412AF0DEBEC78C41F5CA1B -- E:\Windows\system32\drivers\serenum.sys
[2009/07/13 20:00:40 | 000,094,208 | ---- | M] (Microsoft Corporation) MD5=C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 -- E:\Windows\system32\drivers\serial.sys
[2009/07/13 20:00:20 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=1C545A7D0691CC4A027396535691C3E3 -- E:\Windows\system32\drivers\sermouse.sys
[2009/07/13 20:01:01 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=A554811BCD09279536440C964AE35BBF -- E:\Windows\system32\drivers\sffdisk.sys
[2009/07/13 20:01:03 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=FF414F0BAEFEBA59BC6C04B3DB0B87BF -- E:\Windows\system32\drivers\sffp_mmc.sys
[2009/10/09 23:17:02 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=178298F767FE638C9FEDCBDEF58BB5E4 -- E:\Windows\system32\drivers\sffp_sd.sys
[2009/07/13 20:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- E:\Windows\system32\drivers\sfloppy.sys
[2009/07/13 21:45:45 | 000,043,584 | ---- | M] (Silicon Integrated Systems Corp.) MD5=843CAF1E5FDE1FFD5FF768F23A51E2E1 -- E:\Windows\system32\drivers\sisraid2.sys
[2009/07/13 21:45:46 | 000,080,464 | ---- | M] (Silicon Integrated Systems) MD5=6A6C106D42E9FFFF8B9FCB4F754F6DA4 -- E:\Windows\system32\drivers\sisraid4.sys
[2009/07/13 20:09:09 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=548260A7B8654E024DC30BF8A7C5BAA4 -- E:\Windows\system32\drivers\smb.sys
[2009/07/13 20:00:35 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=A80348BA03E96C70852959655CA3E084 -- E:\Windows\system32\drivers\smclib.sys
[2009/07/13 21:45:55 | 000,019,008 | ---- | M] (Microsoft Corporation) MD5=B9E31E5CACDFE584F34F730A677803F9 -- E:\Windows\system32\drivers\spldr.sys
[2009/06/10 16:48:43 | 000,426,496 | ---- | M] (Microsoft Corporation) MD5=FFF95479C7AB1550F0750A5D01744211 -- E:\Windows\system32\drivers\spsys.sys
[2011/04/28 23:13:10 | 000,461,312 | ---- | M] (Microsoft Corporation) MD5=2408C0366D96BCDF63E8F1C78E4A29C5 -- E:\Windows\system32\drivers\srv.sys
[2011/04/28 23:12:54 | 000,399,872 | ---- | M] (Microsoft Corporation) MD5=76548F7B818881B47D8D1AE1BE9C11F8 -- E:\Windows\system32\drivers\srv2.sys
[2011/04/28 23:12:37 | 000,161,792 | ---- | M] (Microsoft Corporation) MD5=0AF6E19D39C70844C5CAA8FB0183C36E -- E:\Windows\system32\drivers\srvnet.sys
[2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) MD5=F3817967ED533D08327DC73BC4D5542A -- E:\Windows\system32\drivers\stexstor.sys
[2012/07/29 04:33:17 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) MD5=B9657A0AFF28C1CB114ACC0CB93EE4BB -- E:\Windows\system32\drivers\stflt.sys
[2009/07/13 21:45:55 | 000,185,936 | ---- | M] (Microsoft Corporation) MD5=141E6F0B54DA421B8DE146F5AD947760 -- E:\Windows\system32\drivers\storport.sys
[2009/07/13 20:06:18 | 000,068,864 | ---- | M] (Microsoft Corporation) MD5=001CC10FA5E71AE1119115E126C8750D -- E:\Windows\system32\drivers\stream.sys
[2009/07/13 21:45:55 | 000,012,496 | ---- | M] (Microsoft Corporation) MD5=D01EC09B6711A5F8E7E6564A4D0FBC90 -- E:\Windows\system32\drivers\swenum.sys
[2009/07/13 20:01:04 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=6E316C01CBA8B785FE495F5CC4F48C6F -- E:\Windows\system32\drivers\tape.sys
[2012/03/30 07:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- E:\Windows\system32\drivers\tcpip.sys
[2009/07/13 20:09:49 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=76D078AF6F587B162D50210F761EB9ED -- E:\Windows\system32\drivers\tcpipreg.sys
[2009/07/13 19:21:19 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=0CA6FE26ACC7FFEE1BD0463F40835F32 -- E:\Windows\system32\drivers\tdi.sys
[2009/07/13 20:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=3371D21011695B16333A3934340C4E7C -- E:\Windows\system32\drivers\tdpipe.sys
[2012/02/15 00:46:59 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=7518F7BCFD4B308ABC9192BACAF6C970 -- E:\Windows\system32\drivers\tdtcp.sys
[2009/07/13 19:21:15 | 000,099,840 | ---- | M] (Microsoft Corporation) MD5=079125C4B17B01FCAEEBCE0BCB290C0F -- E:\Windows\system32\drivers\tdx.sys
[2009/07/13 21:45:55 | 000,062,544 | ---- | M] (Microsoft Corporation) MD5=C448651339196C0E869A355171875522 -- E:\Windows\system32\drivers\termdd.sys
[2009/07/13 20:16:41 | 000,038,400 | ---- | M] (Microsoft Corporation) MD5=61B96C26131E37B24E93327A0BD1FB95 -- E:\Windows\system32\drivers\tssecsrv.sys
[2009/07/13 20:09:38 | 000,125,440 | ---- | M] (Microsoft Corporation) MD5=3836171A2CDF3AF8EF10856DB9835A70 -- E:\Windows\system32\drivers\tunnel.sys
[2009/07/13 21:45:55 | 000,064,080 | ---- | M] (Microsoft Corporation) MD5=B4DD609BD7E282BFC683CEC7EAAAAD67 -- E:\Windows\system32\drivers\UAGP35.SYS
[2009/07/13 19:23:37 | 000,327,168 | ---- | M] (Microsoft Corporation) MD5=D47BAEAD86C65D4F4069D7CE0A4EDCEB -- E:\Windows\system32\drivers\udfs.sys
[2009/07/13 21:45:55 | 000,064,592 | ---- | M] (Microsoft Corporation) MD5=4BFE1BC28391222894CBF1E7D0E42320 -- E:\Windows\system32\drivers\ULIAGPKX.SYS
[2009/07/13 20:06:56 | 000,048,640 | ---- | M] (Microsoft Corporation) MD5=EAB6C35E62B1B0DB0D1B48B671D3A117 -- E:\Windows\system32\drivers\umbus.sys
[2009/07/13 20:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=B2E8E8CB557B156DA5493BBDDCC1474D -- E:\Windows\system32\drivers\umpass.sys
[2009/07/13 20:09:49 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D0FE8CB5F84303E73FF0754437FAD3D1 -- E:\Windows\system32\drivers\usb8023.sys
[2011/02/18 11:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) MD5=54D4B48D443E7228BF64CF7CDC3118AC -- E:\Windows\system32\drivers\usbaapl64.sys
[2009/07/13 20:06:32 | 000,109,568 | ---- | M] (Microsoft Corporation) MD5=77B01BC848298223A95D4EC23E1785A1 -- E:\Windows\system32\drivers\USBAUDIO.sys
[2009/07/13 20:06:34 | 000,032,896 | ---- | M] (Microsoft Corporation) MD5=FAEC06C1D24E2770ECC4F7C37659824D -- E:\Windows\system32\drivers\USBCAMD2.sys
[2009/07/13 20:06:45 | 000,098,816 | ---- | M] (Microsoft Corporation) MD5=B26AFB54A534D634523C4FB66765B026 -- E:\Windows\system32\drivers\usbccgp.sys
[2009/07/13 20:06:37 | 000,100,352 | ---- | M] (Microsoft Corporation) MD5=AF0892A803FDDA7492F595368E3B68E7 -- E:\Windows\system32\drivers\usbcir.sys
[2009/07/13 20:06:23 | 000,007,936 | ---- | M] (Microsoft Corporation) MD5=63C8D74BED9F80F4DD0AA7A3101EB639 -- E:\Windows\system32\drivers\usbd.sys
[2009/07/13 20:06:30 | 000,051,200 | ---- | M] (Microsoft Corporation) MD5=2EA4AFF7BE7EB4632E3AA8595B0803B5 -- E:\Windows\system32\drivers\usbehci.sys
[2009/07/13 20:07:09 | 000,343,040 | ---- | M] (Microsoft Corporation) MD5=4C9042B8DF86C1E8E6240C218B99B39B -- E:\Windows\system32\drivers\usbhub.sys
[2009/07/13 20:06:30 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=58E546BBAF87664FC57E0F6081E4F609 -- E:\Windows\system32\drivers\usbohci.sys
[2009/07/13 20:06:31 | 000,324,608 | ---- | M] (Microsoft Corporation) MD5=A91291136D1E70966645252F6B828711 -- E:\Windows\system32\drivers\usbport.sys
[2009/07/13 20:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- E:\Windows\system32\drivers\usbprint.sys
[2009/07/13 20:35:14 | 000,031,744 | ---- | M] (Microsoft Corporation) MD5=8F0D9D2EA6CFED2730B5BAFB9B5B11C2 -- E:\Windows\system32\drivers\usbrpm.sys
[2009/07/13 20:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- E:\Windows\system32\drivers\usbscan.sys
[2009/07/13 20:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) MD5=0F0C72A657C622286013788B886968AD -- E:\Windows\system32\drivers\usbser.sys
[2008/05/02 05:58:50 | 000,008,704 | ---- | M] (Windows (R) Codename Longhorn DDK provider) MD5=F49988FBF59413B974B1380D6F743EBC -- E:\Windows\system32\drivers\usbser_lowerfltx64.sys
[2009/07/13 20:06:34 | 000,089,600 | ---- | M] (Microsoft Corporation) MD5=080D3820DA6C046BE82FC8B45A893E83 -- E:\Windows\system32\drivers\USBSTOR.SYS
[2009/07/13 20:06:27 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=81FB2216D3A60D1284455D511797DB3D -- E:\Windows\system32\drivers\usbuhci.sys
[2009/07/13 20:07:00 | 000,184,576 | ---- | M] (Microsoft Corporation) MD5=D501E12614B00A3252073101D6A1A74B -- E:\Windows\system32\drivers\usbvideo.sys
[2009/07/13 21:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) MD5=C5C876CCFC083FF3B128F933823E87BD -- E:\Windows\system32\drivers\vdrvroot.sys
[2009/07/13 19:38:47 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=53E92A310193CB3C03BEA963DE7D9CFC -- E:\Windows\system32\drivers\vga.sys
[2009/07/13 19:38:47 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=DA4DA3F5E02943C2DC8C6ED875DE68DD -- E:\Windows\system32\drivers\vgapnp.sys
[2009/07/13 21:45:55 | 000,217,680 | ---- | M] (Microsoft Corporation) MD5=C82E748660F62A242B2DFAC1442F22A4 -- E:\Windows\system32\drivers\vhdmp.sys
[2009/07/13 21:45:55 | 000,017,488 | ---- | M] (VIA Technologies, Inc.) MD5=E5689D93FFE4E5D66C0178761240DD54 -- E:\Windows\system32\drivers\viaide.sys
[2009/07/13 19:38:51 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=E7353D59C9842BC7299FAEB7E7E09340 -- E:\Windows\system32\drivers\videoprt.sys
[2009/07/13 21:45:55 | 000,071,760 | ---- | M] (Microsoft Corporation) MD5=2B1A3DAE2B4E70DBBA822B7A03FBD4A3 -- E:\Windows\system32\drivers\volmgr.sys
[2009/07/13 21:45:55 | 000,363,584 | ---- | M] (Microsoft Corporation) MD5=99B0CBB569CA79ACAED8C91461D765FB -- E:\Windows\system32\drivers\volmgrx.sys
[2009/07/13 21:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- E:\Windows\system32\drivers\volsnap.sys
[2009/07/13 21:45:55 | 000,161,872 | ---- | M] (VIA Technologies Inc.,Ltd) MD5=5E2016EA6EBACA03C04FEAC5F330D997 -- E:\Windows\system32\drivers\vsmraid.sys
[2009/07/13 20:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=36D4720B72B5C5D9CB2B9C29E9DF67A1 -- E:\Windows\system32\drivers\vwifibus.sys
[2009/07/13 20:07:22 | 000,059,904 | ---- | M] (Microsoft Corporation) MD5=6A3D66263414FF0D6FA754C646612F3F -- E:\Windows\system32\drivers\vwififlt.sys
[2009/07/13 20:07:28 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=6A638FC4BFDDC4D9B186C28C91BD1A01 -- E:\Windows\system32\drivers\vwifimp.sys
[2009/07/13 20:02:07 | 000,027,776 | ---- | M] (Microsoft Corporation) MD5=4E9440F4F152A7B944CB1663D3935A3E -- E:\Windows\system32\drivers\wacompen.sys
[2009/07/13 20:10:22 | 000,088,576 | ---- | M] (Microsoft Corporation) MD5=47CA49400643EFFD3F1C9A27E1D69324 -- E:\Windows\system32\drivers\wanarp.sys
[2009/07/13 19:37:35 | 000,042,496 | ---- | M] (Microsoft Corporation) MD5=FC438D1430B28618E2D0C7C332A710AD -- E:\Windows\system32\drivers\watchdog.sys
[2009/07/13 21:45:55 | 000,021,056 | ---- | M] (Microsoft Corporation) MD5=72889E16FF12BA0F235467D6091B17DC -- E:\Windows\system32\drivers\wd.sys
[2009/07/13 21:45:55 | 000,654,928 | ---- | M] (Microsoft Corporation) MD5=441BD2D7B4F98134C3A4F9FA570FD250 -- E:\Windows\system32\drivers\Wdf01000.sys
[2009/07/13 21:45:55 | 000,042,064 | ---- | M] (Microsoft Corporation) MD5=1B409454D7A00110FDB06F7E0F155A88 -- E:\Windows\system32\drivers\WdfLdr.sys
[2009/07/13 20:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=611B23304BF067451A9FDEE01FBDD725 -- E:\Windows\system32\drivers\wfplwf.sys
[2009/07/13 21:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) MD5=05ECAEC3E4529A7153B3136CEB49F0EC -- E:\Windows\system32\drivers\wimmount.sys
[2009/07/13 20:06:28 | 000,040,448 | ---- | M] (Microsoft Corporation) MD5=817EAFF5D38674EDD7713B9DFB8E9791 -- E:\Windows\system32\drivers\winusb.sys
[2009/07/13 19:31:02 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=F6FF8944478594D0E414D3F048F0D778 -- E:\Windows\system32\drivers\wmiacpi.sys
[2009/07/13 21:45:55 | 000,016,464 | ---- | M] (Microsoft Corporation) MD5=FC146F46872D4C5B529B89A5131FD1E6 -- E:\Windows\system32\drivers\wmilib.sys
[2009/07/13 20:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- E:\Windows\system32\drivers\ws2ifsl.sys
[2009/07/13 20:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) MD5=7CADC74271DD6461C452C271B30BD378 -- E:\Windows\system32\drivers\WUDFPf.sys
[2009/07/13 20:06:06 | 000,172,544 | ---- | M] (Microsoft Corporation) MD5=3B197AF0FFF08AA66B6B2241CA538D64 -- E:\Windows\system32\drivers\WUDFRd.sys

hazik · #14 Příspěvek od **hazik** » 30 črc 2012 11:01

< %systemroot%\system32\*.sys /md5 >
[2009/07/13 21:52:31 | 000,367,696 | ---- | M] (Microsoft Corporation) MD5=FE1EC06F2253F691FE36217C592A0206 -- E:\Windows\system32\clfs.sys
[2012/06/11 23:02:52 | 003,147,264 | ---- | M] (Microsoft Corporation) MD5=7FF70301AB5176FC3B72BD6C9B8BF888 -- E:\Windows\system32\win32k.sys

< %systemroot%\system32\*.dll /md5 >
[2009/07/13 21:39:59 | 000,158,208 | ---- | M] (Microsoft Corporation) MD5=53DC61A37D29AE8773E6B6F142F0A473 -- E:\Windows\system32\aaclient.dll
[2010/04/20 12:23:12 | 000,896,632 | ---- | M] (Intel(R) Corporation) MD5=3775C597CFBC665A8CD641EC5EC8A43D -- E:\Windows\system32\accesor.dll
[2009/07/13 21:40:00 | 003,745,792 | ---- | M] (Microsoft Corporation) MD5=EF19CFF37E0FF7023577636D0787DC2F -- E:\Windows\system32\accessibilitycpl.dll
[2009/07/13 21:24:45 | 000,039,424 | ---- | M] (Microsoft Corporation) MD5=540147995D966C87DD562F6EF67C7ED1 -- E:\Windows\system32\ACCTRES.dll
[2009/07/13 21:40:00 | 000,009,216 | ---- | M] (Microsoft Corporation) MD5=E86BCECC56871F3F49C65992E6B21D5D -- E:\Windows\system32\acledit.dll
[2009/07/13 21:40:00 | 000,154,112 | ---- | M] (Microsoft Corporation) MD5=489BFBBB3950AEFA5A40B7B8BFD76430 -- E:\Windows\system32\aclui.dll
[2009/07/13 21:40:00 | 000,053,248 | ---- | M] (Microsoft Corporation) MD5=4E73FBEF1C00A2BF8C81586D7ECE4954 -- E:\Windows\system32\acppage.dll
[2009/07/13 21:40:00 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=AEAFE966FB0BEF2F9153B7076BC79127 -- E:\Windows\system32\acproxy.dll
[2009/07/13 21:40:00 | 000,780,800 | ---- | M] (Microsoft Corporation) MD5=8BC00C736E67A75D936E5B440917359B -- E:\Windows\system32\ActionCenter.dll
[2009/07/13 21:40:00 | 000,549,888 | ---- | M] (Microsoft Corporation) MD5=1A15A74D61DC2EF37C5AB6325A14F35A -- E:\Windows\system32\ActionCenterCPL.dll
[2009/07/13 21:40:00 | 000,213,504 | ---- | M] (Microsoft Corporation) MD5=FBBE7596343457347D80383024A065BC -- E:\Windows\system32\ActionQueue.dll
[2009/07/13 21:40:00 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=011F0B067E47612F57C4ECE377D9C9DF -- E:\Windows\system32\activeds.dll
[2009/07/13 21:40:00 | 000,958,976 | ---- | M] (Microsoft Corporation) MD5=1E4BDDBD5A63059A97063339B4F8986F -- E:\Windows\system32\actxprxy.dll
[2012/02/14 18:09:01 | 000,114,176 | ---- | M] (Microsoft Corporation) MD5=141D3A9144344E5C37790F27EFE82683 -- E:\Windows\system32\admparse.dll
[2009/07/13 21:40:00 | 000,056,832 | ---- | M] (Microsoft Corporation) MD5=E60BBBB2A0BFBC8D09666A1A4010354A -- E:\Windows\system32\adprovider.dll
[2009/07/13 21:40:00 | 000,239,104 | ---- | M] (Microsoft Corporation) MD5=B079C2629E54EF8C82F3644CE6C9BFFC -- E:\Windows\system32\adsldp.dll
[2009/07/13 21:40:00 | 000,236,544 | ---- | M] (Microsoft Corporation) MD5=05F620B4B2E7DEB9409C0C6A4FEDD2A4 -- E:\Windows\system32\adsldpc.dll
[2009/07/13 21:40:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=F96836C818C39B9515FFDBE7C26D1CF1 -- E:\Windows\system32\adsmsext.dll
[2009/07/13 21:40:01 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=75DB69BA8484879885896C8570DF1424 -- E:\Windows\system32\adsnt.dll
[2009/07/13 21:24:51 | 000,680,448 | ---- | M] (Microsoft Corporation) MD5=588CD0C78A7FAAE4186B5EEA0AF3ED67 -- E:\Windows\system32\adtschema.dll
[2009/07/13 21:40:01 | 000,877,056 | ---- | M] (Microsoft Corporation) MD5=6DF46D2BD74E3DA1B45F08F10D172732 -- E:\Windows\system32\advapi32.dll
[2009/07/13 21:40:01 | 000,160,256 | ---- | M] (Microsoft Corporation) MD5=5FBD7BEC6CD3DCAA6A87A7F70CE8AF44 -- E:\Windows\system32\advpack.dll
[2009/07/13 21:40:01 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=E8534816AAE70F77330060EE2CD93580 -- E:\Windows\system32\aecache.dll
[2009/07/13 21:24:51 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=210FCACAF902B2CD47CF9FD17D846146 -- E:\Windows\system32\aeevts.dll
[2009/07/13 21:24:51 | 000,424,448 | ---- | M] (Microsoft Corporation) MD5=D71C579C7E3870EFCA2632DE1664C535 -- E:\Windows\system32\aeinv.dll
[2009/07/13 21:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) MD5=4B78B431F225FD8624C5655CB1DE7B61 -- E:\Windows\system32\aelupsvc.dll
[2009/07/13 21:40:01 | 000,408,576 | ---- | M] (Microsoft Corporation) MD5=5D8E98EB948C2F6E8FB0F64E457CFB87 -- E:\Windows\system32\aepdu.dll
[2009/07/13 21:40:01 | 000,059,904 | ---- | M] (Microsoft Corporation) MD5=1727B2A2F379A32B864C096FA794AADC -- E:\Windows\system32\aepic.dll
[2009/07/13 21:40:01 | 000,053,248 | ---- | M] (Microsoft Corporation) MD5=E7368F0A8D19445EAF5C5D0DBB8B8DAB -- E:\Windows\system32\AltTab.dll
[2010/05/27 12:20:50 | 000,054,272 | ---- | M] (Advanced Micro Devices, Inc. ) MD5=A2F7006B455967E15954B3B112BAE412 -- E:\Windows\system32\amdpcom64.dll
[2009/07/13 21:40:01 | 000,089,088 | ---- | M] (Microsoft Corporation) MD5=1E0660219A4B24138539604F3EBE9CEB -- E:\Windows\system32\amstream.dll
[2009/07/13 21:40:01 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=CEED75CB2F0DE5F40FE29A105900CD60 -- E:\Windows\system32\amxread.dll
[2009/07/13 21:40:01 | 002,134,528 | ---- | M] (Microsoft Corporation) MD5=86F1F949DD51FB5A044F1BD34CBE4AA8 -- E:\Windows\system32\apds.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) MD5=42287735B1E5FAC6EF2361DCC1650168 -- E:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) MD5=6DAC9B41D191399A8F748C0D373101E5 -- E:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) MD5=05D1EEDCFBE2B5F5C7B8FFEA57F688DA -- E:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) MD5=41F694186FFD5284A0F1914B60930ADC -- E:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) MD5=BC82458C89A366D919E5F8FF0437AD2A -- E:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) MD5=C74CAF6F912D5BAD297F2C0520B938D7 -- E:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
[2011/07/16 01:04:54 | 000,005,120 | -H-- | M] (Microsoft Corporation) MD5=587626BBB1EFA35587148AFD7CF102F3 -- E:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) MD5=0DC39E8EE69640A2161ED3F30BE3F656 -- E:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,584 | -H-- | M] (Microsoft Corporation) MD5=569D08588C91980E8E03E1CC7A9864F1 -- E:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) MD5=EDD0CE6F55389B178B61472A007FE61D -- E:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) MD5=C939D73BBCA27312C6837CA06BB304CE -- E:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,584 | -H-- | M] (Microsoft Corporation) MD5=F7A3FC7ED1B56695E1D2751FD1D3A4E0 -- E:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 01:04:54 | 000,004,096 | -H-- | M] (Microsoft Corporation) MD5=70AA9AF30DEA0853707643126FB14C23 -- E:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
[2011/07/16 01:04:54 | 000,004,096 | -H-- | M] (Microsoft Corporation) MD5=7E6B5F01E840E7EA1A8ECBDC9D0E571E -- E:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,584 | -H-- | M] (Microsoft Corporation) MD5=5EA5747E43893F806E3B72CEEA0AA604 -- E:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,584 | -H-- | M] (Microsoft Corporation) MD5=6820A6867EB6AB280567A53DEB2C93A8 -- E:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,584 | -H-- | M] (Microsoft Corporation) MD5=5987A95EC119B645BB1A872D2E0C152A -- E:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,584 | -H-- | M] (Microsoft Corporation) MD5=45BE97685E1BF2505CA8E3D6A0766F97 -- E:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/07/16 01:04:54 | 000,004,608 | -H-- | M] (Microsoft Corporation) MD5=CCA4E46252E79A9BB33B0B42C603FF0B -- E:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) MD5=F5A4C3D560B5375D9EB32554B537CB43 -- E:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,584 | -H-- | M] (Microsoft Corporation) MD5=6075DFF464A7AC45873AFA88C7F558BE -- E:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) MD5=4F0B7A28911E699E6EE4A94692034CCA -- E:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
[2011/07/16 01:04:54 | 000,004,096 | -H-- | M] (Microsoft Corporation) MD5=74CDCC7EF011A37B69237195A028D0A0 -- E:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
[2011/07/16 01:04:54 | 000,004,096 | -H-- | M] (Microsoft Corporation) MD5=9F68C594E8C75FE513672E6C97F438EC -- E:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/07/16 01:04:54 | 000,004,608 | -H-- | M] (Microsoft Corporation) MD5=2FB08D72875EAD8B4A11C2480265A0EC -- E:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
[2009/07/13 21:24:53 | 000,003,072 | -H-- | M] (Microsoft Corporation) MD5=B201E1F7C0D78794EB0555BAB00A396D -- E:\Windows\system32\api-ms-win-core-ums-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) MD5=4D6A96D633D914B1A7C7364175E543E6 -- E:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
[2011/07/16 01:04:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) MD5=7345C98D9AAAE9FEB18B29806E79A8C9 -- E:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
[2011/07/16 01:04:54 | 000,006,144 | -H-- | M] (Microsoft Corporation) MD5=35989A3088B51DCF0621DB65EE4F1735 -- E:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
[2009/07/13 21:24:53 | 000,003,584 | -H-- | M] (Microsoft Corporation) MD5=99C885A040571D5CC7B4497109BFFE6E -- E:\Windows\system32\api-ms-win-security-lsalookup-l1-1-0.dll
[2009/07/13 21:24:53 | 000,003,072 | -H-- | M] (Microsoft Corporation) MD5=F3B3E3370C767D623B35FEDC8FA4C3FB -- E:\Windows\system32\api-ms-win-security-sddl-l1-1-0.dll
[2009/07/13 21:24:53 | 000,002,560 | -H-- | M] (Microsoft Corporation) MD5=7FDFD0AF74C84A34A5EF289EB6044F32 -- E:\Windows\system32\api-ms-win-service-core-l1-1-0.dll
[2009/07/13 21:24:53 | 000,002,560 | -H-- | M] (Microsoft Corporation) MD5=B492E85A40741A77C5B5D438381F5474 -- E:\Windows\system32\api-ms-win-service-management-l1-1-0.dll
[2009/07/13 21:24:53 | 000,002,560 | -H-- | M] (Microsoft Corporation) MD5=F74D145F733EF4ACE3E1BF38EC4E4418 -- E:\Windows\system32\api-ms-win-service-management-l2-1-0.dll
[2009/07/13 21:24:53 | 000,003,584 | -H-- | M] (Microsoft Corporation) MD5=9E229D60DA2FAB875C6A6AA451E6D028 -- E:\Windows\system32\api-ms-win-service-winsvc-l1-1-0.dll
[2009/07/13 21:40:01 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=D0C58028F4D3A186203BA159588F620E -- E:\Windows\system32\apilogen.dll
[2009/07/13 21:40:01 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=0A71C76617E11B58976E2BA4033E636B -- E:\Windows\system32\apircl.dll
[2009/07/13 21:24:53 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=316663537A203220F15B9D426D5B44F8 -- E:\Windows\system32\apisetschema.dll
[2009/07/13 21:40:01 | 000,338,432 | ---- | M] (Microsoft Corporation) MD5=01A465AC251BCCF6037DF2EF28AA4292 -- E:\Windows\system32\apphelp.dll
[2009/07/13 21:40:01 | 000,033,792 | ---- | M] (Microsoft Corporation) MD5=E1B22739C933BE33F53DB58C5393ADD3 -- E:\Windows\system32\Apphlpdm.dll
[2009/07/13 21:40:01 | 000,058,368 | ---- | M] (Microsoft Corporation) MD5=03811310BA9F7360A22C6D9B4AEE21DA -- E:\Windows\system32\appidapi.dll
[2009/07/13 21:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) MD5=0BC381A15355A3982216F7172F545DE1 -- E:\Windows\system32\appidsvc.dll
[2009/07/13 21:40:01 | 000,070,144 | ---- | M] (Microsoft Corporation) MD5=D065BE66822847B7F127D1F90158376E -- E:\Windows\system32\appinfo.dll
[2009/07/13 21:40:01 | 000,243,200 | ---- | M] (Microsoft Corporation) MD5=A0BFC858B3A45CF9BFFFC3C8C08ED7FC -- E:\Windows\system32\apss.dll
[2009/07/13 21:24:54 | 000,002,048 | ---- | M] (Microsoft Corporation) MD5=1D1D8413045012A4BC5B7F4285C6D4D7 -- E:\Windows\system32\asferror.dll
[2010/03/05 03:52:51 | 000,084,992 | ---- | M] (Microsoft Corporation) MD5=229350359B08CB1C0F7BE4E80B42AC4C -- E:\Windows\system32\asycfilt.dll
[2010/05/27 12:26:00 | 000,335,872 | ---- | M] (Advanced Micro Devices, Inc.) MD5=311F85E7742867E50301B6273CD14057 -- E:\Windows\system32\atiadlxx.dll
[2010/05/27 12:41:06 | 000,039,936 | ---- | M] (Advanced Micro Devices Inc.) MD5=4BC27A509BDEBD3A9DA708E26F700667 -- E:\Windows\system32\aticalcl64.dll
[2010/05/27 12:40:58 | 005,264,896 | ---- | M] (Advanced Micro Devices Inc.) MD5=7438D51E8694C103080621C895403BB0 -- E:\Windows\system32\aticaldd64.dll
[2010/05/27 12:41:12 | 000,043,008 | ---- | M] (Advanced Micro Devices Inc.) MD5=A05C82694E5B24B5B41D789BED37005F -- E:\Windows\system32\aticalrt64.dll
[2010/05/27 13:02:04 | 000,592,384 | ---- | M] (ATI Technologies Inc. ) MD5=51CB0A099CECBCDD1600C625098053DE -- E:\Windows\system32\aticfx64.dll
[2010/05/27 13:00:20 | 000,446,464 | ---- | M] (Advanced Micro Devices, Inc.) MD5=BCAB34F9F175F97CCC86B4BB4C125CF0 -- E:\Windows\system32\ATIDEMGX.dll
[2010/05/27 12:46:52 | 004,294,656 | ---- | M] (ATI Technologies Inc. ) MD5=59382D9D55E347C999F1DEDFD031C1A5 -- E:\Windows\system32\atidxx64.dll
[2010/05/27 12:58:02 | 000,059,392 | ---- | M] (ATI Technologies, Inc.) MD5=B9FC2A5C86DC185DFCFCA834D93DCAFC -- E:\Windows\system32\atiedu64.dll
[2010/05/27 12:25:46 | 000,014,848 | ---- | M] (Advanced Micro Devices, Inc. ) MD5=F8513F8893C54CAB5D45A4573F8AD8B4 -- E:\Windows\system32\atig6pxx.dll
[2010/05/27 12:25:40 | 000,018,432 | ---- | M] (Advanced Micro Devices, Inc. ) MD5=385472130A9B31111D15727384E2BD8A -- E:\Windows\system32\atig6txx.dll
[2010/05/27 12:25:44 | 000,012,800 | ---- | M] (Advanced Micro Devices, Inc. ) MD5=F9BEDC8D921531706D6BE52A6F632322 -- E:\Windows\system32\atiglpxx.dll
[2010/05/27 12:20:50 | 000,054,272 | ---- | M] (Advanced Micro Devices, Inc. ) MD5=A2F7006B455967E15954B3B112BAE412 -- E:\Windows\system32\atimpc64.dll
[2010/05/27 12:58:06 | 000,012,288 | ---- | M] (AMD) MD5=14C7FCDB484A23590D044E1598E4A3C0 -- E:\Windows\system32\atimuixx.dll
[2010/05/27 13:25:54 | 019,901,952 | ---- | M] (Advanced Micro Devices, Inc.) MD5=F09C4E9DA8C50AA1FA68C988750D0D82 -- E:\Windows\system32\atio6axx.dll
[2010/05/27 12:58:24 | 000,421,376 | ---- | M] (ATI Technologies, Inc.) MD5=0664B7A5D3885DF657BCA3508693BE03 -- E:\Windows\system32\atipdl64.dll
[2010/05/27 12:58:42 | 000,120,320 | ---- | M] (AMD) MD5=CBE39D5DBD797CF85528A6E97D7CB0F6 -- E:\Windows\system32\atitmm64.dll
[2010/05/27 12:24:50 | 000,030,208 | ---- | M] (Advanced Micro Devices, Inc. ) MD5=882721F1850881DB323AC0EE819773DF -- E:\Windows\system32\atiu9p64.dll
[2010/05/27 12:32:06 | 004,917,248 | ---- | M] (ATI Technologies Inc. ) MD5=3A5758FA39D54C9D60BB5B31F45B6859 -- E:\Windows\system32\atiumd64.dll
[2010/05/27 12:37:08 | 002,752,512 | ---- | M] (Advanced Micro Devices, Inc. ) MD5=F01344975DCED0CD2687E09B7056D942 -- E:\Windows\system32\atiumd6a.dll
[2010/05/27 12:25:00 | 000,038,912 | ---- | M] (Advanced Micro Devices, Inc. ) MD5=D386E0813B391799AFDED9F7C736FBB0 -- E:\Windows\system32\atiuxp64.dll
[2009/07/13 21:40:03 | 000,090,624 | ---- | M] (Microsoft Corporation) MD5=58775492FFD419248B08325E583C527F -- E:\Windows\system32\atl.dll
[2011/02/19 00:13:39 | 000,367,104 | ---- | M] (Adobe Systems Incorporated) MD5=EFC5353E4F513DEF55ED7B7872363957 -- E:\Windows\system32\atmfd.dll
[2011/02/19 02:36:13 | 000,046,080 | ---- | M] (Adobe Systems) MD5=8BD25A34DA5E53AE115977DD1E15AB3C -- E:\Windows\system32\atmlib.dll
[2009/07/13 21:40:04 | 000,440,832 | ---- | M] (Microsoft Corporation) MD5=5EDBB34736DD7AC1A73CF8792A835E10 -- E:\Windows\system32\AudioEng.dll
[2009/07/13 21:41:53 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=C1395286B822E306B4FE1568A8A77813 -- E:\Windows\system32\AUDIOKSE.dll
[2009/07/13 21:40:04 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=81D64E8D70E5FBF9F7ABF2D41154F54D -- E:\Windows\system32\AudioSes.dll
[2009/07/13 21:40:04 | 000,676,864 | ---- | M] (Microsoft Corporation) MD5=07721A77180EDD4D39CCB865BF63C7FD -- E:\Windows\system32\audiosrv.dll
[2009/07/13 21:40:04 | 000,194,048 | ---- | M] (Microsoft Corporation) MD5=622C9B84DF69432C7D5ADFB22427AB49 -- E:\Windows\system32\auditcse.dll
[2009/07/13 21:40:04 | 000,491,520 | ---- | M] (Microsoft Corporation) MD5=55F1C5EFF3D81EE93B0691FFC610BCF2 -- E:\Windows\system32\authfwcfg.dll
[2009/07/13 21:40:04 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=11F174ED2050121C394C17B4F7B69983 -- E:\Windows\system32\AuthFWGP.dll
[2009/07/13 21:49:14 | 005,070,848 | ---- | M] (Microsoft Corporation) MD5=6E00E7BFD1EEE1118929F5276F7170D5 -- E:\Windows\system32\AuthFWSnapin.dll
[2009/07/13 21:54:33 | 000,126,976 | ---- | M] (Microsoft Corporation) MD5=AB7A05282ABD7595AFE77D8EB75BEB5C -- E:\Windows\system32\AuthFWWizFwk.dll
[2009/07/13 21:40:04 | 001,926,144 | ---- | M] (Microsoft Corporation) MD5=BCF0A980D21711E47D0803BDB0E99CAD -- E:\Windows\system32\authui.dll
[2009/10/30 10:01:18 | 000,025,928 | ---- | M] (TuneUp Software) MD5=08ED6B8B6F7F91D5A7C9A7017984146F -- E:\Windows\system32\authuitu.dll
[2009/07/13 21:40:04 | 000,177,664 | ---- | M] (Microsoft Corporation) MD5=7FBEBD2229EA5FD48D41B199EC2D541C -- E:\Windows\system32\authz.dll
[2009/07/13 21:40:04 | 000,155,136 | ---- | M] (Microsoft Corporation) MD5=1DF1AABA8FFE307CC6A969C089D64E24 -- E:\Windows\system32\autoplay.dll
[2009/07/13 21:40:04 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=0058A0A711759AD190A535F382820208 -- E:\Windows\system32\AuxiliaryDisplayApi.dll
[2009/07/13 21:40:04 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=350E87B7881905BE049874C22D667239 -- E:\Windows\system32\AuxiliaryDisplayClassInstaller.dll
[2009/07/13 21:40:05 | 000,726,528 | ---- | M] (Microsoft Corporation) MD5=27F885E759C46C7A30E0DE714284313D -- E:\Windows\system32\AuxiliaryDisplayCpl.dll
[2009/07/13 21:40:05 | 000,189,440 | ---- | M] (Microsoft Corporation) MD5=855526DD01B50E1A4453145E7F98BE33 -- E:\Windows\system32\AuxiliaryDisplayDriverLib.dll
[2009/07/13 21:40:05 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=24C3DB60058CFE73A53198CA708CF42A -- E:\Windows\system32\AuxiliaryDisplayServices.dll
[2009/07/13 21:40:05 | 000,076,800 | ---- | M] (Microsoft Corporation) MD5=4291F08D18E0EA6F51F883280F9C5C53 -- E:\Windows\system32\avicap32.dll
[2009/07/13 21:40:05 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=8C79A6DEB28FB35DB6EF1B616F8D15B8 -- E:\Windows\system32\avifil32.dll
[2009/07/13 21:40:05 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=78A1E65207484B7F8D3217507745F47C -- E:\Windows\system32\avrt.dll
[2009/07/13 21:40:05 | 000,114,688 | ---- | M] (Microsoft Corporation) MD5=B20B5FA5CA050E9926E4D1DB81501B32 -- E:\Windows\system32\AxInstSv.dll
[2009/07/13 21:40:05 | 000,892,928 | ---- | M] (Microsoft Corporation) MD5=53A79308909CBE4553BC31CE4A8D6A7B -- E:\Windows\system32\azroles.dll
[2009/07/13 21:40:05 | 000,472,064 | ---- | M] (Microsoft Corporation) MD5=A7DEA1C94594BD38BB730F0552A857EA -- E:\Windows\system32\azroleui.dll
[2009/07/13 21:40:05 | 000,031,744 | ---- | M] (Microsoft Corporation) MD5=878CB18B45FF7E7D7EADFC097541E19A -- E:\Windows\system32\AzSqlExt.dll
[2009/07/13 21:43:21 | 000,166,976 | ---- | M] (Microsoft Corporation) MD5=2637E0DD766B8671BD66D69627C306ED -- E:\Windows\system32\basecsp.dll
[2009/07/13 21:40:05 | 000,052,736 | ---- | M] (Microsoft Corporation) MD5=BA0CD8C393E8C9F83354106093832C7B -- E:\Windows\system32\basesrv.dll
[2009/07/13 21:40:05 | 000,748,032 | ---- | M] (Microsoft Corporation) MD5=86B6AC0FD2881B3D20B80F51C7152AE0 -- E:\Windows\system32\batmeter.dll
[2009/07/13 21:40:05 | 000,103,424 | ---- | M] (Microsoft Corporation) MD5=E8C2C855AADAEEA8CBB879246BFA7B9E -- E:\Windows\system32\batt.dll
[2009/07/13 21:40:05 | 000,077,824 | ---- | M] (Microsoft Corporation) MD5=64CED28B03E3FEBE45F333BBDFDF65AC -- E:\Windows\system32\bcdprov.dll
[2009/07/13 21:40:05 | 000,167,936 | ---- | M] (Microsoft Corporation) MD5=D735E3D2A1440CA86F8B7E122E7CA0C5 -- E:\Windows\system32\bcdsrv.dll
[2009/07/13 21:40:10 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=B9A95365E52F421A20E1501935FADDA5 -- E:\Windows\system32\bcrypt.dll
[2009/07/13 21:43:15 | 000,298,312 | ---- | M] (Microsoft Corporation) MD5=DA090E97E57DCB48888015B5D3C749CD -- E:\Windows\system32\bcryptprimitives.dll
[2009/07/13 21:40:10 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=797496B430129358EC0B1F7FA5B10CEF -- E:\Windows\system32\bderepair.dll
[2009/07/13 21:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) MD5=FDE360167101B4E45A96F939F388AEB0 -- E:\Windows\system32\bdesvc.dll
[2009/07/13 21:40:10 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=0A3DE1B5C14ADD5E9667B78704305F31 -- E:\Windows\system32\bdeui.dll
[2009/07/13 21:40:10 | 000,703,488 | ---- | M] (Microsoft Corporation) MD5=4992C609A6315671463E30F6512BC022 -- E:\Windows\system32\BFE.DLL
[2009/07/13 21:40:10 | 000,043,008 | ---- | M] (Microsoft Corporation) MD5=9FA56171C452530E2F51E3238B52140B -- E:\Windows\system32\bidispl.dll
[2009/07/13 21:40:10 | 000,504,320 | ---- | M] (Microsoft Corporation) MD5=A131C9DC14B5E386029A4FC1F70BCA7A -- E:\Windows\system32\biocpl.dll
[2009/07/13 21:40:11 | 000,190,976 | ---- | M] (Microsoft Corporation) MD5=BF352E73615F5461AA6884472435A544 -- E:\Windows\system32\BioCredProv.dll
[2009/07/13 21:40:11 | 000,056,832 | ---- | M] (Microsoft Corporation) MD5=D9431DCF90B0253773F51FDEFE7FD42F -- E:\Windows\system32\bitsigd.dll
[2009/07/13 21:40:11 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=4E75477E8BFA55C6F1F2688FB553F0C5 -- E:\Windows\system32\bitsperf.dll
[2009/07/13 21:40:11 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=DF2B70963BF48DC6ADF774894EF74C38 -- E:\Windows\system32\bitsprx2.dll
[2009/07/13 21:40:11 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=4927DF280CBD35B8C8C7B9FD80638643 -- E:\Windows\system32\bitsprx3.dll
[2009/07/13 21:40:11 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=E8A99821C0B3C6BD65BCD11FFB15AD8B -- E:\Windows\system32\bitsprx4.dll
[2009/07/13 21:40:11 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=A204A8659DA3C07F992C69CD972A288F -- E:\Windows\system32\bitsprx5.dll
[2009/07/13 21:40:11 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=E723812F8AB80BEDC616ACFD8630272F -- E:\Windows\system32\bitsprx6.dll
[2009/07/13 21:40:11 | 000,840,192 | ---- | M] (Microsoft Corporation) MD5=4F20D081F9C9B91730EE5CB84E9AC8C4 -- E:\Windows\system32\blackbox.dll
[2009/07/13 21:25:14 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=CEC84535F194FC00E6725036DA9B139F -- E:\Windows\system32\BlbEvents.dll
[2009/07/13 21:25:15 | 000,002,048 | ---- | M] (Microsoft Corporation) MD5=B1A2F28F05512534E6CE1102B5FC6819 -- E:\Windows\system32\blbres.dll
[2009/07/13 21:40:11 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=A5819E4A68612758D9E74EEB068B90E2 -- E:\Windows\system32\blb_ps.dll
[2009/07/13 21:52:21 | 002,217,552 | ---- | M] (Microsoft Corporation) MD5=B68007752A673E86AC4D41DF200C3742 -- E:\Windows\system32\bootres.dll
[2009/07/13 21:25:16 | 000,002,560 | ---- | M] (Microsoft Corporation) MD5=E998DE48FFBD5010064E82A7AF84FF05 -- E:\Windows\system32\bootstr.dll
[2009/07/13 21:52:21 | 000,023,120 | ---- | M] (Microsoft Corporation) MD5=B1DADC050C697C6371590389EDF89A95 -- E:\Windows\system32\BOOTVID.DLL
[2009/07/13 21:40:12 | 000,019,456 | ---- | M] (Brother Industries Ltd.) MD5=F02F93D5AEC524052E4A37C1BB7CCF31 -- E:\Windows\system32\brcoinst.dll
[2009/07/13 21:40:12 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=C3FFC0992B2D706976B5D4FEA1D01F05 -- E:\Windows\system32\brdgcfg.dll
[2009/07/13 21:25:16 | 000,002,048 | ---- | M] (Microsoft Corporation) MD5=2D066FBE63F7026C43C662C094B98076 -- E:\Windows\system32\bridgeres.dll
[2009/07/13 21:40:12 | 000,058,368 | ---- | M] (Microsoft Corporation) MD5=EEF4EB5806A9B18F23CF797D9B9ADA8A -- E:\Windows\system32\browcli.dll
[2009/07/13 21:40:13 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=94FBC06F294D58D02361918418F996E3 -- E:\Windows\system32\browser.dll
[2009/07/13 21:40:13 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=6D70E4A5ACDA29DC44C6A7269AF636B9 -- E:\Windows\system32\browseui.dll
[2009/07/13 21:40:13 | 000,042,496 | ---- | M] (Microsoft Corporation) MD5=31DF8B79EF2B1985FFBB113D7A03B0AA -- E:\Windows\system32\bthci.dll
[2009/07/13 21:40:13 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=C7C78D72C2238A0E7BD3231286B370EF -- E:\Windows\system32\BthMtpContextHandler.dll
[2009/07/13 21:40:13 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=D481EF5F7D1B10F19CAD42971D5AF3D5 -- E:\Windows\system32\bthpanapi.dll
[2009/07/13 21:40:13 | 000,093,696 | ---- | M] () MD5=7D00FF6A4315FDF4ACAFBB4EF157EA9F -- E:\Windows\system32\BthpanContextHandler.dll
[2009/07/13 21:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) MD5=95F9C2976059462CBBF227F7AAB10DE9 -- E:\Windows\system32\bthserv.dll
[2009/07/13 21:40:13 | 000,074,240 | ---- | M] (Microsoft Corporation) MD5=E560BA5436F608FD37401DFB0C7B9AB1 -- E:\Windows\system32\btpanui.dll
[2009/07/13 21:40:13 | 000,069,120 | ---- | M] () MD5=718B2F97951B3A5F2968E91DE7DE74E5 -- E:\Windows\system32\BWContextHandler.dll
[2009/07/13 21:40:13 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=877CEBE4D05207F89B742EB734B65795 -- E:\Windows\system32\BWUnpairElevated.dll
[2009/07/13 21:40:13 | 000,094,208 | ---- | M] (Microsoft Corporation) MD5=64E6A44177ACF348D68255A37F4723DA -- E:\Windows\system32\cabinet.dll
[2010/01/09 03:19:59 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=30ED95B657B3C72C0A2A95D2422CCA95 -- E:\Windows\system32\cabview.dll
[2009/07/13 21:40:13 | 000,053,760 | ---- | M] (Microsoft Corporation) MD5=78642F6CC183AEF3BCA2618444794D4B -- E:\Windows\system32\capiprovider.dll
[2009/07/13 21:40:13 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=A7D8A5179285D04E8E9B20777546FF23 -- E:\Windows\system32\capisp.dll
[2009/07/13 21:25:22 | 006,214,144 | ---- | M] (Microsoft Corporation) MD5=6794D9D442E31DC5E95BDF65F37E4386 -- E:\Windows\system32\CardGames.dll
[2009/07/13 21:40:13 | 000,472,576 | ---- | M] (Microsoft Corporation) MD5=4B841B69869FA1075479CF3D9A22B19B -- E:\Windows\system32\catsrv.dll
[2009/07/13 21:40:13 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=11FD12A2893CB05FFBCF2882019D1B11 -- E:\Windows\system32\catsrvps.dll
[2009/07/13 21:40:13 | 000,525,824 | ---- | M] (Microsoft Corporation) MD5=C2F327F7881DCD88F2EF926381B35E65 -- E:\Windows\system32\catsrvut.dll
[2009/07/13 21:40:13 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=EEB5EF4A6EB5101528DFA8BA35E60C6D -- E:\Windows\system32\cca.dll
[2011/08/17 04:00:06 | 000,166,912 | ---- | M] (Nokia) MD5=7EBFA82EBBE8CDDB6CEF9EF5435B8322 -- E:\Windows\system32\ccdcmbwux64.dll
[2012/02/14 18:08:01 | 000,144,384 | ---- | M] (Microsoft Corporation) MD5=100BDF2F89D6056CEE900BB6156DA737 -- E:\Windows\system32\cdd.dll
[2009/07/13 21:40:13 | 001,133,568 | ---- | M] (Microsoft Corporation) MD5=0A9F426702C22B07558293BFB35C6BD8 -- E:\Windows\system32\cdosys.dll
[2009/07/13 21:40:13 | 000,460,800 | ---- | M] (Microsoft Corporation) MD5=AAA6D0DF7356BBA706BD67385A103AAB -- E:\Windows\system32\certcli.dll
[2009/07/13 21:40:13 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=972C3301DB3DA91AE06A95F6B4160B1B -- E:\Windows\system32\certCredProvider.dll
[2009/07/13 21:40:13 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=C6153D48A68E373E6FBD07833281AB1F -- E:\Windows\system32\certenc.dll
[2009/09/03 03:36:39 | 001,975,296 | ---- | M] (Microsoft Corporation) MD5=522BD073F617060AFCB9CC5707778DB1 -- E:\Windows\system32\CertEnroll.dll
[2009/07/13 21:40:14 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=3758976D7A8658A4916F5EC2EA644C9C -- E:\Windows\system32\CertEnrollUI.dll
[2009/07/13 21:40:14 | 001,795,584 | ---- | M] (Microsoft Corporation) MD5=18F088617120CA5EE1A5BFF03E24AE63 -- E:\Windows\system32\certmgr.dll
[2009/07/13 21:40:15 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=DCCB0391C692E2AB64A11B9F195F3F9A -- E:\Windows\system32\CertPolEng.dll
[2009/07/13 21:40:15 | 000,080,384 | ---- | M] (Microsoft Corporation) MD5=312E2F82AF11E79906898AC3E3D58A1F -- E:\Windows\system32\certprop.dll
[2009/07/13 21:40:15 | 000,254,976 | ---- | M] (Microsoft Corporation) MD5=37E2331D379C26E312C984B706538F52 -- E:\Windows\system32\cewmdm.dll
[2009/07/13 21:40:15 | 000,057,344 | ---- | M] (Microsoft Corporation) MD5=2837668C8C607C8FB69112B4EC9C3810 -- E:\Windows\system32\cfgbkend.dll
[2009/07/13 21:40:15 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=D05E03C1B2824236531F5E37334B6A8A -- E:\Windows\system32\cfgmgr32.dll
[2009/07/13 21:40:15 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=D259257A3FFBB824EBF6C8F3BA730E30 -- E:\Windows\system32\chkwudrv.dll
[2009/07/13 21:41:14 | 001,675,776 | ---- | M] (Microsoft Corporation) MD5=A39138C1FEF0D5C401BF7FE8488A1F0F -- E:\Windows\system32\chsbrkr.dll
[2009/07/13 21:41:16 | 006,100,480 | ---- | M] (Microsoft Corporation) MD5=0C11E5C76C48B4AD33B91F6FEEAFF51F -- E:\Windows\system32\chtbrkr.dll
[2009/07/13 21:40:15 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=44752532C3E5830F64DBEEDD9F38A8B6 -- E:\Windows\system32\CHxReadingStringIME.dll
[2009/07/13 21:43:14 | 000,780,224 | ---- | M] (Microsoft Corporation) MD5=02F31439AF6499B530AC285C0863BB9E -- E:\Windows\system32\ci.dll
[2009/07/13 21:40:15 | 000,211,968 | ---- | M] (Microsoft Corporation) MD5=DEAFC2716EF0D6BC981F48D4B6B545F1 -- E:\Windows\system32\cic.dll
[2009/07/13 21:40:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=FC1B8162B5300F77B4F341B0AD21D8CE -- E:\Windows\system32\CIRCoInst.dll
[2009/07/13 21:40:15 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=A4898B7BCA283C7CA3170117FE1AF893 -- E:\Windows\system32\clb.dll
[2009/07/13 21:40:15 | 000,607,744 | ---- | M] (Microsoft Corporation) MD5=25983DE69B57142039AC8D95E71CD9C9 -- E:\Windows\system32\clbcatq.dll
[2009/07/13 21:40:15 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=39967D4FC7E1093CF865D54F8B872462 -- E:\Windows\system32\clfsw32.dll
[2009/07/13 21:40:15 | 000,102,400 | ---- | M] (Microsoft Corporation) MD5=7D0F68BCF5D00421C84070D643043590 -- E:\Windows\system32\cliconfg.dll
[2009/07/13 21:40:15 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=4EAE37133B78A26A84EA1649D9B21A1E -- E:\Windows\system32\clusapi.dll
[2009/07/13 21:40:16 | 000,037,376 | ---- | M] (Microsoft Corporation) MD5=F480B42B17D9016B14D9C51FCCC5B16F -- E:\Windows\system32\cmcfg32.dll
[2009/07/13 21:40:16 | 000,525,312 | ---- | M] (Microsoft Corporation) MD5=1B171886A27C476BC79076DD239E530D -- E:\Windows\system32\cmdial32.dll
[2009/07/13 21:40:16 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2AB2A4D42BDA631B4EE91AF777BF4ED3 -- E:\Windows\system32\cmicryptinstall.dll
[2009/07/13 21:40:16 | 000,080,384 | ---- | M] (Microsoft Corporation) MD5=19664DC25010A7DC2FAD6D7A9D1C907C -- E:\Windows\system32\cmifw.dll
[2009/07/13 21:40:16 | 000,472,064 | ---- | M] (Microsoft Corporation) MD5=041A6FA04FE0015BEB2B16C665720642 -- E:\Windows\system32\cmipnpinstall.dll
[2009/07/13 21:40:16 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=CAA639846EA794135629482CA375BB38 -- E:\Windows\system32\cmlua.dll
[2009/07/13 21:40:16 | 001,208,832 | ---- | M] (Microsoft Corporation) MD5=985F6FC3B1FC6095C7923D73194E38B1 -- E:\Windows\system32\cmncliM.dll
[2009/07/13 21:40:16 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=04478BAD421D21EDE6EBFBAFDDAEE32C -- E:\Windows\system32\cmpbk32.dll
[2009/07/13 21:40:16 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=23EB67901E2E8EA839ABB7C8EDA141AC -- E:\Windows\system32\cmstplua.dll
[2009/07/13 21:40:16 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=7971522CA1C08D7FFEB08B2CF809AE7C -- E:\Windows\system32\cmutil.dll
[2009/07/13 21:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- E:\Windows\system32\cngaudit.dll
[2009/07/13 21:40:20 | 000,057,344 | ---- | M] (Microsoft Corporation) MD5=4D56DBCDF4F2D774A60568DA6DACA043 -- E:\Windows\system32\cngprovider.dll
[2009/07/13 21:40:21 | 000,038,400 | ---- | M] (Microsoft Corporation) MD5=536DAC841B983DDC1539CF22A20E8F33 -- E:\Windows\system32\cnvfat.dll
[2009/07/13 21:40:22 | 000,032,256 | ---- | M] (Microsoft Corporation) MD5=0D9091C99F9ECFA349BDEAFB601703E9 -- E:\Windows\system32\cofiredm.dll
[2010/05/27 12:35:18 | 000,055,296 | ---- | M] (AMD) MD5=16E051B6A88DE55E91C961ADDD6B0A5E -- E:\Windows\system32\coinst.dll
[2007/11/02 06:07:28 | 000,008,704 | ---- | M] (PixArt Imaging Inc.) MD5=88F517005B6F74AC5AC02D32E0B38D8D -- E:\Windows\system32\CoInst_071029.dll
[2009/07/13 21:40:22 | 000,080,384 | ---- | M] (Microsoft Corporation) MD5=76E6D3FC5EBD05F4B038E9F333907AC9 -- E:\Windows\system32\colbact.dll
[2009/07/13 21:40:22 | 000,189,952 | ---- | M] (Microsoft Corporation) MD5=7923BCF4627A16BD14E34B81214F0603 -- E:\Windows\system32\COLORCNV.DLL
[2009/07/13 21:40:22 | 000,624,640 | ---- | M] (Microsoft Corporation) MD5=EFD29F3DB01755C2007B96B607F43C4D -- E:\Windows\system32\colorui.dll
[2009/07/13 21:40:22 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=929BAFC30AE90D2F38BED71EA355CBAE -- E:\Windows\system32\comcat.dll
[2010/08/21 02:31:06 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=BC052EFAD10ACA1AD69545B629F50D99 -- E:\Windows\system32\comctl32.dll
[2009/07/13 21:40:22 | 000,595,456 | ---- | M] (Microsoft Corporation) MD5=F94B8644F3AFE040EC6E1B6FBC9EFAA9 -- E:\Windows\system32\comdlg32.dll
[2009/07/13 21:40:22 | 000,302,080 | ---- | M] (Microsoft Corporation) MD5=CDA59C183B3DB8CF35380836ADD74AAD -- E:\Windows\system32\compstui.dll
[2009/07/13 21:40:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=73CDD5097F5DD96FBA94F3ABE8E36BDC -- E:\Windows\system32\comrepl.dll
[2009/07/13 21:26:07 | 001,297,408 | ---- | M] (Microsoft Corporation) MD5=1A47D52E303B7543E4E6026595B95422 -- E:\Windows\system32\comres.dll
[2009/07/13 21:40:22 | 000,303,616 | ---- | M] (Microsoft Corporation) MD5=7D4D9E3F5FE917D7FB975804107AD3EF -- E:\Windows\system32\comsnap.dll
[2009/07/13 21:40:23 | 001,735,680 | ---- | M] (Microsoft Corporation) MD5=F1C09EE3A594B19DD1F4B4AEA9E353C9 -- E:\Windows\system32\comsvcs.dll
[2009/07/13 21:40:23 | 000,897,024 | ---- | M] (Microsoft Corporation) MD5=E18049971A8F341F3DB6B339AEAF8D7C -- E:\Windows\system32\comuid.dll
[2009/07/13 21:40:23 | 001,393,152 | ---- | M] (Microsoft Corporation) MD5=ECE81C30343DC8A1FADA4BF1437F7ED1 -- E:\Windows\system32\connect.dll
[2009/07/13 21:40:23 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=6FA7EB1AF7B2275AF50C3A4DBB3EA2F3 -- E:\Windows\system32\console.dll
[2009/07/13 21:40:23 | 000,087,040 | ---- | M] (Microsoft Corporation) MD5=0E4AA88F3AE85E508B7C0BE22050096C -- E:\Windows\system32\correngine.dll
[2010/12/23 02:07:49 | 000,961,024 | ---- | M] (Microsoft Corporation) MD5=22402336BA13926CFC968B99F9FB29E9 -- E:\Windows\system32\CPFilters.dll
[2009/07/13 21:40:23 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=9301B8810B2DA4EB6AD55DB75FC1E339 -- E:\Windows\system32\credssp.dll
[2009/07/13 21:40:24 | 000,218,112 | ---- | M] (Microsoft Corporation) MD5=97D38371502AA797DB14EB1FA5FCE4CD -- E:\Windows\system32\credui.dll
[2012/04/24 01:59:45 | 001,460,224 | ---- | M] (Microsoft Corporation) MD5=B0B310037A3A9151735E9952D4395C76 -- E:\Windows\system32\crypt32.dll
[2009/07/13 21:40:24 | 000,044,032 | ---- | M] (Microsoft Corporation) MD5=784FA3DF338E2E8F5F0389D6FAC428AF -- E:\Windows\system32\cryptbase.dll
[2009/07/13 21:40:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=0C468376C80AEBF7BB6E19E118C88204 -- E:\Windows\system32\cryptdlg.dll
[2009/07/13 21:40:24 | 000,066,048 | ---- | M] (Microsoft Corporation) MD5=3A061472B38233BAFF9CFEFF2E49C46B -- E:\Windows\system32\cryptdll.dll
[2009/07/13 21:40:24 | 000,066,560 | ---- | M] (Microsoft Corporation) MD5=3759FF88437EE59B7A6EFB5764C120AB -- E:\Windows\system32\cryptext.dll
[2012/04/24 01:59:45 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=C6D332ED6A3BD6060C0F0F5A18C1A3C0 -- E:\Windows\system32\cryptnet.dll
[2009/07/13 21:40:24 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=D0C2FBB6D97416B0166478FC7AE2B212 -- E:\Windows\system32\cryptsp.dll
[2012/04/24 01:59:45 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=F02786B66375292E58C8777082D4396D -- E:\Windows\system32\cryptsvc.dll
[2009/07/13 21:40:24 | 001,065,984 | ---- | M] (Microsoft Corporation) MD5=DBA90306A721FB922FDACED9E9728C28 -- E:\Windows\system32\cryptui.dll
[2009/07/13 21:40:24 | 000,130,560 | ---- | M] (Microsoft Corporation) MD5=E991D12BD28C681945CB7C653DE399B7 -- E:\Windows\system32\cryptxml.dll
[2009/07/13 21:40:24 | 000,046,080 | ---- | M] (Microsoft Corporation) MD5=BFEBE1E4B301F44CEA7C1B4021BD0264 -- E:\Windows\system32\cscapi.dll
[2009/07/13 21:40:24 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=5B840D903BA3B8E066B47F1221786FD0 -- E:\Windows\system32\cscdll.dll
[2011/10/26 01:19:07 | 000,043,520 | ---- | M] (Microsoft Corporation) MD5=E730EADB8F176DB06A378435BEB2E823 -- E:\Windows\system32\csrsrv.dll
[2009/07/13 21:40:13 | 000,223,744 | ---- | M] (Microsoft Corporation) MD5=DF7634A2E9DE12B9436A0A7F02E4E813 -- E:\Windows\system32\C_G18030.DLL
[2009/07/13 21:40:13 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=4B86D5D7C5A655B22D6460DFC3DBB72F -- E:\Windows\system32\C_IS2022.DLL
[2009/07/13 21:40:13 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=6ACAD70C14EF2183AD74EE61B0BD8148 -- E:\Windows\system32\C_ISCII.DLL
[2012/03/03 02:29:41 | 000,902,656 | ---- | M] (Microsoft Corporation) MD5=7FA5CA36B613A000F3A37E6B5170A195 -- E:\Windows\system32\d2d1.dll
[2009/07/13 21:40:25 | 001,267,712 | ---- | M] (Microsoft Corporation) MD5=BD66ECA9479C688412DDDA9F2CCD2C69 -- E:\Windows\system32\d3d10.dll
[2009/07/13 21:40:25 | 000,280,576 | ---- | M] (Microsoft Corporation) MD5=B628DA8B548E6D11A35B86799714CB22 -- E:\Windows\system32\d3d10core.dll
[2009/07/13 21:40:25 | 000,573,952 | ---- | M] (Microsoft Corporation) MD5=1BE5452611346247CBF39EA4E98698DB -- E:\Windows\system32\d3d10level9.dll
[2012/03/03 02:29:42 | 001,837,568 | ---- | M] (Microsoft Corporation) MD5=0CCA9F023E7DC078D7CFBF024655AB7F -- E:\Windows\system32\d3d10warp.dll
[2012/03/03 02:29:42 | 000,197,120 | ---- | M] (Microsoft Corporation) MD5=58A0C212ED2ABE462B3A9626F5B96261 -- E:\Windows\system32\d3d10_1.dll
[2012/03/03 02:29:42 | 000,320,512 | ---- | M] (Microsoft Corporation) MD5=AFBBC34687FA48A4928B99AF097C1EC0 -- E:\Windows\system32\d3d10_1core.dll
[2009/07/13 21:40:25 | 000,787,968 | ---- | M] (Microsoft Corporation) MD5=C0F45B1A543024B40C13E523B44D97A6 -- E:\Windows\system32\d3d11.dll
[2009/07/13 21:40:25 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=3044D07ABDF4BBEA27E2EE7B1E0C0C65 -- E:\Windows\system32\d3d8thk.dll
[2009/07/13 21:40:25 | 002,065,920 | ---- | M] (Microsoft Corporation) MD5=318285F1590C4484E3253BA2B189D2DF -- E:\Windows\system32\d3d9.dll
[2007/03/12 11:42:30 | 001,400,176 | ---- | M] (Microsoft Corporation) MD5=3EBF620536A13CA343E52ECA4F0DE7F8 -- E:\Windows\system32\D3DCompiler_33.dll
[2007/05/16 11:45:16 | 001,401,200 | ---- | M] (Microsoft Corporation) MD5=9D9407F52B8E24E99358D9944B0D5FA3 -- E:\Windows\system32\D3DCompiler_34.dll
[2007/07/19 13:14:42 | 001,985,904 | ---- | M] (Microsoft Corporation) MD5=B21427EDF0449E92000FF497DAAF89C9 -- E:\Windows\system32\D3DCompiler_35.dll
[2007/10/12 10:14:00 | 002,006,552 | ---- | M] (Microsoft Corporation) MD5=7299DF5CF81135934740211D9A946737 -- E:\Windows\system32\D3DCompiler_36.dll
[2008/03/05 10:56:58 | 001,860,120 | ---- | M] (Microsoft Corporation) MD5=31026CEA5AFA2798292179102C06FE40 -- E:\Windows\system32\D3DCompiler_37.dll
[2008/05/30 09:11:46 | 001,941,528 | ---- | M] (Microsoft Corporation) MD5=A7E59BB6FAC119FABB83F18BD72AA1D7 -- E:\Windows\system32\D3DCompiler_38.dll
[2006/11/29 08:06:18 | 000,469,264 | ---- | M] (Microsoft Corporation) MD5=8251826F04BA0822D08AD9B92C65A3D5 -- E:\Windows\system32\d3dx10.dll
[2007/03/15 11:57:58 | 000,506,728 | ---- | M] (Microsoft Corporation) MD5=839C3921005BB41D441E3752C74F2292 -- E:\Windows\system32\d3dx10_33.dll
[2007/05/16 11:45:16 | 000,506,728 | ---- | M] (Microsoft Corporation) MD5=1ED4E7A82BD5C7DEED082F00E63BB7A0 -- E:\Windows\system32\d3dx10_34.dll
[2007/07/19 13:14:42 | 000,508,264 | ---- | M] (Microsoft Corporation) MD5=84116AA94672D623B95217648AE5B5B9 -- E:\Windows\system32\d3dx10_35.dll
[2007/10/02 04:56:30 | 000,508,264 | ---- | M] (Microsoft Corporation) MD5=570FDAE7041775DE0C67747BB7081939 -- E:\Windows\system32\d3dx10_36.dll
[2008/02/05 18:07:32 | 000,529,424 | ---- | M] (Microsoft Corporation) MD5=A8C5688BBA00C1630550F26260AB5CAE -- E:\Windows\system32\d3dx10_37.dll
[2008/05/30 09:11:46 | 000,540,688 | ---- | M] (Microsoft Corporation) MD5=72CB653CECF4EA670E7F5A8D74358423 -- E:\Windows\system32\d3dx10_38.dll
[2005/02/05 14:45:56 | 003,544,272 | ---- | M] (Microsoft Corporation) MD5=B165DF72E13E6AF74D47013504319921 -- E:\Windows\system32\d3dx9_24.dll
[2005/03/18 12:19:56 | 003,823,312 | ---- | M] (Microsoft Corporation) MD5=4C56E7C5B2A61353E534C7D15D05856D -- E:\Windows\system32\d3dx9_25.dll
[2005/05/26 10:34:58 | 003,767,504 | ---- | M] (Microsoft Corporation) MD5=44F5C5E27D6825E4E62420BC29B8B533 -- E:\Windows\system32\d3dx9_26.dll
[2005/07/22 14:59:08 | 003,807,440 | ---- | M] (Microsoft Corporation) MD5=914C3237E4D145A18DCD1D0D4C8659E1 -- E:\Windows\system32\d3dx9_27.dll
[2005/12/05 13:09:42 | 003,815,120 | ---- | M] (Microsoft Corporation) MD5=88BAC8306D4EC79A82B1FFA17DC8CF4A -- E:\Windows\system32\d3dx9_28.dll
[2006/02/03 03:43:28 | 003,830,992 | ---- | M] (Microsoft Corporation) MD5=68B35CBDB4A8CC424718BBCC894FEEEA -- E:\Windows\system32\d3dx9_29.dll
[2006/03/31 07:41:02 | 003,927,248 | ---- | M] (Microsoft Corporation) MD5=E09A9CF383ACF4A28038561E62277377 -- E:\Windows\system32\d3dx9_30.dll
[2006/09/28 11:05:36 | 003,977,496 | ---- | M] (Microsoft Corporation) MD5=FAAA0BB9CD2905B25334132E5BA093EB -- E:\Windows\system32\d3dx9_31.dll
[2006/11/29 08:06:18 | 004,398,360 | ---- | M] (Microsoft Corporation) MD5=A4DDFE5DC4E73D1FED9B1B3A3D885612 -- E:\Windows\system32\d3dx9_32.dll
[2007/03/12 11:42:30 | 004,494,184 | ---- | M] (Microsoft Corporation) MD5=3172C3CAC8EA7CA1B5D5AF6699C037D6 -- E:\Windows\system32\d3dx9_33.dll
[2007/05/16 11:45:16 | 004,496,232 | ---- | M] (Microsoft Corporation) MD5=AE5D5439525B4A4CBF206058D493685D -- E:\Windows\system32\d3dx9_34.dll
[2007/07/19 13:14:42 | 005,073,256 | ---- | M] (Microsoft Corporation) MD5=1B3AF16A27D390096925576202A64037 -- E:\Windows\system32\d3dx9_35.dll
[2007/10/12 10:14:00 | 005,081,608 | ---- | M] (Microsoft Corporation) MD5=BBB6C6833C30E323B41860D6DF61972D -- E:\Windows\system32\d3dx9_36.dll
[2008/03/05 10:56:58 | 004,910,088 | ---- | M] (Microsoft Corporation) MD5=8A10974DC6E1E42BDC635C2C2AFBD2CC -- E:\Windows\system32\D3DX9_37.dll
[2008/05/30 09:11:46 | 004,991,496 | ---- | M] (Microsoft Corporation) MD5=E5EC2AB7156A752F9614CDA4BE66EFE8 -- E:\Windows\system32\D3DX9_38.dll
[2009/07/13 21:40:25 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=A9C38C06318CBBDD07F54BA8D310E85C -- E:\Windows\system32\dataclen.dll
[2009/07/13 21:40:25 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=016544B452E6FDB54CD108D0248DB2B1 -- E:\Windows\system32\davclnt.dll
[2009/07/13 21:40:25 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=45B24A357C801CE62052FE0CDC8BD4D2 -- E:\Windows\system32\davhlpr.dll
[2009/07/13 21:40:25 | 003,384,320 | ---- | M] (Microsoft Corporation) MD5=782099ABB7EA73BB7FB8ED65671B0AEB -- E:\Windows\system32\dbgeng.dll
[2009/07/13 21:40:26 | 001,087,488 | ---- | M] (Microsoft Corporation) MD5=A74316B5C28D94AF0825267D8715549F -- E:\Windows\system32\dbghelp.dll
[2009/07/13 21:40:26 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=324054CA9C519F63E566D814FF4730BD -- E:\Windows\system32\dbnetlib.dll
[2009/07/13 21:40:26 | 000,040,960 | ---- | M] (Microsoft Corporation) MD5=F0D1BCF9A53023550B55042A713CDA40 -- E:\Windows\system32\dbnmpntw.dll
[2009/07/13 21:40:26 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=29C22748937F45C26590909E9F8E7137 -- E:\Windows\system32\dciman32.dll
[2009/07/13 21:40:27 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=A717414D6F1F452FB233E3143BE97E51 -- E:\Windows\system32\DDACLSys.dll
[2009/07/13 21:40:27 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=1F063D9FC84D1AC557C313EADD29ECA5 -- E:\Windows\system32\DDOIProxy.dll
[2009/07/13 21:40:27 | 006,281,216 | ---- | M] (Microsoft Corporation) MD5=BBF9112CB6F98BA498A59FFEEA177178 -- E:\Windows\system32\DDORes.dll
[2009/07/13 21:40:28 | 000,569,344 | ---- | M] (Microsoft Corporation) MD5=A6C09924C6730DE8DEED9890A12AA691 -- E:\Windows\system32\ddraw.dll
[2009/07/13 21:40:28 | 000,040,448 | ---- | M] (Microsoft Corporation) MD5=4938A4350327E1A5DEB0CD134AC1AAA3 -- E:\Windows\system32\ddrawex.dll
[2009/07/13 21:40:28 | 000,233,984 | ---- | M] (Microsoft Corporation) MD5=696656AF806C88A6D06F5FDD2B1FF73F -- E:\Windows\system32\defaultlocationcpl.dll
[2009/07/13 21:40:28 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=97B73CAED88D1D8021A8CA3F2605EF6A -- E:\Windows\system32\defragproxy.dll
[2009/07/13 21:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=3CEC7631A84943677AA8FA8EE5B6B43D -- E:\Windows\system32\defragsvc.dll
[2009/07/13 21:40:28 | 000,049,664 | ---- | M] (Microsoft Corporation) MD5=8201046D239094018FE48FEBA26CE404 -- E:\Windows\system32\deskadp.dll
[2009/07/13 21:40:28 | 000,048,128 | ---- | M] (Microsoft Corporation) MD5=49E135978F7F0C8D9CA50A48F49317A8 -- E:\Windows\system32\deskmon.dll
[2009/07/13 21:40:28 | 000,041,472 | ---- | M] (Microsoft Corporation) MD5=59546CC7A89096B1F3863748E8059CA1 -- E:\Windows\system32\deskperf.dll
[2009/07/13 21:40:28 | 000,075,776 | ---- | M] (Microsoft Corporation) MD5=46767946E7B559D981C1DC04EC0AB36F -- E:\Windows\system32\devenum.dll
[2009/07/13 21:40:28 | 000,508,928 | ---- | M] (Microsoft Corporation) MD5=DD76912E8D165C68659D9875256710A3 -- E:\Windows\system32\DeviceCenter.dll
[2009/07/13 21:40:28 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=75D320CF2DD6F609F11417E5DD1434FA -- E:\Windows\system32\DeviceDisplayStatusManager.dll
[2009/07/13 21:40:28 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=73BD8BD367EB25F7D58D2161D4FD5CF6 -- E:\Windows\system32\DeviceMetadataParsers.dll
[2009/07/13 21:40:28 | 000,189,952 | ---- | M] (Microsoft Corporation) MD5=098FD0016BC87F139C785B0AF53FD0F2 -- E:\Windows\system32\DevicePairing.dll
[2009/07/13 21:40:28 | 000,225,280 | ---- | M] (Microsoft Corporation) MD5=A61A76AEC21E2AB0E8BA43074135BD4B -- E:\Windows\system32\DevicePairingFolder.dll
[2009/07/13 21:40:28 | 000,087,552 | ---- | M] (Microsoft Corporation) MD5=162B529662C2103BD9D09826F5FDEDFB -- E:\Windows\system32\DevicePairingHandler.dll
[2009/07/13 21:40:28 | 000,058,368 | ---- | M] (Microsoft Corporation) MD5=432D65A611034DF22E83F29FC3303BAD -- E:\Windows\system32\DevicePairingProxy.dll
[2009/07/13 21:40:28 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=C94348369D0611BDD4F1453CF5308A0B -- E:\Windows\system32\DeviceUxRes.dll
[2009/07/13 21:40:28 | 000,528,896 | ---- | M] (Microsoft Corporation) MD5=1EB9CE09181421F2C5951164611170B9 -- E:\Windows\system32\devmgr.dll
[2009/07/13 21:40:28 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=06FEC9E8117103BB1141A560E98077DA -- E:\Windows\system32\devobj.dll
[2009/07/13 21:40:28 | 000,058,368 | ---- | M] (Microsoft Corporation) MD5=CD1B5AD07E5F7FEF30E055DCC9E96180 -- E:\Windows\system32\devrtl.dll
[2009/07/13 21:40:28 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=83F67A6655380C094171ABA786EC5D85 -- E:\Windows\system32\dfdts.dll
[2009/07/13 21:40:28 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1369DF1AA12A11876B41627099923EDB -- E:\Windows\system32\dfscli.dll
[2009/11/25 06:47:32 | 001,942,856 | ---- | M] (Microsoft Corporation) MD5=767EE8126468D91C5119F25714D78DAF -- E:\Windows\system32\dfshim.dll
[2009/07/13 21:40:28 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=F7528DCF8C177867F7277223BE174C45 -- E:\Windows\system32\DfsShlEx.dll
[2009/07/13 21:40:28 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=FA753FAB0B93E3427C1EB722E876501E -- E:\Windows\system32\dhcpcmonitor.dll
[2009/07/13 21:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=CE3B9562D997F69B330D181A8875960F -- E:\Windows\system32\dhcpcore.dll
[2009/07/13 21:40:28 | 000,224,256 | ---- | M] (Microsoft Corporation) MD5=71C7B65B6557B75B99907E76956AE4B8 -- E:\Windows\system32\dhcpcore6.dll
[2009/07/13 21:40:28 | 000,087,040 | ---- | M] (Microsoft Corporation) MD5=F568F7C08458D69E4FCD8675BBB107E4 -- E:\Windows\system32\dhcpcsvc.dll
[2009/07/13 21:40:28 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=4CBCC37856EA2039C27A2FB661DDA0E5 -- E:\Windows\system32\dhcpcsvc6.dll
[2009/07/13 21:40:28 | 000,101,888 | ---- | M] (Microsoft Corporation) MD5=CB06D9EDB2A0C225C25A3B33BEDF4DD7 -- E:\Windows\system32\DHCPQEC.DLL
[2009/07/13 21:40:28 | 000,114,688 | ---- | M] (Microsoft Corporation) MD5=0296032676B3E989D8ED5258A13D515D -- E:\Windows\system32\dhcpsapi.dll
[2009/07/13 21:40:30 | 001,202,176 | ---- | M] (Microsoft Corporation) MD5=EF642E6825015405E325105D215093FF -- E:\Windows\system32\DiagCpl.dll
[2009/07/13 21:40:30 | 001,338,880 | ---- | M] (Microsoft Corporation) MD5=D891293880F2F00AB7BA959910300EF7 -- E:\Windows\system32\diagperf.dll
[2009/07/13 21:40:30 | 000,504,320 | ---- | M] (Microsoft Corporation) MD5=F7CE0C81C545364020ED8203CF0A633E -- E:\Windows\system32\difxapi.dll
[2009/07/13 21:40:30 | 000,040,448 | ---- | M] (Microsoft Corporation) MD5=E629F1A051C82795DDFFD3E8D4855811 -- E:\Windows\system32\dimsjob.dll
[2009/07/13 21:40:31 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=441F645309C4B2783A37ADD1C37520B0 -- E:\Windows\system32\dimsroam.dll
[2009/07/13 21:40:31 | 000,173,056 | ---- | M] (Microsoft Corporation) MD5=B1BBD0E2C7E1B98509C709CFB69BF35C -- E:\Windows\system32\dinput.dll
[2009/07/13 21:40:31 | 000,195,584 | ---- | M] (Microsoft Corporation) MD5=6E42D6759EF29A36BA321823494CCB35 -- E:\Windows\system32\dinput8.dll
[2009/07/13 21:40:31 | 001,502,208 | ---- | M] (Microsoft Corporation) MD5=2812E2C5C2057C785A8A53F3D43B8341 -- E:\Windows\system32\diskcopy.dll
[2009/07/13 21:40:31 | 000,047,616 | ---- | M] (Microsoft Corporation) MD5=894611A2264EE383F14C67660CE1D0F2 -- E:\Windows\system32\dispci.dll
[2009/07/13 21:40:31 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B1B8EC06F52E5443C3F6DE1A67EF0930 -- E:\Windows\system32\dispex.dll
[2009/07/13 21:40:31 | 001,066,496 | ---- | M] (Microsoft Corporation) MD5=D382EEA3F67F9718B987E04B390F67C1 -- E:\Windows\system32\Display.dll
[2009/07/13 21:40:31 | 000,487,424 | ---- | M] (Microsoft Corporation) MD5=F5FDC620E193B2C2F1CF0052FF73CEE1 -- E:\Windows\system32\dmdlgs.dll
[2009/07/13 21:40:31 | 000,282,112 | ---- | M] (Microsoft Corporation) MD5=70A137944582484C504C553903E53B61 -- E:\Windows\system32\dmdskmgr.dll
[2009/07/13 21:26:30 | 000,372,224 | ---- | M] (Microsoft Corporation) MD5=E30993EE3879E5C37935E59081F581B0 -- E:\Windows\system32\dmdskres.dll
[2009/07/13 21:26:30 | 000,002,048 | ---- | M] (Microsoft Corporation) MD5=3E102498519596C6763B201EADC3F8F9 -- E:\Windows\system32\dmdskres2.dll
[2009/07/13 21:40:31 | 000,060,928 | ---- | M] (Microsoft Corporation) MD5=98C06BBA1948D2F7E13293D3B3A88530 -- E:\Windows\system32\dmintf.dll
[2009/07/13 21:40:31 | 000,047,616 | ---- | M] (Microsoft Corporation) MD5=65C10D265F07E5F3A3AF44902B225208 -- E:\Windows\system32\dmloader.dll
[2009/07/13 21:40:31 | 000,049,664 | ---- | M] (Microsoft Corporation) MD5=E174A933C46785AA3D65B34136735C11 -- E:\Windows\system32\dmocx.dll
[2009/07/13 21:40:31 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=8D88F7083A9195BCF8B04C88E275A978 -- E:\Windows\system32\dmrc.dll
[2009/07/13 21:40:31 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=FC222E93DC5FFE62B401B18A0BF93B43 -- E:\Windows\system32\dmsynth.dll
[2009/07/13 21:40:31 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=BD8D74C87F65EEA59BACE9E85DB7919D -- E:\Windows\system32\dmusic.dll
[2009/07/13 21:40:31 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=C69932BF8BA7D1B743762B89823F291C -- E:\Windows\system32\dmutil.dll
[2009/07/13 21:40:31 | 000,221,184 | ---- | M] (Microsoft Corporation) MD5=92D657C8CD85689E3F9623D6EFCB7CB0 -- E:\Windows\system32\dmvdsitf.dll
[2011/03/03 02:17:09 | 000,356,352 | ---- | M] (Microsoft Corporation) MD5=E247E7DEB20C0CF0801A8AC39E9CE1DF -- E:\Windows\system32\dnsapi.dll
[2009/07/13 21:40:31 | 000,118,272 | ---- | M] (Microsoft Corporation) MD5=9D0372D872553BA7F70CCC854E8CF7D7 -- E:\Windows\system32\dnscmmc.dll
[2009/07/13 21:40:31 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=885D0942E0F28DB90919BE3129ECF279 -- E:\Windows\system32\dnsext.dll
[2009/07/13 21:40:31 | 000,104,960 | ---- | M] (Microsoft Corporation) MD5=D898B9C3B9181D6B43E8C64D943BCD33 -- E:\Windows\system32\dnshc.dll
[2011/03/03 02:17:10 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=85CF424C74A1D5EC33533E1DBFF9920A -- E:\Windows\system32\dnsrslvr.dll
[2011/04/06 10:26:58 | 000,096,544 | ---- | M] (Apple Inc.) MD5=B6E476E0C1EBCCD2463C8F3C8A94E66F -- E:\Windows\system32\dnssd.dll
[2011/04/06 10:26:58 | 000,237,856 | ---- | M] (Apple Inc.) MD5=1EB9CC2F7846F84D0096BF85A01E565C -- E:\Windows\system32\dnssdX.dll
[2009/07/13 21:40:32 | 000,043,520 | ---- | M] (Microsoft Corporation) MD5=6B6EEA7D03CAE87A233DFFFE3FF32C18 -- E:\Windows\system32\docprop.dll
[2009/07/13 21:26:31 | 000,051,200 | ---- | M] (Microsoft Corporation) MD5=1E36A0591A5BCD7920489989DDDC39F1 -- E:\Windows\system32\DocumentPerformanceEvents.dll
[2009/07/13 21:40:32 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=BB68579E181956E37EB11F9083C01CF3 -- E:\Windows\system32\dot3api.dll
[2009/07/13 21:40:32 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=A8BC80D5BD5D32B29834335FB5831203 -- E:\Windows\system32\dot3cfg.dll
[2009/07/13 21:40:32 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=610A9F25C9589B90846B528B91F794D3 -- E:\Windows\system32\dot3dlg.dll
[2009/07/13 21:40:32 | 000,056,832 | ---- | M] (Microsoft Corporation) MD5=9A5399224270590ACD73C9FF0B11A34D -- E:\Windows\system32\dot3gpclnt.dll
[2009/07/13 21:40:32 | 000,280,064 | ---- | M] (Microsoft Corporation) MD5=56421D4D2BD7AB3BD7F7E1C7D2845F8D -- E:\Windows\system32\dot3gpui.dll
[2009/07/13 21:40:32 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=CC100D183BBEFF4491155E3A88DD586D -- E:\Windows\system32\dot3hc.dll
[2009/07/13 21:40:32 | 000,103,936 | ---- | M] (Microsoft Corporation) MD5=C36B43BB6C053F215FD83AA0A0E1F0C3 -- E:\Windows\system32\dot3msm.dll
[2009/07/13 21:40:32 | 000,252,416 | ---- | M] (Microsoft Corporation) MD5=14452ACDB09B70964C8C21BF80A13ACB -- E:\Windows\system32\dot3svc.dll
[2009/07/13 21:40:32 | 000,313,344 | ---- | M] (Microsoft Corporation) MD5=769BBD0FB3F32097791D0E97F9AA690F -- E:\Windows\system32\dot3ui.dll
[2009/07/13 21:40:32 | 000,052,736 | ---- | M] (Microsoft Corporation) MD5=4FA94A7278210893A45C738073D2BFD8 -- E:\Windows\system32\dpapiprovider.dll
[2009/07/13 21:26:31 | 000,002,560 | ---- | M] (Microsoft Corporation) MD5=3138417F62318AD9DA7F2FA4C690ADB0 -- E:\Windows\system32\dpnaddr.dll
[2009/07/13 21:40:32 | 000,068,608 | ---- | M] (Microsoft Corporation) MD5=1D51351C9C40B8D1C1A30A8E8182B641 -- E:\Windows\system32\dpnathlp.dll
[2009/07/13 21:40:32 | 000,478,208 | ---- | M] (Microsoft Corporation) MD5=9E775409F934CD034CCE211CD4C91FCD -- E:\Windows\system32\dpnet.dll
[2009/07/13 21:40:32 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=DD0D360634AADE7849ECEBBD6AA579EC -- E:\Windows\system32\dpnhpast.dll
[2009/07/13 21:40:32 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=B50E2C54DC6F02C53B82FC9481C6FE60 -- E:\Windows\system32\dpnhupnp.dll
[2009/07/13 21:26:31 | 000,003,072 | ---- | M] (Microsoft Corporation) MD5=C89C706744D15AEB8A5F27284EAF4EE5 -- E:\Windows\system32\dpnlobby.dll
[2009/07/13 21:40:32 | 000,162,816 | ---- | M] (Microsoft Corporation) MD5=8C2BA6BEA949EE6E68385F5692BAFB94 -- E:\Windows\system32\dps.dll
[2009/07/13 21:40:32 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=CFF2D779B7068D39FA444A3D54FAE6F9 -- E:\Windows\system32\dpx.dll
[2009/07/13 21:40:32 | 000,495,104 | ---- | M] (Microsoft Corporation) MD5=ED509853FD262BEB9707C896853B2C4E -- E:\Windows\system32\drmmgrtn.dll
[2009/07/13 21:40:33 | 001,200,640 | ---- | M] (Microsoft Corporation) MD5=2C1055E2C6D42753241FB2A129136994 -- E:\Windows\system32\drmv2clt.dll
[2009/07/13 21:40:33 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=5F639198C4137075DA50E61C23963C11 -- E:\Windows\system32\drprov.dll
[2009/07/13 21:40:33 | 000,293,888 | ---- | M] (Microsoft Corporation) MD5=C57BC99A4467B3E8F1CC2184A3F46729 -- E:\Windows\system32\drt.dll
[2009/07/13 21:40:33 | 000,068,608 | ---- | M] (Microsoft Corporation) MD5=C9BC2311E09D14747F0A726F8F2D6D33 -- E:\Windows\system32\drtprov.dll
[2009/07/13 21:40:33 | 000,053,248 | ---- | M] (Microsoft Corporation) MD5=2E7ADF9B0389CD94605717784D7E416A -- E:\Windows\system32\drttransport.dll
[2009/07/13 21:40:33 | 000,417,792 | ---- | M] (Microsoft Corporation) MD5=D578664432DBFB9312B1102F9B3A4A39 -- E:\Windows\system32\drvstore.dll
[2009/07/13 21:40:33 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=B4B5A843CD0224A28E4FE8C1A50A91C5 -- E:\Windows\system32\ds32gt.dll
[2009/07/13 21:40:33 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=3277606F8B5A0FA880D3F4580DB25573 -- E:\Windows\system32\dsauth.dll
[2009/07/13 21:40:33 | 000,193,536 | ---- | M] (Microsoft Corporation) MD5=361BCBDD2E1E39585CC7ED7FF433E958 -- E:\Windows\system32\dsdmo.dll
[2009/07/13 21:40:33 | 000,274,432 | ---- | M] () MD5=1138A273485D244F6E2434F8275EF7C1 -- E:\Windows\system32\DShowRdpFilter.dll
[2009/07/13 21:40:33 | 000,115,200 | ---- | M] (Microsoft Corporation) MD5=F1387F5674697F2D8EB6DE2266477860 -- E:\Windows\system32\dskquota.dll
[2009/07/13 21:40:33 | 000,239,616 | ---- | M] (Microsoft Corporation) MD5=2684E85D48276ACD974A4A3580813333 -- E:\Windows\system32\dskquoui.dll
[2009/07/13 21:40:33 | 000,540,672 | ---- | M] (Microsoft Corporation) MD5=9110FFAD124283F37D38771BB60556AF -- E:\Windows\system32\dsound.dll
[2009/07/13 21:40:33 | 000,190,976 | ---- | M] (Microsoft Corporation) MD5=E2B696759A8ECE454A3DEFE64D4F7A6B -- E:\Windows\system32\dsprop.dll
[2009/07/13 21:40:34 | 000,429,056 | ---- | M] (Microsoft Corporation) MD5=8C66E306FBD21E21E6246468DD9FA9A5 -- E:\Windows\system32\dsquery.dll
[2009/07/13 21:40:34 | 000,032,768 | ---- | M] (Microsoft Corporation) MD5=A77BE7CB3222B4FB0AC6C71D1C2698D4 -- E:\Windows\system32\dsrole.dll
[2009/07/13 21:40:34 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=FBD30F8878346CC2743FE11E46E48D50 -- E:\Windows\system32\dssec.dll
[2009/07/13 21:43:36 | 000,190,880 | ---- | M] (Microsoft Corporation) MD5=F11A57E91FDAECFB41A5CB21EB1EBC8E -- E:\Windows\system32\dssenh.dll
[2009/07/13 21:40:34 | 000,701,440 | ---- | M] (Microsoft Corporation) MD5=CFCD1926E8B007E0BD3D1936F445F7D3 -- E:\Windows\system32\dsuiext.dll
[2009/07/13 21:40:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=54EEEE4E2EA27EC6EC245F8FD7F4FD51 -- E:\Windows\system32\dswave.dll
[2009/07/13 21:40:34 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=BBDF608C1D964C6C4B8E8CF71059F09E -- E:\Windows\system32\dtsh.dll
[2009/07/13 21:40:34 | 000,976,896 | ---- | M] (Microsoft Corporation) MD5=3CB6A7286422C72C34DAB54A5DFF1A34 -- E:\Windows\system32\dui70.dll
[2009/07/13 21:40:34 | 000,260,608 | ---- | M] (Microsoft Corporation) MD5=8CCDE014A4CDF84564E03ACE064CA753 -- E:\Windows\system32\duser.dll
[2009/07/13 21:40:34 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=DA1B7075260F3872585BFCDD668C648B -- E:\Windows\system32\dwmapi.dll
[2009/07/13 21:40:34 | 001,634,304 | ---- | M] (Microsoft Corporation) MD5=9D8AB964CE511AF81207DF0E1205184C -- E:\Windows\system32\dwmcore.dll
[2009/07/13 21:40:34 | 000,128,512 | ---- | M] (Microsoft Corporation) MD5=EF184066A851E7838D5BF8C8FAE66CC4 -- E:\Windows\system32\dwmredir.dll
[2012/03/03 02:29:57 | 001,541,120 | ---- | M] (Microsoft Corporation) MD5=E9FD4DA5188391ECD30E6C29213EABF0 -- E:\Windows\system32\DWrite.dll
[2009/07/13 21:40:34 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=F7B5DB67838A4DB019957B2B9647663B -- E:\Windows\system32\dxdiagn.dll
[2009/07/13 21:40:34 | 000,658,432 | ---- | M] (Microsoft Corporation) MD5=D95DB5C915C001F78709C17285109BDC -- E:\Windows\system32\dxgi.dll
[2009/07/13 21:41:54 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=93BB70D3A281295C6879BBA02131714E -- E:\Windows\system32\dxmasf.dll
[2009/07/13 21:40:35 | 000,459,776 | ---- | M] (Microsoft Corporation) MD5=913C2E4A03201644FC986EDEB5F8A390 -- E:\Windows\system32\DXP.dll
[2009/07/13 21:40:35 | 000,040,448 | ---- | M] (Microsoft Corporation) MD5=5978B3AD725280A3763BEF6DFE3CFC29 -- E:\Windows\system32\dxpps.dll
[2009/07/13 21:40:35 | 000,675,328 | ---- | M] (Microsoft Corporation) MD5=A5B793BD617467158C91F6CE8A6BA1FD -- E:\Windows\system32\DXPTaskRingtone.dll
[2009/07/13 21:40:35 | 001,457,664 | ---- | M] (Microsoft Corporation) MD5=97127529173E249D7239BBECB745B21F -- E:\Windows\system32\DxpTaskSync.dll
[2012/02/14 18:09:01 | 000,452,608 | ---- | M] (Microsoft Corporation) MD5=D6A99F26E31C9F15D8D8CC42FFE6D16B -- E:\Windows\system32\dxtmsft.dll
[2012/02/14 18:09:01 | 000,282,112 | ---- | M] (Microsoft Corporation) MD5=A3287F8EB6182FB060C818524C7D6A63 -- E:\Windows\system32\dxtrans.dll
[2009/07/13 21:40:35 | 000,117,248 | ---- | M] (Microsoft Corporation) MD5=B2742EA6ED844D747E2348A504E491CB -- E:\Windows\system32\dxva2.dll
[2010/04/01 18:56:24 | 000,068,264 | ---- | M] (Intel Corporation) MD5=3E6E1DC8BDEFC3AC820C58FAF05CC959 -- E:\Windows\system32\e1kmsg.dll
[2009/07/13 21:40:35 | 000,348,160 | ---- | M] (Microsoft Corporation) MD5=BA14A20DB647DC38A3283BDC8D563041 -- E:\Windows\system32\eapp3hst.dll
[2009/07/13 21:40:35 | 000,263,680 | ---- | M] (Microsoft Corporation) MD5=0D753307D274F3688BD21C377B616700 -- E:\Windows\system32\eappcfg.dll
[2009/07/13 21:40:35 | 000,103,936 | ---- | M] (Microsoft Corporation) MD5=70B86061A549899ED739B96179AC05C8 -- E:\Windows\system32\eappgnui.dll
[2009/07/13 21:40:35 | 000,303,616 | ---- | M] (Microsoft Corporation) MD5=982F5395AD181179320083A4FA7E7CA8 -- E:\Windows\system32\eapphost.dll
[2009/07/13 21:40:35 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=65522E77A1360DBC8D199DA3BF5EFFE4 -- E:\Windows\system32\eappprxy.dll
[2009/07/13 21:40:35 | 000,091,648 | ---- | M] (Microsoft Corporation) MD5=B07F39F281A1A1DECD4B8E2F1BB46299 -- E:\Windows\system32\EAPQEC.DLL
[2009/07/13 21:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=E2DDA8726DA9CB5B2C4000C9018A9633 -- E:\Windows\system32\eapsvc.dll
[2009/07/13 21:40:35 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=A390CB325BED05DA64D1471E9949CAC5 -- E:\Windows\system32\efsadu.dll
[2009/07/13 21:40:35 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=1C540B6FCD8A6F772650660CFB03A06A -- E:\Windows\system32\efscore.dll
[2009/07/13 21:40:35 | 000,056,832 | ---- | M] (Microsoft Corporation) MD5=90BDEFC5DF334E5100EAA781D798DE1A -- E:\Windows\system32\efslsaext.dll
[2009/07/13 21:40:36 | 000,037,376 | ---- | M] (Microsoft Corporation) MD5=0C043B0ABBB5E14E68906AB80365395B -- E:\Windows\system32\efssvc.dll
[2009/07/13 21:40:36 | 000,034,816 | ---- | M] (Microsoft Corporation) MD5=58283053C781AD3A579C95D7765C1FA0 -- E:\Windows\system32\efsutil.dll
[2009/07/13 21:40:36 | 000,144,896 | ---- | M] (Microsoft Corporation) MD5=CFF03DCC74E5C80686FA8AA972CA4770 -- E:\Windows\system32\EhStorAPI.dll
[2009/07/13 21:40:36 | 000,111,616 | ---- | M] (Microsoft Corporation) MD5=7E131833B4EC6E4BA78F9B5CF9B7D758 -- E:\Windows\system32\EhStorPwdMgr.dll
[2009/07/13 21:40:36 | 000,203,264 | ---- | M] (Microsoft Corporation) MD5=024352FEEC9042260BB4CFB4D79A206B -- E:\Windows\system32\EhStorShell.dll
[2009/07/13 21:40:37 | 000,241,664 | ---- | M] (Microsoft Corporation) MD5=7AF5043FB8FEEF18144EA035CF88C0BF -- E:\Windows\system32\els.dll
[2009/07/13 21:40:37 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=76D86E65FF7D10292886A1F2DB93A911 -- E:\Windows\system32\ELSCore.dll
[2009/07/13 21:40:37 | 000,647,680 | ---- | M] (Microsoft Corporation) MD5=AEE087CF7423BA44CC2DE03CC565E399 -- E:\Windows\system32\elslad.dll
[2009/07/13 21:40:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=B526181E3F6B9F5136B6B7F776B7468B -- E:\Windows\system32\elsTrans.dll
[2009/07/13 21:40:37 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=A025F51C720F2820921C977C07C8D41A -- E:\Windows\system32\encapi.dll
[2011/10/15 02:25:12 | 000,723,456 | ---- | M] (Microsoft Corporation) MD5=19F3C0A5AD1C3577BD02F44F6AA5C0C2 -- E:\Windows\system32\EncDec.dll
[2009/07/13 21:40:37 | 000,283,648 | ---- | M] (Microsoft Corporation) MD5=4149557A3370D43E3E4A85FAA094F75C -- E:\Windows\system32\EncDump.dll

hazik · #15 Příspěvek od **hazik** » 30 črc 2012 11:02

[2009/07/13 21:40:37 | 000,290,304 | ---- | M] (Microsoft Corporation) MD5=AB70A52ACB2D9E1B38A4374629092EC7 -- E:\Windows\system32\energy.dll
[2009/07/13 21:40:50 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=FCDFDBFCB5F6810B431AF0E2E7BDF606 -- E:\Windows\system32\eqossnap.dll
[2009/07/13 21:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) MD5=4166F82BE4D24938977DD1746BE9B8A0 -- E:\Windows\system32\es.dll
[2009/07/13 21:40:50 | 002,565,120 | ---- | M] (Microsoft Corporation) MD5=FE130D15D71AC16EFFDF1397F2AF1653 -- E:\Windows\system32\esent.dll
[2009/07/13 21:40:50 | 000,039,424 | ---- | M] (Microsoft Corporation) MD5=BFCCB94CBCE9A3CE51F8F4B7E15EC7D7 -- E:\Windows\system32\esentprf.dll
[2009/07/13 21:40:50 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6F21BDCA64E8A581BEF9B4E80423282C -- E:\Windows\system32\eventcls.dll
[2009/07/13 21:40:51 | 000,630,272 | ---- | M] (Microsoft Corporation) MD5=0A94EE2C07C72C4E985F72259E9A178B -- E:\Windows\system32\evr.dll
[2012/02/14 18:08:00 | 001,863,680 | ---- | M] (Microsoft Corporation) MD5=1C27E145EC99F20BC1B13FD98165A83F -- E:\Windows\system32\ExplorerFrame.dll
[2009/07/13 21:27:14 | 000,034,816 | ---- | M] (Microsoft Corporation) MD5=708A973C80D3DCCE1AD7278BD3E08601 -- E:\Windows\system32\f3ahvoas.dll
[2009/07/13 21:40:51 | 000,355,328 | ---- | M] (Microsoft Corporation) MD5=D5B2C48EC3CDD4154AD7865CB7329964 -- E:\Windows\system32\Faultrep.dll
[2009/07/13 21:40:52 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=21BA4C7EB740C697451EF0941DDD2F5F -- E:\Windows\system32\fdBth.dll
[2009/07/13 21:40:52 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=88184F8A73567717D8BC8BD777E8CA9B -- E:\Windows\system32\fdBthProxy.dll
[2009/07/13 21:40:52 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=38833EF16C2F26B15B30471882204172 -- E:\Windows\system32\fde.dll
[2009/07/13 21:40:52 | 000,071,168 | ---- | M] (Microsoft Corporation) MD5=218714837A6D4DD90596D259D4655B7D -- E:\Windows\system32\fdeploy.dll
[2009/07/13 21:40:52 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=0438CAB2E03F4FB61455A7956026FE86 -- E:\Windows\system32\fdPHost.dll
[2009/07/13 21:40:52 | 000,051,200 | ---- | M] (Microsoft Corporation) MD5=4581716B4BF76ACFD8E167EB0B26D82A -- E:\Windows\system32\fdPnp.dll
[2009/07/13 21:40:52 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=EEAAA8F44C7DAD4D1131B0705BEC6FD4 -- E:\Windows\system32\fdprint.dll
[2009/07/13 21:40:52 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=DB8BF64BE3932ADC407505D21C4F2C2C -- E:\Windows\system32\fdProxy.dll
[2009/07/13 21:40:52 | 000,034,816 | ---- | M] (Microsoft Corporation) MD5=802496CB59A30349F9A6DD22D6947644 -- E:\Windows\system32\FDResPub.dll
[2009/07/13 21:40:52 | 000,093,696 | ---- | M] (Microsoft Corporation) MD5=A2E5B2D20954210DCE1A75A1FC8CC36D -- E:\Windows\system32\fdSSDP.dll
[2009/07/13 21:40:52 | 000,101,376 | ---- | M] (Microsoft Corporation) MD5=E8F451D61B2CBE5922A873B340C1A522 -- E:\Windows\system32\fdWCN.dll
[2009/07/13 21:40:52 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=9AA9732CDC2887D5CCD8CB338DC66742 -- E:\Windows\system32\fdWNet.dll
[2009/07/13 21:40:52 | 000,132,096 | ---- | M] (Microsoft Corporation) MD5=171D7DB433314A868507C4326E8209DC -- E:\Windows\system32\fdWSD.dll
[2009/07/13 21:40:52 | 000,051,712 | ---- | M] (Microsoft Corporation) MD5=137032720108BFE1A50134E0024D06B9 -- E:\Windows\system32\feclient.dll
[2009/07/13 21:40:53 | 000,582,656 | ---- | M] (Microsoft Corporation) MD5=DE038C40F3033EDA732655FA42DCBD18 -- E:\Windows\system32\filemgmt.dll
[2009/07/13 21:40:53 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=9737B70878B14A0A801E5FD410FE0D88 -- E:\Windows\system32\findnetprinters.dll
[2009/07/13 21:40:53 | 000,748,032 | ---- | M] (Microsoft Corporation) MD5=9AD9E06F8656F296D91FAE8EE5B95A27 -- E:\Windows\system32\FirewallAPI.dll
[2009/07/13 21:40:54 | 000,934,912 | ---- | M] (Microsoft Corporation) MD5=0D2470E6B696847A928AB24DD09A7B77 -- E:\Windows\system32\FirewallControlPanel.dll
[2009/07/13 21:40:54 | 000,019,456 | ---- | M] (Microsoft Corporation) MD5=F3D202F53A222D5F6944D459B73CF967 -- E:\Windows\system32\fltLib.dll
[2009/07/13 21:40:54 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=491DA8248209835532DAABF18B0215DA -- E:\Windows\system32\fmifs.dll
[2009/07/13 21:40:54 | 000,116,224 | ---- | M] (Windows (R) Codename Longhorn DDK provider) MD5=069C456FDACC17E7572C5D4F72BDB751 -- E:\Windows\system32\fms.dll
[2012/02/14 18:08:00 | 001,133,568 | ---- | M] (Microsoft Corporation) MD5=BC00505CFDA789ED3BE95D2FF38C4875 -- E:\Windows\system32\FntCache.dll
[2009/07/13 21:40:54 | 000,861,184 | ---- | M] (Microsoft Corporation) MD5=F79C25C3DD476236AED39477996174C1 -- E:\Windows\system32\fontext.dll
[2009/10/19 10:46:07 | 000,100,864 | ---- | M] (Microsoft Corporation) MD5=C542FB06AD6FFE57328E300B8701D99F -- E:\Windows\system32\fontsub.dll
[2009/07/13 21:40:54 | 000,120,832 | ---- | M] (Microsoft Corporation) MD5=28731BE4EA02995EA4EDADFB3CB7618D -- E:\Windows\system32\fphc.dll
[2009/07/13 19:38:47 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=E30B04A8FE665C52162D70233ABEA9A3 -- E:\Windows\system32\framebuf.dll
[2009/07/13 21:40:54 | 000,280,064 | ---- | M] (Microsoft Corporation) MD5=5DC249401FA6333390D501713F739C9B -- E:\Windows\system32\framedyn.dll
[2009/07/13 21:40:54 | 000,295,424 | ---- | M] (Microsoft Corporation) MD5=5D89D063A4CB036C258685C8E057E768 -- E:\Windows\system32\framedynos.dll
[2011/10/22 07:21:42 | 000,071,680 | ---- | M] (Beepa P/L) MD5=EFA3112387DB013368E7E24FEE70A1C7 -- E:\Windows\system32\frapsv64.dll
[2009/07/13 21:40:55 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=EDF4DEC1041EEAF78A0B1E16C1BB4CC4 -- E:\Windows\system32\fthsvc.dll
[2009/07/13 21:40:55 | 000,194,560 | ---- | M] (Microsoft Corporation) MD5=B5055B51BAA0FD0A736A88653DA3C1C0 -- E:\Windows\system32\fundisc.dll
[2009/07/13 21:43:15 | 000,344,776 | ---- | M] (Microsoft Corporation) MD5=1B38A0F123FCF1546FACEAF1EFAFAA00 -- E:\Windows\system32\fveapi.dll
[2009/07/13 21:40:55 | 000,113,152 | ---- | M] (Microsoft Corporation) MD5=DD13F0F927BA6002CA68E73A8E91ED09 -- E:\Windows\system32\fveapibase.dll
[2009/07/13 21:40:55 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=891ECFD08E2C538B7948CBC45106D697 -- E:\Windows\system32\fvecerts.dll
[2009/07/13 21:40:55 | 000,189,440 | ---- | M] (Microsoft Corporation) MD5=0EF3FAC19D7E7FCD956457BB21C1BB60 -- E:\Windows\system32\fveRecover.dll
[2009/07/13 21:40:55 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=506A83A3BEEE9FCA09F0170DE9FC7D1B -- E:\Windows\system32\fveui.dll
[2009/07/13 21:40:55 | 000,111,616 | ---- | M] (Microsoft Corporation) MD5=EFFA3C1731775272F074F3FF257020FC -- E:\Windows\system32\fwcfg.dll
[2009/07/13 21:40:55 | 000,324,096 | ---- | M] (Microsoft Corporation) MD5=0040C486584A8E582C861CFB57AB5387 -- E:\Windows\system32\FWPUCLNT.DLL
[2009/07/13 21:40:55 | 000,075,776 | ---- | M] (Microsoft Corporation) MD5=9BC93C9ACFA34DB5A41B89357B31E4ED -- E:\Windows\system32\FwRemoteSvr.dll
[2009/07/13 21:40:55 | 000,623,104 | ---- | M] (Microsoft Corporation) MD5=34E6D8C67E7FD7C917BECFECA326B168 -- E:\Windows\system32\FXSAPI.dll
[2009/07/13 21:40:55 | 000,088,064 | ---- | M] (Microsoft Corporation) MD5=E9E98D6DB0C60539B5A21CD83DC63BE1 -- E:\Windows\system32\FXSCOM.dll
[2009/07/13 21:40:55 | 000,591,872 | ---- | M] (Microsoft Corporation) MD5=07C5ABC5347B7867F00A23455F8A89BD -- E:\Windows\system32\FXSCOMEX.dll
[2009/07/13 21:40:55 | 000,762,368 | ---- | M] (Microsoft Corporation) MD5=17E74A73365EB2BEA6DEDCDF57DE4A1E -- E:\Windows\system32\FXSCOMPOSE.dll
[2009/07/13 21:27:24 | 000,034,816 | ---- | M] (Microsoft Corporation) MD5=D3504BFF3222FFA3B4BB9DC0BEB52F75 -- E:\Windows\system32\FXSCOMPOSERES.dll
[2009/07/13 21:27:24 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BB5AF39C8BD8B259C0DE1951FE60EA21 -- E:\Windows\system32\FXSEVENT.dll
[2009/07/13 21:40:56 | 000,041,472 | ---- | M] (Microsoft Corporation) MD5=20BEB8C403C6E28C9B13644787F5177D -- E:\Windows\system32\FXSMON.dll
[2009/07/13 21:27:24 | 000,925,184 | ---- | M] (Microsoft Corporation) MD5=C8E8B8239FCF17BEA10E751BE5854631 -- E:\Windows\system32\FXSRESM.dll
[2009/07/13 21:40:56 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=D5217D9C99DECB25E128EEA18BB8CE05 -- E:\Windows\system32\FXSROUTE.dll
[2009/07/13 21:40:56 | 000,863,744 | ---- | M] (Microsoft Corporation) MD5=C746F3BF98E92FB137B5BD2B8B5925BD -- E:\Windows\system32\FXSST.dll
[2009/07/13 21:40:56 | 000,258,560 | ---- | M] (Microsoft Corporation) MD5=F99580A13760F607DE4795D18CCC2C1A -- E:\Windows\system32\FXST30.dll
[2009/07/13 21:40:56 | 000,434,176 | ---- | M] (Microsoft Corporation) MD5=3E0E5B536E172A4907032E0EEB2F6C86 -- E:\Windows\system32\FXSTIFF.dll
[2009/07/13 21:40:56 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=E4E4B9BB006DADA80A46D70001C2433C -- E:\Windows\system32\FXSUTILITY.dll
[2009/07/13 21:40:16 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=EE312B4CC0216F815AB8B3A7FC085FAD -- E:\Windows\system32\gacinstall.dll
[2009/07/13 21:40:56 | 002,746,368 | ---- | M] (Microsoft Corporation) MD5=14F5C0DB4B2C47874D6C937A5A1B367C -- E:\Windows\system32\gameux.dll
[2009/07/13 21:27:28 | 004,240,384 | ---- | M] (Microsoft) MD5=8B21624E80D75BE60984E8F3F9C607F3 -- E:\Windows\system32\GameUXLegacyGDFs.dll
[2009/07/13 21:40:56 | 000,128,512 | ---- | M] (Microsoft Corporation) MD5=46134E5BCFC4B7E29713A68817ECE290 -- E:\Windows\system32\gcdef.dll
[2009/07/13 21:40:56 | 000,404,480 | ---- | M] (Microsoft Corporation) MD5=E1B1255D3A4B3367FE4E9C71E62E3B5A -- E:\Windows\system32\gdi32.dll
[2008/04/17 07:12:54 | 000,126,312 | ---- | M] (GEAR Software Inc.) MD5=AC0612BEB517CACF463E1F5EE76E52FD -- E:\Windows\system32\GEARAspi64.dll
[2009/07/13 21:40:56 | 000,009,216 | ---- | M] (Microsoft Corporation) MD5=9DEA40F2E172146B91CE74FCD3F7763A -- E:\Windows\system32\getuname.dll
[2010/04/21 11:38:36 | 000,119,808 | ---- | M] (Intel Corporation) MD5=E01A0A6BF9177A6EA0EDD5331E2EDC93 -- E:\Windows\system32\gfxSrvc.dll
[2009/07/13 21:40:56 | 000,452,096 | ---- | M] (Microsoft Corporation) MD5=97CF12752D53AA35374632792C838D5D -- E:\Windows\system32\glmf32.dll
[2009/07/13 21:40:56 | 000,165,376 | ---- | M] (Microsoft Corporation) MD5=F2967C0A97C0EA67D79D7F557213950D -- E:\Windows\system32\glu32.dll
[2009/07/13 21:40:56 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=9C9307C95671AC962F3D6EB3A4A89BAE -- E:\Windows\system32\gpapi.dll
[2009/07/13 21:40:57 | 001,000,960 | ---- | M] (Microsoft Corporation) MD5=CC532E5812B1ED7C24AFDAA8EFB8DBF3 -- E:\Windows\system32\gpedit.dll
[2009/07/13 21:40:59 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=946805C45A372EE22990D5F5758A3F03 -- E:\Windows\system32\gpprnext.dll
[2009/07/13 21:40:59 | 000,776,192 | ---- | M] (Microsoft Corporation) MD5=FE5AB4525BC2EC68B9119A6E5D40128B -- E:\Windows\system32\gpsvc.dll
[2009/07/13 21:40:59 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=7762386362DC5E1971DC61CC98369A98 -- E:\Windows\system32\gptext.dll
[2009/07/13 21:40:59 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=B065005F4DE017EB48426C8AE74CD5B0 -- E:\Windows\system32\Groupinghc.dll
[2009/07/13 21:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- E:\Windows\system32\hal.dll
[2009/07/13 21:40:59 | 000,078,848 | ---- | M] (Microsoft Corporation) MD5=89A680191F2DD811BBD435D12B0D54E4 -- E:\Windows\system32\hbaapi.dll
[2010/04/21 11:38:48 | 000,108,032 | ---- | M] (Intel Corporation) MD5=32B6CECF95C8CC3C0FB70370994C23D0 -- E:\Windows\system32\hccutils.dll
[2009/07/13 21:40:59 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=809AE7D4ACE06BBCF621E5C504BF6FC8 -- E:\Windows\system32\hcproviders.dll
[2009/07/13 21:40:59 | 000,072,704 | ---- | M] (Microsoft Corporation) MD5=DB70FE36AC8F594E9E69479C076BADB8 -- E:\Windows\system32\HelpPaneProxy.dll
[2009/07/13 21:41:00 | 000,332,288 | ---- | M] (Microsoft Corporation) MD5=F0AAB2A76A7AF04C70A818E96BAF3E64 -- E:\Windows\system32\hgcpl.dll
[2009/07/13 21:41:00 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=B9C7F88D85369548A69F2EDD1A40441E -- E:\Windows\system32\hgprint.dll
[2009/07/13 21:41:00 | 000,053,248 | ---- | M] (Microsoft Corporation) MD5=818BD0499A21CD095D13318598B214DE -- E:\Windows\system32\hhsetup.dll
[2009/07/13 21:41:00 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=896F15A6434D93EDB42519D5E18E6B50 -- E:\Windows\system32\hid.dll
[2009/07/13 21:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) MD5=BD9EB3958F213F96B97B1D897DEE006D -- E:\Windows\system32\hidserv.dll
[2009/07/13 21:41:00 | 000,109,568 | ---- | M] (Microsoft Corporation) MD5=7C9C7DF71E0325CF351757A9EDAB0A0F -- E:\Windows\system32\hlink.dll
[2009/07/13 21:41:00 | 000,424,448 | ---- | M] (Microsoft Corporation) MD5=3B367397320C26DBA890B260F80D1B1B -- E:\Windows\system32\hnetcfg.dll
[2009/07/13 21:41:00 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=840B884B2071186C0D354F3A7F4E4D56 -- E:\Windows\system32\hnetmon.dll
[2009/07/13 21:41:00 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=674B9AD48FB33A39D2550B2874BB768F -- E:\Windows\system32\hotplug.dll
[2009/07/13 21:41:00 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=7F37322A489E285CFBCC02F6A53B3F1B -- E:\Windows\system32\HotStartUserAgent.dll
[2010/10/07 14:06:14 | 000,274,792 | ---- | M] (Hewlett-Packard Co.) MD5=0697185AC0AE7F48D29796AA1D78F234 -- E:\Windows\system32\hpinkcoi8711.dll
[2010/10/07 14:06:16 | 000,349,032 | ---- | M] (Hewlett-Packard Co.) MD5=8695F261BC22030E893EEDA1D2107514 -- E:\Windows\system32\hpinksts8711LM.dll
[2010/10/07 14:06:18 | 002,591,080 | ---- | M] (Hewlett-Packard Co.) MD5=762AFC484317D86C5F24CD49A49CA28C -- E:\Windows\system32\HPScanMiniDrv_DJ2050_510g.dll
[2009/07/13 21:41:05 | 000,045,056 | ---- | M] (Microsoft Corporation) MD5=4509387963DF66A6401752A0C631F6E8 -- E:\Windows\system32\httpapi.dll
[2009/07/13 21:41:05 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=C177A0D4DBEF6A4AB67817ECF6C054BF -- E:\Windows\system32\htui.dll
[2009/07/13 21:41:05 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=39415B10172C431F5AB87488D79E9DC4 -- E:\Windows\system32\ias.dll
[2009/07/13 21:41:05 | 000,099,840 | ---- | M] (Microsoft Corporation) MD5=064083CDCEC3CC8A434DED7DF349795F -- E:\Windows\system32\iasacct.dll
[2009/07/13 21:41:05 | 000,081,408 | ---- | M] (Microsoft Corporation) MD5=30BA7FF02036E222890C64369B2E8733 -- E:\Windows\system32\iasads.dll
[2009/07/13 21:41:05 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=313A1B21DA0FBCFBF557247C81C803D6 -- E:\Windows\system32\iasdatastore.dll
[2009/07/13 21:41:05 | 000,098,816 | ---- | M] (Microsoft Corporation) MD5=A87EC5A9714CE350D2E893C254355E40 -- E:\Windows\system32\iashlpr.dll
[2009/07/13 21:41:54 | 000,629,760 | ---- | M] (Microsoft Corporation) MD5=3A03D0D731287E5EDF8582CE9A3B5663 -- E:\Windows\system32\IasMigPlugin.dll
[2009/07/13 21:41:05 | 000,226,304 | ---- | M] (Microsoft Corporation) MD5=8426E4F80F91E698ABE65A5945EC317E -- E:\Windows\system32\iasnap.dll
[2009/07/13 21:41:05 | 000,038,400 | ---- | M] (Microsoft Corporation) MD5=82A966D90A3AC50BCFA70B03D38A4A7A -- E:\Windows\system32\iaspolcy.dll
[2009/07/13 21:41:05 | 000,217,088 | ---- | M] (Microsoft Corporation) MD5=F0514892EF8E05C753334CCBF3588C0A -- E:\Windows\system32\iasrad.dll
[2009/07/13 21:41:05 | 000,198,144 | ---- | M] (Microsoft Corporation) MD5=7D90D77E58471E2452A3D818D4AAFC94 -- E:\Windows\system32\iasrecst.dll
[2009/07/13 21:41:05 | 000,253,440 | ---- | M] (Microsoft Corporation) MD5=7F9AAEEE01CE2DDBEA4ABEF0910A7ADA -- E:\Windows\system32\iassam.dll
[2009/07/13 21:41:05 | 000,445,440 | ---- | M] (Microsoft Corporation) MD5=566C42BA91A46FA007FC892E7FAFEA7C -- E:\Windows\system32\iassdo.dll
[2009/07/13 21:41:05 | 000,088,576 | ---- | M] (Microsoft Corporation) MD5=A6F3F67F9652EA07210188E2B07FFEE8 -- E:\Windows\system32\iassvcs.dll
[2009/07/13 21:41:05 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=7E236CC26FF0C2513819FA453E2C5371 -- E:\Windows\system32\icaapi.dll
[2012/02/14 18:09:01 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=778004F92FF1D92C327857250E9E9482 -- E:\Windows\system32\icardie.dll
[2009/06/10 16:30:47 | 000,008,016 | ---- | M] (Microsoft Corporation) MD5=9481CE9E51B3CA43FD61894B89ED4CCA -- E:\Windows\system32\icardres.dll
[2009/07/13 21:41:05 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=679ACCD99897D7D6A0142DAE3F27BDA0 -- E:\Windows\system32\icfupgd.dll
[2009/07/13 21:41:05 | 000,250,880 | ---- | M] (Microsoft Corporation) MD5=1D296F090ED401967B30BD2B970DC306 -- E:\Windows\system32\icm32.dll
[2009/07/13 21:27:58 | 000,003,072 | ---- | M] (Microsoft Corporation) MD5=2B992299FFD739B84FBC9861E3C766AD -- E:\Windows\system32\icmp.dll
[2009/07/13 21:41:05 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=792F6345B7724A55B7325D95FCC10E8A -- E:\Windows\system32\icmui.dll
[2009/07/13 21:41:05 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=1D63F4366288B8A7595397E27010FD44 -- E:\Windows\system32\IconCodecService.dll
[2009/07/13 21:41:05 | 000,145,920 | ---- | M] (Microsoft Corporation) MD5=66666E626D9938E9187DAD0D2C4E8E07 -- E:\Windows\system32\icsigd.dll
[2009/07/13 21:41:05 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=4A82EA2807B16FF577AEAF8ADB8779FF -- E:\Windows\system32\IdListen.dll
[2009/07/13 21:41:05 | 000,037,376 | ---- | M] (Microsoft Corporation) MD5=94F7721558C1ACED34E479DD02D56F25 -- E:\Windows\system32\idndl.dll
[2009/07/13 21:41:05 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=A0A2C1D812C231C9BFE119FDC68E341B -- E:\Windows\system32\IDStore.dll
[2012/02/14 18:09:01 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=6B6A8ADF9892E76F59E3B17D01E29673 -- E:\Windows\system32\IEAdvpack.dll
[2012/02/14 18:09:01 | 000,160,256 | ---- | M] (Microsoft Corporation) MD5=BD107CF53FA7142B4F06D6D71AFEB131 -- E:\Windows\system32\ieakeng.dll
[2012/02/14 18:09:01 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=F65BDB76207B49529268485AAE20AE34 -- E:\Windows\system32\ieaksie.dll
[2012/02/14 18:09:01 | 000,163,840 | ---- | M] (Microsoft Corporation) MD5=50EF8F8DF559B7C5E72404F4B184FF17 -- E:\Windows\system32\ieakui.dll
[2012/02/14 18:09:01 | 000,534,528 | ---- | M] (Microsoft Corporation) MD5=8EADA158D964E3FD1999AD96C9C507FF -- E:\Windows\system32\ieapfltr.dll
[2012/02/14 18:09:00 | 000,403,248 | ---- | M] (Microsoft Corporation) MD5=C3E98C42EDF7EF237A4BAB91FEAC7426 -- E:\Windows\system32\iedkcs32.dll
[2012/06/02 08:17:39 | 010,924,032 | ---- | M] (Microsoft Corporation) MD5=FC3A5E13D26C131E6BB39094D9ACD1F6 -- E:\Windows\system32\ieframe.dll
[2012/02/14 18:09:01 | 000,145,920 | ---- | M] (Microsoft Corporation) MD5=18E10F42E7492151D279AC29622037B8 -- E:\Windows\system32\iepeers.dll
[2012/02/14 18:09:00 | 000,039,936 | ---- | M] (Microsoft Corporation) MD5=351DF61EF64D77C57A4B68C663E7279D -- E:\Windows\system32\iernonce.dll
[2012/06/02 07:59:47 | 002,144,768 | ---- | M] (Microsoft Corporation) MD5=78CA24E3B51C624007C1B8A7B8D6C9AF -- E:\Windows\system32\iertutil.dll
[2012/02/14 18:09:00 | 000,085,504 | ---- | M] (Microsoft Corporation) MD5=93202ED0B473A8FEDFD9F5E668BE72ED -- E:\Windows\system32\iesetup.dll
[2012/02/14 18:09:01 | 000,111,616 | ---- | M] (Microsoft Corporation) MD5=82A4DB52E9C75A794EADCD510F6CDA65 -- E:\Windows\system32\iesysprep.dll
[2012/06/02 07:54:06 | 000,248,320 | ---- | M] (Microsoft Corporation) MD5=6D91DE6BFBC367C2F4B0E4F2867857EF -- E:\Windows\system32\ieui.dll
[2009/07/13 21:41:06 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=2553AF518536B2E365A814730EB93E0A -- E:\Windows\system32\ifmon.dll
[2009/07/13 21:41:06 | 000,180,736 | ---- | M] (Microsoft Corporation) MD5=1751E9EB7974C728F7445C10C3E175AD -- E:\Windows\system32\ifsutil.dll
[2009/07/13 21:41:06 | 000,010,752 | ---- | M] (Microsoft Corporation) MD5=52E1754C8FC5D19580BA8BEFC1AEB24D -- E:\Windows\system32\ifsutilx.dll
[2010/04/21 11:53:56 | 015,012,864 | ---- | M] (Intel Corporation) MD5=6486803F1F725E3BC94600DE3464E16E -- E:\Windows\system32\ig4icd64.dll
[2009/07/13 21:41:07 | 003,451,904 | ---- | M] (Intel Corporation) MD5=57F5DB25A31C09A57BBC20FA330F70B1 -- E:\Windows\system32\igd10umd64.dll
[2009/07/13 21:41:07 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=B867F3E032227C77F4AEFD73194317E1 -- E:\Windows\system32\igdDiag.dll
[2009/07/13 21:41:07 | 005,437,952 | ---- | M] (Intel Corporation) MD5=FCAA28463379ED552CA5CF71E786A328 -- E:\Windows\system32\igdumd64.dll
[2010/04/21 12:28:38 | 000,092,672 | ---- | M] (Intel Corporation) MD5=B9DCA2198F7FB17F8475E573163399FB -- E:\Windows\system32\igfxCoIn_v2119.dll
[2010/04/21 11:38:34 | 000,269,824 | ---- | M] (Intel Corporation) MD5=4404DBE09669CCA4A93E95A3ACC5DE5A -- E:\Windows\system32\igfxdev.dll
[2010/04/21 11:38:34 | 000,004,096 | ---- | M] ( ) MD5=8B626417540010719B7428388A605D0D -- E:\Windows\system32\IGFXDEVLib.dll
[2010/04/21 11:38:00 | 000,142,336 | ---- | M] (Intel Corporation) MD5=1E57DF5C8777277551264A6825794514 -- E:\Windows\system32\igfxdo.dll
[2010/04/21 11:39:48 | 000,027,648 | ---- | M] (Intel Corporation) MD5=8485AC816C0C076C2269497590641ABE -- E:\Windows\system32\igfxexps.dll
[2010/04/21 11:39:56 | 000,243,200 | ---- | M] (Intel Corporation) MD5=5D2770203ECA49BE4062E204032D13AD -- E:\Windows\system32\igfxpph.dll
[2010/04/21 11:38:00 | 000,830,464 | ---- | M] (Intel Corporation) MD5=CB9CE8F520BCD4EFCC5B2062DE38FADB -- E:\Windows\system32\igfxress.dll
[2010/04/21 11:39:26 | 000,061,952 | ---- | M] (Intel Corporation) MD5=4723F3B22C487B96729F6CEAC4F28DBE -- E:\Windows\system32\igfxsrvc.dll
[2010/04/21 11:40:10 | 000,379,392 | ---- | M] (Intel Corporation) MD5=31243B790F0E67026E24323E70829E0E -- E:\Windows\system32\igfxTMM.dll
[2010/04/21 11:22:52 | 000,187,392 | ---- | M] () MD5=64FEFB16DEAF1A22DE833FEC22D3A9D2 -- E:\Windows\system32\iglhcp64.dll
[2010/04/21 11:22:52 | 000,205,824 | ---- | M] () MD5=913CAEE7DD2A9A26A0ACFA75AA68F48D -- E:\Windows\system32\iglhsip64.dll

[2009/07/13 21:41:08 | 000,845,824 | ---- | M] (Microsoft Corporation) MD5=C5B4683680DF085B57BC53E5EF34861F -- E:\Windows\system32\IKEEXT.DLL
[2012/03/01 02:40:14 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=15A54626213EBF003F7D4C9D8380A656 -- E:\Windows\system32\imagehlp.dll
[2009/07/13 21:28:10 | 020,268,032 | ---- | M] (Microsoft Corporation) MD5=5AA945234E9D4CCE4F715276B9AA712C -- E:\Windows\system32\imageres.dll
[2009/07/13 21:28:10 | 000,705,536 | ---- | M] (Microsoft Corporation) MD5=F15FA38D56D6DBAC6BF03B63F29CA559 -- E:\Windows\system32\imagesp1.dll
[2009/07/13 21:41:08 | 000,153,088 | ---- | M] (Microsoft Corporation) MD5=A259E4991C9C422895B944BEABB9799F -- E:\Windows\system32\imapi.dll
[2009/07/13 21:41:08 | 000,505,344 | ---- | M] (Microsoft Corporation) MD5=8B886A0AC14EAA8599142887991A5A2E -- E:\Windows\system32\imapi2.dll
[2009/07/13 21:41:09 | 001,244,160 | ---- | M] (Microsoft Corporation) MD5=D47180120A4F8EE4076920DA07577729 -- E:\Windows\system32\imapi2fs.dll
[2012/02/14 18:09:01 | 000,049,664 | ---- | M] (Microsoft Corporation) MD5=FD2031A7D5BBB95DC8A763D20B352A46 -- E:\Windows\system32\imgutil.dll
[2009/07/13 21:41:16 | 000,878,080 | ---- | M] (Microsoft Corporation) MD5=84472A7516B0722290FC12194AA04051 -- E:\Windows\system32\IMJP10K.DLL
[2009/07/13 21:41:09 | 000,167,424 | ---- | M] (Microsoft Corporation) MD5=AA2C08CE85653B1A0D2E4AB407FA176C -- E:\Windows\system32\imm32.dll
[2011/05/03 01:21:22 | 000,976,896 | ---- | M] (Microsoft Corporation) MD5=C324594634A19031932A63FFD8F1267E -- E:\Windows\system32\inetcomm.dll
[2009/07/13 21:41:09 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=E0AA65D9D4120566CEAE075FD7AB2E43 -- E:\Windows\system32\inetmib1.dll
[2009/07/13 21:41:09 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=17EAB1AEA937EFFCD107EFBA94FEDB34 -- E:\Windows\system32\inetpp.dll
[2009/07/13 21:41:09 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=A89F2FFF2EB1396EDB759AA9E6E7AC1F -- E:\Windows\system32\inetppui.dll
[2009/07/13 21:28:13 | 000,084,480 | ---- | M] (Microsoft Corporation) MD5=70D8B5C2A5DC62AF0FB5504B2E2233D7 -- E:\Windows\system32\INETRES.dll
[2009/06/10 16:30:47 | 000,170,328 | ---- | M] (Microsoft Corporation) MD5=12D9B132D9DB55ACBA9D49B45BB0CFFC -- E:\Windows\system32\infocardapi.dll
[2009/07/13 21:41:09 | 000,275,456 | ---- | M] (Microsoft Corporation) MD5=D7A0A16B9C34FF96BC6E2876174DC4C5 -- E:\Windows\system32\InkEd.dll
[2009/07/13 21:41:09 | 000,246,784 | ---- | M] (Microsoft Corporation) MD5=EB8CDE4EF586D7A579B44FF198850DE4 -- E:\Windows\system32\input.dll
[2012/02/14 18:09:00 | 000,103,936 | ---- | M] (Microsoft Corporation) MD5=B69A23F486D1687ACC36A6F4D9A217E2 -- E:\Windows\system32\inseng.dll
[2009/11/16 01:45:28 | 000,318,152 | ---- | M] (Intel(R) Corporation) MD5=6EF7022E1042F26C2386B77710466109 -- E:\Windows\system32\ioatco.dll
[2009/07/13 21:28:14 | 000,002,048 | ---- | M] (Microsoft Corporation) MD5=87A8BC16F7A637CC4CCF140B1CEAD168 -- E:\Windows\system32\iologmsg.dll
[2009/07/13 21:41:09 | 000,101,888 | ---- | M] (Microsoft Corporation) MD5=098A91C54546A3B878DAD6A7E90A455B -- E:\Windows\system32\IPBusEnum.dll
[2009/07/13 21:41:09 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=F380682F24410D82FAF4FEEA8041A67A -- E:\Windows\system32\IPBusEnumProxy.dll
[2009/07/13 21:41:10 | 000,145,920 | ---- | M] (Microsoft Corporation) MD5=57FE2CFC2F25C200499D5D934EA24EB5 -- E:\Windows\system32\IPHLPAPI.DLL
[2009/07/13 21:41:10 | 000,565,760 | ---- | M] (Microsoft Corporation) MD5=F8E058D17363EC580E4B7232778B6CB5 -- E:\Windows\system32\iphlpsvc.dll
[2009/07/13 21:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) MD5=B95F6501A2F8B2E78C697FEC401970CE -- E:\Windows\system32\ipnathlp.dll
[2009/07/13 21:41:10 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2B19CB7DF98C4DB3900E77C97CAABEAF -- E:\Windows\system32\iprtprio.dll
[2009/07/13 21:41:10 | 000,281,088 | ---- | M] (Microsoft Corporation) MD5=82184C34E6772201E24134631BCFF119 -- E:\Windows\system32\iprtrmgr.dll
[2009/07/13 21:41:10 | 000,876,544 | ---- | M] (Microsoft Corporation) MD5=092C2DC65E91D4C1B6F338A811BAB162 -- E:\Windows\system32\ipsecsnp.dll
[2009/07/13 21:41:10 | 000,500,224 | ---- | M] (Microsoft Corporation) MD5=166EB40D1F5B47E615DE3D0FFFE5F243 -- E:\Windows\system32\IPSECSVC.DLL
[2009/07/13 21:41:10 | 000,584,192 | ---- | M] (Microsoft Corporation) MD5=7F8D8EA358C1ABFF48F359D64475B694 -- E:\Windows\system32\ipsmsnap.dll
[2009/07/13 21:41:11 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=8955851008F59ACED328C1A9F6155533 -- E:\Windows\system32\irclass.dll
[2009/07/13 21:41:11 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=3848384AB383F0A8F506C4370635C1F9 -- E:\Windows\system32\irmon.dll
[2009/07/13 21:41:11 | 000,234,496 | ---- | M] (Microsoft Corporation) MD5=B9CE8CF2FF2D5EAFFDBAA340E7B385A5 -- E:\Windows\system32\iscsicpl.dll
[2009/07/13 21:41:11 | 000,077,312 | ---- | M] (Microsoft Corporation) MD5=E11E3F3BBEFDC5C0C160BE13B65E25E4 -- E:\Windows\system32\iscsidsc.dll
[2009/07/13 21:41:11 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=33AF7F68D89513F11D74AC79F937E9C0 -- E:\Windows\system32\iscsied.dll
[2009/07/13 21:41:11 | 000,156,672 | ---- | M] (Microsoft Corporation) MD5=808E98FF49B155C522E6400953177B08 -- E:\Windows\system32\iscsiexe.dll
[2009/07/13 21:28:17 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=854C994F7196191FFCC1A5E0EC7F16A9 -- E:\Windows\system32\iscsilog.dll
[2009/07/13 21:41:11 | 000,036,864 | ---- | M] (Microsoft Corporation) MD5=D152B2BDCFA6A220493582EC1F2B8416 -- E:\Windows\system32\iscsium.dll
[2009/07/13 21:41:11 | 000,089,088 | ---- | M] (Microsoft Corporation) MD5=A13AAB903F5B630B304AF4B7EC7176CF -- E:\Windows\system32\iscsiwmi.dll
[2009/07/13 21:41:11 | 000,193,536 | ---- | M] (Microsoft Corporation) MD5=84C88BEC8C1189AAA8A9C274829EBC92 -- E:\Windows\system32\itircl.dll
[2009/07/13 21:41:11 | 000,170,496 | ---- | M] (Microsoft Corporation) MD5=06DC527364A8CF48E472ECF2BA3F8403 -- E:\Windows\system32\itss.dll
[2009/07/13 21:41:11 | 000,282,624 | ---- | M] (Microsoft Corporation) MD5=0C53A3920ABD6D87043280240E88F10D -- E:\Windows\system32\iTVData.dll
[2009/12/19 05:46:35 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=F69E35AF06BA0C06DD80ACA358A16A1C -- E:\Windows\system32\iyuv_32.dll

VIRY.CZ

Windows Security System - nelze smazat

Windows Security System - nelze smazat

Re: Windows Security System - nelze smazat

Re: Windows Security System - nelze smazat

Re: Windows Security System - nelze smazat

Re: Windows Security System - nelze smazat

Re: Windows Security System - nelze smazat

Re: Windows Security System - nelze smazat

Re: Windows Security System - nelze smazat

Re: Windows Security System - nelze smazat

Re: Windows Security System - nelze smazat

Re: Windows Security System - nelze smazat

Re: Windows Security System - nelze smazat

Re: Windows Security System - nelze smazat

Re: Windows Security System - nelze smazat

Re: Windows Security System - nelze smazat