preventivka hp

[Márty84]

Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

[xemanpet]

RogueKiller V8.8.0 [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operačný systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spustené v : Normálny režim
Užívateľ : s fam [Práva Správcu]
Režim : Odebrať -- Dátum : 01/05/2014 22:45:58
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy : 1 ¤¤¤
[SUSP PATH][DLL] rundll32.exe -- C:\Users\s fam\AppData\Roaming\newnext.me\nengine.dll [-] -> rundll32.exe ZASTAVENÉ [TermProc]

¤¤¤ Záznamy Registrov : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spustenie položky : 0 ¤¤¤

¤¤¤ webové prehliadače : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ 0x0] ¤¤¤

¤¤¤ Vonkajšie Hives: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS545032B9A300 ATA Device +++++
--- User ---
[MBR] c09f2d329bde6d9bf8ec00351926fe75
[BSP] 0058b675e326d2cfadb8645ef652c885 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 300 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 616448 | Size: 287534 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 589486080 | Size: 15360 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 620943360 | Size: 2043 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[0]_D_01052014_224558.txt >>
RKreport[0]_D_01052014_094829.txt;RKreport[0]_S_01042014_113705.txt;RKreport[0]_S_01052014_095253.txt
RKreport[0]_S_01052014_223511.txt

[xemanpet]

RogueKiller V8.8.0 [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operačný systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spustené v : Normálny režim
Užívateľ : s fam [Práva Správcu]
Režim : Oprava HOSTS -- Dátum : 01/05/2014 22:46:32
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy : 1 ¤¤¤
[SUSP PATH][DLL] rundll32.exe -- C:\Users\s fam\AppData\Roaming\newnext.me\nengine.dll [-] -> rundll32.exe ZASTAVENÉ [TermProc]

¤¤¤ Záznamy Registrov : 0 ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ 0x0] ¤¤¤

¤¤¤ Vonkajšie Hives: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost


Dokončené : << RKreport[0]_H_01052014_224632.txt >>
RKreport[0]_D_01052014_094829.txt;RKreport[0]_D_01052014_224558.txt;RKreport[0]_S_01042014_113705.txt
RKreport[0]_S_01052014_095253.txt;RKreport[0]_S_01052014_223511.txt

[Márty84]

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[xemanpet]

ComboFix 14-01-04.03 - s fam . 01. 2014 1:31.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.2810.1436 [GMT 1:00]
Running from: c:\users\s fam\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: McAfee® Total Protection™ Service *Enabled/Outdated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee® Total Protection™ Service *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: McAfee® Total Protection™ Service *Enabled/Outdated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Resident AV is active
.
.
ADS - windows: deleted 24 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\MFW126.tmp
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Files Created from 2013-12-07 to 2014-01-07 )))))))))))))))))))))))))))))))
.
.
2014-01-07 01:07 . 2014-01-07 01:07 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-01-07 01:07 . 2014-01-07 01:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-04 10:37 . 2014-01-05 21:34 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys.bak
2014-01-04 10:37 . 2014-01-05 21:34 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys.bak
2014-01-04 10:37 . 2014-01-05 21:34 21504 ----a-w- c:\windows\system32\drivers\ws2ifsl.sys.bak
2014-01-04 10:37 . 2014-01-05 21:34 16464 ----a-w- c:\windows\system32\drivers\wmilib.sys.bak
2014-01-04 10:35 . 2014-01-05 21:32 366976 ----a-w- c:\windows\system32\drivers\msrpc.sys.bak
2014-01-04 10:34 . 2014-01-05 21:31 334208 ----a-w- c:\windows\system32\drivers\acpi.sys.bak
2014-01-04 10:34 . 2014-01-05 21:31 229888 ----a-w- c:\windows\system32\drivers\1394ohci.sys.bak
2014-01-04 10:34 . 2014-01-05 21:31 68096 ----a-w- c:\windows\system32\drivers\1394bus.sys.bak
2014-01-03 15:47 . 2014-01-03 15:47 -------- d-----w- c:\programdata\Vivendi Universal Games
2014-01-03 15:47 . 2014-01-03 15:47 -------- d-----w- c:\program files (x86)\Na scene(TM)
2013-12-31 21:28 . 2013-12-31 21:28 -------- d-----w- c:\users\s fam\.android
2013-12-31 21:28 . 2013-12-31 21:28 -------- d-----w- c:\users\s fam\AppData\Local\cache
2013-12-31 21:28 . 2014-01-04 10:29 -------- d-----w- c:\users\s fam\AppData\Roaming\newnext.me
2013-12-31 21:28 . 2013-12-31 21:30 -------- d-----w- c:\users\s fam\AppData\Local\Mobogenie
2013-12-31 21:28 . 2013-12-31 21:28 -------- d-----w- c:\users\s fam\AppData\Local\genienext
2013-12-31 21:27 . 2013-12-31 21:30 -------- d-----w- c:\program files (x86)\Mobogenie
2013-12-31 21:25 . 2013-12-31 21:25 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-12-31 21:25 . 2013-12-31 21:25 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2013-12-31 20:36 . 2013-12-31 20:36 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2013-12-31 16:26 . 2013-12-31 16:26 -------- d-----w- c:\programdata\The Learning Company
2013-12-31 16:25 . 2002-05-07 06:09 274432 ----a-w- c:\windows\TLCUninstall.exe
2013-12-31 16:25 . 2013-12-31 16:25 -------- d-----w- c:\program files (x86)\The Learning Company
2013-12-31 16:25 . 1998-10-29 15:45 306688 ----a-w- c:\windows\IsUninst.exe
2013-12-31 14:07 . 2013-12-31 16:16 -------- d-----w- c:\program files (x86)\Seznam.cz
2013-12-31 14:05 . 2013-12-31 15:58 -------- d-----w- c:\users\s fam\AppData\Roaming\DAEMON Tools Lite
2013-12-31 14:01 . 2014-01-06 23:37 -------- d-----w- c:\program files (x86)\Natipuj
2013-12-31 13:59 . 2013-12-31 15:57 -------- d-----w- c:\programdata\DAEMON Tools Lite
2013-12-31 13:43 . 2013-12-31 13:49 -------- d-----w- c:\program files (x86)\QuickTime
2013-12-31 13:41 . 2013-12-31 13:41 -------- d-----w- c:\users\s fam\AppData\Local\Apple
2013-12-31 13:40 . 2013-12-31 13:40 -------- d-----w- c:\program files (x86)\Apple Software Update
2013-12-31 13:40 . 2013-12-31 13:40 -------- d-----w- c:\programdata\Apple
2013-12-29 13:51 . 2013-12-29 13:51 -------- d--h--r- c:\users\s fam\AppData\Roaming\SecuROM
2013-12-27 18:31 . 2013-12-28 19:27 -------- d-----w- C:\AdwCleaner
2013-12-26 00:23 . 2011-02-23 14:54 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-12-26 00:23 . 2011-02-23 14:57 280408 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-12-26 00:23 . 2011-02-23 14:55 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-12-26 00:23 . 2011-02-23 14:55 53592 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-12-26 00:23 . 2011-02-23 14:57 505176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-12-26 00:23 . 2011-02-23 14:55 64344 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-12-26 00:23 . 2011-02-23 15:04 238968 ----a-w- c:\windows\system32\aswBoot.exe
2013-12-26 00:22 . 2011-02-23 15:04 40648 ----a-w- c:\windows\avastSS.scr
2013-12-26 00:22 . 2011-02-23 15:04 190016 ----a-w- c:\windows\SysWow64\aswBoot.exe
2013-12-26 00:22 . 2013-12-26 00:22 -------- d-----w- c:\programdata\AVAST Software
2013-12-26 00:22 . 2013-12-26 00:22 -------- d-----w- c:\program files\AVAST Software
2013-12-25 23:53 . 2013-12-25 23:53 -------- d-----w- c:\users\s fam\AppData\Local\CrashRpt
2013-12-25 23:52 . 2013-12-25 23:54 -------- d-----w- c:\programdata\Allmyapps
2013-12-25 23:52 . 2013-12-25 23:53 -------- d-----w- c:\program files (x86)\PC Cleaner
2013-12-25 23:52 . 2013-12-25 23:53 -------- d-----w- c:\program files (x86)\Systweak Support Dock
2013-12-25 23:46 . 2013-12-25 23:54 -------- d-----w- c:\program files (x86)\Amazon
2013-12-25 23:15 . 2013-12-25 23:15 -------- d-----w- C:\rsit
2013-12-25 23:06 . 2013-12-25 23:06 -------- d-----w- C:\FRST
2013-12-12 23:56 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-12 23:56 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-12 23:55 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-12 23:55 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-12 23:55 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-12 23:33 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-31 14:06 . 2011-04-08 09:54 381440 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-12-15 23:26 . 2011-03-20 01:21 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-10 22:46 . 2012-06-11 06:24 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-10 22:46 . 2011-06-10 21:42 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-24 17:29 . 2010-10-04 11:09 219648 ----a-w- c:\windows\system32\staco64.dll
2013-10-12 02:30 . 2013-11-13 06:57 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-13 06:57 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-13 06:57 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-13 06:57 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-13 06:57 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2011-10-06 20:09 . 2011-10-06 20:09 57863 ----a-w- c:\program files\Uninstal.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-12-29 12:04 222832 ----a-w- c:\users\s fam\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-12-29 12:04 222832 ----a-w- c:\users\s fam\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-12-29 12:04 222832 ----a-w- c:\users\s fam\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2013-04-22 720064]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2013-11-21 39408]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"McAfee Managed Services Tray"="c:\program files (x86)\McAfee\Managed VirusScan\DesktopUI\XTray.Exe" [2010-07-08 476480]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-05 98304]
"MVS Splash"="c:\program files (x86)\McAfee\Managed VirusScan\DesktopUI\XTray.exe" [2010-07-08 476480]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-10-01 256056]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
"QuickTime Plugin Install"="c:\program files (x86)\QuickTime\Plugins\DeleteMe1.exe" [2013-12-31 49152]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-7-30 1132320]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.130\SSScheduler.exe [2013-9-6 324320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"RequireSignedAppInit_DLLs"=0 (0x0)
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64;c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys;c:\windows\SYSNATIVE\drivers\mferkdet.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bserd.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [x]
S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
S2 McAfee SiteAdvisor Enterprise Service;McAfee SiteAdvisor Enterprise Service;c:\program files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe;c:\program files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [x]
S2 myAgtSvc;McAfee Virus and Spyware Protection Service;c:\program files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe;c:\program files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rtsuvc;HP Webcam [2 MP Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 10:29 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-05 15:04 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-11 22:46]
.
2014-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-26 06:33]
.
2014-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-26 06:33]
.
2014-01-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1904487887-2426832105-4032358140-1001Core.job
- c:\users\s fam\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-24 20:43]
.
2014-01-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1904487887-2426832105-4032358140-1001UA.job
- c:\users\s fam\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-24 20:43]
.
2014-01-06 c:\windows\Tasks\HPCeeScheduleFors fam.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 21:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-12-29 12:04 261744 ----a-w- c:\users\s fam\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-12-29 12:04 261744 ----a-w- c:\users\s fam\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-12-29 12:04 261744 ----a-w- c:\users\s fam\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-11-20 489472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2013-12-12 21720]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = %SystemRoot%\system32\blank.htm
uSearchAssistant =
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Odoslať obrázok do &Zariadenia s rozhraním Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odoslať stránku do &Zariadenia s rozhraním Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
FF - ProfilePath - c:\users\s fam\AppData\Roaming\Mozilla\Firefox\Profiles\p3p2cpzr.default\
FF - prefs.js: browser.search.defaulturl -
FF - ExtSQL: !HIDDEN! 2012-08-01 20:11; 5affxtbr@MyWebFace_5a.com; c:\program files (x86)\MyWebFace_5a\bar\1.bin
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - (no file)
Wow6432Node-HKLM-Run-mobilegeni daemon - c:\program files (x86)\Mobogenie\DaemonProcess.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-CoreAAC Audio Decoder - c:\windows\system32\CoreAAC-uninstall.exe
AddRemove-MVS - c:\progra~2\McAfee\MANAGE~1\Agent\myinx
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AIDA64Driver]
"ImagePath"="\??\c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\mcafee\ManagedServices]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\software\mcafee\VSCORE]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Alias]
@=""
"0"="ActionsPane Schema for Add-Ins"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2014-01-07 02:19:22
ComboFix-quarantined-files.txt 2014-01-07 01:19
.
Pre-Run: 125 633 290 240 bytes free
Post-Run: 125 719 977 984 bytes free
.
- - End Of File - - 3640B980239C8CE6E665C9A32D63F9D7
A36C5E4F47E84449FF07ED3517B43A31

[Márty84]

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: McAfee® Total Protection™ Service *Enabled/Outdated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee® Total Protection™ Service *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: McAfee® Total Protection™ Service *Enabled/Outdated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

Pokud nemate, ypnete trvale Windows Defender.

Odinstalujte jeden z antiviru. Nechal bych Avast a McAfee bych vyhodil. Ale muzete i opacne, zalezi na vas. Az se rozhodnete a jeden odinstalujete, napiste ktery zustal a budem pokracovat

[xemanpet]

defender vypnuty

ostal Avast

[Márty84]

Stahnete novy ComboFix a ulozte ho na plochu. Musi byt na plose!!!
Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

File::
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"=-
"swg"=-
"DAEMON Tools Lite"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"McAfee Managed Services Tray"=-
"MVS Splash"=-
"Adobe ARM"=-
"SunJavaUpdateSched"=-
"QuickTime Plugin Install"=-
"BCSSync"=-

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Alias]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]

Firefox::
FF - ProfilePath - c:\users\s fam\AppData\Roaming\Mozilla\Firefox\Profiles\p3p2cpzr.default\
FF - ExtSQL: !HIDDEN! 2012-08-01 20:11; 5affxtbr@MyWebFace_5a.com; c:\program files (x86)\MyWebFace_5a\bar\1.bin

Driver::
Skype C2C Service
SkypeUpdate
McComponentHostService

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[xemanpet]

ComboFix 14-01-12.01 - s fam . 01. 2014 23:33:26.5.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.2810.1153 [GMT 1:00]
Running from: c:\users\s fam\Desktop\ComboFix.exe
Command switches used :: c:\users\s fam\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Skype C2C Service
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Files Created from 2013-12-12 to 2014-01-12 )))))))))))))))))))))))))))))))
.
.
2014-01-12 22:50 . 2014-01-12 22:50 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-01-12 22:50 . 2014-01-12 22:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-08 21:25 . 2013-11-26 11:54 23183360 ----a-w- c:\windows\system32\mshtml.dll
2014-01-08 21:15 . 2010-02-10 07:09 384 ----a-w- c:\windows\myClean.bat
2014-01-07 02:29 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-01-07 02:21 . 2014-01-07 02:21 977408 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2014-01-04 10:37 . 2014-01-05 21:34 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys.bak
2014-01-04 10:37 . 2014-01-05 21:34 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys.bak
2014-01-04 10:37 . 2014-01-05 21:34 21504 ----a-w- c:\windows\system32\drivers\ws2ifsl.sys.bak
2014-01-04 10:37 . 2014-01-05 21:34 16464 ----a-w- c:\windows\system32\drivers\wmilib.sys.bak
2014-01-04 10:35 . 2014-01-05 21:32 366976 ----a-w- c:\windows\system32\drivers\msrpc.sys.bak
2014-01-04 10:34 . 2014-01-05 21:31 334208 ----a-w- c:\windows\system32\drivers\acpi.sys.bak
2014-01-04 10:34 . 2014-01-05 21:31 229888 ----a-w- c:\windows\system32\drivers\1394ohci.sys.bak
2014-01-04 10:34 . 2014-01-05 21:31 68096 ----a-w- c:\windows\system32\drivers\1394bus.sys.bak
2014-01-03 15:47 . 2014-01-03 15:47 -------- d-----w- c:\programdata\Vivendi Universal Games
2014-01-03 15:47 . 2014-01-03 15:47 -------- d-----w- c:\program files (x86)\Na scene(TM)
2013-12-31 21:28 . 2013-12-31 21:28 -------- d-----w- c:\users\s fam\.android
2013-12-31 21:28 . 2013-12-31 21:28 -------- d-----w- c:\users\s fam\AppData\Local\cache
2013-12-31 21:28 . 2014-01-04 10:29 -------- d-----w- c:\users\s fam\AppData\Roaming\newnext.me
2013-12-31 21:28 . 2013-12-31 21:30 -------- d-----w- c:\users\s fam\AppData\Local\Mobogenie
2013-12-31 21:28 . 2013-12-31 21:28 -------- d-----w- c:\users\s fam\AppData\Local\genienext
2013-12-31 21:27 . 2013-12-31 21:30 -------- d-----w- c:\program files (x86)\Mobogenie
2013-12-31 21:25 . 2013-12-31 21:25 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-12-31 21:25 . 2013-12-31 21:25 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2013-12-31 20:36 . 2013-12-31 20:36 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2013-12-31 16:26 . 2013-12-31 16:26 -------- d-----w- c:\programdata\The Learning Company
2013-12-31 16:25 . 2002-05-07 06:09 274432 ----a-w- c:\windows\TLCUninstall.exe
2013-12-31 16:25 . 2013-12-31 16:25 -------- d-----w- c:\program files (x86)\The Learning Company
2013-12-31 16:25 . 1998-10-29 15:45 306688 ----a-w- c:\windows\IsUninst.exe
2013-12-31 14:07 . 2013-12-31 16:16 -------- d-----w- c:\program files (x86)\Seznam.cz
2013-12-31 14:05 . 2013-12-31 15:58 -------- d-----w- c:\users\s fam\AppData\Roaming\DAEMON Tools Lite
2013-12-31 14:01 . 2014-01-06 23:37 -------- d-----w- c:\program files (x86)\Natipuj
2013-12-31 13:59 . 2013-12-31 15:57 -------- d-----w- c:\programdata\DAEMON Tools Lite
2013-12-31 13:43 . 2013-12-31 13:49 -------- d-----w- c:\program files (x86)\QuickTime
2013-12-31 13:41 . 2013-12-31 13:41 -------- d-----w- c:\users\s fam\AppData\Local\Apple
2013-12-31 13:40 . 2013-12-31 13:40 -------- d-----w- c:\program files (x86)\Apple Software Update
2013-12-31 13:40 . 2013-12-31 13:40 -------- d-----w- c:\programdata\Apple
2013-12-29 13:51 . 2013-12-29 13:51 -------- d--h--r- c:\users\s fam\AppData\Roaming\SecuROM
2013-12-27 18:31 . 2013-12-28 19:27 -------- d-----w- C:\AdwCleaner
2013-12-26 00:23 . 2011-02-23 14:54 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-12-26 00:23 . 2011-02-23 14:57 280408 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-12-26 00:23 . 2011-02-23 14:55 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-12-26 00:23 . 2011-02-23 14:55 53592 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-12-26 00:23 . 2011-02-23 14:57 505176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-12-26 00:23 . 2011-02-23 14:55 64344 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-12-26 00:23 . 2011-02-23 15:04 238968 ----a-w- c:\windows\system32\aswBoot.exe
2013-12-26 00:22 . 2011-02-23 15:04 40648 ----a-w- c:\windows\avastSS.scr
2013-12-26 00:22 . 2011-02-23 15:04 190016 ----a-w- c:\windows\SysWow64\aswBoot.exe
2013-12-26 00:22 . 2013-12-26 00:22 -------- d-----w- c:\programdata\AVAST Software
2013-12-26 00:22 . 2013-12-26 00:22 -------- d-----w- c:\program files\AVAST Software
2013-12-25 23:53 . 2013-12-25 23:53 -------- d-----w- c:\users\s fam\AppData\Local\CrashRpt
2013-12-25 23:52 . 2013-12-25 23:54 -------- d-----w- c:\programdata\Allmyapps
2013-12-25 23:52 . 2013-12-25 23:53 -------- d-----w- c:\program files (x86)\PC Cleaner
2013-12-25 23:52 . 2013-12-25 23:53 -------- d-----w- c:\program files (x86)\Systweak Support Dock
2013-12-25 23:46 . 2013-12-25 23:54 -------- d-----w- c:\program files (x86)\Amazon
2013-12-25 23:15 . 2013-12-25 23:15 -------- d-----w- C:\rsit
2013-12-25 23:06 . 2013-12-25 23:06 -------- d-----w- C:\FRST
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-31 14:06 . 2011-04-08 09:54 381440 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-12-15 23:26 . 2011-03-20 01:21 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-10 22:46 . 2012-06-11 06:24 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-10 22:46 . 2011-06-10 21:42 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-24 17:29 . 2010-10-04 11:09 219648 ----a-w- c:\windows\system32\staco64.dll
2013-11-23 18:26 . 2013-12-12 23:33 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-12 23:33 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-12 02:23 . 2013-12-12 23:33 2048 ----a-w- c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-12 23:33 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-10-30 02:32 . 2013-12-12 23:33 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-10-30 02:19 . 2013-12-12 23:33 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-10-30 01:24 . 2013-12-12 23:33 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-10-19 02:18 . 2013-12-12 23:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-10-19 01:36 . 2013-12-12 23:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2011-10-06 20:09 . 2011-10-06 20:09 57863 ----a-w- c:\program files\Uninstal.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-12-29 12:04 222832 ----a-w- c:\users\s fam\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-12-29 12:04 222832 ----a-w- c:\users\s fam\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-12-29 12:04 222832 ----a-w- c:\users\s fam\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-05 98304]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-10-01 256056]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-7-30 1132320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"RequireSignedAppInit_DLLs"=0 (0x0)
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64;c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bserd.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [x]
S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rtsuvc;HP Webcam [2 MP Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 10:29 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-05 15:04 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-11 22:46]
.
2014-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-26 06:33]
.
2014-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-26 06:33]
.
2014-01-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1904487887-2426832105-4032358140-1001Core.job
- c:\users\s fam\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-24 20:43]
.
2014-01-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1904487887-2426832105-4032358140-1001UA.job
- c:\users\s fam\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-24 20:43]
.
2014-01-12 c:\windows\Tasks\HPCeeScheduleFors fam.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 21:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-12-29 12:04 261744 ----a-w- c:\users\s fam\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-12-29 12:04 261744 ----a-w- c:\users\s fam\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-12-29 12:04 261744 ----a-w- c:\users\s fam\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-11-20 489472]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = %SystemRoot%\system32\blank.htm
uSearchAssistant =
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Odoslať obrázok do &Zariadenia s rozhraním Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odoslať stránku do &Zariadenia s rozhraním Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
FF - ProfilePath - c:\users\s fam\AppData\Roaming\Mozilla\Firefox\Profiles\p3p2cpzr.default\
FF - prefs.js: browser.search.defaulturl -
FF - ExtSQL: !HIDDEN! 2012-08-01 20:11; 5affxtbr@MyWebFace_5a.com; c:\program files (x86)\MyWebFace_5a\bar\1.bin
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-CoreAAC Audio Decoder - c:\windows\system32\CoreAAC-uninstall.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AIDA64Driver]
"ImagePath"="\??\c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
c:\program files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
.
**************************************************************************
.
Completion time: 2014-01-13 00:05:34 - machine was rebooted
ComboFix-quarantined-files.txt 2014-01-12 23:05
ComboFix2.txt 2014-01-07 01:19
.
Pre-Run: 124 631 568 384 bytes free
Post-Run: 123 936 317 440 bytes free
.
- - End Of File - - 3A2061E781B0FB5D2961A00120B9159C
A36C5E4F47E84449FF07ED3517B43A31

[Márty84]

Dejte novy log z RSIT

[xemanpet]

Logfile of random's system information tool 1.09 (written by random/random)
Run by s fam at 2014-01-16 10:04:53
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 118 GB (41%) free of 288 GB
Total RAM: 2810 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:05:01, on 16. 1. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Users\s fam\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\s fam\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files\trend micro\s fam.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Amazon 1Button App for IE - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odoslať obrázok do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odoslať stránku do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10129 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14372 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\windows\system32\WLANExt.exe 3209376
\??\C:\windows\system32\conhost.exe "-14654542571416800924-2009664553142860853-10927114271320353133-7094362121496901203
atieclxx
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe"
"taskhost.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 2848
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
adb fork-server server
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
C:\windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
taskeng.exe {5EA2D51A-F5F3-494A-94A0-EBE386B85AC2}
"C:\Users\s fam\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
C:\windows\system32\atibtmon.exe Global\Ati_VariBrightMonitorEvent
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5392.0.251353338\550514331" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,12,22 --reduce-gpu-sandbox --gpu-vendor-id=0x1002 --gpu-device-id=0x9712 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.743.2.2000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group7 pct:10f stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group5/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --instant-process --disable-html-notifications --channel="5392.1.359240910\406883622" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group7 pct:10f stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group5/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="5392.3.897363700\485247178" /prefetch:673131151
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\servicing\TrustedInstaller.exe
"C:\windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group7 pct:10f stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group5/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="5392.11.1284628283\2023391811" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group7 pct:10f stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group5/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="5392.16.485793018\1135763127" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group7 pct:10f stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group5/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="5392.17.35491725\141656154" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group7 pct:10f stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group5/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="5392.18.1874150660\1114410" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll" --lang=sk --channel="5392.19.434699427\1005783573" /prefetch:-390060480
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group7 pct:10f stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group5/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_50/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="5392.20.734509021\460426437" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\s fam\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll" --lang=sk --channel="5392.21.514099492\2126854173" /prefetch:-390060480
"C:\Users\s fam\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe"
"C:\Users\s fam\Downloads\RSITx64.exe"
taskhost.exe $(Arg0)

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1904487887-2426832105-4032358140-1001Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1904487887-2426832105-4032358140-1001UA.job
C:\windows\tasks\HPCeeScheduleFors fam.job

=========Mozilla firefox=========

ProfilePath - C:\Users\s fam\AppData\Roaming\Mozilla\Firefox\Profiles\p3p2cpzr.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
yahoo.xml

C:\Users\s fam\AppData\Roaming\Mozilla\Firefox\Profiles\p3p2cpzr.default\extensions\
plugin2@gameplaylabs.com
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-02-23 972280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-03-09 6669000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-12-14 256080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2013-09-03 68480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-03-09 4171464]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-07-24 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-14 194128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-07-24 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-12-14 256080]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-02-23 972280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-14 194128]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-03 2174760]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-11-20 489472]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /starttray []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Default Manager"=C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2010-05-10 439568]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-08-05 98304]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2010-10-01 256056]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-02-23 3451496]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-03-09 6669000]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-03-09 4171464]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.txt - open - C:\windows\NOTEPAD.EXE %1

======List of files/folders created in the last 1 month======

2014-01-13 00:05:40 ----D---- C:\windows\temp
2014-01-13 00:05:36 ----A---- C:\ComboFix.txt
2014-01-12 23:56:51 ----D---- C:\$RECYCLE.BIN
2014-01-08 22:26:04 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-01-08 22:26:03 ----A---- C:\windows\system32\ieui.dll
2014-01-08 22:26:02 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-01-08 22:26:02 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-01-08 22:26:02 ----A---- C:\windows\system32\jsproxy.dll
2014-01-08 22:26:02 ----A---- C:\windows\system32\ieUnatt.exe
2014-01-08 22:26:01 ----A---- C:\windows\system32\iesetup.dll
2014-01-08 22:26:01 ----A---- C:\windows\system32\iernonce.dll
2014-01-08 22:26:01 ----A---- C:\windows\system32\ie4uinit.exe
2014-01-08 22:26:00 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-01-08 22:26:00 ----A---- C:\windows\system32\ieetwcollector.exe
2014-01-08 22:25:59 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-01-08 22:25:59 ----A---- C:\windows\system32\mshtml.dll
2014-01-08 22:25:59 ----A---- C:\windows\system32\jscript9diag.dll
2014-01-08 22:25:58 ----A---- C:\windows\system32\ieapfltr.dll
2014-01-08 22:25:57 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-01-08 22:25:57 ----A---- C:\windows\system32\iertutil.dll
2014-01-08 22:25:56 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-01-08 22:25:55 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-01-08 22:25:55 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-01-08 22:25:55 ----A---- C:\windows\system32\wininet.dll
2014-01-08 22:25:54 ----A---- C:\windows\system32\urlmon.dll
2014-01-08 22:25:53 ----A---- C:\windows\system32\ieframe.dll
2014-01-08 22:25:52 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-01-08 22:25:50 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-01-08 22:25:50 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-01-08 22:25:49 ----A---- C:\windows\system32\jscript9.dll
2014-01-08 22:15:28 ----A---- C:\windows\myClean.bat
2014-01-07 03:29:42 ----A---- C:\windows\system32\IEUDINIT.EXE
2014-01-07 03:22:31 ----A---- C:\windows\SYSWOW64\elshyph.dll
2014-01-07 03:22:31 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-01-07 03:22:19 ----A---- C:\windows\SYSWOW64\jsIntl.dll
2014-01-07 03:22:19 ----A---- C:\windows\system32\elshyph.dll
2014-01-07 03:22:18 ----A---- C:\windows\SYSWOW64\RegisterIEPKEYs.exe
2014-01-07 03:22:18 ----A---- C:\windows\SYSWOW64\msls31.dll
2014-01-07 03:22:17 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-01-07 03:22:16 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-01-07 03:22:14 ----A---- C:\windows\SYSWOW64\url.dll
2014-01-07 03:22:14 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2014-01-07 03:22:14 ----A---- C:\windows\SYSWOW64\ieapfltr.dat
2014-01-07 03:22:14 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-01-07 03:22:14 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-01-07 03:22:13 ----A---- C:\windows\SYSWOW64\licmgr10.dll
2014-01-07 03:22:13 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-01-07 03:22:13 ----A---- C:\windows\SYSWOW64\icardie.dll
2014-01-07 03:22:12 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2014-01-07 03:22:12 ----A---- C:\windows\SYSWOW64\inseng.dll
2014-01-07 03:22:12 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-01-07 03:22:11 ----A---- C:\windows\SYSWOW64\wextract.exe
2014-01-07 03:22:11 ----A---- C:\windows\SYSWOW64\webcheck.dll
2014-01-07 03:22:11 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-01-07 03:22:11 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-01-07 03:22:11 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-01-07 03:22:11 ----A---- C:\windows\SYSWOW64\iexpress.exe
2014-01-07 03:22:10 ----A---- C:\windows\SYSWOW64\pngfilt.dll
2014-01-07 03:22:10 ----A---- C:\windows\SYSWOW64\occache.dll
2014-01-07 03:22:10 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-01-07 03:22:09 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2014-01-07 03:22:09 ----A---- C:\windows\SYSWOW64\mshta.exe
2014-01-07 03:22:09 ----A---- C:\windows\SYSWOW64\imgutil.dll
2014-01-07 03:22:09 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-01-07 03:22:08 ----A---- C:\windows\SYSWOW64\msfeedssync.exe
2014-01-07 03:22:08 ----A---- C:\windows\SYSWOW64\msfeedsbs.dll
2014-01-07 03:22:08 ----A---- C:\windows\SYSWOW64\jscript.dll
2014-01-07 03:22:08 ----A---- C:\windows\SYSWOW64\iepeers.dll
2014-01-07 03:22:08 ----A---- C:\windows\SYSWOW64\IEAdvpack.dll
2014-01-07 03:22:07 ----A---- C:\windows\SYSWOW64\SetIEInstalledDate.exe
2014-01-07 03:22:07 ----A---- C:\windows\SYSWOW64\mshtmler.dll
2014-01-07 03:22:06 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2014-01-07 03:22:02 ----A---- C:\windows\system32\jsIntl.dll
2014-01-07 03:22:01 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2014-01-07 03:22:00 ----A---- C:\windows\system32\msls31.dll
2014-01-07 03:21:59 ----A---- C:\windows\system32\msrating.dll
2014-01-07 03:21:59 ----A---- C:\windows\system32\msfeedssync.exe
2014-01-07 03:21:59 ----A---- C:\windows\system32\msfeedsbs.dll
2014-01-07 03:21:58 ----A---- C:\windows\system32\SetIEInstalledDate.exe
2014-01-07 03:21:58 ----A---- C:\windows\system32\IEAdvpack.dll
2014-01-07 03:21:57 ----A---- C:\windows\system32\mshtmler.dll
2014-01-07 03:21:57 ----A---- C:\windows\system32\iesysprep.dll
2014-01-07 03:21:56 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-01-07 03:21:55 ----A---- C:\windows\system32\ieapfltr.dat
2014-01-07 03:21:55 ----A---- C:\windows\system32\dxtrans.dll
2014-01-07 03:21:55 ----A---- C:\windows\system32\dxtmsft.dll
2014-01-07 03:21:54 ----A---- C:\windows\system32\url.dll
2014-01-07 03:21:54 ----A---- C:\windows\system32\icardie.dll
2014-01-07 03:21:53 ----A---- C:\windows\system32\webcheck.dll
2014-01-07 03:21:53 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-01-07 03:21:53 ----A---- C:\windows\system32\licmgr10.dll
2014-01-07 03:21:53 ----A---- C:\windows\system32\iedkcs32.dll
2014-01-07 03:21:52 ----A---- C:\windows\system32\wextract.exe
2014-01-07 03:21:52 ----A---- C:\windows\system32\mshtmled.dll
2014-01-07 03:21:52 ----A---- C:\windows\system32\msfeeds.dll
2014-01-07 03:21:52 ----A---- C:\windows\system32\inseng.dll
2014-01-07 03:21:52 ----A---- C:\windows\system32\iexpress.exe
2014-01-07 03:21:51 ----A---- C:\windows\system32\vbscript.dll
2014-01-07 03:21:50 ----A---- C:\windows\system32\pngfilt.dll
2014-01-07 03:21:50 ----A---- C:\windows\system32\occache.dll
2014-01-07 03:21:50 ----A---- C:\windows\system32\mshta.exe
2014-01-07 03:21:50 ----A---- C:\windows\system32\jscript.dll
2014-01-07 03:21:49 ----A---- C:\windows\system32\MshtmlDac.dll
2014-01-07 03:21:49 ----A---- C:\windows\system32\imgutil.dll
2014-01-07 03:21:49 ----A---- C:\windows\system32\iepeers.dll
2014-01-07 01:22:57 ----A---- C:\windows\zip.exe
2014-01-07 01:22:57 ----A---- C:\windows\SWSC.exe
2014-01-07 01:22:57 ----A---- C:\windows\SWREG.exe
2014-01-07 01:22:57 ----A---- C:\windows\sed.exe
2014-01-07 01:22:57 ----A---- C:\windows\PEV.exe
2014-01-07 01:22:57 ----A---- C:\windows\NIRCMD.exe
2014-01-07 01:22:57 ----A---- C:\windows\MBR.exe
2014-01-07 01:22:57 ----A---- C:\windows\grep.exe
2014-01-07 01:19:29 ----D---- C:\Qoobox
2014-01-04 11:37:00 ----A---- C:\windows\system32\drivers\WUDFRd.sys.bak
2014-01-04 11:37:00 ----A---- C:\windows\system32\drivers\WUDFPf.sys.bak
2014-01-04 11:37:00 ----A---- C:\windows\system32\drivers\ws2ifsl.sys.bak
2014-01-04 11:37:00 ----A---- C:\windows\system32\drivers\wmilib.sys.bak
2014-01-04 11:36:59 ----A---- C:\windows\system32\drivers\wmiacpi.sys.bak
2014-01-04 11:36:59 ----A---- C:\windows\system32\drivers\winusb.sys.bak
2014-01-04 11:36:59 ----A---- C:\windows\system32\drivers\wimmount.sys.bak
2014-01-04 11:36:59 ----A---- C:\windows\system32\drivers\wfplwf.sys.bak
2014-01-04 11:36:58 ----A---- C:\windows\system32\drivers\WdfLdr.sys.bak
2014-01-04 11:36:58 ----A---- C:\windows\system32\drivers\Wdf01000.sys.bak
2014-01-04 11:36:57 ----A---- C:\windows\system32\drivers\wd.sys.bak
2014-01-04 11:36:57 ----A---- C:\windows\system32\drivers\watchdog.sys.bak
2014-01-04 11:36:57 ----A---- C:\windows\system32\drivers\wanarp.sys.bak
2014-01-04 11:36:56 ----A---- C:\windows\system32\drivers\wacompen.sys.bak
2014-01-04 11:36:56 ----A---- C:\windows\system32\drivers\vwifimp.sys.bak
2014-01-04 11:36:56 ----A---- C:\windows\system32\drivers\vwififlt.sys.bak
2014-01-04 11:36:56 ----A---- C:\windows\system32\drivers\vwifibus.sys.bak
2014-01-04 11:36:56 ----A---- C:\windows\system32\drivers\vsmraid.sys.bak
2014-01-04 11:36:55 ----A---- C:\windows\system32\drivers\volsnap.sys.bak
2014-01-04 11:36:55 ----A---- C:\windows\system32\drivers\volmgrx.sys.bak
2014-01-04 11:36:54 ----A---- C:\windows\system32\drivers\volmgr.sys.bak
2014-01-04 11:36:54 ----A---- C:\windows\system32\drivers\videoprt.sys.bak
2014-01-04 11:36:54 ----A---- C:\windows\system32\drivers\viaide.sys.bak
2014-01-04 11:36:53 ----A---- C:\windows\system32\drivers\vhdmp.sys.bak
2014-01-04 11:36:53 ----A---- C:\windows\system32\drivers\vgapnp.sys.bak
2014-01-04 11:36:53 ----A---- C:\windows\system32\drivers\vga.sys.bak
2014-01-04 11:36:53 ----A---- C:\windows\system32\drivers\vdrvroot.sys.bak
2014-01-04 11:36:52 ----A---- C:\windows\system32\drivers\usbvideo.sys.bak
2014-01-04 11:36:52 ----A---- C:\windows\system32\drivers\usbuhci.sys.bak
2014-01-04 11:36:51 ----A---- C:\windows\system32\drivers\USBSTOR.SYS.bak
2014-01-04 11:36:51 ----A---- C:\windows\system32\drivers\usbser.sys.bak
2014-01-04 11:36:50 ----A---- C:\windows\system32\drivers\usbrpm.sys.bak
2014-01-04 11:36:50 ----A---- C:\windows\system32\drivers\usbprint.sys.bak
2014-01-04 11:36:50 ----A---- C:\windows\system32\drivers\usbport.sys.bak
2014-01-04 11:36:50 ----A---- C:\windows\system32\drivers\usbohci.sys.bak
2014-01-04 11:36:49 ----A---- C:\windows\system32\drivers\usbhub.sys.bak
2014-01-04 11:36:49 ----A---- C:\windows\system32\drivers\usbehci.sys.bak
2014-01-04 11:36:48 ----A---- C:\windows\system32\drivers\usbd.sys.bak
2014-01-04 11:36:48 ----A---- C:\windows\system32\drivers\usbcir.sys.bak
2014-01-04 11:36:48 ----A---- C:\windows\system32\drivers\usbccgp.sys.bak
2014-01-04 11:36:47 ----A---- C:\windows\system32\drivers\USBCAMD2.sys.bak
2014-01-04 11:36:47 ----A---- C:\windows\system32\drivers\usb8023x.sys.bak
2014-01-04 11:36:46 ----A---- C:\windows\system32\drivers\usb8023.sys.bak
2014-01-04 11:36:46 ----A---- C:\windows\system32\drivers\umpass.sys.bak
2014-01-04 11:36:46 ----A---- C:\windows\system32\drivers\umbus.sys.bak
2014-01-04 11:36:45 ----A---- C:\windows\system32\drivers\ULIAGPKX.SYS.bak
2014-01-04 11:36:45 ----A---- C:\windows\system32\drivers\udfs.sys.bak
2014-01-04 11:36:45 ----A---- C:\windows\system32\drivers\UAGP35.SYS.bak
2014-01-04 11:36:44 ----A---- C:\windows\system32\drivers\tunnel.sys.bak
2014-01-04 11:36:44 ----A---- C:\windows\system32\drivers\TsUsbFlt.sys.bak
2014-01-04 11:36:44 ----A---- C:\windows\system32\drivers\tssecsrv.sys.bak
2014-01-04 11:36:43 ----A---- C:\windows\system32\drivers\tpm.sys.bak
2014-01-04 11:36:43 ----A---- C:\windows\system32\drivers\termdd.sys.bak
2014-01-04 11:36:43 ----A---- C:\windows\system32\drivers\tdx.sys.bak
2014-01-04 11:36:42 ----A---- C:\windows\system32\drivers\tdtcp.sys.bak
2014-01-04 11:36:42 ----A---- C:\windows\system32\drivers\tdpipe.sys.bak
2014-01-04 11:36:42 ----A---- C:\windows\system32\drivers\tdi.sys.bak
2014-01-04 11:36:41 ----A---- C:\windows\system32\drivers\tcpipreg.sys.bak
2014-01-04 11:36:40 ----A---- C:\windows\system32\drivers\tcpip.sys.bak
2014-01-04 11:36:39 ----A---- C:\windows\system32\drivers\tape.sys.bak
2014-01-04 11:36:39 ----A---- C:\windows\system32\drivers\SynTP.sys.bak
2014-01-04 11:36:38 ----A---- C:\windows\system32\drivers\swenum.sys.bak
2014-01-04 11:36:38 ----A---- C:\windows\system32\drivers\stwrt64.sys.bak
2014-01-04 11:36:38 ----A---- C:\windows\system32\drivers\stream.sys.bak
2014-01-04 11:36:37 ----A---- C:\windows\system32\drivers\storport.sys.bak
2014-01-04 11:36:37 ----A---- C:\windows\system32\drivers\stexstor.sys.bak
2014-01-04 11:36:37 ----A---- C:\windows\system32\drivers\ss_bwhnt.sys.bak
2014-01-04 11:36:36 ----A---- C:\windows\system32\drivers\ss_bwh.sys.bak
2014-01-04 11:36:36 ----A---- C:\windows\system32\drivers\ss_bserd.sys.bak
2014-01-04 11:36:35 ----A---- C:\windows\system32\drivers\ss_bmdm.sys.bak
2014-01-04 11:36:35 ----A---- C:\windows\system32\drivers\ss_bmdfl.sys.bak
2014-01-04 11:36:34 ----A---- C:\windows\system32\drivers\ss_bcmnt.sys.bak
2014-01-04 11:36:34 ----A---- C:\windows\system32\drivers\ss_bcm.sys.bak
2014-01-04 11:36:34 ----A---- C:\windows\system32\drivers\ss_bbus.sys.bak
2014-01-04 11:36:33 ----A---- C:\windows\system32\drivers\ssadwhnt.sys.bak
2014-01-04 11:36:33 ----A---- C:\windows\system32\drivers\ssadwh.sys.bak
2014-01-04 11:36:32 ----A---- C:\windows\system32\drivers\ssadserd.sys.bak
2014-01-04 11:36:32 ----A---- C:\windows\system32\drivers\ssadmdm.sys.bak
2014-01-04 11:36:31 ----A---- C:\windows\system32\drivers\ssadmdfl.sys.bak
2014-01-04 11:36:31 ----A---- C:\windows\system32\drivers\ssadcmnt.sys.bak
2014-01-04 11:36:30 ----A---- C:\windows\system32\drivers\ssadcm.sys.bak
2014-01-04 11:36:30 ----A---- C:\windows\system32\drivers\ssadbus.sys.bak
2014-01-04 11:36:30 ----A---- C:\windows\system32\drivers\ssadadb.sys.bak
2014-01-04 11:36:29 ----A---- C:\windows\system32\drivers\srvnet.sys.bak
2014-01-04 11:36:28 ----A---- C:\windows\system32\drivers\srv2.sys.bak
2014-01-04 11:36:28 ----A---- C:\windows\system32\drivers\srv.sys.bak
2014-01-04 11:36:27 ----A---- C:\windows\system32\drivers\sptd.sys.bak
2014-01-04 11:36:27 ----A---- C:\windows\system32\drivers\spsys.sys.bak
2014-01-04 11:36:27 ----A---- C:\windows\system32\drivers\spldr.sys.bak
2014-01-04 11:36:26 ----A---- C:\windows\system32\drivers\smclib.sys.bak
2014-01-04 11:36:26 ----A---- C:\windows\system32\drivers\smb.sys.bak
2014-01-04 11:36:26 ----A---- C:\windows\system32\drivers\sisraid4.sys.bak
2014-01-04 11:36:26 ----A---- C:\windows\system32\drivers\sisraid2.sys.bak
2014-01-04 11:36:26 ----A---- C:\windows\system32\drivers\Sftvollh.sys.bak
2014-01-04 11:36:25 ----A---- C:\windows\system32\drivers\Sftredirlh.sys.bak
2014-01-04 11:36:24 ----A---- C:\windows\system32\drivers\Sftplaylh.sys.bak
2014-01-04 11:36:24 ----A---- C:\windows\system32\drivers\Sftfslh.sys.bak
2014-01-04 11:36:23 ----A---- C:\windows\system32\drivers\sfloppy.sys.bak
2014-01-04 11:36:23 ----A---- C:\windows\system32\drivers\sffp_sd.sys.bak
2014-01-04 11:36:23 ----A---- C:\windows\system32\drivers\sffp_mmc.sys.bak
2014-01-04 11:36:23 ----A---- C:\windows\system32\drivers\sffdisk.sys.bak
2014-01-04 11:36:22 ----A---- C:\windows\system32\drivers\sermouse.sys.bak
2014-01-04 11:36:22 ----A---- C:\windows\system32\drivers\serial.sys.bak
2014-01-04 11:36:22 ----A---- C:\windows\system32\drivers\serenum.sys.bak
2014-01-04 11:36:22 ----A---- C:\windows\system32\drivers\secdrv.sys.bak
2014-01-04 11:36:22 ----A---- C:\windows\system32\drivers\sdbus.sys.bak
2014-01-04 11:36:21 ----A---- C:\windows\system32\drivers\scsiport.sys.bak
2014-01-04 11:36:21 ----A---- C:\windows\system32\drivers\scfilter.sys.bak
2014-01-04 11:36:20 ----A---- C:\windows\system32\drivers\sbp2port.sys.bak
2014-01-04 11:36:20 ----A---- C:\windows\system32\drivers\rtsuvc.sys.bak
2014-01-04 11:36:19 ----A---- C:\windows\system32\drivers\Rt64win7.sys.bak
2014-01-04 11:36:19 ----A---- C:\windows\system32\drivers\rspndr.sys.bak
2014-01-04 11:36:19 ----A---- C:\windows\system32\drivers\rootmdm.sys.bak
2014-01-04 11:36:18 ----A---- C:\windows\system32\drivers\rndismpx.sys.bak
2014-01-04 11:36:18 ----A---- C:\windows\system32\drivers\RNDISMP.sys.bak
2014-01-04 11:36:18 ----A---- C:\windows\system32\drivers\rmcast.sys.bak
2014-01-04 11:36:17 ----A---- C:\windows\system32\drivers\rfcomm.sys.bak
2014-01-04 11:36:17 ----A---- C:\windows\system32\drivers\rdyboost.sys.bak
2014-01-04 11:36:16 ----A---- C:\windows\system32\drivers\rdpwd.sys.bak
2014-01-04 11:36:16 ----A---- C:\windows\system32\drivers\RDPREFMP.sys.bak
2014-01-04 11:36:16 ----A---- C:\windows\system32\drivers\RDPENCDD.sys.bak
2014-01-04 11:36:16 ----A---- C:\windows\system32\drivers\RDPCDD.sys.bak
2014-01-04 11:36:16 ----A---- C:\windows\system32\drivers\rdpbus.sys.bak
2014-01-04 11:36:15 ----A---- C:\windows\system32\drivers\rdbss.sys.bak
2014-01-04 11:36:15 ----A---- C:\windows\system32\drivers\rassstp.sys.bak
2014-01-04 11:36:15 ----A---- C:\windows\system32\drivers\raspptp.sys.bak
2014-01-04 11:36:14 ----A---- C:\windows\system32\drivers\raspppoe.sys.bak
2014-01-04 11:36:14 ----A---- C:\windows\system32\drivers\rasl2tp.sys.bak
2014-01-04 11:36:14 ----A---- C:\windows\system32\drivers\rasacd.sys.bak
2014-01-04 11:36:13 ----A---- C:\windows\system32\drivers\qwavedrv.sys.bak
2014-01-04 11:36:13 ----A---- C:\windows\system32\drivers\ql40xx.sys.bak
2014-01-04 11:36:12 ----A---- C:\windows\system32\drivers\ql2300.sys.bak
2014-01-04 11:36:12 ----A---- C:\windows\system32\drivers\PxHlpa64.sys.bak
2014-01-04 11:36:11 ----A---- C:\windows\system32\drivers\processr.sys.bak
2014-01-04 11:36:11 ----A---- C:\windows\system32\drivers\portcls.sys.bak
2014-01-04 11:36:11 ----A---- C:\windows\system32\drivers\PEAuth.sys.bak
2014-01-04 11:36:10 ----A---- C:\windows\system32\drivers\pcw.sys.bak
2014-01-04 11:36:10 ----A---- C:\windows\system32\drivers\pcouffin.sys.bak
2014-01-04 11:36:10 ----A---- C:\windows\system32\drivers\pcmcia.sys.bak
2014-01-04 11:36:09 ----A---- C:\windows\system32\drivers\pciidex.sys.bak
2014-01-04 11:36:09 ----A---- C:\windows\system32\drivers\pciide.sys.bak
2014-01-04 11:36:09 ----A---- C:\windows\system32\drivers\pci.sys.bak
2014-01-04 11:36:08 ----A---- C:\windows\system32\drivers\pccsmcfdx64.sys.bak
2014-01-04 11:36:08 ----A---- C:\windows\system32\drivers\partmgr.sys.bak
2014-01-04 11:36:08 ----A---- C:\windows\system32\drivers\parport.sys.bak
2014-01-04 11:36:07 ----A---- C:\windows\system32\drivers\pacer.sys.bak
2014-01-04 11:36:07 ----A---- C:\windows\system32\drivers\ohci1394.sys.bak
2014-01-04 11:36:07 ----A---- C:\windows\system32\drivers\nwifi.sys.bak
2014-01-04 11:36:07 ----A---- C:\windows\system32\drivers\NV_AGP.SYS.bak
2014-01-04 11:36:06 ----A---- C:\windows\system32\drivers\nvstor.sys.bak
2014-01-04 11:36:06 ----A---- C:\windows\system32\drivers\nvraid.sys.bak
2014-01-04 11:36:05 ----A---- C:\windows\system32\drivers\null.sys.bak
2014-01-04 11:36:04 ----A---- C:\windows\system32\drivers\ntfs.sys.bak
2014-01-04 11:36:04 ----A---- C:\windows\system32\drivers\nsiproxy.sys.bak
2014-01-04 11:36:04 ----A---- C:\windows\system32\drivers\npfs.sys.bak
2014-01-04 11:36:04 ----A---- C:\windows\system32\drivers\nfrd960.sys.bak
2014-01-04 11:36:03 ----A---- C:\windows\system32\drivers\netio.sys.bak
2014-01-04 11:36:03 ----A---- C:\windows\system32\drivers\netbt.sys.bak
2014-01-04 11:36:03 ----A---- C:\windows\system32\drivers\netbios.sys.bak
2014-01-04 11:36:02 ----A---- C:\windows\system32\drivers\ndproxy.sys.bak
2014-01-04 11:36:02 ----A---- C:\windows\system32\drivers\ndiswan.sys.bak
2014-01-04 11:36:01 ----A---- C:\windows\system32\drivers\ndisuio.sys.bak
2014-01-04 11:36:01 ----A---- C:\windows\system32\drivers\ndistapi.sys.bak
2014-01-04 11:36:01 ----A---- C:\windows\system32\drivers\ndiscap.sys.bak
2014-01-04 11:36:00 ----A---- C:\windows\system32\drivers\ndis.sys.bak
2014-01-04 11:36:00 ----A---- C:\windows\system32\drivers\mup.sys.bak
2014-01-04 11:36:00 ----A---- C:\windows\system32\drivers\MTConfig.sys.bak
2014-01-04 11:36:00 ----A---- C:\windows\system32\drivers\mstee.sys.bak
2014-01-04 11:35:59 ----A---- C:\windows\system32\drivers\mssmbios.sys.bak
2014-01-04 11:35:59 ----A---- C:\windows\system32\drivers\msrpc.sys.bak
2014-01-04 11:35:59 ----A---- C:\windows\system32\drivers\mspqm.sys.bak
2014-01-04 11:35:59 ----A---- C:\windows\system32\drivers\mspclock.sys.bak
2014-01-04 11:35:58 ----A---- C:\windows\system32\drivers\mskssrv.sys.bak
2014-01-04 11:35:58 ----A---- C:\windows\system32\drivers\msiscsi.sys.bak
2014-01-04 11:35:58 ----A---- C:\windows\system32\drivers\msisadrv.sys.bak
2014-01-04 11:35:57 ----A---- C:\windows\system32\drivers\mshidkmdf.sys.bak
2014-01-04 11:35:57 ----A---- C:\windows\system32\drivers\msfs.sys.bak
2014-01-04 11:35:57 ----A---- C:\windows\system32\drivers\msdsm.sys.bak
2014-01-04 11:35:56 ----A---- C:\windows\system32\drivers\msahci.sys.bak
2014-01-04 11:35:56 ----A---- C:\windows\system32\drivers\mrxsmb20.sys.bak
2014-01-04 11:35:55 ----A---- C:\windows\system32\drivers\mrxsmb10.sys.bak
2014-01-04 11:35:55 ----A---- C:\windows\system32\drivers\mrxsmb.sys.bak
2014-01-04 11:35:54 ----A---- C:\windows\system32\drivers\mrxdav.sys.bak
2014-01-04 11:35:54 ----A---- C:\windows\system32\drivers\mpsdrv.sys.bak
2014-01-04 11:35:54 ----A---- C:\windows\system32\drivers\mpio.sys.bak
2014-01-04 11:35:53 ----A---- C:\windows\system32\drivers\Mpfp.sys.bak
2014-01-04 11:35:53 ----A---- C:\windows\system32\drivers\mountmgr.sys.bak
2014-01-04 11:35:53 ----A---- C:\windows\system32\drivers\mouhid.sys.bak
2014-01-04 11:35:52 ----A---- C:\windows\system32\drivers\mouclass.sys.bak
2014-01-04 11:35:52 ----A---- C:\windows\system32\drivers\monitor.sys.bak
2014-01-04 11:35:52 ----A---- C:\windows\system32\drivers\modem.sys.bak
2014-01-04 11:35:52 ----A---- C:\windows\system32\drivers\mfewfpk.sys.bak
2014-01-04 11:35:51 ----A---- C:\windows\system32\drivers\mferkdet.sys.bak
2014-01-04 11:35:51 ----A---- C:\windows\system32\drivers\mfehidk.sys.bak
2014-01-04 11:35:50 ----A---- C:\windows\system32\drivers\mfeclnk.sys.bak
2014-01-04 11:35:50 ----A---- C:\windows\system32\drivers\mfeavfk.sys.bak
2014-01-04 11:35:49 ----A---- C:\windows\system32\drivers\mfeapfk.sys.bak
2014-01-04 11:35:49 ----A---- C:\windows\system32\drivers\MegaSR.sys.bak
2014-01-04 11:35:49 ----A---- C:\windows\system32\drivers\megasas.sys.bak
2014-01-04 11:35:49 ----A---- C:\windows\system32\drivers\mcd.sys.bak
2014-01-04 11:35:48 ----A---- C:\windows\system32\drivers\luafv.sys.bak
2014-01-04 11:35:48 ----A---- C:\windows\system32\drivers\lsi_scsi.sys.bak
2014-01-04 11:35:48 ----A---- C:\windows\system32\drivers\lsi_sas2.sys.bak
2014-01-04 11:35:48 ----A---- C:\windows\system32\drivers\lsi_sas.sys.bak
2014-01-04 11:35:47 ----A---- C:\windows\system32\drivers\lsi_fc.sys.bak
2014-01-04 11:35:47 ----A---- C:\windows\system32\drivers\lltdio.sys.bak
2014-01-04 11:35:47 ----A---- C:\windows\system32\drivers\ksthunk.sys.bak
2014-01-04 11:35:46 ----A---- C:\windows\system32\drivers\ksecpkg.sys.bak
2014-01-04 11:35:46 ----A---- C:\windows\system32\drivers\ksecdd.sys.bak
2014-01-04 11:35:46 ----A---- C:\windows\system32\drivers\ks.sys.bak
2014-01-04 11:35:45 ----A---- C:\windows\system32\drivers\kbdhid.sys.bak
2014-01-04 11:35:45 ----A---- C:\windows\system32\drivers\kbdclass.sys.bak
2014-01-04 11:35:45 ----A---- C:\windows\system32\drivers\isapnp.sys.bak
2014-01-04 11:35:44 ----A---- C:\windows\system32\drivers\irenum.sys.bak
2014-01-04 11:35:44 ----A---- C:\windows\system32\drivers\irda.sys.bak
2014-01-04 11:35:44 ----A---- C:\windows\system32\drivers\ipnat.sys.bak
2014-01-04 11:35:44 ----A---- C:\windows\system32\drivers\IPMIDrv.sys.bak
2014-01-04 11:35:43 ----A---- C:\windows\system32\drivers\ipfltdrv.sys.bak
2014-01-04 11:35:43 ----A---- C:\windows\system32\drivers\intelppm.sys.bak
2014-01-04 11:35:43 ----A---- C:\windows\system32\drivers\intelide.sys.bak
2014-01-04 11:35:42 ----A---- C:\windows\system32\drivers\iirsp.sys.bak
2014-01-04 11:35:42 ----A---- C:\windows\system32\drivers\iaStorV.sys.bak
2014-01-04 11:35:42 ----A---- C:\windows\system32\drivers\i8042prt.sys.bak
2014-01-04 11:35:41 ----A---- C:\windows\system32\drivers\hwpolicy.sys.bak
2014-01-04 11:35:41 ----A---- C:\windows\system32\drivers\http.sys.bak
2014-01-04 11:35:41 ----A---- C:\windows\system32\drivers\htcnprot.sys.bak
2014-01-04 11:35:40 ----A---- C:\windows\system32\drivers\HpSAMD.sys.bak
2014-01-04 11:35:40 ----A---- C:\windows\system32\drivers\HpqKbFiltr.sys.bak
2014-01-04 11:35:39 ----A---- C:\windows\system32\drivers\hidusb.sys.bak
2014-01-04 11:35:39 ----A---- C:\windows\system32\drivers\hidparse.sys.bak
2014-01-04 11:35:38 ----A---- C:\windows\system32\drivers\hidir.sys.bak
2014-01-04 11:35:38 ----A---- C:\windows\system32\drivers\hidclass.sys.bak
2014-01-04 11:35:38 ----A---- C:\windows\system32\drivers\hidbth.sys.bak
2014-01-04 11:35:37 ----A---- C:\windows\system32\drivers\hidbatt.sys.bak
2014-01-04 11:35:37 ----A---- C:\windows\system32\drivers\HdAudio.sys.bak
2014-01-04 11:35:37 ----A---- C:\windows\system32\drivers\hdaudbus.sys.bak
2014-01-04 11:35:36 ----A---- C:\windows\system32\drivers\hcw85cir.sys.bak
2014-01-04 11:35:36 ----A---- C:\windows\system32\drivers\GAGP30KX.SYS.bak
2014-01-04 11:35:36 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS.bak
2014-01-04 11:35:36 ----A---- C:\windows\system32\drivers\fvevol.sys.bak
2014-01-04 11:35:35 ----A---- C:\windows\system32\drivers\fssfltr.sys.bak
2014-01-04 11:35:35 ----A---- C:\windows\system32\drivers\fs_rec.sys.bak
2014-01-04 11:35:34 ----A---- C:\windows\system32\drivers\fsdepends.sys.bak
2014-01-04 11:35:34 ----A---- C:\windows\system32\drivers\fltMgr.sys.bak
2014-01-04 11:35:34 ----A---- C:\windows\system32\drivers\flpydisk.sys.bak
2014-01-04 11:35:34 ----A---- C:\windows\system32\drivers\filetrace.sys.bak
2014-01-04 11:35:33 ----A---- C:\windows\system32\drivers\fileinfo.sys.bak
2014-01-04 11:35:33 ----A---- C:\windows\system32\drivers\fdc.sys.bak
2014-01-04 11:35:33 ----A---- C:\windows\system32\drivers\fastfat.sys.bak
2014-01-04 11:35:32 ----A---- C:\windows\system32\drivers\exfat.sys.bak
2014-01-04 11:35:31 ----A---- C:\windows\system32\drivers\evbda.sys.bak
2014-01-04 11:35:30 ----A---- C:\windows\system32\drivers\errdev.sys.bak
2014-01-04 11:35:30 ----A---- C:\windows\system32\drivers\elxstor.sys.bak
2014-01-04 11:35:29 ----A---- C:\windows\system32\drivers\dxgmms1.sys.bak
2014-01-04 11:35:29 ----A---- C:\windows\system32\drivers\dxgkrnl.sys.bak
2014-01-04 11:35:28 ----A---- C:\windows\system32\drivers\dxg.sys.bak
2014-01-04 11:35:28 ----A---- C:\windows\system32\drivers\dxapi.sys.bak
2014-01-04 11:35:28 ----A---- C:\windows\system32\drivers\dumpfve.sys.bak
2014-01-04 11:35:28 ----A---- C:\windows\system32\drivers\Dumpata.sys.bak
2014-01-04 11:35:27 ----A---- C:\windows\system32\drivers\dtsoftbus01.sys.bak
2014-01-04 11:35:27 ----A---- C:\windows\system32\drivers\drmkaud.sys.bak
2014-01-04 11:35:27 ----A---- C:\windows\system32\drivers\drmk.sys.bak
2014-01-04 11:35:26 ----A---- C:\windows\system32\drivers\Diskdump.sys.bak
2014-01-04 11:35:26 ----A---- C:\windows\system32\drivers\disk.sys.bak
2014-01-04 11:35:26 ----A---- C:\windows\system32\drivers\discache.sys.bak
2014-01-04 11:35:26 ----A---- C:\windows\system32\drivers\dfsc.sys.bak
2014-01-04 11:35:25 ----A---- C:\windows\system32\drivers\crcdisk.sys.bak
2014-01-04 11:35:25 ----A---- C:\windows\system32\drivers\crashdmp.sys.bak
2014-01-04 11:35:25 ----A---- C:\windows\system32\drivers\CompositeBus.sys.bak
2014-01-04 11:35:25 ----A---- C:\windows\system32\drivers\compbatt.sys.bak
2014-01-04 11:35:24 ----A---- C:\windows\system32\drivers\cng.sys.bak
2014-01-04 11:35:24 ----A---- C:\windows\system32\drivers\cmdide.sys.bak
2014-01-04 11:35:24 ----A---- C:\windows\system32\drivers\CmBatt.sys.bak
2014-01-04 11:35:23 ----A---- C:\windows\system32\drivers\Classpnp.sys.bak
2014-01-04 11:35:23 ----A---- C:\windows\system32\drivers\circlass.sys.bak
2014-01-04 11:35:23 ----A---- C:\windows\system32\drivers\cdrom.sys.bak
2014-01-04 11:35:22 ----A---- C:\windows\system32\drivers\cdralw2k.sys.bak
2014-01-04 11:35:22 ----A---- C:\windows\system32\drivers\cdr4_xp.sys.bak
2014-01-04 11:35:21 ----A---- C:\windows\system32\drivers\cdfs.sys.bak
2014-01-04 11:35:21 ----A---- C:\windows\system32\drivers\bxvbda.sys.bak
2014-01-04 11:35:21 ----A---- C:\windows\system32\drivers\btwrchid.sys.bak
2014-01-04 11:35:20 ----A---- C:\windows\system32\drivers\btwl2cap.sys.bak
2014-01-04 11:35:20 ----A---- C:\windows\system32\drivers\btwavdt.sys.bak
2014-01-04 11:35:19 ----A---- C:\windows\system32\drivers\btwaudio.sys.bak
2014-01-04 11:35:19 ----A---- C:\windows\system32\drivers\btwampfl.sys.bak
2014-01-04 11:35:18 ----A---- C:\windows\system32\drivers\BTHUSB.SYS.bak
2014-01-04 11:35:18 ----A---- C:\windows\system32\drivers\bthport.sys.bak
2014-01-04 11:35:17 ----A---- C:\windows\system32\drivers\bthpan.sys.bak
2014-01-04 11:35:17 ----A---- C:\windows\system32\drivers\bthmodem.sys.bak
2014-01-04 11:35:17 ----A---- C:\windows\system32\drivers\bthenum.sys.bak
2014-01-04 11:35:17 ----A---- C:\windows\system32\drivers\BrUsbSer.sys.bak
2014-01-04 11:35:17 ----A---- C:\windows\system32\drivers\BrUsbMdm.sys.bak
2014-01-04 11:35:16 ----A---- C:\windows\system32\drivers\BrSerWdm.sys.bak
2014-01-04 11:35:16 ----A---- C:\windows\system32\drivers\BrSerId.sys.bak
2014-01-04 11:35:16 ----A---- C:\windows\system32\drivers\bridge.sys.bak
2014-01-04 11:35:16 ----A---- C:\windows\system32\drivers\BrFiltUp.sys.bak
2014-01-04 11:35:16 ----A---- C:\windows\system32\drivers\BrFiltLo.sys.bak
2014-01-04 11:35:15 ----A---- C:\windows\system32\drivers\bowser.sys.bak
2014-01-04 11:35:15 ----A---- C:\windows\system32\drivers\blbdrive.sys.bak
2014-01-04 11:35:14 ----A---- C:\windows\system32\drivers\beep.sys.bak
2014-01-04 11:35:14 ----A---- C:\windows\system32\drivers\BCMWL664.SYS.bak
2014-01-04 11:35:13 ----A---- C:\windows\system32\drivers\battc.sys.bak
2014-01-04 11:35:13 ----A---- C:\windows\system32\drivers\b57nd60a.sys.bak
2014-01-04 11:35:13 ----A---- C:\windows\system32\drivers\AtiPcie64.sys.bak
2014-01-04 11:35:11 ----A---- C:\windows\system32\drivers\atikmpag.sys.bak
2014-01-04 11:35:09 ----A---- C:\windows\system32\drivers\atikmdag.sys.bak
2014-01-04 11:35:08 ----A---- C:\windows\system32\drivers\AtiHdmi.sys.bak
2014-01-04 11:35:08 ----A---- C:\windows\system32\drivers\ataport.sys.bak
2014-01-04 11:35:08 ----A---- C:\windows\system32\drivers\atapi.sys.bak
2014-01-04 11:35:07 ----A---- C:\windows\system32\drivers\asyncmac.sys.bak
2014-01-04 11:35:06 ----A---- C:\windows\system32\drivers\arcsas.sys.bak
2014-01-04 11:35:06 ----A---- C:\windows\system32\drivers\arc.sys.bak
2014-01-04 11:35:05 ----A---- C:\windows\system32\drivers\appid.sys.bak
2014-01-04 11:35:05 ----A---- C:\windows\system32\drivers\ANDROIDUSB.sys.bak
2014-01-04 11:35:04 ----A---- C:\windows\system32\drivers\amdxata.sys.bak
2014-01-04 11:35:04 ----A---- C:\windows\system32\drivers\amdsbs.sys.bak
2014-01-04 11:35:04 ----A---- C:\windows\system32\drivers\amdsata.sys.bak
2014-01-04 11:35:03 ----A---- C:\windows\system32\drivers\amdppm.sys.bak
2014-01-04 11:35:03 ----A---- C:\windows\system32\drivers\amdk8.sys.bak
2014-01-04 11:35:03 ----A---- C:\windows\system32\drivers\amdide.sys.bak
2014-01-04 11:35:02 ----A---- C:\windows\system32\drivers\aliide.sys.bak
2014-01-04 11:35:02 ----A---- C:\windows\system32\drivers\agrsm64.sys.bak
2014-01-04 11:35:02 ----A---- C:\windows\system32\drivers\AGP440.sys.bak
2014-01-04 11:35:01 ----A---- C:\windows\system32\drivers\agilevpn.sys.bak
2014-01-04 11:35:01 ----A---- C:\windows\system32\drivers\afd.sys.bak
2014-01-04 11:35:01 ----A---- C:\windows\system32\drivers\adpu320.sys.bak
2014-01-04 11:35:00 ----A---- C:\windows\system32\drivers\adpahci.sys.bak
2014-01-04 11:35:00 ----A---- C:\windows\system32\drivers\adp94xx.sys.bak
2014-01-04 11:35:00 ----A---- C:\windows\system32\drivers\acpipmi.sys.bak
2014-01-04 11:34:59 ----A---- C:\windows\system32\drivers\acpi.sys.bak
2014-01-04 11:34:59 ----A---- C:\windows\system32\drivers\1394ohci.sys.bak
2014-01-04 11:34:58 ----A---- C:\windows\system32\drivers\1394bus.sys.bak
2014-01-03 16:47:57 ----D---- C:\ProgramData\Vivendi Universal Games
2014-01-03 16:47:29 ----D---- C:\Program Files (x86)\Na scene(TM)
2014-01-02 18:06:21 ----A---- C:\windows\ntbtlog.txt
2013-12-31 22:28:46 ----D---- C:\Users\s fam\AppData\Roaming\newnext.me
2013-12-31 22:27:19 ----D---- C:\Program Files (x86)\Mobogenie
2013-12-31 22:25:38 ----A---- C:\windows\system32\drivers\dtsoftbus01.sys
2013-12-31 22:25:12 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2013-12-31 21:36:51 ----A---- C:\windows\SYSWOW64\CmdLineExt_x64.dll
2013-12-31 17:26:53 ----A---- C:\windows\SETUP32.INI
2013-12-31 17:26:08 ----D---- C:\ProgramData\The Learning Company
2013-12-31 17:25:50 ----A---- C:\windows\TLCUninstall.exe
2013-12-31 17:25:47 ----D---- C:\Program Files (x86)\The Learning Company
2013-12-31 17:25:32 ----A---- C:\windows\IsUninst.exe
2013-12-31 15:07:45 ----D---- C:\Program Files (x86)\Seznam.cz
2013-12-31 15:05:39 ----D---- C:\Users\s fam\AppData\Roaming\DAEMON Tools Lite
2013-12-31 15:01:51 ----D---- C:\Program Files (x86)\Natipuj
2013-12-31 14:59:14 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-12-31 14:43:27 ----D---- C:\Program Files (x86)\QuickTime
2013-12-31 14:40:52 ----D---- C:\Program Files (x86)\Apple Software Update
2013-12-31 14:40:51 ----D---- C:\ProgramData\Apple
2013-12-29 15:12:40 ----A---- C:\windows\ka.ini
2013-12-29 14:51:39 ----RHD---- C:\Users\s fam\AppData\Roaming\SecuROM
2013-12-27 19:31:46 ----D---- C:\AdwCleaner
2013-12-26 01:23:23 ----A---- C:\windows\system32\drivers\aswFsBlk.sys
2013-12-26 01:23:22 ----A---- C:\windows\system32\drivers\aswSP.sys
2013-12-26 01:23:19 ----A---- C:\windows\system32\drivers\aswRdr.sys
2013-12-26 01:23:18 ----A---- C:\windows\system32\drivers\aswTdi.sys
2013-12-26 01:23:17 ----A---- C:\windows\system32\drivers\aswSnx.sys
2013-12-26 01:23:14 ----A---- C:\windows\system32\drivers\aswMonFlt.sys
2013-12-26 01:23:13 ----A---- C:\windows\system32\aswBoot.exe
2013-12-26 01:22:42 ----A---- C:\windows\avastSS.scr
2013-12-26 01:22:39 ----A---- C:\windows\SYSWOW64\aswBoot.exe
2013-12-26 01:22:31 ----D---- C:\ProgramData\AVAST Software
2013-12-26 01:22:31 ----D---- C:\Program Files\AVAST Software
2013-12-26 00:52:26 ----D---- C:\ProgramData\Allmyapps
2013-12-26 00:52:12 ----D---- C:\Program Files (x86)\PC Cleaner
2013-12-26 00:52:01 ----D---- C:\Program Files (x86)\Systweak Support Dock
2013-12-26 00:46:24 ----D---- C:\Program Files (x86)\Amazon
2013-12-26 00:15:41 ----D---- C:\rsit
2013-12-26 00:06:02 ----D---- C:\FRST
2013-12-23 15:57:36 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2014-01-16 10:04:58 ----D---- C:\Program Files\trend micro
2014-01-16 09:50:23 ----SHD---- C:\windows\Installer
2014-01-16 09:50:23 ----D---- C:\Config.Msi
2014-01-16 09:50:11 ----D---- C:\windows\winsxs
2014-01-16 09:49:48 ----D---- C:\windows\system32\config
2014-01-16 09:49:45 ----D---- C:\windows\System32
2014-01-16 09:43:51 ----D---- C:\windows\system32\MRT
2014-01-16 09:43:41 ----A---- C:\windows\system32\MRT.exe
2014-01-16 09:40:50 ----SHD---- C:\System Volume Information
2014-01-15 18:34:26 ----D---- C:\Users\s fam\AppData\Roaming\vlc
2014-01-15 18:16:36 ----D---- C:\windows\system32\catroot
2014-01-15 18:16:34 ----D---- C:\windows\system32\catroot2
2014-01-15 18:04:51 ----D---- C:\ProgramData\PDFC
2014-01-13 00:05:44 ----D---- C:\windows\system32\drivers
2014-01-13 00:05:40 ----AD---- C:\Windows
2014-01-12 23:57:00 ----A---- C:\windows\system.ini
2014-01-12 23:56:42 ----D---- C:\windows\system32\drivers\etc
2014-01-12 23:54:10 ----D---- C:\windows\Prefetch
2014-01-12 23:50:39 ----D---- C:\windows\erdnt
2014-01-12 23:43:09 ----D---- C:\windows\SYSWOW64\drivers
2014-01-12 23:43:09 ----D---- C:\windows\SysWOW64
2014-01-12 23:43:09 ----D---- C:\windows\AppPatch
2014-01-12 23:43:07 ----D---- C:\Program Files (x86)\Common Files
2014-01-12 21:49:49 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-01-12 14:25:15 ----D---- C:\windows\rescache
2014-01-09 20:51:55 ----D---- C:\Users\s fam\AppData\Roaming\Skype
2014-01-09 08:56:59 ----RD---- C:\Program Files (x86)
2014-01-09 08:53:11 ----D---- C:\Program Files\Internet Explorer
2014-01-09 08:53:11 ----D---- C:\Program Files (x86)\Internet Explorer
2014-01-09 08:53:03 ----D---- C:\Program Files\Common Files\McAfee
2014-01-08 22:15:47 ----D---- C:\ProgramData
2014-01-08 19:38:16 ----D---- C:\windows\inf
2014-01-08 19:38:16 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-01-08 17:54:58 ----RD---- C:\Program Files
2014-01-08 16:52:30 ----D---- C:\windows\SYSWOW64\sk-SK
2014-01-08 16:52:29 ----D---- C:\windows\system32\sk-SK
2014-01-08 16:52:24 ----D---- C:\windows\SYSWOW64\migration
2014-01-08 16:52:23 ----D---- C:\windows\SYSWOW64\en-US
2014-01-08 16:52:18 ----D---- C:\windows\system32\migration
2014-01-08 16:52:18 ----D---- C:\windows\PolicyDefinitions
2014-01-08 16:52:17 ----D---- C:\windows\system32\en-US
2014-01-07 03:29:42 ----D---- C:\windows\Logs
2014-01-07 00:36:08 ----D---- C:\windows\Microsoft.NET
2014-01-07 00:36:06 ----RSD---- C:\windows\assembly
2014-01-05 22:30:20 ----D---- C:\windows\Tasks
2014-01-05 22:30:20 ----D---- C:\windows\system32\Tasks
2014-01-04 11:54:38 ----SD---- C:\ProgramData\Microsoft
2014-01-03 16:47:28 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-01-03 16:25:36 ----D---- C:\Users\s fam\AppData\Roaming\Google
2014-01-01 22:27:06 ----D---- C:\ProgramData\Microsoft Help
2014-01-01 22:26:35 ----A---- C:\windows\win.ini
2014-01-01 15:12:36 ----D---- C:\windows\Minidump
2014-01-01 02:02:22 ----D---- C:\Games
2013-12-31 23:15:11 ----D---- C:\Program Files (x86)\yBook
2013-12-31 22:26:02 ----D---- C:\windows\system32\DriverStore
2013-12-31 22:19:53 ----D---- C:\Programs
2013-12-31 17:16:19 ----D---- C:\Users\s fam\AppData\Roaming\Seznam.cz
2013-12-29 10:23:19 ----D---- C:\Program Files (x86)\GotClip
2013-12-24 07:28:12 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-23 20:17:37 ----SD---- C:\Users\s fam\AppData\Roaming\Microsoft
2013-12-23 20:09:18 ----D---- C:\Program Files (x86)\Mozilla Firefox.bak
2013-12-21 01:25:25 ----D---- C:\Program Files (x86)\Google

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\windows\system32\DRIVERS\AtiPcie64.sys [2010-03-09 16440]
R0 PxHlpa64;PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2013-12-31 381440]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2011-02-23 31064]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2011-02-23 505176]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2011-02-23 280408]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2011-02-23 53592]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2010-01-29 115600]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2011-02-23 22360]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2011-02-23 64344]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-11-02 1209856]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2010-08-05 6859776]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2010-08-04 264192]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\windows\system32\drivers\AtiHdmi.sys [2010-08-11 125456]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl664.sys [2010-10-04 3063360]
R3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;Bluetooth AMP USB Filter; C:\windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2010-07-20 135720]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-12-31 283064]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-16 25912]
R3 pcouffin;VSO Software pcouffin; C:\windows\System32\Drivers\pcouffin.sys [2011-03-21 82816]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-05-03 331880]
R3 rtsuvc;HP Webcam [2 MP Fixed]; C:\windows\system32\DRIVERS\rtsuvc.sys [2010-05-21 96384]
R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10329; C:\windows\system32\DRIVERS\stwrt64.sys [2011-11-20 515584]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-10-03 1379376]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2012-09-12 57856]
S3 HTCAND64;HTC Device Driver; C:\windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\windows\system32\DRIVERS\htcnprot.sys [2012-12-07 36928]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\windows\system32\DRIVERS\ss_bserd.sys [2009-09-19 128000]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;USB RNDIS Adapter; C:\windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2011-11-20 89600]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-11-02 16896]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2010-08-05 203264]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-02-23 42184]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-30 951584]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-08-10 197536]
R2 hpHotkeyMonitor;HP Hotkey Monitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-10-01 280120]
R2 HTCMonitorService;HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2013-01-29 87368]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-08-11 1128952]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10129; C:\Program Files\IDT\WDM\STacSV64.exe [2011-11-20 271360]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-26 136176]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2011-03-19 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10 257416]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-09-12 1512448]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-26 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-11-21 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-03-09 30798512]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-23 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-03-21 632832]
S3 stllssvr;stllssvr; c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [2009-10-16 74392]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-03-19 1255736]

-----------------EOF-----------------

[Márty84]

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[xemanpet]

OTL logfile created on: 1/17/2014 7:18:04 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\s fam\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

2.74 Gb Total Physical Memory | 1.54 Gb Available Physical Memory | 56.19% Memory free
5.49 Gb Paging File | 3.78 Gb Available in Paging File | 68.88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 280.79 Gb Total Space | 114.49 Gb Free Space | 40.77% Space Free | Partition Type: NTFS
Drive F: | 1.99 Gb Total Space | 1.98 Gb Free Space | 99.52% Space Free | Partition Type: FAT32

Computer Name: SFAM-HP | User Name: s fam | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/17 19:14:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\s fam\Desktop\OTL.exe
PRC - [2013/12/08 09:16:19 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
PRC - [2013/12/04 03:48:06 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2013/05/10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/26 18:27:06 | 000,169,312 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
PRC - [2013/01/29 20:05:44 | 000,087,368 | ---- | M] (Nero AG) -- C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
PRC - [2012/12/07 16:26:56 | 000,167,424 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012/08/10 15:48:50 | 000,197,536 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/08/11 19:29:24 | 001,128,952 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2011/02/23 16:04:20 | 003,451,496 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/02/23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2010/10/01 13:44:58 | 000,280,120 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
PRC - [2010/07/30 03:39:24 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe


========== Modules (No Company Name) ==========

MOD - [2013/12/04 03:48:04 | 000,399,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppgooglenaclpluginchrome.dll
MOD - [2013/12/04 03:48:02 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
MOD - [2013/12/04 03:47:11 | 000,702,416 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
MOD - [2013/12/04 03:47:11 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
MOD - [2013/12/04 03:47:08 | 001,619,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
MOD - [2013/09/05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2013/04/26 18:27:06 | 000,169,312 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe


========== Services (SafeList) ==========

SRV:64bit: - [2013/11/26 10:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/11/20 09:23:35 | 000,271,360 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011/11/20 09:23:34 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2011/02/23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/08/05 00:22:44 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/07/30 03:39:24 | 000,951,584 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010/04/05 19:12:00 | 000,103,992 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2009/11/02 21:11:52 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2013/12/23 15:57:49 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/10 23:46:13 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2013/05/10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/01/29 20:05:44 | 000,087,368 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe -- (HTCMonitorService)
SRV - [2012/12/07 16:26:56 | 000,167,424 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/08/10 15:48:50 | 000,197,536 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/08/11 19:29:24 | 001,128,952 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2011/03/21 12:21:24 | 000,632,832 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/10/01 13:44:58 | 000,280,120 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe -- (hpHotkeyMonitor)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/12/31 22:25:38 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/12/31 15:06:03 | 000,381,440 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2013/08/29 02:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2013/06/26 18:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 18:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 18:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 18:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2013/02/12 05:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/12/07 17:27:50 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2012/09/12 15:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/20 09:23:35 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/10/03 21:13:45 | 001,379,376 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/05/13 02:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/05/13 02:21:04 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2011/05/13 02:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011/05/13 02:21:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011/05/13 02:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011/03/21 10:23:38 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/23 15:57:04 | 000,280,408 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011/02/23 15:57:01 | 000,505,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011/02/23 15:55:53 | 000,053,592 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011/02/23 15:55:13 | 000,031,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011/02/23 15:55:05 | 000,064,344 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/02/23 15:54:58 | 000,022,360 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/10/04 12:07:45 | 003,063,360 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/08/11 17:43:00 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/08/05 00:52:36 | 006,859,776 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/08/04 23:47:20 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/07/20 22:26:42 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/07/20 22:26:38 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/07/20 22:26:34 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/07/14 15:25:38 | 000,344,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010/05/21 04:06:38 | 000,096,384 | ---- | M] (Realtek Semiconductor Corp.) [2 MP Fixed] [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvc.sys -- (rtsuvc)
DRV:64bit: - [2010/05/03 23:44:02 | 000,331,880 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/03/19 11:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/03/09 18:03:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV:64bit: - [2010/03/02 23:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010/02/16 20:24:20 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2009/11/02 21:12:00 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/11/02 17:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009/09/19 05:30:14 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV:64bit: - [2009/09/19 05:30:14 | 000,128,000 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bserd.sys -- (ss_bserd)
DRV:64bit: - [2009/09/19 05:30:14 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus)
DRV:64bit: - [2009/09/19 05:30:14 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/08/28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2010/01/29 10:40:16 | 000,115,600 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{55FC59AB-C94B-4BD4-8BCF-3E0165E50D1E}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{55FC59AB-C94B-4BD4-8BCF-3E0165E50D1E}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1904487887-2426832105-4032358140-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKU\S-1-5-21-1904487887-2426832105-4032358140-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded =
IE - HKU\S-1-5-21-1904487887-2426832105-4032358140-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-1904487887-2426832105-4032358140-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKU\S-1-5-21-1904487887-2426832105-4032358140-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\S-1-5-21-1904487887-2426832105-4032358140-1001\..\SearchScopes,DefaultScope = {9995B196-AA07-42CA-940A-D797466E0B9F}
IE - HKU\S-1-5-21-1904487887-2426832105-4032358140-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-1904487887-2426832105-4032358140-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-1904487887-2426832105-4032358140-1001\..\SearchScopes\{866F692F-ED0D-404E-AB82-4DAFFE60AB13}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-1904487887-2426832105-4032358140-1001\..\SearchScopes\{8C177447-348F-4969-877B-D79D0E4593BB}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
IE - HKU\S-1-5-21-1904487887-2426832105-4032358140-1001\..\SearchScopes\{9995B196-AA07-42CA-940A-D797466E0B9F}: "URL" = http://www.google.com/search?q={searchT ... GB_skSK563
IE - HKU\S-1-5-21-1904487887-2426832105-4032358140-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: " "
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.param.yahoo-fr: ""
FF - prefs.js..extensions.enabledAddons: plugin2%40gameplaylabs.com:2.0
FF - prefs.js..extensions.enabledAddons: %7Bea614400-e918-4741-9a97-7a972ff7c30b%7D:2.5.15
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\s fam\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\s fam\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\s fam\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\s fam\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\s fam\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\s fam\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\s fam\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/09/02 21:27:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/12/26 01:22:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/12/31 14:48:57 | 000,000,000 | ---D | M]

[2011/03/19 20:22:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\s fam\AppData\Roaming\mozilla\Extensions
[2011/03/18 23:22:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\s fam\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013/12/28 20:27:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\s fam\AppData\Roaming\mozilla\Firefox\Profiles\p3p2cpzr.default\extensions
[2013/03/30 12:28:58 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\s fam\AppData\Roaming\mozilla\Firefox\Profiles\p3p2cpzr.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2011/03/27 17:33:40 | 000,000,000 | ---D | M] (GamePlayLabs Plugin) -- C:\Users\s fam\AppData\Roaming\mozilla\Firefox\Profiles\p3p2cpzr.default\extensions\plugin2@gameplaylabs.com
[2013/12/23 15:57:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/12/23 15:57:38 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/12/23 15:57:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/12/23 15:57:37 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/12/23 15:57:53 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.seznam.cz/?clid=13415
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\NP5aStub.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\s fam\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\s fam\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Disk Google = C:\Users\s fam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\s fam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Hada v Google = C:\Users\s fam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Skype Click to Call = C:\Users\s fam\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\
CHR - Extension: Pe\u0148a\u017Eenka Google = C:\Users\s fam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\s fam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2014/01/12 23:56:42 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll ()
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O3:64bit: - HKU\S-1-5-21-1904487887-2426832105-4032358140-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1904487887-2426832105-4032358140-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1904487887-2426832105-4032358140-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Odoslať obrázok do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odoslať stránku do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Odoslať obrázok do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odoslať stránku do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O15 - HKU\S-1-5-21-1904487887-2426832105-4032358140-1001\..Trusted Domains: localhost ([]http in Internet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{90887C4D-28AF-43C0-93AF-B4E1C9988184}: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB93A40F-D6DC-40EC-B6BB-83865DDA48C1}: DhcpNameServer = 88.212.8.8 88.212.8.88
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.XVID - xvidvfw.dll File not found
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014/01/17 19:14:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\s fam\Desktop\OTL.exe
[2014/01/15 18:16:55 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbport.sys
[2014/01/15 18:16:55 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbd.sys
[2014/01/15 18:16:51 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys
[2014/01/13 00:05:40 | 000,000,000 | ---D | C] -- C:\windows\temp
[2014/01/12 23:56:51 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2014/01/12 23:25:07 | 005,164,834 | R--- | C] (Swearware) -- C:\Users\s fam\Desktop\ComboFix.exe
[2014/01/08 22:26:04 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2014/01/08 22:26:03 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2014/01/08 22:26:02 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2014/01/08 22:26:02 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2014/01/08 22:26:01 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014/01/08 22:26:01 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014/01/08 22:26:01 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014/01/08 22:26:00 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2014/01/08 22:26:00 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2014/01/08 22:25:59 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2014/01/08 22:25:59 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2014/01/08 22:25:58 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2014/01/08 22:25:57 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2014/01/08 22:25:54 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014/01/08 22:25:53 | 001,995,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014/01/08 22:25:49 | 005,769,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014/01/07 03:29:42 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEUDINIT.EXE
[2014/01/07 03:22:31 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2014/01/07 03:22:31 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\elshyph.dll
[2014/01/07 03:22:19 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jsIntl.dll
[2014/01/07 03:22:19 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\elshyph.dll
[2014/01/07 03:22:18 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2014/01/07 03:22:17 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014/01/07 03:22:16 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/01/07 03:22:15 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2014/01/07 03:22:15 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2014/01/07 03:22:14 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2014/01/07 03:22:14 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2014/01/07 03:22:13 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2014/01/07 03:22:13 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014/01/07 03:22:13 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2014/01/07 03:22:12 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2014/01/07 03:22:12 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2014/01/07 03:22:12 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014/01/07 03:22:11 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2014/01/07 03:22:11 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2014/01/07 03:22:11 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014/01/07 03:22:10 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2014/01/07 03:22:10 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014/01/07 03:22:10 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2014/01/07 03:22:09 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2014/01/07 03:22:09 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2014/01/07 03:22:08 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2014/01/07 03:22:08 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2014/01/07 03:22:08 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2014/01/07 03:22:08 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2014/01/07 03:22:07 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2014/01/07 03:22:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2014/01/07 03:22:06 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2014/01/07 03:22:02 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jsIntl.dll
[2014/01/07 03:22:01 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2014/01/07 03:22:00 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2014/01/07 03:21:59 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014/01/07 03:21:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2014/01/07 03:21:58 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2014/01/07 03:21:58 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2014/01/07 03:21:57 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2014/01/07 03:21:57 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2014/01/07 03:21:56 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2014/01/07 03:21:56 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2014/01/07 03:21:55 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2014/01/07 03:21:55 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014/01/07 03:21:55 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2014/01/07 03:21:55 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014/01/07 03:21:54 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2014/01/07 03:21:54 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2014/01/07 03:21:53 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2014/01/07 03:21:53 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2014/01/07 03:21:52 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014/01/07 03:21:52 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2014/01/07 03:21:52 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2014/01/07 03:21:52 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2014/01/07 03:21:52 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014/01/07 03:21:51 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2014/01/07 03:21:50 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2014/01/07 03:21:50 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2014/01/07 03:21:50 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2014/01/07 03:21:50 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2014/01/07 03:21:49 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2014/01/07 03:21:49 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2014/01/07 03:21:49 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2014/01/07 01:22:57 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2014/01/07 01:22:57 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2014/01/07 01:22:57 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2014/01/07 01:19:29 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/01/04 11:37:00 | 000,016,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\wmilib.sys.bak
[2014/01/04 11:36:58 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdfLdr.sys.bak
[2014/01/04 11:36:57 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\watchdog.sys.bak
[2014/01/04 11:36:54 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\videoprt.sys.bak
[2014/01/04 11:36:51 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbser.sys.bak
[2014/01/04 11:36:50 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbport.sys.bak
[2014/01/04 11:36:50 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbrpm.sys.bak
[2014/01/04 11:36:48 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbd.sys.bak
[2014/01/04 11:36:47 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\USBCAMD2.sys.bak
[2014/01/04 11:36:47 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usb8023x.sys.bak
[2014/01/04 11:36:46 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usb8023.sys.bak
[2014/01/04 11:36:44 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\TsUsbFlt.sys.bak
[2014/01/04 11:36:43 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\tpm.sys.bak
[2014/01/04 11:36:42 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\tdi.sys.bak
[2014/01/04 11:36:39 | 001,379,376 | ---- | C] (Synaptics Incorporated) -- C:\windows\SysNative\drivers\SynTP.sys.bak
[2014/01/04 11:36:39 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\tape.sys.bak
[2014/01/04 11:36:38 | 000,515,584 | ---- | C] (IDT, Inc.) -- C:\windows\SysNative\drivers\stwrt64.sys.bak
[2014/01/04 11:36:38 | 000,068,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\stream.sys.bak
[2014/01/04 11:36:37 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\storport.sys.bak
[2014/01/04 11:36:37 | 000,024,656 | ---- | C] (Promise Technology) -- C:\windows\SysNative\drivers\stexstor.sys.bak
[2014/01/04 11:36:37 | 000,015,872 | ---- | C] (MCCI Corporation) -- C:\windows\SysNative\drivers\ss_bwhnt.sys.bak
[2014/01/04 11:36:36 | 000,128,000 | ---- | C] (MCCI Corporation) -- C:\windows\SysNative\drivers\ss_bserd.sys.bak
[2014/01/04 11:36:36 | 000,015,872 | ---- | C] (MCCI Corporation) -- C:\windows\SysNative\drivers\ss_bwh.sys.bak
[2014/01/04 11:36:35 | 000,161,280 | ---- | C] (MCCI Corporation) -- C:\windows\SysNative\drivers\ss_bmdm.sys.bak
[2014/01/04 11:36:35 | 000,018,944 | ---- | C] (MCCI Corporation) -- C:\windows\SysNative\drivers\ss_bmdfl.sys.bak
[2014/01/04 11:36:34 | 000,127,488 | ---- | C] (MCCI) -- C:\windows\SysNative\drivers\ss_bbus.sys.bak
[2014/01/04 11:36:34 | 000,015,360 | ---- | C] (MCCI Corporation) -- C:\windows\SysNative\drivers\ss_bcmnt.sys.bak
[2014/01/04 11:36:34 | 000,015,360 | ---- | C] (MCCI Corporation) -- C:\windows\SysNative\drivers\ss_bcm.sys.bak
[2014/01/04 11:36:33 | 000,013,800 | ---- | C] (MCCI Corporation) -- C:\windows\SysNative\drivers\ssadwhnt.sys.bak
[2014/01/04 11:36:33 | 000,013,800 | ---- | C] (MCCI Corporation) -- C:\windows\SysNative\drivers\ssadwh.sys.bak
[2014/01/04 11:36:32 | 000,177,640 | ---- | C] (MCCI Corporation) -- C:\windows\SysNative\drivers\ssadmdm.sys.bak
[2014/01/04 11:36:32 | 000,146,920 | ---- | C] (MCCI Corporation) -- C:\windows\SysNative\drivers\ssadserd.sys.bak
[2014/01/04 11:36:31 | 000,016,872 | ---- | C] (MCCI Corporation) -- C:\windows\SysNative\drivers\ssadmdfl.sys.bak
[2014/01/04 11:36:31 | 000,013,288 | ---- | C] (MCCI Corporation) -- C:\windows\SysNative\drivers\ssadcmnt.sys.bak
[2014/01/04 11:36:30 | 000,157,672 | ---- | C] (MCCI Corporation) -- C:\windows\SysNative\drivers\ssadbus.sys.bak
[2014/01/04 11:36:30 | 000,036,328 | ---- | C] (Google Inc) -- C:\windows\SysNative\drivers\ssadadb.sys.bak
[2014/01/04 11:36:30 | 000,013,288 | ---- | C] (MCCI Corporation) -- C:\windows\SysNative\drivers\ssadcm.sys.bak
[2014/01/04 11:36:27 | 000,426,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\spsys.sys.bak
[2014/01/04 11:36:27 | 000,381,440 | ---- | C] (Duplex Secure Ltd.) -- C:\windows\SysNative\drivers\sptd.sys.bak
[2014/01/04 11:36:26 | 000,023,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Sftvollh.sys.bak
[2014/01/04 11:36:26 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\smclib.sys.bak
[2014/01/04 11:36:25 | 000,028,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Sftredirlh.sys.bak
[2014/01/04 11:36:24 | 000,767,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Sftfslh.sys.bak
[2014/01/04 11:36:24 | 000,273,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Sftplaylh.sys.bak
[2014/01/04 11:36:22 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\sdbus.sys.bak
[2014/01/04 11:36:21 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\scsiport.sys.bak
[2014/01/04 11:36:20 | 000,096,384 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\drivers\rtsuvc.sys.bak
[2014/01/04 11:36:19 | 000,331,880 | ---- | C] (Realtek ) -- C:\windows\SysNative\drivers\Rt64win7.sys.bak
[2014/01/04 11:36:19 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rootmdm.sys.bak
[2014/01/04 11:36:18 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rmcast.sys.bak
[2014/01/04 11:36:18 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rndismpx.sys.bak
[2014/01/04 11:36:18 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\RNDISMP.sys.bak
[2014/01/04 11:36:12 | 000,055,856 | ---- | C] (Sonic Solutions) -- C:\windows\SysNative\drivers\PxHlpa64.sys.bak
[2014/01/04 11:36:11 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\portcls.sys.bak
[2014/01/04 11:36:10 | 000,082,816 | ---- | C] (VSO Software) -- C:\windows\SysNative\drivers\pcouffin.sys.bak
[2014/01/04 11:36:09 | 000,048,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\pciidex.sys.bak
[2014/01/04 11:36:08 | 000,025,600 | ---- | C] (Nokia) -- C:\windows\SysNative\drivers\pccsmcfdx64.sys.bak
[2014/01/04 11:36:03 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys.bak
[2014/01/04 11:35:53 | 000,176,144 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\Mpfp.sys.bak
[2014/01/04 11:35:52 | 000,283,232 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfewfpk.sys.bak
[2014/01/04 11:35:51 | 000,528,872 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfehidk.sys.bak
[2014/01/04 11:35:51 | 000,094,736 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mferkdet.sys.bak
[2014/01/04 11:35:50 | 000,190,136 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfeavfk.sys.bak
[2014/01/04 11:35:50 | 000,009,984 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfeclnk.sys.bak
[2014/01/04 11:35:49 | 000,121,248 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfeapfk.sys.bak
[2014/01/04 11:35:49 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\mcd.sys.bak
[2014/01/04 11:35:48 | 000,065,600 | ---- | C] (LSI Corporation) -- C:\windows\SysNative\drivers\lsi_sas2.sys.bak
[2014/01/04 11:35:44 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\irda.sys.bak
[2014/01/04 11:35:41 | 000,036,928 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\windows\SysNative\drivers\htcnprot.sys.bak
[2014/01/04 11:35:40 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\windows\SysNative\drivers\HpSAMD.sys.bak
[2014/01/04 11:35:40 | 000,025,912 | ---- | C] (Hewlett-Packard Company) -- C:\windows\SysNative\drivers\HpqKbFiltr.sys.bak
[2014/01/04 11:35:39 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidparse.sys.bak
[2014/01/04 11:35:38 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidclass.sys.bak
[2014/01/04 11:35:36 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS.bak
[2014/01/04 11:35:36 | 000,031,232 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\windows\SysNative\drivers\hcw85cir.sys.bak
[2014/01/04 11:35:35 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\fssfltr.sys.bak
[2014/01/04 11:35:35 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\fs_rec.sys.bak
[2014/01/04 11:35:31 | 003,286,016 | ---- | C] (Broadcom Corporation) -- C:\windows\SysNative\drivers\evbda.sys.bak
[2014/01/04 11:35:29 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgmms1.sys.bak
[2014/01/04 11:35:28 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxg.sys.bak
[2014/01/04 11:35:28 | 000,055,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dumpfve.sys.bak
[2014/01/04 11:35:28 | 000,028,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Dumpata.sys.bak
[2014/01/04 11:35:28 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxapi.sys.bak
[2014/01/04 11:35:27 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\windows\SysNative\drivers\dtsoftbus01.sys.bak
[2014/01/04 11:35:27 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\drmk.sys.bak
[2014/01/04 11:35:26 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Diskdump.sys.bak
[2014/01/04 11:35:25 | 000,039,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\crashdmp.sys.bak
[2014/01/04 11:35:23 | 000,179,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Classpnp.sys.bak
[2014/01/04 11:35:22 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\windows\SysNative\drivers\cdralw2k.sys.bak
[2014/01/04 11:35:22 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\windows\SysNative\drivers\cdr4_xp.sys.bak
[2014/01/04 11:35:21 | 000,468,480 | ---- | C] (Broadcom Corporation) -- C:\windows\SysNative\drivers\bxvbda.sys.bak
[2014/01/04 11:35:21 | 000,021,544 | ---- | C] (Broadcom Corporation.) -- C:\windows\SysNative\drivers\btwrchid.sys.bak
[2014/01/04 11:35:20 | 000,135,720 | ---- | C] (Broadcom Corporation.) -- C:\windows\SysNative\drivers\btwavdt.sys.bak
[2014/01/04 11:35:20 | 000,039,464 | ---- | C] (Broadcom Corporation.) -- C:\windows\SysNative\drivers\btwl2cap.sys.bak
[2014/01/04 11:35:19 | 000,344,616 | ---- | C] (Broadcom Corporation.) -- C:\windows\SysNative\drivers\btwampfl.sys.bak
[2014/01/04 11:35:19 | 000,102,952 | ---- | C] (Broadcom Corporation.) -- C:\windows\SysNative\drivers\btwaudio.sys.bak
[2014/01/04 11:35:14 | 003,063,360 | ---- | C] (Broadcom Corporation) -- C:\windows\SysNative\drivers\BCMWL664.SYS.bak
[2014/01/04 11:35:13 | 000,270,848 | ---- | C] (Broadcom Corporation) -- C:\windows\SysNative\drivers\b57nd60a.sys.bak
[2014/01/04 11:35:13 | 000,028,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\battc.sys.bak
[2014/01/04 11:35:13 | 000,016,440 | ---- | C] (Advanced Micro Devices Inc.) -- C:\windows\SysNative\drivers\AtiPcie64.sys.bak
[2014/01/04 11:35:11 | 000,264,192 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\windows\SysNative\drivers\atikmpag.sys.bak
[2014/01/04 11:35:09 | 006,859,776 | ---- | C] (ATI Technologies Inc.) -- C:\windows\SysNative\drivers\atikmdag.sys.bak
[2014/01/04 11:35:08 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ataport.sys.bak
[2014/01/04 11:35:08 | 000,125,456 | ---- | C] (ATI Technologies, Inc.) -- C:\windows\SysNative\drivers\AtiHdmi.sys.bak
[2014/01/04 11:35:05 | 000,033,736 | ---- | C] (HTC, Corporation) -- C:\windows\SysNative\drivers\ANDROIDUSB.sys.bak
[2014/01/04 11:35:04 | 000,194,128 | ---- | C] (AMD Technologies Inc.) -- C:\windows\SysNative\drivers\amdsbs.sys.bak
[2014/01/04 11:35:04 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amdsata.sys.bak
[2014/01/04 11:35:04 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amdxata.sys.bak
[2014/01/04 11:35:02 | 001,209,856 | ---- | C] (LSI Corporation) -- C:\windows\SysNative\drivers\agrsm64.sys.bak
[2014/01/04 11:34:58 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\1394bus.sys.bak
[2014/01/03 16:47:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Vivendi Universal Games
[2014/01/03 16:47:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Na scene(TM)
[2014/01/02 19:35:00 | 000,000,000 | ---D | C] -- C:\Users\s fam\Desktop\e knihy
[2013/12/31 22:48:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2013/12/31 22:28:52 | 000,000,000 | ---D | C] -- C:\Users\s fam\.android
[2013/12/31 22:28:48 | 000,000,000 | ---D | C] -- C:\Users\s fam\AppData\Local\cache
[2013/12/31 22:28:46 | 000,000,000 | ---D | C] -- C:\Users\s fam\AppData\Roaming\newnext.me
[2013/12/31 22:28:45 | 000,000,000 | ---D | C] -- C:\Users\s fam\Documents\Mobogenie
[2013/12/31 22:28:45 | 000,000,000 | ---D | C] -- C:\Users\s fam\AppData\Local\Mobogenie
[2013/12/31 22:28:45 | 000,000,000 | ---D | C] -- C:\Users\s fam\AppData\Local\genienext
[2013/12/31 22:27:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mobogenie
[2013/12/31 22:26:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2013/12/31 22:25:38 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\windows\SysNative\drivers\dtsoftbus01.sys
[2013/12/31 22:25:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2013/12/31 21:36:51 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\windows\SysWow64\CmdLineExt_x64.dll
[2013/12/31 17:26:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Learning Company
[2013/12/31 17:26:08 | 000,000,000 | ---D | C] -- C:\ProgramData\The Learning Company
[2013/12/31 17:25:50 | 000,274,432 | ---- | C] (Riverdeep Interactive Learning Limited) -- C:\windows\TLCUninstall.exe
[2013/12/31 17:25:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Learning Company
[2013/12/31 17:25:32 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\windows\IsUninst.exe
[2013/12/31 15:07:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seznam.cz
[2013/12/31 15:05:39 | 000,000,000 | ---D | C] -- C:\Users\s fam\AppData\Roaming\DAEMON Tools Lite
[2013/12/31 15:01:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Natipuj
[2013/12/31 14:59:14 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2013/12/31 14:43:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2013/12/31 14:41:00 | 000,000,000 | ---D | C] -- C:\Users\s fam\AppData\Local\Apple
[2013/12/31 14:40:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013/12/31 14:40:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013/12/31 13:42:50 | 000,000,000 | ---D | C] -- C:\Users\s fam\Desktop\RK_Quarantine
[2013/12/29 15:13:32 | 000,000,000 | ---D | C] -- C:\Users\s fam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013/12/29 15:12:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Barbie(TM)
[2013/12/29 14:51:39 | 000,000,000 | RH-D | C] -- C:\Users\s fam\AppData\Roaming\SecuROM
[2013/12/29 14:51:04 | 000,000,000 | ---D | C] -- C:\Users\s fam\Documents\KONAMI
[2013/12/27 19:31:46 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/12/26 01:23:23 | 000,022,360 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys
[2013/12/26 01:23:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013/12/26 01:23:22 | 000,280,408 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys
[2013/12/26 01:23:19 | 000,031,064 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr.sys
[2013/12/26 01:23:18 | 000,053,592 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswTdi.sys
[2013/12/26 01:23:17 | 000,505,176 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys
[2013/12/26 01:23:14 | 000,064,344 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys
[2013/12/26 01:23:13 | 000,238,968 | ---- | C] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe
[2013/12/26 01:22:42 | 000,040,648 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr
[2013/12/26 01:22:39 | 000,190,016 | ---- | C] (AVAST Software) -- C:\windows\SysWow64\aswBoot.exe
[2013/12/26 01:22:31 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/12/26 01:22:31 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/12/26 01:09:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bwin Poker
[2013/12/26 00:53:16 | 000,000,000 | ---D | C] -- C:\Users\s fam\AppData\Local\CrashRpt
[2013/12/26 00:52:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Allmyapps
[2013/12/26 00:52:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Cleaner
[2013/12/26 00:52:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Systweak Support Dock
[2013/12/26 00:46:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amazon
[2013/12/26 00:15:41 | 000,000,000 | ---D | C] -- C:\rsit
[2013/12/26 00:06:02 | 000,000,000 | ---D | C] -- C:\FRST
[2013/12/23 15:57:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/12/21 01:25:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/03/21 10:18:24 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\s fam\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2014/01/17 19:27:05 | 000,000,946 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1904487887-2426832105-4032358140-1001UA.job
[2014/01/17 19:23:43 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/01/17 19:22:01 | 000,000,936 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/17 19:14:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\s fam\Desktop\OTL.exe
[2014/01/17 19:13:22 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/01/17 18:46:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/01/17 17:05:53 | 000,019,760 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/17 17:05:53 | 000,019,760 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/17 16:58:09 | 000,000,932 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/17 16:57:02 | 2946,039,808 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/16 11:26:30 | 000,424,184 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014/01/16 10:30:03 | 000,000,332 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleFors fam.job
[2014/01/14 17:44:36 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1904487887-2426832105-4032358140-1001Core.job
[2014/01/12 23:56:42 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2014/01/12 23:25:31 | 005,164,834 | R--- | M] (Swearware) -- C:\Users\s fam\Desktop\ComboFix.exe
[2014/01/09 20:37:32 | 000,192,057 | ---- | M] () -- C:\Users\s fam\Desktop\Mikulasovy-prazdniny---Goscinny-Rene.epub
[2014/01/09 20:35:57 | 006,409,964 | ---- | M] () -- C:\Users\s fam\Desktop\Miroslav-Válek---Básně.pdf
[2014/01/09 19:44:08 | 034,732,113 | ---- | M] () -- C:\Users\s fam\Desktop\Tomas-Janovic.rar
[2014/01/08 19:38:16 | 001,556,622 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/01/08 19:38:16 | 000,959,644 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/01/08 19:38:16 | 000,005,404 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/01/08 17:58:12 | 000,023,989 | ---- | M] () -- C:\windows\SysNative\Config.MPF
[2014/01/07 03:22:31 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2014/01/07 03:22:31 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\elshyph.dll
[2014/01/07 03:22:19 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jsIntl.dll
[2014/01/07 03:22:19 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\elshyph.dll
[2014/01/07 03:22:18 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2014/01/07 03:22:17 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014/01/07 03:22:16 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/01/07 03:22:15 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2014/01/07 03:22:15 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2014/01/07 03:22:14 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2014/01/07 03:22:14 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2014/01/07 03:22:13 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2014/01/07 03:22:13 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014/01/07 03:22:13 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2014/01/07 03:22:12 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2014/01/07 03:22:12 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2014/01/07 03:22:12 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014/01/07 03:22:12 | 000,016,284 | ---- | M] () -- C:\windows\SysWow64\ieuinit.inf
[2014/01/07 03:22:11 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2014/01/07 03:22:11 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2014/01/07 03:22:11 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014/01/07 03:22:10 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2014/01/07 03:22:10 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014/01/07 03:22:10 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2014/01/07 03:22:09 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2014/01/07 03:22:09 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2014/01/07 03:22:08 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2014/01/07 03:22:08 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2014/01/07 03:22:08 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2014/01/07 03:22:08 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2014/01/07 03:22:07 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2014/01/07 03:22:07 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2014/01/07 03:22:06 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2014/01/07 03:22:02 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jsIntl.dll
[2014/01/07 03:22:01 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2014/01/07 03:22:00 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2014/01/07 03:21:59 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014/01/07 03:21:59 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2014/01/07 03:21:58 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2014/01/07 03:21:58 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2014/01/07 03:21:57 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2014/01/07 03:21:57 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2014/01/07 03:21:56 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2014/01/07 03:21:56 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2014/01/07 03:21:55 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2014/01/07 03:21:55 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014/01/07 03:21:55 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2014/01/07 03:21:55 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014/01/07 03:21:54 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2014/01/07 03:21:54 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2014/01/07 03:21:54 | 000,016,284 | ---- | M] () -- C:\windows\SysNative\ieuinit.inf
[2014/01/07 03:21:53 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2014/01/07 03:21:53 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2014/01/07 03:21:52 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014/01/07 03:21:52 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2014/01/07 03:21:52 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2014/01/07 03:21:52 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2014/01/07 03:21:52 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014/01/07 03:21:51 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2014/01/07 03:21:51 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2014/01/07 03:21:50 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2014/01/07 03:21:50 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2014/01/07 03:21:50 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2014/01/07 03:21:49 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2014/01/07 03:21:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2014/01/07 03:21:49 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2014/01/05 22:34:37 | 000,016,464 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\wmilib.sys.bak
[2014/01/05 22:34:33 | 000,054,376 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdfLdr.sys.bak
[2014/01/05 22:34:31 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\watchdog.sys.bak
[2014/01/05 22:34:25 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\videoprt.sys.bak
[2014/01/05 22:34:15 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbser.sys.bak
[2014/01/05 22:34:14 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbport.sys.bak
[2014/01/05 22:34:14 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbrpm.sys.bak
[2014/01/05 22:34:09 | 000,007,808 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbd.sys.bak
[2014/01/05 22:34:07 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\USBCAMD2.sys.bak
[2014/01/05 22:34:07 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usb8023x.sys.bak
[2014/01/05 22:34:06 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usb8023.sys.bak
[2014/01/05 22:34:02 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\TsUsbFlt.sys.bak
[2014/01/05 22:34:02 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\tpm.sys.bak
[2014/01/05 22:33:59 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\tdi.sys.bak
[2014/01/05 22:33:55 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\tape.sys.bak
[2014/01/05 22:33:54 | 001,379,376 | ---- | M] (Synaptics Incorporated) -- C:\windows\SysNative\drivers\SynTP.sys.bak
[2014/01/05 22:33:52 | 000,515,584 | ---- | M] (IDT, Inc.) -- C:\windows\SysNative\drivers\stwrt64.sys.bak
[2014/01/05 22:33:51 | 000,068,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\stream.sys.bak
[2014/01/05 22:33:50 | 000,189,824 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\storport.sys.bak
[2014/01/05 22:33:50 | 000,024,656 | ---- | M] (Promise Technology) -- C:\windows\SysNative\drivers\stexstor.sys.bak
[2014/01/05 22:33:49 | 000,015,872 | ---- | M] (MCCI Corporation) -- C:\windows\SysNative\drivers\ss_bwhnt.sys.bak
[2014/01/05 22:33:49 | 000,015,872 | ---- | M] (MCCI Corporation) -- C:\windows\SysNative\drivers\ss_bwh.sys.bak
[2014/01/05 22:33:48 | 000,161,280 | ---- | M] (MCCI Corporation) -- C:\windows\SysNative\drivers\ss_bmdm.sys.bak
[2014/01/05 22:33:48 | 000,128,000 | ---- | M] (MCCI Corporation) -- C:\windows\SysNative\drivers\ss_bserd.sys.bak
[2014/01/05 22:33:47 | 000,018,944 | ---- | M] (MCCI Corporation) -- C:\windows\SysNative\drivers\ss_bmdfl.sys.bak
[2014/01/05 22:33:46 | 000,015,360 | ---- | M] (MCCI Corporation) -- C:\windows\SysNative\drivers\ss_bcmnt.sys.bak
[2014/01/05 22:33:45 | 000,127,488 | ---- | M] (MCCI) -- C:\windows\SysNative\drivers\ss_bbus.sys.bak
[2014/01/05 22:33:45 | 000,015,360 | ---- | M] (MCCI Corporation) -- C:\windows\SysNative\drivers\ss_bcm.sys.bak
[2014/01/05 22:33:44 | 000,013,800 | ---- | M] (MCCI Corporation) -- C:\windows\SysNative\drivers\ssadwhnt.sys.bak
[2014/01/05 22:33:44 | 000,013,800 | ---- | M] (MCCI Corporation) -- C:\windows\SysNative\drivers\ssadwh.sys.bak
[2014/01/05 22:33:43 | 000,177,640 | ---- | M] (MCCI Corporation) -- C:\windows\SysNative\drivers\ssadmdm.sys.bak
[2014/01/05 22:33:43 | 000,146,920 | ---- | M] (MCCI Corporation) -- C:\windows\SysNative\drivers\ssadserd.sys.bak
[2014/01/05 22:33:42 | 000,016,872 | ---- | M] (MCCI Corporation) -- C:\windows\SysNative\drivers\ssadmdfl.sys.bak
[2014/01/05 22:33:42 | 000,013,288 | ---- | M] (MCCI Corporation) -- C:\windows\SysNative\drivers\ssadcmnt.sys.bak
[2014/01/05 22:33:41 | 000,157,672 | ---- | M] (MCCI Corporation) -- C:\windows\SysNative\drivers\ssadbus.sys.bak
[2014/01/05 22:33:41 | 000,013,288 | ---- | M] (MCCI Corporation) -- C:\windows\SysNative\drivers\ssadcm.sys.bak
[2014/01/05 22:33:39 | 000,036,328 | ---- | M] (Google Inc) -- C:\windows\SysNative\drivers\ssadadb.sys.bak
[2014/01/05 22:33:35 | 000,426,496 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\spsys.sys.bak
[2014/01/05 22:33:35 | 000,381,440 | ---- | M] (Duplex Secure Ltd.) -- C:\windows\SysNative\drivers\sptd.sys.bak
[2014/01/05 22:33:34 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\smclib.sys.bak
[2014/01/05 22:33:30 | 000,023,208 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Sftvollh.sys.bak
[2014/01/05 22:33:29 | 000,028,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Sftredirlh.sys.bak
[2014/01/05 22:33:28 | 000,273,576 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Sftplaylh.sys.bak
[2014/01/05 22:33:26 | 000,767,144 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Sftfslh.sys.bak
[2014/01/05 22:33:22 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\sdbus.sys.bak
[2014/01/05 22:33:21 | 000,171,392 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\scsiport.sys.bak
[2014/01/05 22:33:18 | 000,096,384 | ---- | M] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\drivers\rtsuvc.sys.bak
[2014/01/05 22:33:17 | 000,331,880 | ---- | M] (Realtek ) -- C:\windows\SysNative\drivers\Rt64win7.sys.bak
[2014/01/05 22:33:16 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rndismpx.sys.bak
[2014/01/05 22:33:16 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rootmdm.sys.bak
[2014/01/05 22:33:15 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rmcast.sys.bak
[2014/01/05 22:33:15 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\RNDISMP.sys.bak
[2014/01/05 22:33:05 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\portcls.sys.bak
[2014/01/05 22:33:05 | 000,055,856 | ---- | M] (Sonic Solutions) -- C:\windows\SysNative\drivers\PxHlpa64.sys.bak
[2014/01/05 22:33:03 | 000,082,816 | ---- | M] (VSO Software) -- C:\windows\SysNative\drivers\pcouffin.sys.bak
[2014/01/05 22:33:02 | 000,048,720 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\pciidex.sys.bak
[2014/01/05 22:33:00 | 000,025,600 | ---- | M] (Nokia) -- C:\windows\SysNative\drivers\pccsmcfdx64.sys.bak
[2014/01/05 22:32:54 | 000,376,688 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys.bak

[xemanpet]

[2014/01/05 22:32:54 | 000,376,688 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys.bak
[2014/01/05 22:32:42 | 000,176,144 | ---- | M] (McAfee, Inc.) -- C:\windows\SysNative\drivers\Mpfp.sys.bak
[2014/01/05 22:32:39 | 000,283,232 | ---- | M] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfewfpk.sys.bak
[2014/01/05 22:32:38 | 000,528,872 | ---- | M] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfehidk.sys.bak
[2014/01/05 22:32:38 | 000,094,736 | ---- | M] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mferkdet.sys.bak
[2014/01/05 22:32:38 | 000,009,984 | ---- | M] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfeclnk.sys.bak
[2014/01/05 22:32:37 | 000,190,136 | ---- | M] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfeavfk.sys.bak
[2014/01/05 22:32:37 | 000,121,248 | ---- | M] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfeapfk.sys.bak
[2014/01/05 22:32:36 | 000,065,600 | ---- | M] (LSI Corporation) -- C:\windows\SysNative\drivers\lsi_sas2.sys.bak
[2014/01/05 22:32:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\mcd.sys.bak
[2014/01/05 22:32:33 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\irda.sys.bak
[2014/01/05 22:32:28 | 000,078,720 | ---- | M] (Hewlett-Packard Company) -- C:\windows\SysNative\drivers\HpSAMD.sys.bak
[2014/01/05 22:32:28 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\windows\SysNative\drivers\htcnprot.sys.bak
[2014/01/05 22:32:28 | 000,025,912 | ---- | M] (Hewlett-Packard Company) -- C:\windows\SysNative\drivers\HpqKbFiltr.sys.bak
[2014/01/05 22:32:27 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidclass.sys.bak
[2014/01/05 22:32:27 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidparse.sys.bak
[2014/01/05 22:32:25 | 000,288,088 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS.bak
[2014/01/05 22:32:25 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\windows\SysNative\drivers\hcw85cir.sys.bak
[2014/01/05 22:32:24 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\fssfltr.sys.bak
[2014/01/05 22:32:24 | 000,023,408 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\fs_rec.sys.bak
[2014/01/05 22:32:21 | 003,286,016 | ---- | M] (Broadcom Corporation) -- C:\windows\SysNative\drivers\evbda.sys.bak
[2014/01/05 22:32:19 | 000,265,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgmms1.sys.bak
[2014/01/05 22:32:19 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxg.sys.bak
[2014/01/05 22:32:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxapi.sys.bak
[2014/01/05 22:32:18 | 000,055,128 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dumpfve.sys.bak
[2014/01/05 22:32:18 | 000,028,736 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Dumpata.sys.bak
[2014/01/05 22:32:17 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\windows\SysNative\drivers\dtsoftbus01.sys.bak
[2014/01/05 22:32:17 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\drmk.sys.bak
[2014/01/05 22:32:17 | 000,027,520 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Diskdump.sys.bak
[2014/01/05 22:32:15 | 000,039,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\crashdmp.sys.bak
[2014/01/05 22:32:13 | 000,179,072 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Classpnp.sys.bak
[2014/01/05 22:32:13 | 000,010,224 | ---- | M] (Sonic Solutions) -- C:\windows\SysNative\drivers\cdralw2k.sys.bak
[2014/01/05 22:32:12 | 000,468,480 | ---- | M] (Broadcom Corporation) -- C:\windows\SysNative\drivers\bxvbda.sys.bak
[2014/01/05 22:32:12 | 000,010,224 | ---- | M] (Sonic Solutions) -- C:\windows\SysNative\drivers\cdr4_xp.sys.bak
[2014/01/05 22:32:11 | 000,135,720 | ---- | M] (Broadcom Corporation.) -- C:\windows\SysNative\drivers\btwavdt.sys.bak
[2014/01/05 22:32:11 | 000,039,464 | ---- | M] (Broadcom Corporation.) -- C:\windows\SysNative\drivers\btwl2cap.sys.bak
[2014/01/05 22:32:11 | 000,021,544 | ---- | M] (Broadcom Corporation.) -- C:\windows\SysNative\drivers\btwrchid.sys.bak
[2014/01/05 22:32:10 | 000,344,616 | ---- | M] (Broadcom Corporation.) -- C:\windows\SysNative\drivers\btwampfl.sys.bak
[2014/01/05 22:32:10 | 000,102,952 | ---- | M] (Broadcom Corporation.) -- C:\windows\SysNative\drivers\btwaudio.sys.bak
[2014/01/05 22:32:05 | 003,063,360 | ---- | M] (Broadcom Corporation) -- C:\windows\SysNative\drivers\BCMWL664.SYS.bak
[2014/01/05 22:32:04 | 000,270,848 | ---- | M] (Broadcom Corporation) -- C:\windows\SysNative\drivers\b57nd60a.sys.bak
[2014/01/05 22:32:04 | 000,028,240 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\battc.sys.bak
[2014/01/05 22:32:03 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\windows\SysNative\drivers\atikmpag.sys.bak
[2014/01/05 22:32:03 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) -- C:\windows\SysNative\drivers\AtiPcie64.sys.bak
[2014/01/05 22:31:58 | 006,859,776 | ---- | M] (ATI Technologies Inc.) -- C:\windows\SysNative\drivers\atikmdag.sys.bak
[2014/01/05 22:31:57 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) -- C:\windows\SysNative\drivers\AtiHdmi.sys.bak
[2014/01/05 22:31:56 | 000,155,584 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ataport.sys.bak
[2014/01/05 22:31:54 | 000,194,128 | ---- | M] (AMD Technologies Inc.) -- C:\windows\SysNative\drivers\amdsbs.sys.bak
[2014/01/05 22:31:54 | 000,033,736 | ---- | M] (HTC, Corporation) -- C:\windows\SysNative\drivers\ANDROIDUSB.sys.bak
[2014/01/05 22:31:54 | 000,027,008 | ---- | M] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amdxata.sys.bak
[2014/01/05 22:31:53 | 000,107,904 | ---- | M] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amdsata.sys.bak
[2014/01/05 22:31:52 | 001,209,856 | ---- | M] (LSI Corporation) -- C:\windows\SysNative\drivers\agrsm64.sys.bak
[2014/01/05 22:31:44 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\1394bus.sys.bak
[2014/01/03 16:48:00 | 000,001,916 | ---- | M] () -- C:\Users\Public\Desktop\Na scéně(TM).lnk
[2014/01/03 16:47:57 | 000,000,103 | ---- | M] () -- C:\windows\ka.ini
[2014/01/01 15:12:21 | 471,224,334 | ---- | M] () -- C:\windows\MEMORY.DMP
[2013/12/31 23:50:59 | 000,000,762 | ---- | M] () -- C:\Users\s fam\Desktop\MyScene - odkaz.lnk
[2013/12/31 22:27:13 | 000,001,954 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2013/12/31 22:25:38 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\windows\SysNative\drivers\dtsoftbus01.sys
[2013/12/31 21:36:51 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\windows\SysWow64\CmdLineExt_x64.dll
[2013/12/31 17:26:53 | 000,000,000 | ---- | M] () -- C:\windows\SETUP32.INI
[2013/12/31 15:06:03 | 000,381,440 | ---- | M] (Duplex Secure Ltd.) -- C:\windows\SysNative\drivers\sptd.sys
[2013/12/31 13:41:54 | 003,810,304 | ---- | M] () -- C:\Users\s fam\Desktop\RogueKiller.exe
[2013/12/26 01:23:23 | 000,001,841 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/12/26 01:23:14 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\config.nt
[2013/12/26 01:09:17 | 000,001,483 | ---- | M] () -- C:\Users\s fam\Desktop\bwin Poker.lnk
[2013/12/23 14:08:23 | 000,049,302 | ---- | M] () -- C:\Users\s fam\Documents\podnet urad starostlivost dozor.rtf
[2013/12/21 01:25:34 | 000,002,212 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk

========== Files Created - No Company Name ==========

[2014/01/17 19:23:43 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/01/09 20:37:31 | 000,192,057 | ---- | C] () -- C:\Users\s fam\Desktop\Mikulasovy-prazdniny---Goscinny-Rene.epub
[2014/01/09 20:34:46 | 006,409,964 | ---- | C] () -- C:\Users\s fam\Desktop\Miroslav-Válek---Básně.pdf
[2014/01/09 19:42:13 | 034,732,113 | ---- | C] () -- C:\Users\s fam\Desktop\Tomas-Janovic.rar
[2014/01/08 22:15:28 | 000,000,384 | ---- | C] () -- C:\windows\myClean.bat
[2014/01/07 03:22:12 | 000,016,284 | ---- | C] () -- C:\windows\SysWow64\ieuinit.inf
[2014/01/07 03:21:54 | 000,016,284 | ---- | C] () -- C:\windows\SysNative\ieuinit.inf
[2014/01/07 01:22:57 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2014/01/07 01:22:57 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2014/01/07 01:22:57 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2014/01/07 01:22:57 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2014/01/07 01:22:57 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2014/01/03 16:48:00 | 000,001,916 | ---- | C] () -- C:\Users\Public\Desktop\Na scéně(TM).lnk
[2014/01/01 15:12:21 | 471,224,334 | ---- | C] () -- C:\windows\MEMORY.DMP
[2013/12/31 23:50:59 | 000,000,762 | ---- | C] () -- C:\Users\s fam\Desktop\MyScene - odkaz.lnk
[2013/12/31 22:27:13 | 000,001,954 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2013/12/31 17:26:53 | 000,000,000 | ---- | C] () -- C:\windows\SETUP32.INI
[2013/12/31 17:26:13 | 000,055,204 | ---- | C] () -- C:\windows\SysWow64\ChinaOne.ttf
[2013/12/31 14:40:55 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013/12/31 13:41:52 | 003,810,304 | ---- | C] () -- C:\Users\s fam\Desktop\RogueKiller.exe
[2013/12/29 15:12:40 | 000,000,103 | ---- | C] () -- C:\windows\ka.ini
[2013/12/26 01:23:23 | 000,001,841 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/12/26 01:23:13 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\config.nt
[2013/12/23 14:07:14 | 000,049,302 | ---- | C] () -- C:\Users\s fam\Documents\podnet urad starostlivost dozor.rtf
[2013/12/21 01:25:34 | 000,002,212 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013/04/16 21:11:54 | 000,001,465 | ---- | C] () -- C:\Users\s fam\AppData\Local\recently-used.xbel
[2012/12/14 12:10:16 | 000,000,607 | ---- | C] () -- C:\Users\s fam\AppData\Roaming\AutoGK.ini
[2012/12/14 10:58:38 | 000,033,019 | ---- | C] () -- C:\windows\SysWow64\CoreAAC-uninstall.exe
[2012/11/20 22:13:09 | 000,000,017 | ---- | C] () -- C:\Users\s fam\AppData\Local\resmon.resmoncfg
[2012/09/07 21:33:35 | 000,210,032 | ---- | C] () -- C:\windows\SysWow64\DBCLIENT.DLL
[2012/08/11 13:48:16 | 000,000,023 | ---- | C] () -- C:\windows\compedia.ini
[2011/11/26 19:42:28 | 000,001,534 | ---- | C] () -- C:\ProgramData\ss.ini
[2011/10/27 16:58:11 | 000,000,272 | ---- | C] () -- C:\Users\s fam\AppData\Roaming\.backup.dm
[2011/10/06 21:09:01 | 000,057,863 | ---- | C] () -- C:\Program Files\Uninstal.exe
[2011/06/09 22:11:53 | 000,195,302 | ---- | C] () -- C:\Users\s fam\AppData\Roaming\mdbu.bin
[2011/06/05 11:06:48 | 000,008,192 | ---- | C] () -- C:\Users\s fam\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/26 09:34:05 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011/03/21 10:18:24 | 000,007,859 | ---- | C] () -- C:\Users\s fam\AppData\Roaming\pcouffin.cat
[2011/03/21 10:18:24 | 000,001,167 | ---- | C] () -- C:\Users\s fam\AppData\Roaming\pcouffin.inf
[2011/03/19 12:56:46 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/03/18 23:02:01 | 000,002,672 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\SysWow64\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/10/18 17:44:44 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\.minecraft
[2012/03/15 19:50:46 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Abtua
[2011/04/13 06:38:04 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\BitTorrent
[2013/05/28 16:06:00 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Broad Intelligence
[2012/12/20 08:16:48 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\bwincom
[2011/03/19 10:36:35 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Canneverbe Limited
[2013/02/17 08:31:34 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\cef-cache
[2013/12/31 16:58:44 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\DAEMON Tools Lite
[2012/12/01 10:17:27 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\eM Client
[2011/05/28 10:40:03 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\FreeAudioPack
[2012/12/14 14:35:55 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\FreeBurner
[2011/05/28 22:34:54 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\GHISLER
[2013/05/01 12:30:00 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\HTC
[2013/05/06 17:31:05 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\HTC Sync
[2011/10/17 19:02:36 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\InterTrust
[2011/04/09 13:18:04 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Leadertech
[2013/03/10 00:53:27 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Mobile Atlas Creator
[2014/01/04 11:29:34 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\newnext.me
[2012/10/21 16:33:22 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Nokia
[2011/11/19 14:15:33 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Nokia Ovi Suite
[2012/12/02 18:09:08 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Opera
[2011/06/04 22:39:27 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\PC Suite
[2011/10/16 16:25:30 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Photo DVD Maker
[2013/02/24 20:18:42 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\PrimoPDF
[2013/12/31 17:16:19 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Seznam.cz
[2012/10/01 16:40:57 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\SoftGrid Client
[2011/03/18 23:22:29 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Thunderbird
[2011/03/18 17:56:38 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\TP
[2012/10/19 18:51:09 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Unity
[2013/07/16 17:18:55 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Vso

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009/07/14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2009/07/14 06:08:49 | 000,032,546 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2012/10/09 07:46:16 | 000,000,830 | ---- | C] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2013/02/05 21:43:25 | 000,000,932 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/02/05 21:43:27 | 000,000,936 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013/02/24 17:58:08 | 000,000,894 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1904487887-2426832105-4032358140-1001Core.job
[2013/02/24 17:58:12 | 000,000,946 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1904487887-2426832105-4032358140-1001UA.job
[2013/12/16 00:52:36 | 000,000,332 | ---- | C] () -- C:\windows\Tasks\HPCeeScheduleFors fam.job

< >

< MD5 for: AGP440.SYS >
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\drivers\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16552_none_394a8c733b252fb9\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16593_none_39204d0d3b44b8d4\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20669_none_39d05b5854449cd5\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20713_none_3a006b1e5421763d\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/10/01 08:17:00 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=2632B7125E0730E019532CFCFFFFBFC0 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.20538_none_e28cf2983c0715a1\autochk.exe
[2009/10/01 08:42:15 | 000,777,216 | ---- | M] (Microsoft Corporation) MD5=3AE12EC776AB9830462E8197FB5C88CF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.20538_none_3eab8e1bf46486d7\autochk.exe
[2010/11/20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\windows\SysNative\autochk.exe
[2010/11/20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\drivers\cdrom.sys
[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\erdnt\cache86\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\erdnt\cache64\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\windows\SysNative\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012/06/02 05:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012/04/24 05:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010/11/20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012/04/24 05:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2013/05/10 05:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013/05/13 05:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013/07/09 15:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2012/06/02 06:32:25 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=456107D69D4EE850A559434F19EFEE65 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_d2beeccacd6d6c07\cryptsvc.dll
[2012/04/24 06:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2013/10/05 03:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2012/04/24 05:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2013/07/09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\erdnt\cache64\cryptsvc.dll
[2013/07/09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\windows\SysNative\cryptsvc.dll
[2013/07/09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013/07/09 14:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013/07/09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\erdnt\cache86\cryptsvc.dll
[2013/07/09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013/07/09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2012/06/04 08:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2013/05/10 06:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013/05/11 06:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2009/07/14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2012/06/02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012/06/02 06:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2009/07/14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010/11/20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013/05/11 05:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2012/04/24 06:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2012/06/02 06:25:12 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=BAF19B633933A9FB4883D27D66C39E9A -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_d22a7e2db457eb07\cryptsvc.dll
[2013/05/10 06:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2012/04/24 06:36:46 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=CE8BF1423AEE47DA5275FBC8AD3BD642 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_d2773c98cda297d3\cryptsvc.dll
[2013/05/13 06:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013/05/10 06:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2012/06/02 05:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2012/04/24 06:59:45 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=F02786B66375292E58C8777082D4396D -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_d24deecfb43ce339\cryptsvc.dll
[2013/10/05 02:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll
[2012/06/02 05:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll
[2012/04/24 05:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011/02/26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010/09/02 21:15:04 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010/09/02 21:06:29 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/09/02 21:15:04 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010/09/02 21:06:29 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010/09/02 21:15:04 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010/09/02 21:06:29 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010/09/02 21:15:04 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010/09/02 21:06:29 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009/09/01 07:34:28 | 000,263,256 | ---- | M] (Microsoft Corporation) MD5=01B586A0B8C8D860457892F80B85A5CD -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16416_none_076a95ef732190e3\hal.dll
[2009/09/01 08:03:17 | 000,263,240 | ---- | M] (Microsoft Corporation) MD5=514D418248FECD24D96E7219162BDFDD -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.20519_none_07f733988c3c7cb2\hal.dll
[2009/07/14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010/11/20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\windows\SysNative\hal.dll
[2010/11/20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTORV.SYS >
[2010/11/20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2010/05/12 09:37:57 | 000,410,504 | ---- | M] (Intel Corporation) MD5=513DC087CFED7D2BB82F005385D3531F -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16592_none_0af87721a183cb70\iaStorV.sys
[2011/03/11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\drivers\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011/03/11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011/03/11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
[2010/05/12 09:50:37 | 000,410,496 | ---- | M] (Intel Corporation) MD5=E353CF970C5D4D6A092911E15FB78C07 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20712_none_0bd89532ba6088d9\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\drivers\isapnp.sys
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011/11/17 07:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2011/11/17 08:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe
[2011/11/17 08:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_02756f8b7653d554\lsass.exe
[2013/09/25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\erdnt\cache64\lsass.exe
[2013/09/25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\windows\SysNative\lsass.exe
[2013/09/25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_042b9307739f26ed\lsass.exe
[2012/06/04 08:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2012/06/02 06:30:31 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=BF63CE11A25F3509129888710D5111FC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_0309de288f695654\lsass.exe
[2011/11/17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011/11/17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011/11/17 07:42:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D21BD47E528CD62E79311FB5DF0150E6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe
[2013/09/25 02:08:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=F021DAFB1F87616FCEBA159C2ED7042F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_04c503168cb026a0\lsass.exe

< MD5 for: NDIS.SYS >
[2012/08/22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012/08/22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\erdnt\cache64\ndis.sys
[2012/08/22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\windows\SysNative\drivers\ndis.sys
[2012/08/22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010/11/20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009/07/14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\erdnt\cache64\netlogon.dll
[2010/11/20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\windows\SysNative\netlogon.dll
[2010/11/20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\erdnt\cache86\netlogon.dll
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011/03/11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\drivers\nvraid.sys
[2011/03/11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011/03/11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009/07/14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010/05/12 09:50:49 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=491E3CF1A4F0869E32197E34603B9BE1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_96a205e1f19732b1\nvraid.sys
[2010/11/20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010/11/20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011/03/11 07:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011/03/11 07:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011/03/11 07:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys
[2010/05/12 09:38:10 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=DEAB10231CBDB0881FC25428EBE11506 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_95c1e7d0d8ba7548\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2010/05/12 09:38:10 | 000,166,280 | ---- | M] (NVIDIA Corporation) MD5=0AF7B8136794E23E87BE138992880E64 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_95c1e7d0d8ba7548\nvstor.sys
[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011/03/11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011/03/11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2010/05/12 09:50:49 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=CE76755AF933E728CEBA6C7A970838A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_96a205e1f19732b1\nvstor.sys
[2011/03/11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\drivers\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\windows\SysNative\scecli.dll
[2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009/07/14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2013/03/19 03:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013/03/19 04:20:12 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=7180204786A9DED8723B2D8CF3CDD388 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.21490_none_08a94e494c0cfd0a\smss.exe
[2013/08/29 02:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2013/08/02 06:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013/07/08 03:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=E65601CF4BC0CF3718AFBE56A9AD846F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22379_none_0aae4fa7491b124a\smss.exe
[2013/03/19 04:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013/08/02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\windows\SysNative\smss.exe
[2013/08/02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe
[2013/03/19 04:19:03 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=FA64733BD65F52712F0545F56FDB4BE6 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.17273_none_0838504e32dc743c\smss.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2012/10/03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011/09/29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013/05/08 07:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013/09/08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\erdnt\cache64\tcpip.sys
[2013/09/08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\windows\SysNative\drivers\tcpip.sys
[2013/09/08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2010/11/20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011/06/21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010/06/14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2013/01/04 06:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2012/03/30 11:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011/04/25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012/03/30 12:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2013/01/03 06:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2013/09/07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012/08/22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012/03/30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010/06/14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009/07/14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011/04/25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2013/05/08 07:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2011/06/21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011/09/29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012/03/30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013/07/06 06:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013/01/03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011/04/25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013/01/04 06:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2011/06/21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2012/10/03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013/07/06 07:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2011/06/21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011/09/29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2013/11/26 12:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
[2012/08/22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011/09/29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010/09/02 21:15:04 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010/09/02 21:15:04 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010/11/20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\erdnt\cache64\ws2_32.dll
[2010/11/20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\windows\SysNative\ws2_32.dll
[2010/11/20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009/07/14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010/11/20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\erdnt\cache86\ws2_32.dll
[2010/11/20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010/11/20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009/07/14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[15 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[28 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[7 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\0646778436ce40c90a7cbc9dfd71cb7a\*.tmp files -> C:\windows\SoftwareDistribution\Download\0646778436ce40c90a7cbc9dfd71cb7a\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\620697a3165452e75a3fea7775d1710d\*.tmp files -> C:\windows\SoftwareDistribution\Download\620697a3165452e75a3fea7775d1710d\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\93edcf9c560cc7da92b250a3fc13b771\*.tmp files -> C:\windows\SoftwareDistribution\Download\93edcf9c560cc7da92b250a3fc13b771\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\bbe0294f55923618944aeb5c3877f84c\*.tmp files -> C:\windows\SoftwareDistribution\Download\bbe0294f55923618944aeb5c3877f84c\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\cbcd333529a22e15d8360316385964f8\*.tmp files -> C:\windows\SoftwareDistribution\Download\cbcd333529a22e15d8360316385964f8\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2011/10/10 20:15:11 | 000,057,878 | ---- | M] () -- C:\Uninstal.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013/10/18 17:44:44 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\.minecraft
[2012/03/15 19:50:46 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Abtua
[2011/11/01 21:55:49 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Adobe
[2013/05/01 12:29:11 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Apple Computer
[2011/03/18 17:50:07 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\ATI
[2011/04/13 06:38:04 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\BitTorrent
[2013/05/28 16:06:00 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Broad Intelligence
[2012/12/20 08:16:48 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\bwincom
[2011/03/19 10:36:35 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Canneverbe Limited
[2013/02/17 08:31:34 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\cef-cache
[2011/03/18 23:02:04 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Corel
[2011/06/16 18:15:09 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\CorelHomeOffice
[2013/12/31 16:58:44 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\DAEMON Tools Lite
[2012/02/20 19:31:31 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\dvdcss
[2012/12/01 10:17:27 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\eM Client
[2011/05/28 10:40:03 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\FreeAudioPack
[2012/12/14 14:35:55 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\FreeBurner
[2011/05/28 22:34:54 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\GHISLER
[2014/01/03 16:25:36 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Google
[2011/03/27 18:56:59 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Hewlett-Packard
[2012/01/15 13:00:15 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\hpqLog
[2013/05/01 12:30:00 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\HTC
[2013/05/06 17:31:05 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\HTC Sync
[2011/03/18 17:48:26 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Identities
[2013/05/27 06:00:16 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\InstallShield
[2011/10/17 19:02:36 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\InterTrust
[2011/04/09 13:18:04 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Leadertech
[2011/03/18 18:15:19 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Macromedia
[2011/12/26 16:42:40 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Malwarebytes
[2013/12/23 20:17:37 | 000,000,000 | --SD | M] -- C:\Users\s fam\AppData\Roaming\Microsoft
[2013/03/10 00:53:27 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Mobile Atlas Creator
[2013/11/09 21:25:51 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Mozilla
[2012/12/20 08:15:29 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Mozilla-Cache
[2012/12/20 22:34:34 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Nero
[2014/01/04 11:29:34 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\newnext.me
[2012/10/21 16:33:22 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Nokia
[2011/11/19 14:15:33 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Nokia Ovi Suite
[2012/12/02 18:09:08 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Opera
[2011/06/04 22:39:27 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\PC Suite
[2011/10/16 16:25:30 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Photo DVD Maker
[2013/02/24 20:18:42 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\PrimoPDF
[2012/08/24 18:06:07 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\PSpad
[2011/11/27 17:11:34 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Roxio
[2013/12/29 14:51:39 | 000,000,000 | RH-D | M] -- C:\Users\s fam\AppData\Roaming\SecuROM
[2013/12/31 17:16:19 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Seznam.cz
[2014/01/09 20:51:55 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Skype
[2011/07/28 12:07:57 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\skypePM
[2012/10/01 16:40:57 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\SoftGrid Client
[2011/03/18 23:22:29 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Thunderbird
[2011/03/18 17:56:38 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\TP
[2012/10/19 18:51:09 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Unity
[2014/01/17 18:56:37 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\vlc
[2013/07/16 17:18:55 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Vso
[2011/03/19 20:25:19 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\Winamp
[2011/04/09 12:11:09 | 000,000,000 | ---D | M] -- C:\Users\s fam\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >
[2011/10/10 20:15:11 | 000,057,878 | ---- | M] () -- C:\Uninstal.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010/11/20 14:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014/01/17 19:23:43 | 000,000,512 | ---- | M] () MD5=C09F2D329BDE6D9BF8EC00351926FE75 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2003/08/19 12:47:14 | 000,011,141 | ---- | M] () -- \Program Files (x86)\The Learning Company\Scooby-Doo\Scooby-Doo(TM), Case File #2 The Scary Stone Dragon\scripts\FireCrackerClues.inc
[2004/11/26 12:50:08 | 000,002,032 | ---- | M] () -- \Program Files (x86)\The Learning Company\Scooby-Doo\Scooby-Doo(TM), Case File #2 The Scary Stone Dragon\scripts\SC4FireCrackerClues.xml
[2014/01/01 01:04:56 | 000,001,141 | ---- | M] () -- \Users\s fam\AppData\Roaming\Microsoft\Windows\Recent\Crack+CZ+Key.lnk

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2005/12/01 12:05:28 | 000,002,090 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge\Resources\cs\_media\rssloader.swf
[2005/12/01 12:05:28 | 000,002,090 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge\Resources\da\_media\rssloader.swf
[2005/12/01 12:05:26 | 000,002,090 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge\Resources\de\_media\rssloader.swf
[2005/12/01 12:05:28 | 000,002,090 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge\Resources\el\_media\rssloader.swf
[2005/12/01 12:05:26 | 000,002,090 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge\Resources\en\_media\rssloader.swf
[2005/12/01 12:05:30 | 000,002,090 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge\Resources\es\_media\rssloader.swf
[2005/12/01 12:05:30 | 000,002,090 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge\Resources\fi\_media\rssloader.swf
[2005/12/01 12:05:32 | 000,002,090 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge\Resources\fr\_media\rssloader.swf
[2005/12/01 12:05:32 | 000,002,090 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge\Resources\hu\_media\rssloader.swf
[2005/12/01 12:05:34 | 000,002,090 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge\Resources\it\_media\rssloader.swf
[2005/12/01 12:05:26 | 000,002,090 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge\Resources\ja\_media\rssloader.swf
[2005/12/01 12:05:34 | 000,002,090 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge\Resources\ko\_media\rssloader.swf
[2005/12/01 12:05:34 | 000,002,090 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge\Resources\nl\_media\rssloader.swf
[2005/12/01 12:05:34 | 000,002,090 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge\Resources\no\_media\rssloader.swf
[2005/12/01 12:05:36 | 000,002,090 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge\Resources\pl\_media\rssloader.swf
[2005/12/01 12:05:36 | 000,002,090 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge\Resources\pt\_media\rssloader.swf
[2005/12/01 12:05:36 | 000,002,090 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge\Resources\ru\_media\rssloader.swf
[2005/12/01 12:05:38 | 000,002,090 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge\Resources\sv\_media\rssloader.swf
[2005/12/01 12:05:38 | 000,002,090 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge\Resources\tr\_media\rssloader.swf
[2005/12/01 12:05:38 | 000,002,090 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge\Resources\zh_CN\_media\rssloader.swf
[2005/12/01 12:05:38 | 000,002,090 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge\Resources\zh_TW\_media\rssloader.swf
[2005/03/16 19:16:50 | 000,113,664 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2013/03/09 08:17:04 | 000,268,440 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2013/03/09 08:17:04 | 000,019,080 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011/02/15 07:22:28 | 000,335,872 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Service Layer\A\nsl_loader.dll
[2011/04/14 10:35:32 | 000,131,072 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2012/11/23 13:20:00 | 000,343,040 | ---- | M] () -- \Program Files (x86)\Fotolab\Moj CEWE FOTOSVET\CWImageLoader0.dll
[2013/02/09 02:39:28 | 000,000,934 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_main.fen
[2010/04/22 20:23:16 | 000,053,248 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe
[2010/04/22 20:09:06 | 000,005,974 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe.config
[2012/08/14 05:14:06 | 000,001,569 | ---- | M] () -- \Program Files (x86)\HF Designer\Loader.elf
[2013/11/04 20:34:06 | 000,832,064 | ---- | M] () -- \Program Files (x86)\HF Designer\Loader.exe
[2013/02/07 12:08:45 | 000,000,847 | ---- | M] () -- \Program Files (x86)\HTC\HTC Sync Manager\ui\Help\BUR\CSS\images\ajax-loader.gif
[2013/01/29 14:09:48 | 000,000,847 | ---- | M] () -- \Program Files (x86)\HTC\HTC Sync Manager\ui\Help\CSY\CSS\images\ajax-loader.gif
[2013/01/29 14:09:53 | 000,000,847 | ---- | M] () -- \Program Files (x86)\HTC\HTC Sync Manager\ui\Help\DAN\CSS\images\ajax-loader.gif
[2013/01/29 14:09:57 | 000,000,847 | ---- | M] () -- \Program Files (x86)\HTC\HTC Sync Manager\ui\Help\DEU\CSS\images\ajax-loader.gif
[2013/01/29 14:10:00 | 000,000,847 | ---- | M] () -- \Program Files (x86)\HTC\HTC Sync Manager\ui\Help\ENU\CSS\images\ajax-loader.gif
[2013/01/29 14:10:04 | 000,000,847 | ---- | M] () -- \Program Files (x86)\HTC\HTC Sync Manager\ui\Help\ESP\CSS\images\ajax-loader.gif
[2013/01/29 14:10:07 | 000,000,847 | ---- | M] () -- \Program Files (x86)\HTC\HTC Sync Manager\ui\Help\FRA\CSS\images\ajax-loader.gif
[2013/01/29 14:09:39 | 000,000,847 | ---- | M] () -- \Program Files (x86)\HTC\HTC Sync Manager\ui\Help\CHS\CSS\images\ajax-loader.gif
[2013/01/29 14:09:44 | 000,000,847 | ---- | M] () -- \Program Files (x86)\HTC\HTC Sync Manager\ui\Help\CHT\CSS\images\ajax-loader.gif
[2013/01/29 14:10:11 | 000,000,847 | ---- | M] () -- \Program Files (x86)\HTC\HTC Sync Manager\ui\Help\ITA\CSS\images\ajax-loader.gif
[2013/01/29 14:10:15 | 000,000,847 | ---- | M] () -- \Program Files (x86)\HTC\HTC Sync Manager\ui\Help\JPN\CSS\images\ajax-loader.gif
[2013/01/29 14:10:20 | 000,000,847 | ---- | M] () -- \Program Files (x86)\HTC\HTC Sync Manager\ui\Help\NOR\CSS\images\ajax-loader.gif
[2013/01/29 14:10:25 | 000,000,847 | ---- | M] () -- \Program Files (x86)\HTC\HTC Sync Manager\ui\Help\PLK\CSS\images\ajax-loader.gif
[2013/01/29 14:10:28 | 000,000,847 | ---- | M] () -- \Program Files (x86)\HTC\HTC Sync Manager\ui\Help\PTG\CSS\images\ajax-loader.gif
[2013/01/29 14:10:33 | 000,000,847 | ---- | M] () -- \Program Files (x86)\HTC\HTC Sync Manager\ui\Help\RUS\CSS\images\ajax-loader.gif
[2013/01/29 14:10:39 | 000,000,847 | ---- | M] () -- \Program Files (x86)\HTC\HTC Sync Manager\ui\Help\SVE\CSS\images\ajax-loader.gif
[2008/12/06 17:13:52 | 000,001,070 | ---- | M] () -- \Program Files (x86)\MediaCoder\extensions\_include\loader.html
[2013/03/09 08:52:18 | 000,364,168 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2013/03/09 08:52:18 | 000,019,080 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2010/11/26 21:21:59 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2013/06/19 14:59:00 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013/06/19 14:59:00 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013/06/19 14:59:00 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013/12/31 22:17:58 | 000,402,056 | ---- | M] () -- \Programs\SoftonicDownloader_for_daemon-tools.exe
[2012/12/21 19:00:52 | 000,000,857 | ---- | M] () -- \Programs\bwincom\bwincomPoker\preloader.html
[2012/12/21 19:01:20 | 000,003,415 | ---- | M] () -- \Programs\bwincom\bwincomPoker\Images\loader.gif
[2012/12/21 19:01:20 | 000,002,086 | ---- | M] () -- \Programs\bwincom\bwincomPoker\Images\rounded_loader.gif
[2013/08/21 04:22:46 | 000,005,567 | ---- | M] () -- \Programs\bwincom\bwincomPoker\Images\OneClickLobby\loader.gif
[2013/08/21 04:22:46 | 000,001,863 | ---- | M] () -- \Programs\bwincom\bwincomPoker\Images\OneClickLobby\preloader.swf
[2013/03/21 09:46:56 | 000,021,421 | ---- | M] () -- \Programs\bwincom\bwincomPoker\Uninstall\Preloader.jpg
[2012/11/23 16:44:32 | 000,002,713 | ---- | M] () -- \Programs\bwincom\components\uriloader.xpt
[2013/10/03 21:57:36 | 000,007,277 | ---- | M] () -- \Programs\bwincom\SmartUpgrader\Preloader.jpg
[2013/10/03 21:57:36 | 000,004,416 | ---- | M] () -- \Programs\bwincom\SmartUpgrader\PreloaderIEImage.JPG
[2013/06/19 14:59:00 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013/06/19 14:59:00 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013/06/19 14:59:00 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013/12/08 22:00:13 | 000,000,121 | ---- | M] () -- \Users\s fam\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YPQ3UC3E\no-tv2.cdn.videoplaza.tv\com.videoplaza.bootloader.sol

[xemanpet]

[2010/06/25 03:08:04 | 000,005,273 | ---- | M] () -- \Users\s fam\AppData\Local\Microsoft\Toolbar\Applications\loader.xap
[2014/01/09 16:52:31 | 000,110,991 | ---- | M] () -- \Users\s fam\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FJ1EKYB8\AdLoader-7b857a7be889bd57f92da60a9b6146bb.min[1].js
[2013/12/31 15:07:13 | 000,031,516 | ---- | M] () -- \Users\s fam\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FJ1EKYB8\cz.seznam.software.libfoxloader-3.1.2-win32[1].zip
[2013/12/31 22:20:03 | 000,047,979 | ---- | M] () -- \Users\s fam\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FJ1EKYB8\universaldownloader-prefetch[1].htm
[2014/01/09 16:52:31 | 000,001,537 | ---- | M] () -- \Users\s fam\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KOAQQSDD\AdLoader[1].htm
[2013/12/26 00:51:02 | 000,000,476 | ---- | M] () -- \Users\s fam\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TW3616UN\ajax-loader-orange._V372210624_[1].png
[2013/12/31 22:30:35 | 000,002,545 | ---- | M] () -- \Users\s fam\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\images\prettyPhoto\dark_rounded\loader.gif
[2013/12/31 22:30:35 | 000,002,545 | ---- | M] () -- \Users\s fam\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\images\prettyPhoto\dark_square\loader.gif
[2013/12/31 22:30:35 | 000,006,331 | ---- | M] () -- \Users\s fam\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\images\prettyPhoto\default\loader.gif
[2013/12/31 22:30:35 | 000,002,545 | ---- | M] () -- \Users\s fam\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\images\prettyPhoto\facebook\loader.gif
[2013/12/31 22:30:35 | 000,002,545 | ---- | M] () -- \Users\s fam\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\images\prettyPhoto\light_rounded\loader.gif
[2013/12/31 22:30:35 | 000,002,545 | ---- | M] () -- \Users\s fam\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\images\prettyPhoto\light_square\loader.gif
[2012/12/26 23:33:57 | 000,000,214 | ---- | M] () -- \Users\s fam\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fabc.yourfiledownloader.com%2Fstatic%2Fa%2Fimages%2Ffavicon.png
[2010/03/24 19:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/03/24 19:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/10/07 04:36:40 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010/03/24 19:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/03/24 19:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/10/07 04:36:40 | 000,265,552 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2013/03/09 08:17:04 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.7015\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013/03/09 08:17:04 | 000,268,440 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.7015\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/11/04 09:37:28 | 000,335,872 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\83C865D42550DDC46A3410AFAF9275FE\2.6.6\nsl_loader.dll.3371EE16_6C0C_46B8_AEED_A2506A2F716D
[2010/10/28 13:29:30 | 000,131,072 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\83C865D42550DDC46A3410AFAF9275FE\2.6.6\ta_productapiloader..D321D6CC_DBBE_4AC3_8DBD_DFF82BB39BDC
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011/06/10 14:42:32 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2011/06/10 14:47:22 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2011/06/10 14:42:32 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2011/06/10 14:47:22 | 000,009,622 | ---- | M] () -- \Windows\SysWOW64\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009/07/14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:18:33 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/02 07:23:09 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/18 16:22:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:26:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:46:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 15:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:04:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:44:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/07/08 06:11:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 07:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 03:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 06:37:37 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009/07/14 06:37:37 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2009/07/14 06:37:37 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2009/07/14 06:37:37 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2009/07/14 06:37:37 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2011/08/16 20:27:26 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/08/16 20:27:27 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011/08/16 20:27:27 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011/08/16 20:27:28 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011/08/16 20:27:29 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009/07/14 03:44:20 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009/07/14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011/02/05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011/02/05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010/11/20 05:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 07:22:35 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/02 06:45:50 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/18 12:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 05:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 07:13:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 06:47:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/07/08 05:59:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 02:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2013/09/13 00:53:56 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.dll
[2013/10/11 00:51:25 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.ni.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010/04/05 19:12:00 | 000,267,832 | ---- | M] () -- \Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
[2010/04/05 19:12:06 | 000,000,256 | ---- | M] () -- \Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll.hpsign
[2013/09/13 01:23:44 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.dll
[2013/10/11 00:52:18 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.ni.dll
[2012/10/05 11:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2013/07/14 17:50:03 | 000,000,048 | ---- | M] () -- \Users\s fam\AppData\Local\Google\Picasa2\cache\cacheindex_serial.pmp
[2012/09/05 20:27:37 | 000,032,768 | ---- | M] () -- \Users\s fam\AppData\Local\HF Designer\{DC7876D8-6202-4206-AC64-76C3CB48101F}\mdbu\Locations!IX_VolumeSerialNumber_Location.ind
[2012/09/05 20:27:38 | 000,008,192 | ---- | M] () -- \Users\s fam\AppData\Local\HF Designer\{DC7876D8-6202-4206-AC64-76C3CB48101F}\mdbu\Media!IX_VolumeSerialNumber.ind
[2013/12/31 23:01:10 | 000,000,948 | ---- | M] () -- \Users\s fam\AppData\Roaming\Microsoft\Windows\Recent\Serial.lnk
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/08/15 17:08:00 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d462f459c4353e2c628e6def1430aed7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/08/16 19:12:30 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
[2013/08/15 17:20:27 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\845e04461d3d879b24c5b0d30947050a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/08/16 10:51:06 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\dbfc784cc4bde7b16fb471e14563569d\System.Runtime.Serialization.ni.dll
[2013/10/11 00:53:35 | 002,659,328 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\10519c5a16fab95707f40b55941647b5\System.Runtime.Serialization.ni.dll
[2013/08/16 19:18:03 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\ad3522eafb95969623aeef7c389246bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/07/12 20:14:48 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\cda839ea462e123d42cb6d0883cf0f4d\System.Xml.Serialization.ni.dll
[2013/10/11 09:21:23 | 003,425,792 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\4d6c50c63ff4757f8825b82fb18eae3d\System.Runtime.Serialization.ni.dll
[2013/08/15 16:32:29 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\cd2da26160fba6400b0353e558e35da6\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/07/12 20:24:54 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\252726355005e3388101a3f1dfa1c727\System.Xml.Serialization.ni.dll
[2011/07/02 20:24:02 | 000,376,320 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\Temp\420-0\System.Runtime.Serialization.Formatters.Soap.dll
[2010/03/18 12:16:28 | 001,026,936 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Runtime.Serialization.dll.amd64
[2010/03/18 12:16:28 | 001,026,936 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Runtime.Serialization.dll.x86
[2013/10/11 00:46:41 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/10/11 00:46:40 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/10/11 00:46:48 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/09/11 05:06:54 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/06 15:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2009/06/10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/09/11 05:06:54 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/06 15:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009/07/14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009/06/10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2010/09/02 20:47:40 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2010/09/02 20:47:40 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\sk-SK\serialui.dll.mui
[2010/09/02 20:47:38 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552\serialui.dll.mui
[2009/07/14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009/07/14 03:30:28 | 000,010,240 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_64015f894ce7c72a\serial.sys.mui
[2009/07/14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009/06/10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009/06/10 21:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2010/11/05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012/10/05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012/10/05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2009/06/10 21:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2010/11/05 02:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012/10/05 11:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012/10/05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2011/08/16 20:24:44 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/08/16 20:24:44 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2010/09/02 20:48:04 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552_serialui.dll.mui_7d29d2a3
[2009/07/14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2010/09/02 20:48:07 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009/07/14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011/02/05 14:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011/02/05 14:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011/02/05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/02/05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009/07/14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009/07/14 03:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2010/11/20 05:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012/10/05 19:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012/10/05 19:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2009/07/14 03:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2010/11/20 05:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012/10/05 19:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012/10/05 19:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2009/07/14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010/11/20 04:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012/10/05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012/10/05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009/07/14 03:42:40 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012/10/05 19:09:41 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2012/10/05 18:57:17 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2009/07/14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010/11/20 04:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012/10/05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012/10/05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009/07/14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010/11/20 04:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012/10/05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012/10/05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010/11/05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012/10/05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012/10/05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010/11/05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012/10/05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2010/09/02 20:47:40 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010/11/05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012/10/05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\windows\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 6104 bytes -> C:\windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh

< End of report >