Falešný profil uživatele ve Win Vista

[Márty84]

Udelejte sken s AVPTool http://forum.viry.cz/viewtopic.php?f=29&t=58179

[martivan]

Kaspersky nic nenašel (a volba Save je inaktivní).

Falešný profil se stále obnovuje, ale po již absolvovaném čištění je aspoň počítač svižnější

Napadá mě jediný spolehlivý způsob likvidace potvory, zlikvidovat její nosič, například hodem z okna

[Márty84]

Hod z okna je docela spolehlivy zpusob, bohuzel krom potvory znicite i pc

Zkusime jeste par veci. Ale mozna i tak bude nutna preinstalace. To se uvidi.


Postupujte podle navodu kolegy

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

• Kliknete na volbu Change parametrs
• V okne Additional Option zakliknete vsechny moznosti
• Kliknete na OK
• Utilite prikazte, at skenuje - klik na Start Scan
• Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
• Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
• Pokud mate vsude Skip, kliknete na Continue
• Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

[martivan]

TDSSKiller log (part 1):

00:28:54.0426 0x1f44 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
00:28:59.0340 0x1f44 ============================================================
00:28:59.0340 0x1f44 Current date / time: 2014/02/04 00:28:59.0340
00:28:59.0340 0x1f44 SystemInfo:
00:28:59.0340 0x1f44
00:28:59.0340 0x1f44 OS Version: 6.0.6002 ServicePack: 2.0
00:28:59.0340 0x1f44 Product type: Workstation
00:28:59.0340 0x1f44 ComputerName: MAGDALENA-ACER
00:28:59.0340 0x1f44 UserName: GM
00:28:59.0340 0x1f44 Windows directory: C:\Windows
00:28:59.0340 0x1f44 System windows directory: C:\Windows
00:28:59.0340 0x1f44 Processor architecture: Intel x86
00:28:59.0340 0x1f44 Number of processors: 2
00:28:59.0340 0x1f44 Page size: 0x1000
00:28:59.0340 0x1f44 Boot type: Normal boot
00:28:59.0340 0x1f44 ============================================================
00:28:59.0558 0x1f44 KLMD registered as C:\Windows\system32\drivers\56503926.sys
00:28:59.0636 0x1f44 System UUID: {EED86692-1DA1-4FD2-9F49-7B47F405A944}
00:29:00.0135 0x1f44 Drive \Device\Harddisk0\DR0 - Size: 0x3A38A25E00 (232.88 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
00:29:00.0151 0x1f44 ============================================================
00:29:00.0151 0x1f44 \Device\Harddisk0\DR0:
00:29:00.0151 0x1f44 MBR partitions:
00:29:00.0151 0x1f44 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xE, StartLBA 0x1384C7A, BlocksNum 0xDF607F4
00:29:00.0151 0x1f44 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xF2E546E, BlocksNum 0xD86402C
00:29:00.0151 0x1f44 ============================================================
00:29:00.0198 0x1f44 C: <-> \Device\Harddisk0\DR0\Partition1
00:29:00.0244 0x1f44 D: <-> \Device\Harddisk0\DR0\Partition2
00:29:00.0244 0x1f44 ============================================================
00:29:00.0244 0x1f44 Initialize success
00:29:00.0244 0x1f44 ============================================================
00:30:36.0233 0x1050 ============================================================
00:30:36.0233 0x1050 Scan started
00:30:36.0233 0x1050 Mode: Manual; SigCheck; TDLFS;
00:30:36.0233 0x1050 ============================================================
00:30:36.0233 0x1050 KSN ping started
00:30:38.0755 0x1050 KSN ping finished: true
00:30:40.0867 0x1050 ================ Scan system memory ========================
00:30:40.0867 0x1050 System memory - ok
00:30:40.0867 0x1050 ================ Scan services =============================
00:30:41.0867 0x1050 [ F11D68E40ED62FDB7C460C445F1EC4E5, FE0C6B90209CFE4485176B977B26732F3E087961C75768EC7C33398309D334D9 ] 602XML Updater C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
00:30:42.0063 0x1050 602XML Updater - ok
00:30:42.0882 0x1050 [ 97BD2E0AC8484705FCBE88AA006F0A94, 623696B3A0AA602BD58E1B0276A8508B8BABF65BD250A6FDE92DB4B63A42ADB2 ] A310 C:\Windows\system32\DRIVERS\AVerA310USB.sys
00:30:43.0252 0x1050 A310 - ok
00:30:43.0420 0x1050 [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI C:\Windows\system32\drivers\acpi.sys
00:30:43.0505 0x1050 ACPI - ok
00:30:43.0819 0x1050 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
00:30:43.0894 0x1050 adp94xx - ok
00:30:44.0045 0x1050 [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci C:\Windows\system32\drivers\adpahci.sys
00:30:44.0118 0x1050 adpahci - ok
00:30:44.0198 0x1050 [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
00:30:44.0251 0x1050 adpu160m - ok
00:30:44.0383 0x1050 [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
00:30:44.0419 0x1050 adpu320 - ok
00:30:44.0580 0x1050 [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:30:45.0038 0x1050 AeLookupSvc - ok
00:30:45.0266 0x1050 [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] AFD C:\Windows\system32\drivers\afd.sys
00:30:45.0477 0x1050 AFD - ok
00:30:45.0687 0x1050 [ EF23439CDD587F64C2C1B8825CEAD7D8, 762665CFC202B3E16CA2338887896FDF996331A363DC709F1EC088BF927133A3 ] agp440 C:\Windows\system32\drivers\agp440.sys
00:30:45.0716 0x1050 agp440 - ok
00:30:45.0798 0x1050 [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
00:30:45.0880 0x1050 aic78xx - ok
00:30:45.0954 0x1050 [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG C:\Windows\System32\alg.exe
00:30:47.0327 0x1050 ALG - ok
00:30:47.0366 0x1050 [ 90395B64600EBB4552E26E178C94B2E4, 73095893964DC7915983B58A567184FC51949C99341E7E0D04D70CC4C4F95E37 ] aliide C:\Windows\system32\drivers\aliide.sys
00:30:47.0413 0x1050 aliide - ok
00:30:47.0503 0x1050 [ 2B13E304C9DFDFA5EB582F6A149FA2C7, 196CCE13E0376526B79D9C43D4071990576C4DD210A48E9E922B438AA11C95E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
00:30:47.0533 0x1050 amdagp - ok
00:30:47.0613 0x1050 [ 0577DF1D323FE75A739C787893D300EA, 079EF3CA18FB847DB7E62929071BFF007FAF390E1DBF4C59F28DAAC6B9C2DE51 ] amdide C:\Windows\system32\drivers\amdide.sys
00:30:47.0641 0x1050 amdide - ok
00:30:47.0735 0x1050 [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
00:30:47.0858 0x1050 AmdK7 - ok
00:30:47.0898 0x1050 [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
00:30:48.0003 0x1050 AmdK8 - ok
00:30:48.0127 0x1050 [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo C:\Windows\System32\appinfo.dll
00:30:48.0289 0x1050 Appinfo - ok
00:30:48.0394 0x1050 [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc C:\Windows\system32\drivers\arc.sys
00:30:48.0415 0x1050 arc - ok
00:30:48.0504 0x1050 [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas C:\Windows\system32\drivers\arcsas.sys
00:30:48.0567 0x1050 arcsas - ok
00:30:48.0975 0x1050 [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
00:30:49.0133 0x1050 aspnet_state - ok
00:30:49.0223 0x1050 [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:30:49.0327 0x1050 AsyncMac - ok
00:30:49.0427 0x1050 [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi C:\Windows\system32\drivers\atapi.sys
00:30:49.0458 0x1050 atapi - ok
00:30:49.0708 0x1050 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:30:49.0815 0x1050 AudioEndpointBuilder - ok
00:30:49.0864 0x1050 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv C:\Windows\System32\Audiosrv.dll
00:30:49.0922 0x1050 Audiosrv - ok
00:30:50.0022 0x1050 [ 59629EDD214C35A01E2527AC3B8A7FB3, E71716CC1FF1574A2D854FA62350C73ECDAE21D3B827E18835D37F8B5857B4E3 ] Axtmvflt C:\Windows\system32\DRIVERS\Axtmvflt.sys
00:30:50.0203 0x1050 Axtmvflt - ok
00:30:50.0295 0x1050 [ 37E23B1756ECA768656097F72C0B458D, 1E2D517C932B60869B470FD00623B8ED15B62A20DC27DF54D167B643819227ED ] Axtmvmdm C:\Windows\system32\DRIVERS\Axtmvmdm.sys
00:30:50.0849 0x1050 Axtmvmdm - ok
00:30:50.0961 0x1050 [ 2C7170BE24EACC0B432EB1832FEE0DDC, B9555982073E836FAB68626435A382F55B74C60928D57AB35B17BFC202325EE8 ] Axtmvprt C:\Windows\system32\Drivers\Axtmvprt.sys
00:30:51.0063 0x1050 Axtmvprt - ok
00:30:51.0218 0x1050 [ 0B92CCF7BFCBE2B33838434F2F50CB61, 021FE5FA53F9208A19B737D1F8F3ED835BB68CE23E4EEDB2CB4F3E433985F9B6 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
00:30:51.0687 0x1050 b57nd60x - ok
00:30:51.0775 0x1050 [ 9805C435F9F58E782BFFBDD623DAA007, CE549D932D727F0C2056ADAB08632CADC74A890F3818B1E1860FB88BD35328B1 ] BDASwCap C:\Windows\system32\drivers\AVerA310Cap.sys
00:30:51.0838 0x1050 BDASwCap - ok
00:30:51.0950 0x1050 [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep C:\Windows\system32\drivers\Beep.sys
00:30:52.0069 0x1050 Beep - ok
00:30:52.0481 0x1050 [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE C:\Windows\System32\bfe.dll
00:30:53.0032 0x1050 BFE - ok
00:30:53.0947 0x1050 [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS C:\Windows\System32\qmgr.dll
00:30:54.0233 0x1050 BITS - ok
00:30:54.0240 0x1050 blbdrive - ok
00:30:54.0283 0x1050 [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:30:54.0630 0x1050 bowser - ok
00:30:54.0744 0x1050 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
00:30:54.0801 0x1050 BrFiltLo - ok
00:30:54.0837 0x1050 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
00:30:54.0906 0x1050 BrFiltUp - ok
00:30:54.0957 0x1050 [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser C:\Windows\System32\browser.dll
00:30:55.0078 0x1050 Browser - ok
00:30:55.0159 0x1050 [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid C:\Windows\system32\drivers\brserid.sys
00:30:55.0269 0x1050 Brserid - ok
00:30:55.0293 0x1050 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
00:30:55.0667 0x1050 BrSerWdm - ok
00:30:55.0700 0x1050 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
00:30:55.0793 0x1050 BrUsbMdm - ok
00:30:55.0814 0x1050 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
00:30:55.0918 0x1050 BrUsbSer - ok
00:30:55.0999 0x1050 [ 6D39C954799B63BA866910234CF7D726, 1D807C3410C01C76E5810D626F23C1CCED3C9C5A65F39267B770C494C8D64114 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
00:30:56.0114 0x1050 BthEnum - ok
00:30:56.0220 0x1050 [ 9A966A8E86D1771911AE34A20D11BFF3, FBD5F621A47A3530B325816E71F0C4BCE5CCE731C57DEBD42ACFC8BCAA258656 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
00:30:56.0340 0x1050 BTHMODEM - ok
00:30:56.0406 0x1050 [ 5904EFA25F829BF84EA6FB045134A1D8, 66E4160CC404744576BA6E9DD606B533F42B3D4A3E2FDD457DAA016CC72A81CC ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
00:30:56.0458 0x1050 BthPan - ok
00:30:56.0702 0x1050 [ 611FF3F2F095C8D4A6D4CFD9DCC09793, 2F27A1287ABCDB9C316EB720D1855100666240959CF969D5B2679C9ABCBD6050 ] BthPort C:\Windows\system32\Drivers\BTHport.sys
00:30:56.0856 0x1050 BthPort - ok
00:30:56.0994 0x1050 [ A4C8377FA4A994E07075107DBE2E3DCE, C3CDAA7B83D130100044341C23897CC6C257FA075A8D08B8551F4A28AE8CE6C4 ] BthServ C:\Windows\System32\bthserv.dll
00:30:57.0111 0x1050 BthServ - ok
00:30:57.0151 0x1050 [ D330803EAB2A15CAEC7F011F1D4CB30E, 240FFF317C90AD8966DA9666F2748F98CEC3CB99C486F399D1C68FE0E393EE68 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
00:30:57.0196 0x1050 BTHUSB - ok
00:30:57.0390 0x1050 [ 636F45A8500C1438CFA7DEE15FC5C184, 5AC0FD976751615589AA052562C610F3ED2B84D9AF8D954E3FEC13EB156483D3 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
00:30:57.0466 0x1050 btwaudio - ok
00:30:57.0540 0x1050 [ BF9256FF01B093A5D90BB7A35EC90410, D334C1D46EEC1FBC7206D9AE561D046D73E9DA75DE4434D308605A155958B9D6 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
00:30:57.0576 0x1050 btwavdt - ok
00:30:57.0707 0x1050 [ 0AB8C1AC177AFB27309E1072FAF34A37, 54318740132895A3D9230D82CC7B0765ED2DEF4DA3F4B0D256FD3B44137A1E21 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
00:30:57.0738 0x1050 btwrchid - ok
00:30:58.0339 0x1050 catchme - ok
00:30:58.0419 0x1050 [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:30:58.0494 0x1050 cdfs - ok
00:30:58.0571 0x1050 [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
00:30:58.0629 0x1050 cdrom - ok
00:30:58.0751 0x1050 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc C:\Windows\System32\certprop.dll
00:30:58.0798 0x1050 CertPropSvc - ok
00:30:58.0858 0x1050 [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
00:30:58.0930 0x1050 circlass - ok
00:30:59.0004 0x1050 [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS C:\Windows\system32\CLFS.sys
00:30:59.0056 0x1050 CLFS - ok
00:30:59.0144 0x1050 [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:30:59.0176 0x1050 clr_optimization_v2.0.50727_32 - ok
00:30:59.0305 0x1050 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:30:59.0659 0x1050 clr_optimization_v4.0.30319_32 - ok
00:30:59.0754 0x1050 [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:30:59.0840 0x1050 CmBatt - ok
00:30:59.0886 0x1050 [ 45201046C776FFDAF3FC8A0029C581C8, 68A68CF2B76598BC8610EB5B2D3FD5BDC9D51CFC6F51FB7A0B0C92A2BE910FC6 ] cmdide C:\Windows\system32\drivers\cmdide.sys
00:30:59.0915 0x1050 cmdide - ok
00:30:59.0948 0x1050 [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
00:30:59.0987 0x1050 Compbatt - ok
00:30:59.0996 0x1050 COMSysApp - ok
00:31:00.0063 0x1050 [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
00:31:00.0085 0x1050 crcdisk - ok
00:31:00.0119 0x1050 [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe C:\Windows\system32\drivers\crusoe.sys
00:31:00.0218 0x1050 Crusoe - ok
00:31:00.0331 0x1050 [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:31:00.0417 0x1050 CryptSvc - ok
00:31:00.0545 0x1050 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:31:00.0661 0x1050 DcomLaunch - ok
00:31:00.0704 0x1050 [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:31:00.0866 0x1050 DfsC - ok
00:31:01.0417 0x1050 [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR C:\Windows\system32\DFSR.exe
00:31:01.0786 0x1050 DFSR - ok
00:31:02.0032 0x1050 [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
00:31:02.0073 0x1050 Dhcp - ok
00:31:02.0166 0x1050 [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk C:\Windows\system32\drivers\disk.sys
00:31:02.0186 0x1050 disk - ok
00:31:02.0248 0x1050 [ 73BAF270D24FE726B9CD7F80BB17A23D, 12ADFB26C16A7D3F623C1A6B72D4C6AB9163EBC93CF13CB2AC6897FB95E96105 ] DKbFltr C:\Windows\system32\DRIVERS\DKbFltr.sys
00:31:02.0270 0x1050 DKbFltr - ok
00:31:02.0371 0x1050 [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:31:02.0435 0x1050 Dnscache - ok
00:31:02.0494 0x1050 [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc C:\Windows\System32\dot3svc.dll
00:31:02.0578 0x1050 dot3svc - ok
00:31:02.0772 0x1050 [ 4F59C172C094E1A1D46463A8DC061CBD, CE09A4ED1F8BA6242E152C384AFF5C3C95FBB8556DAE23765272F13BF158D8F9 ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
00:31:02.0854 0x1050 Dot4 - ok
00:31:02.0911 0x1050 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5, 69BB5B07D03FA9F28591012F2AA4A583D3F086644C136D63A56D1A827121CC19 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
00:31:02.0988 0x1050 Dot4Print - ok
00:31:03.0046 0x1050 [ A84D8A9006B1AE515CC7B6B3586C295A, 6B69D1723296FEFC751A415BAA1F8AD070CC19B84599964148A9D834B78CD617 ] Dot4Scan C:\Windows\system32\DRIVERS\Dot4Scan.sys
00:31:03.0113 0x1050 Dot4Scan - ok
00:31:03.0173 0x1050 [ C55004CA6B419B6695970DFE849B122F, 6E0C4A9E24DD09E9389E097AF63E7F5040A0658DDCEBBE963968B7118CFE9AB8 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
00:31:03.0242 0x1050 dot4usb - ok
00:31:03.0317 0x1050 [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS C:\Windows\system32\dps.dll
00:31:03.0393 0x1050 DPS - ok
00:31:03.0477 0x1050 [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:31:03.0571 0x1050 drmkaud - ok
00:31:03.0693 0x1050 [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:31:03.0738 0x1050 DXGKrnl - ok
00:31:03.0845 0x1050 [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
00:31:03.0913 0x1050 E1G60 - ok
00:31:04.0296 0x1050 [ CECB58460674339202F79BA1345D8527, 1032E726D64C3432704FE90A7B63A37E854A83389AD3A997C0916628C452F71F ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
00:31:04.0333 0x1050 eamonm - ok
00:31:04.0372 0x1050 [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost C:\Windows\System32\eapsvc.dll
00:31:04.0417 0x1050 EapHost - ok
00:31:04.0588 0x1050 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache C:\Windows\system32\drivers\ecache.sys
00:31:04.0618 0x1050 Ecache - ok
00:31:04.0858 0x1050 [ F54907AA07F60AFF81E1E09E97AF98B0, AA3DDFFFA0821836D3F6FB51457B601518A381A6C527041A49C93918DF0C6CA4 ] eDataSecurity Service C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
00:31:05.0040 0x1050 eDataSecurity Service - ok
00:31:05.0198 0x1050 [ C79916F203E1A2CBBE99F22D6E5D21DA, 84749E7067927AD437D38BEFEA12B40C3E849216F26338F707694918206C4C2A ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
00:31:05.0240 0x1050 ehdrv - ok
00:31:05.0407 0x1050 [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:31:05.0541 0x1050 ehRecvr - ok
00:31:05.0592 0x1050 [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched C:\Windows\ehome\ehsched.exe
00:31:05.0732 0x1050 ehSched - ok
00:31:05.0775 0x1050 [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart C:\Windows\ehome\ehstart.dll
00:31:05.0819 0x1050 ehstart - ok
00:31:06.0135 0x1050 [ 4CB575D97653FA91FFB02DA3105EB084, 59FB4D2485EEDBCC56D92C1F5DF3FEAE67D751F3AD7AEA7590F3C73107C829E8 ] ekrn C:\Program Files\ESET\ESET Smart Security\ekrn.exe
00:31:06.0411 0x1050 ekrn - ok
00:31:06.0733 0x1050 [ A7B5F3B9363F9AB1D4FE459BAF3B15D6, B63197FD8627F243A7B94D809CDECD9008FA884F59E92CC5CFD370C78119412B ] eLockService C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
00:31:06.0764 0x1050 eLockService - detected UnsignedFile.Multi.Generic ( 1 )
00:31:06.0995 0x1050 eLockService ( UnsignedFile.Multi.Generic ) - warning
00:31:07.0180 0x1050 [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor C:\Windows\system32\drivers\elxstor.sys
00:31:07.0210 0x1050 elxstor - ok
00:31:07.0274 0x1050 [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
00:31:07.0416 0x1050 EMDMgmt - ok
00:31:07.0533 0x1050 [ 207E2DDA01AAC6AD64F0368CA59FC179, 73F1C2FC6140EAFA73156EECD37C3D20E489C72BDA6EB86AA79B7D7206B33614 ] eNet Service C:\Acer\Empowering Technology\eNet\eNet Service.exe
00:31:07.0569 0x1050 eNet Service - detected UnsignedFile.Multi.Generic ( 1 )
00:31:07.0569 0x1050 eNet Service ( UnsignedFile.Multi.Generic ) - warning
00:31:07.0569 0x1050 Force sending object to P2P due to detect: C:\Acer\Empowering Technology\eNet\eNet Service.exe
00:31:07.0571 0x1050 Object send P2P result: false
00:31:07.0754 0x1050 [ 4B6B2C930CD076F8BDEE683512EE05E8, 37C1182044047FBB98E208C8CFF36BDB47F1617A57F7F7B2331E0F7BDD0A653D ] epfw C:\Windows\system32\DRIVERS\epfw.sys
00:31:07.0798 0x1050 epfw - ok
00:31:07.0823 0x1050 [ BDC856F11F2A8F4C9B4A59B29A33569B, ADD91A760F57C73FE6574EABBCB2F3F897A45C8DD0DE26BBFF2CCD5891FDBA6C ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
00:31:07.0851 0x1050 EpfwLWF - ok
00:31:07.0906 0x1050 [ 6EB4485DDAFCA013D35ED4E158ADE05B, FCB62340EF7E4472BDA04C97FB9DD68E79A06606CFB6C1CE93DDFFFDE1E44D06 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
00:31:07.0941 0x1050 epfwwfp - ok
00:31:08.0075 0x1050 [ A7B084BFBBD582A843D2F5C35220F962, EFB87F3C42B475D2732ED125E290C5048539AB0B39087135779B380EF27FD84C ] eRecoveryService C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
00:31:08.0112 0x1050 eRecoveryService - detected UnsignedFile.Multi.Generic ( 1 )
00:31:08.0112 0x1050 eRecoveryService ( UnsignedFile.Multi.Generic ) - warning
00:31:08.0217 0x1050 [ 06484E97D22F06DE8DE0F8E2BEC6FA9E, 57BEA62E5F36BB6F0504FC3319A84E7734D1B69C4C77E91FD2589D2D777A0EDA ] eSettingsService C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
00:31:08.0242 0x1050 eSettingsService - detected UnsignedFile.Multi.Generic ( 1 )
00:31:08.0243 0x1050 eSettingsService ( UnsignedFile.Multi.Generic ) - warning
00:31:08.0454 0x1050 [ 47EB47903EDC46B5DB924044F58D216E, BD2A4E63BA3422A68BFC3D14BC5FF82C9418AC1B134EE6A5B01BE7B720496761 ] ESProtectionDriver C:\Program Files\Malwarebytes Anti-Exploit\MBAE.sys
00:31:08.0514 0x1050 ESProtectionDriver - ok
00:31:08.0607 0x1050 [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem C:\Windows\system32\es.dll
00:31:08.0685 0x1050 EventSystem - ok
00:31:08.0906 0x1050 [ 54B6E150BFF4A47EB0D204119D262E46, 0D6215AE7B29859C2301AADD4260534CD47C94E680E649C8CBBEDBE8713BC39D ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
00:31:09.0258 0x1050 EvtEng - detected UnsignedFile.Multi.Generic ( 1 )
00:31:09.0258 0x1050 EvtEng ( UnsignedFile.Multi.Generic ) - warning
00:31:09.0258 0x1050 Force sending object to P2P due to detect: C:\Program Files\Intel\WiFi\bin\EvtEng.exe
00:31:09.0268 0x1050 Object send P2P result: false
00:31:09.0415 0x1050 [ 57C171EA22F0A7F068FCB0CAEDD1E8E7, 9AAF39AA22372FB8582C1422581C08E61444BF843E1CE2E199EB00FBEA6F9C06 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
00:31:09.0475 0x1050 ew_hwusbdev - ok
00:31:09.0649 0x1050 [ 61A973F60E94A551BA7B15F3460444FB, FC2FB69978D99D75673AFE9F08176F3139DCBAEDE4D339BD09DA29CD3EC01005 ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
00:31:09.0723 0x1050 ew_usbenumfilter - ok
00:31:09.0836 0x1050 [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat C:\Windows\system32\drivers\exfat.sys
00:31:09.0935 0x1050 exfat - ok
00:31:09.0986 0x1050 [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:31:10.0072 0x1050 fastfat - ok
00:31:10.0134 0x1050 [ 63BDADA84951B9C03E641800E176898A, AD3EA20CAD0E0C438422D5D39AEA9E0AAD9E1DC866A696AE503C76F5FAC4BE6E ] fdc C:\Windows\system32\DRIVERS\fdc.sys
00:31:10.0255 0x1050 fdc - ok
00:31:10.0321 0x1050 [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost C:\Windows\system32\fdPHost.dll
00:31:10.0379 0x1050 fdPHost - ok
00:31:10.0437 0x1050 [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub C:\Windows\system32\fdrespub.dll
00:31:10.0544 0x1050 FDResPub - ok
00:31:10.0621 0x1050 [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:31:10.0693 0x1050 FileInfo - ok
00:31:10.0735 0x1050 [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:31:10.0808 0x1050 Filetrace - ok
00:31:10.0859 0x1050 [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
00:31:10.0975 0x1050 flpydisk - ok
00:31:11.0027 0x1050 [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:31:11.0066 0x1050 FltMgr - ok
00:31:11.0187 0x1050 [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache C:\Windows\system32\FntCache.dll
00:31:11.0545 0x1050 FontCache - ok
00:31:11.0699 0x1050 [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
00:31:11.0791 0x1050 FontCache3.0.0.0 - ok
00:31:11.0831 0x1050 [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:31:11.0892 0x1050 Fs_Rec - ok
00:31:11.0926 0x1050 [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
00:31:11.0949 0x1050 gagp30kx - ok
00:31:12.0048 0x1050 [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc C:\Windows\System32\gpsvc.dll
00:31:12.0148 0x1050 gpsvc - ok
00:31:12.0425 0x1050 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
00:31:12.0482 0x1050 gupdate - ok
00:31:12.0492 0x1050 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
00:31:12.0521 0x1050 gupdatem - ok
00:31:12.0639 0x1050 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
00:31:12.0681 0x1050 gusvc - ok
00:31:12.0811 0x1050 [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:31:12.0927 0x1050 HdAudAddService - ok
00:31:12.0998 0x1050 [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
00:31:13.0079 0x1050 HDAudBus - ok
00:31:13.0133 0x1050 [ FCB3F4BE408F72C1BD81BCABA87FC22F, F63D75904888E40889A600EF32AA77130C088014949F5A574B49F547E9F9D4AD ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
00:31:13.0174 0x1050 HidBth - ok
00:31:13.0216 0x1050 [ D8DF3722D5E961BAA1292AA2F12827E2, 799E194B36BA08D59500A2C45ADD2FB69C7698F3F7F837CC7CFB266D57830BD6 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
00:31:13.0276 0x1050 HidIr - ok
00:31:13.0320 0x1050 [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv C:\Windows\System32\hidserv.dll
00:31:13.0375 0x1050 hidserv - ok
00:31:13.0435 0x1050 [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
00:31:13.0466 0x1050 HidUsb - ok
00:31:13.0509 0x1050 [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc C:\Windows\system32\kmsvc.dll
00:31:13.0563 0x1050 hkmsvc - ok
00:31:13.0592 0x1050 [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
00:31:13.0610 0x1050 HpCISSs - ok
00:31:13.0732 0x1050 [ 46D67209550973257601A533E2AC5785, 3C0D97781947BA8532344AA5D9F3B684761B5B3263A0A294F4593E76EE41DB0C ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
00:31:13.0886 0x1050 HSFHWAZL - ok
00:31:14.0008 0x1050 [ 347385D69C15E3D045AA1CB46E4CB86D, 53DA5E5F92F10DB485507398A5F9BBD5E712C1FFF386B119F958CE9E3F6B87AC ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
00:31:14.0323 0x1050 HSF_DPV - ok
00:31:14.0426 0x1050 [ 919337D853703267DA203E79A0AC1F2B, D0EE1BB20CF3671C3F68A709E14901E0820828E27F24D5E83B607E6CF8B7C8EB ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
00:31:14.0492 0x1050 HSXHWAZL - ok
00:31:14.0563 0x1050 [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:31:14.0675 0x1050 HTTP - ok
00:31:14.0800 0x1050 [ 3170044AA8090F80839D3D4330BF733A, 6DD14A4A214C625E891AFF5B730B567791E6C830AEC7AEE2C326C5D975AE8EF6 ] huawei_cdcacm C:\Windows\system32\DRIVERS\ew_jucdcacm.sys
00:31:14.0947 0x1050 huawei_cdcacm - ok
00:31:15.0166 0x1050 [ 1EF9E48AB82EA785C7348B22E9B02DC4, BD1D0F319E84AA5DFE6012BF7D7E5D9619C15FC78B6F23EFF086BD7F6127506B ] huawei_cdcecm C:\Windows\system32\DRIVERS\ew_jucdcecm.sys
00:31:15.0401 0x1050 huawei_cdcecm - ok
00:31:15.0427 0x1050 [ F44461E66F1B7DD267957FE9BAA63ED0, 5B51692F1670A43A8C1B9E2EECB4042AB04BA92AAA347405A61D3EA8C478BC5A ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
00:31:15.0641 0x1050 huawei_enumerator - ok
00:31:15.0836 0x1050 [ 69A103138B77AC0950EC3846E2E6F655, 082B59A5560BB58F314E7A7E4210DB7A2AB4F833CD72C5FFBA932F7928F78E3F ] huawei_ext_ctrl C:\Windows\system32\DRIVERS\ew_juextctrl.sys
00:31:16.0056 0x1050 huawei_ext_ctrl - ok
00:31:16.0166 0x1050 [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp C:\Windows\system32\drivers\i2omp.sys
00:31:16.0219 0x1050 i2omp - ok
00:31:16.0484 0x1050 [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
00:31:16.0556 0x1050 i8042prt - ok
00:31:16.0749 0x1050 [ 582F2D900A3AC34C98FBDC2C0ABEF6B9, 2B3879F89A8626FA560E6879F0E5B2AC4804C934EEA68B425A395D1114E64C4D ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
00:31:16.0800 0x1050 IAANTMON - ok
00:31:16.0986 0x1050 [ FD7F9D74C2B35DBDA400804A3F5ED5D8, 93BAEE15428E9B3FF2D5F7EE156697EA8C24E176C3A8E56D1B1AFF4E541867E4 ] iaStor C:\Windows\system32\drivers\iastor.sys
00:31:17.0013 0x1050 iaStor - ok
00:31:17.0109 0x1050 [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
00:31:17.0260 0x1050 iaStorV - ok
00:31:17.0504 0x1050 [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:31:18.0126 0x1050 idsvc - ok
00:31:18.0158 0x1050 [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp C:\Windows\system32\drivers\iirsp.sys
00:31:18.0180 0x1050 iirsp - ok
00:31:18.0240 0x1050 [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT C:\Windows\System32\ikeext.dll
00:31:18.0446 0x1050 IKEEXT - ok
00:31:18.0494 0x1050 [ 9D64201C9E5AC8D1F088762BA00FF3AB, 1F83B0C828654B8C195A33CA4424AD9F9CFE411D503BB79986D7396DB9BBC994 ] int15 C:\Acer\Empowering Technology\eRecovery\int15.sys
00:31:18.0540 0x1050 int15 - ok
00:31:18.0800 0x1050 [ 9F5898EBD3BBE82EADF2EFA595F02A72, A9A8CEE12F968C35D88443099875A8F96F42547F1991F1DB2E0F14FD423A411D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
00:31:19.0024 0x1050 IntcAzAudAddService - ok
00:31:19.0117 0x1050 [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide C:\Windows\system32\drivers\intelide.sys
00:31:19.0136 0x1050 intelide - ok
00:31:19.0197 0x1050 [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:31:19.0253 0x1050 intelppm - ok
00:31:19.0307 0x1050 [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:31:19.0366 0x1050 IPBusEnum - ok
00:31:19.0432 0x1050 [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:31:19.0494 0x1050 IpFilterDriver - ok
00:31:19.0576 0x1050 [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
00:31:19.0642 0x1050 iphlpsvc - ok
00:31:19.0695 0x1050 [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
00:31:19.0806 0x1050 IPMIDRV - ok
00:31:19.0858 0x1050 [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
00:31:19.0929 0x1050 IPNAT - ok
00:31:20.0003 0x1050 [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:31:20.0109 0x1050 IRENUM - ok
00:31:20.0164 0x1050 [ 350FCA7E73CF65BCEF43FAE1E4E91293, 68403FE3F4DC40919CD26A2CC42BE4386AE6874F47DD382348FFD79080721A13 ] isapnp C:\Windows\system32\drivers\isapnp.sys
00:31:20.0258 0x1050 isapnp - ok
00:31:20.0390 0x1050 [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
00:31:20.0489 0x1050 iScsiPrt - ok
00:31:20.0519 0x1050 [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
00:31:20.0611 0x1050 iteatapi - ok
00:31:20.0638 0x1050 [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid C:\Windows\system32\drivers\iteraid.sys
00:31:20.0744 0x1050 iteraid - ok
00:31:20.0810 0x1050 [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
00:31:20.0859 0x1050 kbdclass - ok
00:31:20.0955 0x1050 [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
00:31:21.0081 0x1050 kbdhid - ok
00:31:21.0141 0x1050 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso C:\Windows\system32\lsass.exe
00:31:21.0309 0x1050 KeyIso - ok
00:31:21.0476 0x1050 [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:31:22.0146 0x1050 KSecDD - ok
00:31:22.0336 0x1050 [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm C:\Windows\system32\msdtckrm.dll
00:31:22.0469 0x1050 KtmRm - ok
00:31:22.0553 0x1050 [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer C:\Windows\System32\srvsvc.dll
00:31:22.0668 0x1050 LanmanServer - ok
00:31:22.0761 0x1050 [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:31:22.0853 0x1050 LanmanWorkstation - ok
00:31:22.0976 0x1050 [ 793FF718477345CD5D232C50BED1E452, 1D39CF9F10742C79FF99B9B4E0361EAEA63B4FC545C58B54B55537D18C802941 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
00:31:23.0008 0x1050 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
00:31:23.0009 0x1050 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
00:31:23.0050 0x1050 [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:31:23.0084 0x1050 lltdio - ok
00:31:23.0114 0x1050 [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:31:23.0158 0x1050 lltdsvc - ok
00:31:23.0204 0x1050 [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts C:\Windows\System32\lmhsvc.dll
00:31:23.0272 0x1050 lmhosts - ok
00:31:23.0326 0x1050 [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
00:31:23.0346 0x1050 LSI_FC - ok
00:31:23.0366 0x1050 [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
00:31:23.0385 0x1050 LSI_SAS - ok
00:31:23.0409 0x1050 [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
00:31:23.0429 0x1050 LSI_SCSI - ok
00:31:23.0480 0x1050 [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv C:\Windows\system32\drivers\luafv.sys
00:31:23.0527 0x1050 luafv - ok
00:31:23.0585 0x1050 [ 14EA85B4C79B655C229D3596342A833A, 685E8585BDF8F818F423DE7477DA0076211470389663FC60EDD349BAC7595F9E ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys
00:31:23.0610 0x1050 mbamchameleon - ok
00:31:23.0673 0x1050 [ B856B50782B1A9E8E3493649B685293A, 1261C8E36FB43B578068F122713857D11662315E0D4956D33A54ECE43A72A97B ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
00:31:23.0699 0x1050 MBAMSwissArmy - ok
00:31:23.0847 0x1050 [ D77A5C1FEE2F46170F52FC13F9C8F0E9, 0D2CC0401A61EC5E3F0C18D69D916B02A82C8FA3759CDECE2186F5420C3A9D23 ] MbnExt C:\Program Files\T-Mobile\Web'n'walk Manager\MbnExt.dll
00:31:23.0879 0x1050 MbnExt - ok
00:31:23.0926 0x1050 [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:31:23.0969 0x1050 Mcx2Svc - ok
00:31:24.0193 0x1050 [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
00:31:24.0239 0x1050 MDM - detected UnsignedFile.Multi.Generic ( 1 )
00:31:24.0239 0x1050 MDM ( UnsignedFile.Multi.Generic ) - warning
00:31:24.0296 0x1050 [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
00:31:24.0330 0x1050 mdmxsdk - ok
00:31:24.0410 0x1050 [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas C:\Windows\system32\drivers\megasas.sys
00:31:24.0429 0x1050 megasas - ok
00:31:24.0501 0x1050 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS C:\Windows\system32\mmcss.dll
00:31:24.0553 0x1050 MMCSS - ok
00:31:24.0626 0x1050 MobilityService - ok
00:31:24.0675 0x1050 [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem C:\Windows\system32\drivers\modem.sys
00:31:24.0711 0x1050 Modem - ok
00:31:24.0806 0x1050 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:31:24.0855 0x1050 monitor - ok
00:31:24.0869 0x1050 [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
00:31:24.0890 0x1050 mouclass - ok
00:31:24.0932 0x1050 [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:31:24.0980 0x1050 mouhid - ok
00:31:25.0019 0x1050 [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
00:31:25.0041 0x1050 MountMgr - ok
00:31:25.0103 0x1050 [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio C:\Windows\system32\drivers\mpio.sys
00:31:25.0140 0x1050 mpio - ok
00:31:25.0175 0x1050 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:31:25.0225 0x1050 mpsdrv - ok
00:31:25.0289 0x1050 [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc C:\Windows\system32\mpssvc.dll
00:31:25.0355 0x1050 MpsSvc - ok
00:31:25.0424 0x1050 [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
00:31:25.0446 0x1050 Mraid35x - ok
00:31:25.0500 0x1050 [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:31:25.0547 0x1050 MRxDAV - ok
00:31:25.0591 0x1050 [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:31:25.0683 0x1050 mrxsmb - ok
00:31:25.0736 0x1050 [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:31:25.0786 0x1050 mrxsmb10 - ok
00:31:25.0838 0x1050 [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:31:25.0901 0x1050 mrxsmb20 - ok
00:31:25.0966 0x1050 [ 742AED7939E734C36B7E8D6228CE26B7, 6F727144BBD42C9C5555087CA51DE8D501B5CBEFB9967866CC578733E3C5E681 ] msahci C:\Windows\system32\drivers\msahci.sys
00:31:25.0995 0x1050 msahci - ok
00:31:26.0025 0x1050 [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm C:\Windows\system32\drivers\msdsm.sys
00:31:26.0058 0x1050 msdsm - ok
00:31:26.0110 0x1050 [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC C:\Windows\System32\msdtc.exe
00:31:26.0187 0x1050 MSDTC - ok
00:31:26.0276 0x1050 [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:31:26.0347 0x1050 Msfs - ok
00:31:26.0428 0x1050 [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
00:31:26.0460 0x1050 msisadrv - ok
00:31:26.0518 0x1050 [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:31:26.0578 0x1050 MSiSCSI - ok
00:31:26.0585 0x1050 msiserver - ok
00:31:26.0632 0x1050 [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV

(to be continued)

[martivan]

TDSSKiller log (part 2)

C:\Windows\system32\drivers\MSKSSRV.sys
00:31:26.0686 0x1050 MSKSSRV - ok
00:31:26.0761 0x1050 [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:31:26.0816 0x1050 MSPCLOCK - ok
00:31:26.0870 0x1050 [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:31:26.0904 0x1050 MSPQM - ok
00:31:26.0941 0x1050 [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:31:26.0965 0x1050 MsRPC - ok
00:31:27.0006 0x1050 [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
00:31:27.0026 0x1050 mssmbios - ok
00:31:27.0074 0x1050 [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:31:27.0130 0x1050 MSTEE - ok
00:31:27.0175 0x1050 [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup C:\Windows\system32\Drivers\mup.sys
00:31:27.0196 0x1050 Mup - ok
00:31:27.0234 0x1050 [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent C:\Windows\system32\qagentRT.dll
00:31:27.0288 0x1050 napagent - ok
00:31:27.0337 0x1050 [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:31:27.0383 0x1050 NativeWifiP - ok
00:31:27.0441 0x1050 [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS C:\Windows\system32\drivers\ndis.sys
00:31:27.0516 0x1050 NDIS - ok
00:31:27.0580 0x1050 [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:31:27.0668 0x1050 NdisTapi - ok
00:31:27.0693 0x1050 [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:31:27.0735 0x1050 Ndisuio - ok
00:31:27.0781 0x1050 [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:31:27.0833 0x1050 NdisWan - ok
00:31:27.0874 0x1050 [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:31:27.0919 0x1050 NDProxy - ok
00:31:27.0973 0x1050 [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:31:28.0017 0x1050 NetBIOS - ok
00:31:28.0056 0x1050 [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt C:\Windows\system32\DRIVERS\netbt.sys
00:31:28.0104 0x1050 netbt - ok
00:31:28.0118 0x1050 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon C:\Windows\system32\lsass.exe
00:31:28.0140 0x1050 Netlogon - ok
00:31:28.0204 0x1050 [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman C:\Windows\System32\netman.dll
00:31:28.0261 0x1050 Netman - ok
00:31:28.0371 0x1050 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:31:28.0910 0x1050 NetMsmqActivator - ok
00:31:28.0951 0x1050 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:31:28.0990 0x1050 NetPipeActivator - ok
00:31:29.0048 0x1050 [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm C:\Windows\System32\netprofm.dll
00:31:29.0140 0x1050 netprofm - ok
00:31:29.0217 0x1050 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:31:29.0256 0x1050 NetTcpActivator - ok
00:31:29.0268 0x1050 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:31:29.0307 0x1050 NetTcpPortSharing - ok
00:31:29.0957 0x1050 [ 1D73499A6664B4DA05D750FF83FDB274, 8A299843DFF7DEEFB639440074C63FC88548FE4EE897FBA9F3B0FE65D17C45FA ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys
00:31:30.0576 0x1050 NETw4v32 - ok
00:31:30.0830 0x1050 [ 8DE67BD902095A13329FD82C85A1FA09, 7F0B058D0C306A845F7BF14B24B0BDBCE6F152A054331072549F46284E75A367 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
00:31:31.0361 0x1050 NETw5v32 - ok
00:31:31.0403 0x1050 [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
00:31:31.0422 0x1050 nfrd960 - ok
00:31:31.0458 0x1050 [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc C:\Windows\System32\nlasvc.dll
00:31:31.0515 0x1050 NlaSvc - ok
00:31:31.0738 0x1050 [ A00877C05933FBA8AFB3390DD72D4679, 684D9642173C4BF4B752F259D5E89F16BC8B4B1608F1E6E176AA692A9775CE38 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
00:31:31.0839 0x1050 nmwcd - ok
00:31:31.0904 0x1050 [ 9FF15F18E4E8758AC57BDB910D0238B3, F27C40BDD3818C54E1099AD525C7C19B424E0C4676DB366DE0E905CA3F82A310 ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
00:31:31.0969 0x1050 nmwcdc - ok
00:31:32.0138 0x1050 [ B0575681498D75E0C0432200702B4A0A, EE6037B038265562A4F59E92A9F665C7A8AA8E8C5DEB3481F1F7B6D39A4E4954 ] nmwcdnsu C:\Windows\system32\drivers\nmwcdnsu.sys
00:31:32.0227 0x1050 nmwcdnsu - ok
00:31:32.0280 0x1050 [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:31:32.0339 0x1050 Npfs - ok
00:31:32.0394 0x1050 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll
00:31:32.0462 0x1050 nsi - ok
00:31:32.0500 0x1050 [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:31:32.0570 0x1050 nsiproxy - ok
00:31:32.0687 0x1050 [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:31:32.0815 0x1050 Ntfs - ok
00:31:32.0891 0x1050 [ 7F1C1F78D709C4A54CBB46EDE7E0B48D, 52135D41983A9E9E1DCA250A63017076AE22AA06D77CCF2E5EF41154F958584A ] NTIDrvr C:\Windows\system32\DRIVERS\NTIDrvr.sys
00:31:32.0924 0x1050 NTIDrvr - detected UnsignedFile.Multi.Generic ( 1 )
00:31:32.0924 0x1050 NTIDrvr ( UnsignedFile.Multi.Generic ) - warning
00:31:32.0965 0x1050 [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
00:31:33.0032 0x1050 ntrigdigi - ok
00:31:33.0069 0x1050 [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys
00:31:33.0105 0x1050 Null - ok
00:31:34.0080 0x1050 [ 8E5E17B69830D7CC4691A8E564870C46, C570AF23C3840C089D40EB4BACB9955315637B2FA402B4C4A74C066BBDC44E8B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:31:35.0164 0x1050 nvlddmkm - ok
00:31:35.0210 0x1050 [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:31:35.0231 0x1050 nvraid - ok
00:31:35.0275 0x1050 [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:31:35.0295 0x1050 nvstor - ok
00:31:35.0320 0x1050 [ 07C186427EB8FCC3D8D7927187F260F7, 9AFDE1CB7B7232BD019804BFC691580B9CC2E51A5BC0E5584B23907D532600D8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
00:31:35.0342 0x1050 nv_agp - ok
00:31:35.0486 0x1050 [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:31:35.0520 0x1050 odserv - ok
00:31:35.0630 0x1050 [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
00:31:35.0684 0x1050 ohci1394 - ok
00:31:35.0805 0x1050 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:31:35.0831 0x1050 ose - ok
00:31:35.0912 0x1050 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc C:\Windows\system32\p2psvc.dll
00:31:36.0040 0x1050 p2pimsvc - ok
00:31:36.0084 0x1050 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc C:\Windows\system32\p2psvc.dll
00:31:36.0140 0x1050 p2psvc - ok
00:31:36.0175 0x1050 [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport C:\Windows\system32\drivers\parport.sys
00:31:36.0245 0x1050 Parport - ok
00:31:36.0287 0x1050 [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:31:36.0308 0x1050 partmgr - ok
00:31:36.0328 0x1050 [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
00:31:36.0379 0x1050 Parvdm - ok
00:31:36.0415 0x1050 [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll
00:31:36.0472 0x1050 PcaSvc - ok
00:31:36.0570 0x1050 [ F451DCACBAA67F3307305EBD4A39EA07, C4435BF4C2D16F3DC0B35732BE3602FFA28DB0A5BC5576F45E0D32E5F4CD2DEA ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
00:31:36.0646 0x1050 pccsmcfd - ok
00:31:36.0739 0x1050 [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci C:\Windows\system32\drivers\pci.sys
00:31:36.0763 0x1050 pci - ok
00:31:36.0818 0x1050 [ 3B1901E401473E03EB8C874271E50C26, 3C7931F419E29FDD0155D8D05D97289430A2852FCB3DBAD1B338FE2241458E72 ] pciide C:\Windows\system32\drivers\pciide.sys
00:31:36.0851 0x1050 pciide - ok
00:31:36.0922 0x1050 [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
00:31:36.0950 0x1050 pcmcia - ok
00:31:37.0061 0x1050 [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:31:37.0302 0x1050 PEAUTH - ok
00:31:37.0467 0x1050 [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll
00:31:37.0862 0x1050 pla - ok
00:31:37.0931 0x1050 [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:31:37.0970 0x1050 PlugPlay - ok
00:31:38.0033 0x1050 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
00:31:38.0108 0x1050 PNRPAutoReg - ok
00:31:38.0241 0x1050 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc C:\Windows\system32\p2psvc.dll
00:31:38.0315 0x1050 PNRPsvc - ok
00:31:38.0387 0x1050 [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:31:38.0430 0x1050 PolicyAgent - ok
00:31:38.0491 0x1050 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:31:38.0525 0x1050 PptpMiniport - ok
00:31:38.0547 0x1050 [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor C:\Windows\system32\drivers\processr.sys
00:31:38.0620 0x1050 Processor - ok
00:31:38.0695 0x1050 [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc C:\Windows\system32\profsvc.dll
00:31:38.0730 0x1050 ProfSvc - ok
00:31:38.0750 0x1050 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
00:31:38.0772 0x1050 ProtectedStorage - ok
00:31:38.0824 0x1050 [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
00:31:38.0873 0x1050 PSched - ok
00:31:38.0931 0x1050 [ E801D5CC24E1CF18FA87D24D7074B876, 78E7CD12320EE15712DF304F23AFA12CA2ACFDB9A7AA6AEFF3E73F48F0E0F242 ] PSDFilter C:\Windows\system32\DRIVERS\psdfilter.sys
00:31:38.0953 0x1050 PSDFilter - ok
00:31:38.0984 0x1050 [ 24B5E3429F7F0E779FC2E6E36A0A5F73, 2BAE150EF1401F2EDD26C91282BDAB7705E12A11A8CABDD6DE539464FCA9E76C ] PSDNServ C:\Windows\system32\drivers\PSDNServ.sys
00:31:39.0005 0x1050 PSDNServ - ok
00:31:39.0025 0x1050 [ 01CBFD08C0E8A6106BB26FCDA297154E, 9E7F577AFFC63850F65C6811A98A18AF86F4C389197D65F9B9AEF251EF6DD067 ] psdvdisk C:\Windows\system32\drivers\psdvdisk.sys
00:31:39.0047 0x1050 psdvdisk - ok
00:31:39.0356 0x1050 [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300 C:\Windows\system32\drivers\ql2300.sys
00:31:40.0020 0x1050 ql2300 - ok
00:31:40.0058 0x1050 [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
00:31:40.0092 0x1050 ql40xx - ok
00:31:40.0149 0x1050 [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll
00:31:40.0208 0x1050 QWAVE - ok
00:31:40.0246 0x1050 [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:31:40.0292 0x1050 QWAVEdrv - ok
00:31:40.0341 0x1050 [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:31:40.0449 0x1050 RasAcd - ok
00:31:40.0510 0x1050 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll
00:31:40.0624 0x1050 RasAuto - ok
00:31:40.0686 0x1050 [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:31:40.0742 0x1050 Rasl2tp - ok
00:31:40.0785 0x1050 [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan C:\Windows\System32\rasmans.dll
00:31:40.0822 0x1050 RasMan - ok
00:31:40.0856 0x1050 [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:31:40.0904 0x1050 RasPppoe - ok
00:31:40.0948 0x1050 [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:31:40.0988 0x1050 RasSstp - ok
00:31:41.0048 0x1050 [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:31:41.0084 0x1050 rdbss - ok
00:31:41.0182 0x1050 [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:31:41.0265 0x1050 RDPCDD - ok
00:31:41.0330 0x1050 [ E8BD98D46F2ED77132BA927FCCB47D8B, 5187CF8F00AD67EDDF27DF675F3210C0D72E552578A89C58DF6953B1D5BEBCB8 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
00:31:41.0408 0x1050 rdpdr - ok
00:31:41.0460 0x1050 [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:31:41.0519 0x1050 RDPENCDD - ok
00:31:41.0673 0x1050 [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:31:41.0768 0x1050 RDPWD - ok
00:31:42.0014 0x1050 [ 3FF45B7F17D5837216ABAE652CC61540, 33AF3C99247DD5779CF02AC7C2E170C31CCFAB0282D68AAB606CD6A3279B99E7 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
00:31:42.0061 0x1050 RegSrvc - detected UnsignedFile.Multi.Generic ( 1 )
00:31:42.0061 0x1050 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
00:31:42.0153 0x1050 [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll
00:31:42.0222 0x1050 RemoteAccess - ok
00:31:42.0276 0x1050 [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:31:42.0342 0x1050 RemoteRegistry - ok
00:31:42.0486 0x1050 [ 6482707F9F4DA0ECBAB43B2E0398A101, 7D57FC36577121D7E26A4F2D46DCA8725D55EC9F75B91DF994DB742BC4FB89C2 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
00:31:42.0578 0x1050 RFCOMM - ok
00:31:42.0827 0x1050 [ 0A468612A19FEB657D127E7C4810F6FC, B31A083FA10051BE5132D759A904E131E9DD1C4CE79310A75213B9C48247739B ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
00:31:42.0890 0x1050 RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
00:31:42.0890 0x1050 RichVideo ( UnsignedFile.Multi.Generic ) - warning
00:31:42.0984 0x1050 [ 355AAC141B214BEF1DBC1483AFD9BD50, EB9AF96E81C1644C0190D269119BE71C63B60D50153C6EA2659B488C4456DBDF ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
00:31:43.0085 0x1050 rimmptsk - ok
00:31:43.0124 0x1050 [ A4216C71DD4F60B26418CCFD99CD0815, C189953DD7B3AB31167D8746E8F829D222FEF3F8866317814414EF3E0D92B9E1 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
00:31:43.0261 0x1050 rimsptsk - ok
00:31:43.0301 0x1050 [ D231B577024AA324AF13A42F3A807D10, F63885D67FA40F3640044C79AE8FAA536D307959D2AE9543C4A8F3CE5447CF91 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
00:31:43.0396 0x1050 rismxdp - ok
00:31:43.0473 0x1050 [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator C:\Windows\system32\locator.exe
00:31:43.0577 0x1050 RpcLocator - ok
00:31:43.0674 0x1050 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs C:\Windows\system32\rpcss.dll
00:31:43.0755 0x1050 RpcSs - ok
00:31:43.0844 0x1050 [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:31:43.0960 0x1050 rspndr - ok
00:31:43.0983 0x1050 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs C:\Windows\system32\lsass.exe
00:31:44.0016 0x1050 SamSs - ok
00:31:44.0102 0x1050 [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
00:31:44.0123 0x1050 sbp2port - ok
00:31:44.0221 0x1050 [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:31:44.0275 0x1050 SCardSvr - ok
00:31:44.0515 0x1050 [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule C:\Windows\system32\schedsvc.dll
00:31:44.0631 0x1050 Schedule - ok
00:31:44.0703 0x1050 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc C:\Windows\System32\certprop.dll
00:31:44.0735 0x1050 SCPolicySvc - ok
00:31:44.0815 0x1050 [ 8F36B54688C31EED4580129040C6A3D3, DC150689CBAEEC94B9DE0CA6A633FAD16CDDDC452521232E0C2A44BAE61E08D9 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
00:31:44.0875 0x1050 sdbus - ok
00:31:44.0948 0x1050 [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:31:45.0060 0x1050 SDRSVC - ok
00:31:45.0127 0x1050 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:31:45.0241 0x1050 secdrv - ok
00:31:45.0323 0x1050 [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon C:\Windows\system32\seclogon.dll
00:31:45.0402 0x1050 seclogon - ok
00:31:45.0465 0x1050 [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\System32\sens.dll
00:31:45.0554 0x1050 SENS - ok
00:31:45.0594 0x1050 [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum C:\Windows\system32\drivers\serenum.sys
00:31:45.0812 0x1050 Serenum - ok
00:31:45.0863 0x1050 [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial C:\Windows\system32\drivers\serial.sys
00:31:45.0951 0x1050 Serial - ok
00:31:46.0044 0x1050 [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
00:31:46.0098 0x1050 sermouse - ok
00:31:46.0605 0x1050 [ 78F7BB9F4924BE164294C59B8C3FC096, 75051A6A8B0DBB16CD70855A408134270EEAF0C127BAAE5B592DB53BB87C085B ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
00:31:46.0677 0x1050 ServiceLayer - ok
00:31:46.0763 0x1050 [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
00:31:46.0799 0x1050 SessionEnv - ok
00:31:46.0868 0x1050 [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
00:31:46.0934 0x1050 sffdisk - ok
00:31:46.0990 0x1050 [ 8FD08A310645FE872EEEC6E08C6BF3EE, 702A148C9DE172E7B5E331F057487255E0729FD42F949BB0FF2D5A01775933CF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
00:31:47.0068 0x1050 sffp_mmc - ok
00:31:47.0130 0x1050 [ 9F66A46C55D6F1CCABC79BB7AFCCC545, 029115C69315D2298F7FC944A53EF7F120FF74919208EB5ABC190022176D9B16 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
00:31:47.0190 0x1050 sffp_sd - ok
00:31:47.0210 0x1050 [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
00:31:47.0287 0x1050 sfloppy - ok
00:31:47.0423 0x1050 [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
00:31:47.0478 0x1050 SharedAccess - ok
00:31:47.0595 0x1050 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:31:47.0710 0x1050 ShellHWDetection - ok
00:31:47.0777 0x1050 [ D2A595D6EEBEEAF4334F8E50EFBC9931, 851B8205C657BF806C4D815DC75356E99B4246016B6E1C1F51BAF8AD1E6D5299 ] sisagp C:\Windows\system32\drivers\sisagp.sys
00:31:47.0808 0x1050 sisagp - ok
00:31:47.0847 0x1050 [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
00:31:47.0877 0x1050 SiSRaid2 - ok
00:31:47.0913 0x1050 [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
00:31:47.0933 0x1050 SiSRaid4 - ok
00:31:48.0170 0x1050 [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
00:31:48.0197 0x1050 SkypeUpdate - ok
00:31:48.0599 0x1050 [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc C:\Windows\system32\SLsvc.exe
00:31:50.0147 0x1050 slsvc - ok
00:31:50.0231 0x1050 [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify C:\Windows\system32\SLUINotify.dll
00:31:50.0281 0x1050 SLUINotify - ok
00:31:50.0351 0x1050 [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:31:50.0398 0x1050 Smb - ok
00:31:50.0478 0x1050 [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:31:50.0514 0x1050 SNMPTRAP - ok
00:31:51.0134 0x1050 [ 1C550748F896E53B7B0FE7717845132B, B745D22DCB6AFFCC9B5E0BF38B68440B54080B17ED9DF7EB414F84EB035E1F30 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
00:31:52.0791 0x1050 SNP2UVC - ok
00:31:52.0867 0x1050 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
00:31:52.0898 0x1050 spldr - ok
00:31:52.0988 0x1050 [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler C:\Windows\System32\spoolsv.exe
00:31:53.0088 0x1050 Spooler - ok
00:31:53.0259 0x1050 [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv C:\Windows\system32\DRIVERS\srv.sys
00:31:53.0624 0x1050 srv - ok
00:31:53.0742 0x1050 [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:31:53.0981 0x1050 srv2 - ok
00:31:54.0056 0x1050 [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:31:54.0130 0x1050 srvnet - ok
00:31:54.0237 0x1050 [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:31:54.0317 0x1050 SSDPSRV - ok
00:31:54.0418 0x1050 [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:31:54.0564 0x1050 SstpSvc - ok
00:31:54.0706 0x1050 [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc C:\Windows\System32\wiaservc.dll
00:31:54.0822 0x1050 stisvc - ok
00:31:54.0874 0x1050 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
00:31:54.0893 0x1050 swenum - ok
00:31:54.0933 0x1050 [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv C:\Windows\System32\swprv.dll
00:31:55.0012 0x1050 swprv - ok
00:31:55.0091 0x1050 [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
00:31:55.0110 0x1050 Symc8xx - ok
00:31:55.0153 0x1050 [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
00:31:55.0172 0x1050 Sym_hi - ok
00:31:55.0207 0x1050 [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
00:31:55.0226 0x1050 Sym_u3 - ok
00:31:55.0323 0x1050 [ 5D6E865780AAE258ABA1A1484782CFEC, 3A4F2943891BAEEB8A14FE2376516F1368533E9AACCC6952D0D05EC8FA6342E0 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
00:31:55.0345 0x1050 SynTP - ok
00:31:55.0520 0x1050 [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain C:\Windows\system32\sysmain.dll
00:31:55.0612 0x1050 SysMain - ok
00:31:55.0665 0x1050 [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:31:55.0709 0x1050 TabletInputService - ok
00:31:55.0749 0x1050 [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv C:\Windows\System32\tapisrv.dll
00:31:55.0814 0x1050 TapiSrv - ok
00:31:55.0857 0x1050 [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
00:31:55.0916 0x1050 TBS - ok
00:31:56.0026 0x1050 [ D18D53974FD715D50FC76F9FFE1C830D, 50424BD5950D8FC7724A6E48AE5A39D6E727FAF326C31657C69F1DE13C1450E3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:31:56.0112 0x1050 Tcpip - ok
00:31:56.0145 0x1050 [ D18D53974FD715D50FC76F9FFE1C830D, 50424BD5950D8FC7724A6E48AE5A39D6E727FAF326C31657C69F1DE13C1450E3 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
00:31:56.0223 0x1050 Tcpip6 - ok
00:31:56.0265 0x1050 [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:31:56.0303 0x1050 tcpipreg - ok
00:31:56.0427 0x1050 [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:31:56.0482 0x1050 TDPIPE - ok
00:31:56.0500 0x1050 [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:31:56.0534 0x1050 TDTCP - ok
00:31:56.0558 0x1050 [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:31:56.0605 0x1050 tdx - ok
00:31:56.0648 0x1050 [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
00:31:56.0669 0x1050 TermDD - ok
00:31:56.0702 0x1050 [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService C:\Windows\System32\termsrv.dll
00:31:56.0757 0x1050 TermService - ok
00:31:56.0793 0x1050 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes C:\Windows\system32\shsvcs.dll
00:31:56.0824 0x1050 Themes - ok
00:31:56.0843 0x1050 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
00:31:56.0885 0x1050 THREADORDER - ok
00:31:56.0927 0x1050 [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
00:31:56.0972 0x1050 TrkWks - ok
00:31:57.0086 0x1050 [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:31:57.0138 0x1050 TrustedInstaller - ok
00:31:57.0199 0x1050 [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:31:57.0263 0x1050 tssecsrv - ok
00:31:57.0303 0x1050 [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
00:31:57.0361 0x1050 tunmp - ok
00:31:57.0410 0x1050 [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:31:57.0444 0x1050 tunnel - ok
00:31:57.0613 0x1050 [ DB47ADEE2DD723FA27CDEC7D2EA2A9BE, C3B72C4F5A836CF664F7990DFF3EAF08AB9538CCC84FA5C5ECB085B0557F939E ] TVECapSvc C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVECapSvc.exe
00:31:57.0654 0x1050 TVECapSvc - detected UnsignedFile.Multi.Generic ( 1 )
00:31:57.0654 0x1050 TVECapSvc ( UnsignedFile.Multi.Generic ) - warning
00:31:57.0676 0x1050 [ 25947D2D495B45AA9ECECB32796CDF36, 621B4E61669E79D8823BCF37535169F06C7B224FCD55249F6C95B8D85C920620 ] TVESched C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVESched.exe
00:31:57.0703 0x1050 TVESched - detected UnsignedFile.Multi.Generic ( 1 )
00:31:57.0703 0x1050 TVESched ( UnsignedFile.Multi.Generic ) - warning
00:31:57.0752 0x1050 [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35 C:\Windows\system32\drivers\uagp35.sys
00:31:57.0783 0x1050 uagp35 - ok
00:31:57.0824 0x1050 [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:31:57.0880 0x1050 udfs - ok
00:31:57.0963 0x1050 [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:31:58.0024 0x1050 UI0Detect - ok
00:31:58.0067 0x1050 [ 75E6890EBFCE0841D3291B02E7A8BDB0, FDF9CDCCCCC0AA2A52623C5A67AC5F5224557EE4C8F6487CB13CAEB012575E2A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
00:31:58.0086 0x1050 uliagpkx - ok
00:31:58.0154 0x1050 [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci C:\Windows\system32\drivers\uliahci.sys
00:31:58.0178 0x1050 uliahci - ok
00:31:58.0206 0x1050 [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
00:31:58.0227 0x1050 UlSata - ok
00:31:58.0270 0x1050 [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
00:31:58.0290 0x1050 ulsata2 - ok
00:31:58.0344 0x1050 [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
00:31:58.0387 0x1050 umbus - ok
00:31:58.0479 0x1050 [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
00:31:58.0563 0x1050 upnphost - ok
00:31:58.0629 0x1050 [ 8721F55D8BC9F89E3A63CEBDF5EF4FA3, C0C82480014B646709869A6A6FA2B71B993F9FCD8E2DB9E8F7D341C21EE169CF ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
00:31:58.0689 0x1050 upperdev - ok
00:31:58.0734 0x1050 [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:31:58.0787 0x1050 usbccgp - ok
00:31:58.0826 0x1050 [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
00:31:58.0903 0x1050 usbcir - ok
00:31:58.0972 0x1050 [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
00:31:59.0008 0x1050 usbehci - ok
00:31:59.0038 0x1050 [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:31:59.0081 0x1050 usbhub - ok
00:31:59.0104 0x1050 [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci C:\Windows\system32\drivers\usbohci.sys
00:31:59.0177 0x1050 usbohci - ok
00:31:59.0204 0x1050 [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
00:31:59.0245 0x1050 usbprint - ok
00:31:59.0291 0x1050 [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
00:31:59.0338 0x1050 usbscan - ok
00:31:59.0436 0x1050 [ 8E6C378A885D6FFDA8F05E8D27B95C0E, 351F20B1CB510F7B6B9321EB6C7A97446EF963A89F19F7E7A9CF41381B4B19FF ] usbser C:\Windows\system32\drivers\usbser.sys
00:31:59.0472 0x1050 usbser - ok
00:31:59.0520 0x1050 [ 4E66C71D8D010BFB0DF1042D25E9CB0F, E581ED3557A06FEE7F35DF1C18C7D74FEFD1FC5E6CDAD6692F66F4A033830F1C ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
00:31:59.0580 0x1050 UsbserFilt - ok
00:31:59.0620 0x1050 [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:31:59.0669 0x1050 USBSTOR - ok
00:31:59.0726 0x1050 [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
00:31:59.0773 0x1050 usbuhci - ok
00:31:59.0799 0x1050 [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms C:\Windows\System32\uxsms.dll
00:31:59.0847 0x1050 UxSms - ok
00:31:59.0906 0x1050 [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds C:\Windows\System32\vds.exe
00:32:00.0005 0x1050 vds - ok
00:32:00.0064 0x1050 [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:32:00.0140 0x1050 vga - ok
00:32:00.0171 0x1050 [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
00:32:00.0204 0x1050 VgaSave - ok
00:32:00.0225 0x1050 [ 045D9961E591CF0674A920B6BA3BA5CB, EBF498A0424CEA0F7ECBAAE144A8669CE6B5DD67115DE22CEC5A46AED26CD90B ] viaagp C:\Windows\system32\drivers\viaagp.sys
00:32:00.0245 0x1050 viaagp - ok
00:32:00.0262 0x1050 [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7 C:\Windows\system32\drivers\viac7.sys
00:32:00.0315 0x1050 ViaC7 - ok
00:32:00.0335 0x1050 [ FD2E3175FCADA350C7AB4521DCA187EC, 1C914B184478611A27E0141F90EBC34FC63DFB2A83441DD36DFA43D945FB1C52 ] viaide C:\Windows\system32\drivers\viaide.sys
00:32:00.0353 0x1050 viaide - ok
00:32:00.0377 0x1050 [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
00:32:00.0397 0x1050 volmgr - ok
00:32:00.0445 0x1050 [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:32:00.0474 0x1050 volmgrx - ok
00:32:00.0575 0x1050 [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
00:32:00.0607 0x1050 volsnap - ok
00:32:00.0667 0x1050 [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
00:32:00.0693 0x1050 vsmraid - ok
00:32:00.0765 0x1050 [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS C:\Windows\system32\vssvc.exe
00:32:00.0912 0x1050 VSS - ok
00:32:01.0091 0x1050 [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time C:\Windows\system32\w32time.dll
00:32:01.0165 0x1050 W32Time - ok
00:32:01.0227 0x1050 [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
00:32:01.0303 0x1050 WacomPen - ok
00:32:01.0335 0x1050 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
00:32:01.0379 0x1050 Wanarp - ok
00:32:01.0384 0x1050 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:32:01.0414 0x1050 Wanarpv6 - ok
00:32:01.0455 0x1050 [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:32:01.0494 0x1050 wcncsvc - ok
00:32:01.0562 0x1050 [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:32:01.0616 0x1050 WcsPlugInService - ok
00:32:01.0656 0x1050 [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd C:\Windows\system32\drivers\wd.sys
00:32:01.0674 0x1050 Wd - ok
00:32:01.0834 0x1050 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:32:01.0909 0x1050 Wdf01000 - ok
00:32:01.0974 0x1050 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:32:02.0025 0x1050 WdiServiceHost - ok
00:32:02.0032 0x1050 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:32:02.0076 0x1050 WdiSystemHost - ok
00:32:02.0132 0x1050 [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient C:\Windows\System32\webclnt.dll
00:32:02.0170 0x1050 WebClient - ok
00:32:02.0201 0x1050 [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:32:02.0282 0x1050 Wecsvc - ok
00:32:02.0329 0x1050 [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:32:02.0367 0x1050 wercplsupport - ok
00:32:02.0404 0x1050 [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc C:\Windows\System32\WerSvc.dll
00:32:02.0454 0x1050 WerSvc - ok
00:32:02.0516 0x1050 [ 3344B5C3209E538291398FF12F895155, 7F725285347D73C28B522CF38F78C7C5F7ED360948133E58D14D71D45DB71720 ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
00:32:02.0658 0x1050 winachsf - ok
00:32:02.0714 0x1050 [ 3FA87D56769838AAC82FAFC3E78FC732, E1D942D59A7EDB1768D39D87D637C6F87C84711D0776FF2C69161350D037663B ] winbondcir C:\Windows\system32\DRIVERS\winbondcir.sys
00:32:02.0758 0x1050 winbondcir - ok
00:32:02.0880 0x1050 [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
00:32:02.0923 0x1050 WinDefend - ok
00:32:02.0939 0x1050 WinHttpAutoProxySvc - ok
00:32:03.0024 0x1050 [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:32:03.0062 0x1050 Winmgmt - ok
00:32:03.0185 0x1050 [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
00:32:03.0330 0x1050 WinRM - ok
00:32:03.0424 0x1050 [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc C:\Windows\System32\wlansvc.dll
00:32:03.0558 0x1050 Wlansvc - ok
00:32:03.0623 0x1050 [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
00:32:03.0663 0x1050 WmiAcpi - ok
00:32:03.0698 0x1050 [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:32:03.0751 0x1050 wmiApSrv - ok
00:32:03.0963 0x1050 [ E8781CF1A4262881897444D22921A3A6, F63FD9BCE5549FC9FC788066E438CF46CFA0B1CA92D89A7CBDE6A2AA9B76754A ] WMIService C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
00:32:03.0987 0x1050 WMIService - detected UnsignedFile.Multi.Generic ( 1 )
00:32:03.0987 0x1050 WMIService ( UnsignedFile.Multi.Generic ) - warning
00:32:04.0081 0x1050 [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
00:32:04.0245 0x1050 WMPNetworkSvc - ok
00:32:04.0294 0x1050 [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:32:04.0370 0x1050 WPCSvc - ok
00:32:04.0411 0x1050 [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:32:04.0469 0x1050 WPDBusEnum - ok
00:32:04.0558 0x1050 [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
00:32:04.0611 0x1050 WpdUsb - ok
00:32:06.0043 0x1050 [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:32:06.0117 0x1050 WPFFontCache_v0400 - ok
00:32:06.0141 0x1050 [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:32:06.0188 0x1050 ws2ifsl - ok
00:32:06.0235 0x1050 [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc C:\Windows\system32\wscsvc.dll
00:32:06.0260 0x1050 wscsvc - ok
00:32:06.0265 0x1050 WSearch - ok
00:32:06.0366 0x1050 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
00:32:06.0536 0x1050 wuauserv - ok
00:32:06.0592 0x1050 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:32:06.0667 0x1050 WudfPf - ok
00:32:06.0693 0x1050 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:32:06.0719 0x1050 WUDFRd - ok
00:32:06.0756 0x1050 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:32:06.0782 0x1050 wudfsvc - ok
00:32:06.0804 0x1050 [ 2E579520E114A9CA309F13BF40AD8292, A7C926AD8E126E90F83799D907AD51F8F3C2C2799E2E2D005357DEE58B73B333 ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
00:32:06.0841 0x1050 XAudio - ok
00:32:06.0877 0x1050 [ F82FC2C30A19442B95AE554215837C46, 7CAD611D660264BB22069148DC16601D3458D1372FC1DE85BD004906E19D05B4 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
00:32:06.0924 0x1050 XAudioService - ok
00:32:06.0995 0x1050 [ 8098180B3F6C430A4E60333BC036F936, 6304EDA656039EE846B31F8DC9466EA55A6435C93CF5D5E2D81284ADF0F292C2 ] {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl
00:32:07.0022 0x1050 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok
00:32:07.0081 0x1050 ================ Scan global ===============================
00:32:07.0126 0x1050 [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
00:32:07.0166 0x1050 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
00:32:07.0230 0x1050 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
00:32:07.0403 0x1050 [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
00:32:07.0421 0x1050 [ Global ] - ok
00:32:07.0421 0x1050 ================ Scan MBR ==================================
00:32:07.0448 0x1050 [ 0DCE9A450E9979B9640D57E81152A29D ] \Device\Harddisk0\DR0
00:32:09.0626 0x1050 \Device\Harddisk0\DR0 - ok
00:32:09.0626 0x1050 ================ Scan VBR ==================================
00:32:09.0659 0x1050 [ B7A152791DB87A8141D145A757BAAB9C ] \Device\Harddisk0\DR0\Partition1
00:32:09.0663 0x1050 \Device\Harddisk0\DR0\Partition1 - ok
00:32:09.0694 0x1050 [ 0DC629C8DFB1F1E1A7B9D13847ADD93B ] \Device\Harddisk0\DR0\Partition2
00:32:09.0698 0x1050 \Device\Harddisk0\DR0\Partition2 - ok
00:32:09.0827 0x1050 AV detected via SS2: ESET Smart Security 7.0, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 7.0.302.0 ), 0x41000 ( enabled : updated )
00:32:09.0845 0x1050 FW detected via SS2: ESET Personální firewall, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 7.0.302.0 ), 0x41010 ( enabled )
00:32:09.0846 0x1050 ============================================================
00:32:09.0846 0x1050 Scan finished
00:32:09.0846 0x1050 ============================================================
00:32:09.0860 0x04e4 Detected object count: 13
00:32:09.0860 0x04e4 Actual detected object count: 13
00:32:51.0861 0x04e4 eLockService ( UnsignedFile.Multi.Generic ) - skipped by user
00:32:51.0862 0x04e4 eLockService ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:32:51.0864 0x04e4 eNet Service ( UnsignedFile.Multi.Generic ) - skipped by user
00:32:51.0864 0x04e4 eNet Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:32:51.0866 0x04e4 eRecoveryService ( UnsignedFile.Multi.Generic ) - skipped by user
00:32:51.0866 0x04e4 eRecoveryService ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:32:51.0867 0x04e4 eSettingsService ( UnsignedFile.Multi.Generic ) - skipped by user
00:32:51.0867 0x04e4 eSettingsService ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:32:51.0869 0x04e4 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
00:32:51.0869 0x04e4 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:32:51.0869 0x04e4 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
00:32:51.0869 0x04e4 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:32:51.0872 0x04e4 MDM ( UnsignedFile.Multi.Generic ) - skipped by user
00:32:51.0872 0x04e4 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:32:51.0874 0x04e4 NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user
00:32:51.0874 0x04e4 NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:32:51.0875 0x04e4 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
00:32:51.0875 0x04e4 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:32:51.0877 0x04e4 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
00:32:51.0877 0x04e4 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:32:51.0879 0x04e4 TVECapSvc ( UnsignedFile.Multi.Generic ) - skipped by user
00:32:51.0879 0x04e4 TVECapSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:32:51.0880 0x04e4 TVESched ( UnsignedFile.Multi.Generic ) - skipped by user
00:32:51.0880 0x04e4 TVESched ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:32:51.0882 0x04e4 WMIService ( UnsignedFile.Multi.Generic ) - skipped by user
00:32:51.0882 0x04e4 WMIService ( UnsignedFile.Multi.Generic ) - User select action: Skip


(the end)

[Márty84]

Aktualizujem skener
Smazte RSIT a slozku C:\Program Files\trend micro , pokud ji najdete.
Pak stahnete nove RSIT http://images.malwareremoval.com/random/RSIT.exe a dejte log z nej.



Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[martivan]

ještě mě tak napadá taková jedna BFU otázka... mám tyhle akce vykonávat se smazaným nebo ponechaným tím falešným profilem? (průběžně ho mažu, když se po připojení k netu vždycky znova objeví)

[martivan]

log z aktualizovaného RSITu:

Logfile of random's system information tool 1.09 (written by random/random)
Run by GM at 2014-02-04 13:18:20
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 2 GB (2%) free of 114 GB
Total RAM: 3070 MB (63% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1464193139-767828990-2745750160-1000Core1ce81294d8ec796.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1464193139-767828990-2745750160-1000UA1ce8129508cec66.job
C:\Windows\tasks\Malwarebytes Anti-Exploit.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Windows\system32\ActiveToolBand.dll [2007-04-25 299008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-04-25 151552]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-05-09 865840]
"Acer Tour"= []
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-09-04 4702208]
"eRecoveryService"= []
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-06-26 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-06-26 8433664]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-06-26 81920]
"WPCUMI"=C:\Windows\system32\WpcUmi.exe [2006-11-02 176128]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2011-03-14 2565520]
"CanonSolutionMenuEx"=C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [2011-08-04 1612920]
"IJNetworkScannerSelectorEX"=C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2011-01-15 452016]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"Skytel"=C:\Windows\Skytel.exe [2007-09-04 1826816]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5110672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-11-14 20584608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder]
C:\Acer\AcerTour\Reminder.exe [2007-08-01 151552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2011-03-14 2565520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-04-25 457216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Magdalena\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-16 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2007-07-31 707080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPService]
C:\Program Files\Acer Arcade Deluxe\SportsCap\Kernel\MagicSports\MSPMirage.exe [2007-02-13 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2013-04-19 1090912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe [2007-05-24 206952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Search Protection]
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetPanel]
C:\Acer\APanel\APanel.cmd []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng]
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe /a /m C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVEService]
C:\Program Files\Acer Arcade Deluxe\TV Joy\TVEService.exe [2007-07-27 151552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk]
C:\PROGRA~1\Acer\ACERVC~1\AcerVCM.exe [2007-04-27 1208320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
C:\Acer\EMPOWE~1\EAPLAU~1.EXE [2007-04-14 535336]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mbamchameleon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.l3codecp"=
"VIDC.FPS1"=frapsvid.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2014-02-04 13:18:20 ----D---- C:\Program Files\trend micro
2014-02-04 00:28:54 ----A---- C:\TDSSKiller.3.0.0.19_04.02.2014_00.28.54_log.txt
2014-02-04 00:27:50 ----A---- C:\TDSSKiller.3.0.0.19_04.02.2014_00.27.50_log.txt
2014-02-03 22:44:35 ----D---- C:\Users\GM\AppData\Roaming\WinRAR
2014-02-03 22:44:01 ----A---- C:\TDSSKiller.2.8.16.0_03.02.2014_22.44.01_log.txt
2014-02-02 00:04:27 ----A---- C:\Kaspersky_scan.txt
2014-02-02 00:03:48 ----D---- C:\Program Files\Nová složka (2)
2014-02-02 00:03:39 ----D---- C:\Program Files\Nová složka
2014-02-01 23:20:15 ----D---- C:\ProgramData\Kaspersky Lab
2014-02-01 16:36:45 ----D---- C:\Program Files\CleanUp!
2014-02-01 02:21:19 ----D---- C:\Program Files\Sifrovani
2014-01-31 02:50:37 ----SHD---- C:\$RECYCLE.BIN
2014-01-31 02:16:41 ----SD---- C:\ComboFix
2014-01-30 23:20:27 ----A---- C:\Windows\zip.exe
2014-01-30 23:20:27 ----A---- C:\Windows\SWSC.exe
2014-01-30 23:20:27 ----A---- C:\Windows\SWREG.exe
2014-01-30 23:20:27 ----A---- C:\Windows\sed.exe
2014-01-30 23:20:27 ----A---- C:\Windows\PEV.exe
2014-01-30 23:20:27 ----A---- C:\Windows\NIRCMD.exe
2014-01-30 23:20:27 ----A---- C:\Windows\MBR.exe
2014-01-30 23:20:27 ----A---- C:\Windows\grep.exe
2014-01-29 23:14:09 ----D---- C:\Program Files\Foxit Software
2014-01-28 21:24:04 ----D---- C:\Users\GM\AppData\Roaming\Razor
2014-01-23 21:11:25 ----D---- C:\ProgramData\{CC71B1CB-A2E4-4CF7-8EDB-A0E290BA1604}
2014-01-21 19:54:44 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-21 19:46:32 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-01-21 19:42:25 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-01-21 06:56:16 ----D---- C:\Qoobox
2014-01-21 06:55:43 ----D---- C:\Windows\erdnt
2014-01-21 06:53:19 ----A---- C:\Windows\system32\msvcr100d.dll
2014-01-21 06:53:19 ----A---- C:\Windows\system32\msvcp100d.dll
2014-01-21 06:53:18 ----D---- C:\Program Files\Malwarebytes Anti-Exploit
2014-01-21 06:47:04 ----A---- C:\Windows\ntbtlog.txt
2014-01-21 00:55:18 ----A---- C:\Windows\system32\javaws.exe
2014-01-21 00:54:37 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-01-21 00:54:37 ----A---- C:\Windows\system32\javaw.exe
2014-01-21 00:54:37 ----A---- C:\Windows\system32\java.exe
2014-01-20 02:12:02 ----D---- C:\ProgramData\ESET
2014-01-20 01:47:26 ----D---- C:\Program Files\Dropbox
2014-01-17 00:19:08 ----D---- C:\rsit
2014-01-13 22:34:53 ----A---- C:\Users\GM\AppData\Roaming\nvModes.dat
2014-01-11 23:43:53 ----D---- C:\Program Files\GIMP 2
2014-01-04 23:38:48 ----D---- C:\Program Files\Miranda IM
2013-12-20 22:32:15 ----A---- C:\Windows\system32\XAudio2_7.dll
2013-12-20 22:32:15 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2013-12-20 22:32:15 ----A---- C:\Windows\system32\xactengine3_7.dll
2013-12-20 22:32:15 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2013-12-20 22:32:14 ----A---- C:\Windows\system32\d3dx11_43.dll
2013-12-20 22:32:14 ----A---- C:\Windows\system32\d3dx10_43.dll
2013-12-20 22:32:14 ----A---- C:\Windows\system32\d3dcsx_43.dll
2013-12-20 22:32:13 ----A---- C:\Windows\system32\D3DX9_43.dll
2013-12-20 22:32:12 ----A---- C:\Windows\system32\XAudio2_6.dll
2013-12-20 22:32:12 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2013-12-20 22:32:12 ----A---- C:\Windows\system32\xactengine3_6.dll
2013-12-20 22:32:12 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2013-12-20 22:32:11 ----A---- C:\Windows\system32\XAudio2_5.dll
2013-12-20 22:32:11 ----A---- C:\Windows\system32\xactengine3_5.dll
2013-12-20 22:32:11 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2013-12-20 22:32:10 ----A---- C:\Windows\system32\d3dcsx_42.dll
2013-12-20 22:32:09 ----A---- C:\Windows\system32\d3dx11_42.dll
2013-12-20 22:32:09 ----A---- C:\Windows\system32\d3dx10_42.dll
2013-12-20 22:32:08 ----A---- C:\Windows\system32\D3DX9_42.dll
2013-12-20 22:32:08 ----A---- C:\Windows\system32\d3dx10_41.dll
2013-12-20 22:32:08 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2013-12-20 22:32:07 ----A---- C:\Windows\system32\D3DX9_41.dll
2013-12-20 22:32:06 ----A---- C:\Windows\system32\XAudio2_4.dll
2013-12-20 22:32:06 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2013-12-20 22:32:06 ----A---- C:\Windows\system32\xactengine3_4.dll
2013-12-20 22:32:06 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2013-12-20 22:32:05 ----A---- C:\Windows\system32\d3dx10_40.dll
2013-12-20 22:32:05 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2013-12-20 22:32:04 ----A---- C:\Windows\system32\XAudio2_3.dll
2013-12-20 22:32:04 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2013-12-20 22:32:04 ----A---- C:\Windows\system32\D3DX9_40.dll
2013-12-20 22:32:03 ----A---- C:\Windows\system32\XAudio2_2.dll
2013-12-20 22:32:03 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2013-12-20 22:32:03 ----A---- C:\Windows\system32\xactengine3_3.dll
2013-12-20 22:32:03 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2013-12-20 22:32:02 ----A---- C:\Windows\system32\xactengine3_2.dll
2013-12-20 22:32:02 ----A---- C:\Windows\system32\d3dx10_39.dll
2013-12-20 22:32:02 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2013-12-20 22:32:01 ----A---- C:\Windows\system32\D3DX9_39.dll
2013-12-20 22:32:00 ----A---- C:\Windows\system32\XAudio2_1.dll
2013-12-20 22:32:00 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2013-12-20 22:32:00 ----A---- C:\Windows\system32\xactengine3_1.dll
2013-12-20 22:32:00 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2013-12-20 22:31:59 ----A---- C:\Windows\system32\D3DX9_38.dll
2013-12-20 22:31:59 ----A---- C:\Windows\system32\d3dx10_38.dll
2013-12-20 22:31:59 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2013-12-20 22:31:57 ----A---- C:\Windows\system32\XAudio2_0.dll
2013-12-20 22:31:57 ----A---- C:\Windows\system32\xactengine3_0.dll
2013-12-20 22:31:57 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2013-12-20 22:31:57 ----A---- C:\Windows\system32\d3dx10_37.dll
2013-12-20 22:31:57 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2013-12-20 22:31:56 ----A---- C:\Windows\system32\xactengine2_10.dll
2013-12-20 22:31:56 ----A---- C:\Windows\system32\D3DX9_37.dll
2013-12-20 22:31:55 ----A---- C:\Windows\system32\d3dx10_36.dll
2013-12-20 22:31:55 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2013-12-20 22:31:54 ----A---- C:\Windows\system32\xactengine2_9.dll
2013-12-20 22:31:54 ----A---- C:\Windows\system32\d3dx9_36.dll
2013-12-20 22:31:53 ----A---- C:\Windows\system32\d3dx10_35.dll
2013-12-20 22:31:53 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2013-12-20 22:31:52 ----A---- C:\Windows\system32\xactengine2_8.dll
2013-12-20 22:31:52 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2013-12-20 22:31:52 ----A---- C:\Windows\system32\d3dx9_35.dll
2013-12-20 22:31:51 ----A---- C:\Windows\system32\d3dx10_34.dll
2013-12-20 22:31:51 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2013-12-20 22:31:50 ----A---- C:\Windows\system32\xinput1_3.dll
2013-12-20 22:31:50 ----A---- C:\Windows\system32\xactengine2_7.dll
2013-12-20 22:31:50 ----A---- C:\Windows\system32\d3dx9_34.dll
2013-12-20 22:31:49 ----A---- C:\Windows\system32\d3dx10_33.dll
2013-12-20 22:31:49 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2013-12-20 22:31:48 ----A---- C:\Windows\system32\xactengine2_6.dll
2013-12-20 22:31:48 ----A---- C:\Windows\system32\xactengine2_5.dll
2013-12-20 22:31:48 ----A---- C:\Windows\system32\d3dx9_33.dll
2013-12-20 22:31:47 ----A---- C:\Windows\system32\d3dx10.dll
2013-12-20 22:31:46 ----A---- C:\Windows\system32\xactengine2_4.dll
2013-12-20 22:31:46 ----A---- C:\Windows\system32\x3daudio1_1.dll
2013-12-20 22:31:46 ----A---- C:\Windows\system32\d3dx9_32.dll
2013-12-20 22:31:45 ----A---- C:\Windows\system32\xinput1_2.dll
2013-12-20 22:31:45 ----A---- C:\Windows\system32\xactengine2_3.dll
2013-12-20 22:31:45 ----A---- C:\Windows\system32\d3dx9_31.dll
2013-12-20 22:31:44 ----A---- C:\Windows\system32\xactengine2_2.dll
2013-12-20 22:31:42 ----A---- C:\Windows\system32\xinput1_1.dll
2013-12-20 22:31:42 ----A---- C:\Windows\system32\xactengine2_1.dll
2013-12-20 22:31:35 ----A---- C:\Windows\system32\d3dx9_30.dll
2013-12-20 22:31:34 ----A---- C:\Windows\system32\xactengine2_0.dll
2013-12-20 22:31:34 ----A---- C:\Windows\system32\x3daudio1_0.dll
2013-12-20 22:31:33 ----A---- C:\Windows\system32\d3dx9_29.dll
2013-12-20 22:31:33 ----A---- C:\Windows\system32\d3dx9_28.dll
2013-12-20 22:31:32 ----A---- C:\Windows\system32\d3dx9_27.dll
2013-12-20 22:31:31 ----A---- C:\Windows\system32\d3dx9_26.dll
2013-12-20 22:31:30 ----A---- C:\Windows\system32\d3dx9_25.dll
2013-12-20 22:31:29 ----A---- C:\Windows\system32\d3dx9_24.dll
2013-12-20 19:56:36 ----D---- C:\Windows\Migration
2013-12-12 15:03:32 ----A---- C:\Windows\system32\mshtmled.dll
2013-12-12 15:03:31 ----A---- C:\Windows\system32\vbscript.dll
2013-12-12 15:03:30 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-12 15:03:30 ----A---- C:\Windows\system32\ieui.dll
2013-12-12 15:03:29 ----A---- C:\Windows\system32\wininet.dll
2013-12-12 15:03:29 ----A---- C:\Windows\system32\msfeeds.dll
2013-12-12 15:03:29 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-12 15:03:28 ----A---- C:\Windows\system32\url.dll
2013-12-12 15:03:28 ----A---- C:\Windows\system32\jscript9.dll
2013-12-12 15:03:28 ----A---- C:\Windows\system32\jscript.dll
2013-12-12 15:03:28 ----A---- C:\Windows\system32\iertutil.dll
2013-12-12 15:03:27 ----A---- C:\Windows\system32\urlmon.dll
2013-12-12 15:03:26 ----A---- C:\Windows\system32\mshtml.dll
2013-12-12 15:03:25 ----A---- C:\Windows\system32\ieframe.dll
2013-12-12 10:15:49 ----A---- C:\Windows\system32\win32k.sys
2013-12-12 10:15:47 ----A---- C:\Windows\system32\SysFxUI.dll
2013-12-12 10:15:47 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-12 10:15:47 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-12 10:15:44 ----A---- C:\Windows\system32\wshcon.dll
2013-12-12 10:15:44 ----A---- C:\Windows\system32\wscript.exe
2013-12-12 10:15:44 ----A---- C:\Windows\system32\scrrun.dll
2013-12-12 10:15:44 ----A---- C:\Windows\system32\cscript.exe
2013-12-12 10:15:43 ----A---- C:\Windows\system32\imagehlp.dll
2013-11-13 02:54:43 ----A---- C:\Windows\system32\gdi32.dll
2013-11-13 02:54:41 ----A---- C:\Windows\system32\crypt32.dll
2013-11-13 02:54:18 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-11-13 02:54:17 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-11-10 22:31:38 ----D---- C:\Users\GM\AppData\Roaming\GHISLER
2013-11-10 22:31:17 ----D---- C:\Users\GM\AppData\Roaming\Skype
2013-11-10 22:30:58 ----D---- C:\ProgramData\T-Mobile
2013-11-10 22:30:23 ----D---- C:\Users\GM\AppData\Roaming\T-Mobile
2013-11-10 22:30:21 ----D---- C:\Users\GM\AppData\Roaming\Canon
2013-11-09 01:51:04 ----A---- C:\Windows\system32\NCTWMAFile2.dll
2013-11-09 01:51:04 ----A---- C:\Windows\system32\NCTTextToAudio2.dll
2013-11-09 01:51:04 ----A---- C:\Windows\system32\NCTAudioVisualization2.dll
2013-11-09 01:51:04 ----A---- C:\Windows\system32\NCTAudioTransform2.dll
2013-11-09 01:51:04 ----A---- C:\Windows\system32\NCTAudioRecord2.dll
2013-11-09 01:51:03 ----A---- C:\Windows\system32\NCTAudioPlayer2.dll
2013-11-09 01:51:03 ----A---- C:\Windows\system32\NCTAudioInformation2.dll
2013-11-09 01:51:03 ----A---- C:\Windows\system32\NCTAudioFile2.dll
2013-11-09 01:51:03 ----A---- C:\Windows\system32\NCTAudioEditor2.dll
2013-11-09 01:51:03 ----A---- C:\Windows\system32\NCTAudioDesign2.dll
2013-11-09 01:51:03 ----A---- C:\Windows\system32\NCTAudioCDGrabber2.dll
2013-11-09 01:50:58 ----D---- C:\Program Files\Audio Editor Deluxe

======List of files/folders modified in the last 3 months======

2014-02-04 13:18:20 ----RD---- C:\Program Files
2014-02-04 13:18:20 ----D---- C:\Windows\Prefetch
2014-02-04 13:17:40 ----D---- C:\Windows\Temp
2014-02-04 10:53:18 ----D---- C:\Windows\System32
2014-02-04 10:53:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-04 10:53:17 ----D---- C:\Windows\inf
2014-02-04 10:51:01 ----D---- C:\Windows\Tasks
2014-02-04 10:51:01 ----D---- C:\Windows\system32\Tasks
2014-02-04 10:41:01 ----SHD---- C:\System Volume Information
2014-02-04 00:28:59 ----D---- C:\Windows\system32\drivers
2014-02-02 00:04:06 ----D---- C:\Program Files\ScanSoft
2014-02-01 23:20:15 ----D---- C:\ProgramData
2014-01-31 10:32:51 ----HD---- C:\Windows\system32\GroupPolicyUsers
2014-01-31 02:17:27 ----D---- C:\Windows
2014-01-30 21:42:15 ----SHD---- C:\Windows\Installer
2014-01-30 21:42:14 ----D---- C:\ProgramData\Skype
2014-01-30 21:42:12 ----RD---- C:\Program Files\Skype
2014-01-29 23:06:16 ----D---- C:\Program Files\Common Files\Adobe
2014-01-29 23:06:14 ----D---- C:\ProgramData\Adobe
2014-01-25 19:24:49 ----SD---- C:\Users\GM\AppData\Roaming\Microsoft
2014-01-23 10:36:25 ----D---- C:\Windows\system32\catroot2
2014-01-21 19:37:32 ----D---- C:\Windows\Panther
2014-01-21 15:33:15 ----D---- C:\Windows\system32\wbem
2014-01-21 01:02:09 ----D---- C:\ProgramData\Oracle
2014-01-21 00:54:33 ----D---- C:\Program Files\Java
2014-01-20 02:14:22 ----D---- C:\Windows\system32\catroot
2014-01-16 22:10:18 ----RD---- C:\Users
2014-01-16 09:36:18 ----D---- C:\Program Files\stinger
2014-01-15 22:59:58 ----D---- C:\ProgramData\HappyCloud
2014-01-15 15:53:41 ----D---- C:\Windows\system32\MRT
2014-01-15 15:44:50 ----A---- C:\Windows\system32\mrt.exe
2014-01-06 00:28:41 ----D---- C:\Windows\system32\drivers\UMDF
2013-12-30 04:58:33 ----D---- C:\Windows\Minidump
2013-12-20 22:31:42 ----RSD---- C:\Windows\assembly
2013-12-20 22:30:15 ----D---- C:\Windows\winsxs
2013-12-20 22:15:52 ----HD---- C:\Program Files\InstallShield Installation Information
2013-12-20 20:10:55 ----D---- C:\Windows\Microsoft.NET
2013-12-20 19:56:36 ----SD---- C:\ProgramData\Microsoft
2013-12-18 06:13:56 ----N---- C:\Windows\system32\MpSigStub.exe
2013-12-12 15:37:19 ----D---- C:\Windows\system32\migration
2013-12-12 15:37:15 ----D---- C:\Program Files\Internet Explorer
2013-12-12 15:36:55 ----D---- C:\Windows\system32\RTCOM
2013-12-10 01:57:25 ----D---- C:\Program Files\T-Mobile
2013-12-03 13:11:12 ----D---- C:\Windows\ModemLogs
2013-11-18 18:34:21 ----D---- C:\Windows\system32\config
2013-11-18 18:34:13 ----D---- C:\Windows\system32\spool
2013-11-18 18:34:12 ----D---- C:\Windows\registration
2013-11-18 09:55:40 ----D---- C:\Games
2013-11-16 10:11:46 ----D---- C:\Windows\rescache
2013-11-16 09:50:47 ----D---- C:\Windows\system32\cs-CZ
2013-11-10 00:23:56 ----AD---- C:\ProgramData\TEMP

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 49240]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2007-02-12 277784]
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2007-04-25 20776]
R0 PSDNServ;PSDNSERVER; C:\Windows\system32\drivers\PSDNServ.sys [2007-04-25 16680]
R0 psdvdisk;psdvdisk; C:\Windows\system32\drivers\psdvdisk.sys [2007-04-25 60712]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 188808]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 134248]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 37416]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Program Files\Malwarebytes Anti-Exploit\MBAE.sys [2013-12-17 44632]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl [2006-11-02 13560]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 174400]
R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2007-06-26 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-03-21 37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-06-26 8704]
R3 A310;AVerMedia A310 DVB-T; C:\Windows\system32\DRIVERS\AVerA310USB.sys [2007-07-10 26368]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-02-08 179712]
R3 BDASwCap;AVerMedia A310 BDA DVBT Capture Device; C:\Windows\system32\drivers\AVerA310Cap.sys [2007-07-10 42240]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2007-07-31 21264]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-06-26 984064]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-06-26 208384]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2011-01-30 73216]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-09-04 1950552]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-08-16 6144]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-06-26 7120768]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-06-12 1729152]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-05-09 185392]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-06-26 660480]
R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2007-04-19 43008]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S3 Axtmvflt;Axesstel USB Filter Service; C:\Windows\system32\DRIVERS\Axtmvflt.sys [2007-09-20 3456]
S3 Axtmvmdm;Axesstel USB Modem; C:\Windows\system32\DRIVERS\Axtmvmdm.sys [2007-09-20 40064]
S3 Axtmvprt;Axesstel Diagnostic Port; C:\Windows\System32\Drivers\Axtmvprt.sys [2007-09-20 38784]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
S3 BthPort;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-03-29 79664]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-02-27 81200]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-02-27 16432]
S3 catchme;catchme; \??\C:\Users\GM\AppData\Local\Temp\catchme.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 Dot4Scan;Ovladač třídy skeneru standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Scan.sys [2008-01-19 10752]
S3 dot4usb;Filtr Dot4USB Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 11136]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2011-02-25 90368]
S3 huawei_cdcecm;huawei_cdcecm; C:\Windows\system32\DRIVERS\ew_jucdcecm.sys [2011-01-30 64384]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2011-01-30 26624]
S3 mbamchameleon;mbamchameleon; \??\C:\Windows\system32\drivers\mbamchameleon.sys [2014-01-21 74456]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-01-22 104664]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw4v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-02-24 2216448]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2013-01-23 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2013-01-23 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2013-01-23 137600]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2013-01-23 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2013-01-23 8192]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2013-09-12 1337752]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-10-16 860160]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-02-12 355096]
R2 MbnExt;Mobile Broadband Extension Service; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-10-16 466944]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-06-26 386560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-03-07 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-04-25 457512]
S3 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2007-04-23 24576]
S3 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2007-06-13 135168]
S3 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-07-03 53248]
S3 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-06-28 24576]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-03-07 116648]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
S3 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-23 266343]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 TVECapSvc;TVEnhance Background Capture Service (TBCS); C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVECapSvc.exe [2007-07-27 286820]
S3 TVESched;TVEnhance Task Scheduler (TTS)); C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVESched.exe [2007-07-27 110682]
S3 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-06-13 167936]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S4 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[Márty84]

mám tyhle akce vykonávat se smazaným nebo ponechaným tím falešným profilem?

To je jedno Je treba najit pricinu toho. A ta tam nekde musi byt, i kdyz ho smazete.

[martivan]

OTL log 1 (part 1)

OTL logfile created on: 4.2.2014 14:53:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Magdalena\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 1,61 Gb Available Physical Memory | 53,69% Memory free
4,90 Gb Paging File | 3,48 Gb Available in Paging File | 70,93% Paging File free
Paging file location(s): c:\pagefile.sys 2048 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,69 Gb Total Space | 2,33 Gb Free Space | 2,09% Space Free | Partition Type: NTFS
Drive D: | 108,20 Gb Total Space | 4,89 Gb Free Space | 4,52% Space Free | Partition Type: NTFS

Computer Name: MAGDALENA-ACER | User Name: GM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.02.04 13:22:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Magdalena\Desktop\OTL.exe
PRC - [2014.02.04 10:50:45 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Magdalena\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2014.01.23 06:57:02 | 000,866,584 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013.12.17 10:14:14 | 001,616,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe
PRC - [2013.09.12 12:06:22 | 001,337,752 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2013.09.12 12:06:06 | 005,110,672 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2011.03.14 18:09:00 | 002,565,520 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2011.01.15 15:48:44 | 000,452,016 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.10.16 17:26:20 | 000,860,160 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2008.10.16 16:54:34 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2007.09.04 11:39:00 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.03.29 13:11:50 | 000,719,664 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007.02.12 14:38:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe


========== Modules (No Company Name) ==========

MOD - [2014.01.23 06:57:00 | 000,399,640 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.102\ppgooglenaclpluginchrome.dll
MOD - [2014.01.23 06:56:56 | 004,055,320 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.102\pdf.dll
MOD - [2014.01.23 06:55:58 | 001,634,584 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.102\ffmpegsumo.dll
MOD - [2007.03.29 13:02:48 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2007.03.29 12:42:38 | 000,389,120 | ---- | M] () -- C:\Windows\System32\btwhidcs.dll


========== Services (SafeList) ==========

SRV - [2013.12.02 18:34:54 | 000,417,128 | ---- | M] (Gemfor s.r.o.) [Auto | Running] -- C:\Program Files\T-Mobile\Web'n'walk Manager\MbnExt.dll -- (MbnExt)
SRV - [2013.09.12 12:06:22 | 001,337,752 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2013.09.05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.04.18 10:06:42 | 000,737,616 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.10.10 11:55:04 | 000,085,344 | ---- | M] (Software602 a.s.) [On_Demand | Stopped] -- C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe -- (602XML Updater)
SRV - [2008.10.16 17:26:20 | 000,860,160 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008.10.16 16:54:34 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008.01.19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.07.27 15:30:58 | 000,286,820 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVECapSvc.exe -- (TVECapSvc)
SRV - [2007.07.27 15:30:58 | 000,110,682 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVESched.exe -- (TVESched)
SRV - [2007.07.03 10:40:10 | 000,053,248 | ---- | M] (Acer Inc.) [On_Demand | Stopped] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2007.06.28 17:50:52 | 000,024,576 | ---- | M] () [On_Demand | Stopped] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007.06.13 15:54:36 | 000,135,168 | R--- | M] (Acer Inc.) [On_Demand | Stopped] -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service)
SRV - [2007.06.13 11:23:54 | 000,167,936 | ---- | M] (acer) [On_Demand | Stopped] -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService)
SRV - [2007.04.25 15:34:30 | 000,457,512 | ---- | M] (HiTRSUT) [On_Demand | Stopped] -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service)
SRV - [2007.04.23 08:53:48 | 000,024,576 | ---- | M] (Acer Inc.) [On_Demand | Stopped] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService)
SRV - [2007.02.12 14:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2006.11.24 11:57:54 | 000,107,008 | ---- | M] () [On_Demand | Stopped] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\GM\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2014.01.22 16:05:43 | 000,104,664 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2014.01.21 19:46:32 | 000,074,456 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV - [2013.12.17 10:14:14 | 000,044,632 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys -- (ESProtectionDriver)
DRV - [2013.09.17 15:17:38 | 000,188,808 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2013.09.17 15:17:38 | 000,174,400 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2013.09.17 15:17:38 | 000,134,248 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2013.09.17 15:17:38 | 000,049,240 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2013.09.17 15:17:38 | 000,037,416 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV - [2013.01.23 09:31:52 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2013.01.23 09:31:50 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2013.01.23 09:31:50 | 000,018,560 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2013.01.23 09:31:50 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2013.01.23 09:31:50 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2012.10.17 13:53:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2011.02.25 17:02:26 | 000,090,368 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - [2011.01.30 17:19:00 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2011.01.30 17:19:00 | 000,064,384 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jucdcecm.sys -- (huawei_cdcecm)
DRV - [2011.01.30 17:19:00 | 000,026,624 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV - [2010.07.27 08:52:02 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2010.03.20 11:06:58 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - [2008.11.17 07:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2007.09.20 03:46:08 | 000,003,456 | ---- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Axtmvflt.sys -- (Axtmvflt)
DRV - [2007.09.20 03:46:04 | 000,040,064 | ---- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Axtmvmdm.sys -- (Axtmvmdm)
DRV - [2007.09.20 03:46:02 | 000,038,784 | ---- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Axtmvprt.sys -- (Axtmvprt)
DRV - [2007.07.10 03:16:00 | 000,042,240 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVerA310Cap.sys -- (BDASwCap)
DRV - [2007.07.10 03:16:00 | 000,026,368 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVerA310USB.sys -- (A310)
DRV - [2007.06.26 08:33:00 | 007,120,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007.06.26 08:33:00 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.06.12 10:38:26 | 001,729,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2007.04.19 08:09:00 | 000,043,008 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winbondcir.sys -- (winbondcir)
DRV - [2007.03.21 21:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007.02.24 23:14:00 | 002,216,448 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2007.02.24 13:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007.01.23 15:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006.12.07 18:12:02 | 000,076,584 | ---- | M] () [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2006.11.02 16:51:58 | 000,013,560 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://cs.intl.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
IE - HKLM\..\SearchScopes,DefaultScope = {DECA3892-BA8F-44b8-A993-A466AD694AE4}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://global.acer.com [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@software602.cz/602XML Filler: C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014.01.20 02:13:06 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - Extension: Dokumenty Google = C:\Users\GM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\GM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\GM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\GM\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Users\GM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\GM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2014.01.31 16:02:12 | 000,000,741 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\System32\ActiveToolBand.dll (HiTRUST)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O4 - HKLM..\Run: [Acer Tour] File not found
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.125.123
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2C61B2E9-6827-468B-8181-F435F0656109}: DhcpNameServer = 192.168.125.123
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6C3702EE-F40B-4C13-8761-E4880E8FCA6E}: DhcpNameServer = 192.168.125.123
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - File not found
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.02.04 13:18:20 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.02.03 22:44:35 | 000,000,000 | ---D | C] -- C:\Users\GM\AppData\Roaming\WinRAR
[2014.02.02 00:03:48 | 000,000,000 | ---D | C] -- C:\Program Files\Nová složka (2)
[2014.02.02 00:03:39 | 000,000,000 | ---D | C] -- C:\Program Files\Nová složka
[2014.02.01 23:20:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2014.02.01 16:36:51 | 000,000,000 | ---D | C] -- C:\Users\GM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CleanUp!
[2014.02.01 16:36:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CleanUp!
[2014.02.01 16:36:45 | 000,000,000 | ---D | C] -- C:\Program Files\CleanUp!
[2014.02.01 02:21:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Šifrování
[2014.02.01 02:21:19 | 000,000,000 | ---D | C] -- C:\Program Files\Sifrovani
[2014.01.31 03:04:56 | 000,000,000 | ---D | C] -- C:\Users\GM\Desktop\RK_Quarantine
[2014.01.31 02:50:37 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014.01.31 02:16:41 | 000,000,000 | --SD | C] -- C:\ComboFix
[2014.01.30 23:20:27 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014.01.30 23:20:27 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014.01.30 23:20:27 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014.01.29 23:14:09 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software
[2014.01.28 21:24:04 | 000,000,000 | ---D | C] -- C:\Users\GM\AppData\Roaming\Razor
[2014.01.23 21:11:25 | 000,000,000 | ---D | C] -- C:\ProgramData\{CC71B1CB-A2E4-4CF7-8EDB-A0E290BA1604}
[2014.01.21 19:54:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014.01.21 19:46:32 | 000,074,456 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014.01.21 19:42:25 | 000,104,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014.01.21 06:56:16 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014.01.21 06:55:43 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014.01.21 06:53:19 | 001,498,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr100d.dll
[2014.01.21 06:53:19 | 000,743,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp100d.dll
[2014.01.21 06:53:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
[2014.01.21 06:53:18 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Exploit
[2014.01.21 00:55:18 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014.01.21 00:54:37 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014.01.21 00:54:37 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014.01.21 00:54:37 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014.01.21 00:54:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014.01.20 02:12:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2014.01.20 02:12:02 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2014.01.20 01:47:26 | 000,000,000 | ---D | C] -- C:\Program Files\Dropbox
[2014.01.17 00:19:08 | 000,000,000 | ---D | C] -- C:\rsit
[2014.01.11 23:43:53 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.02.04 14:56:09 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.02.04 14:54:00 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1464193139-767828990-2745750160-1000UA1ce8129508cec66.job
[2014.02.04 14:46:05 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014.02.04 14:46:05 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014.02.04 14:35:00 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.02.04 12:35:02 | 000,000,942 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.02.04 10:53:18 | 000,655,342 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014.02.04 10:53:18 | 000,644,748 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014.02.04 10:53:18 | 000,144,194 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014.02.04 10:53:18 | 000,125,260 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014.02.04 10:51:01 | 000,000,508 | ---- | M] () -- C:\Windows\tasks\Malwarebytes Anti-Exploit.job
[2014.02.04 10:46:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.02.04 10:44:55 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2014.02.03 22:54:11 | 000,000,926 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1464193139-767828990-2745750160-1000Core1ce81294d8ec796.job
[2014.02.01 23:01:51 | 000,027,050 | ---- | M] () -- C:\Users\GM\AppData\Roaming\nvModes.001
[2014.02.01 23:00:53 | 000,000,644 | RHS- | M] () -- C:\Users\GM\ntuser.pol
[2014.02.01 02:21:24 | 000,000,906 | ---- | M] () -- C:\Users\GM\Desktop\Šifrování.lnk
[2014.01.22 16:05:43 | 000,104,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014.01.22 15:46:30 | 000,000,335 | ---- | M] () -- C:\local.conf
[2014.01.21 19:46:32 | 000,074,456 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014.01.21 06:53:19 | 000,000,903 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Exploit.lnk
[2014.01.14 10:58:05 | 000,027,050 | ---- | M] () -- C:\Users\GM\AppData\Roaming\nvModes.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.02.04 13:28:06 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.02.01 02:21:24 | 000,000,906 | ---- | C] () -- C:\Users\GM\Desktop\Šifrování.lnk
[2014.01.30 23:20:27 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014.01.30 23:20:27 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014.01.30 23:20:27 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014.01.30 23:20:27 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014.01.30 23:20:27 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014.01.22 15:44:50 | 000,000,335 | ---- | C] () -- C:\local.conf
[2014.01.21 06:53:19 | 000,000,903 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Exploit.lnk
[2014.01.21 06:53:19 | 000,000,508 | ---- | C] () -- C:\Windows\tasks\Malwarebytes Anti-Exploit.job
[2014.01.14 00:49:47 | 000,027,050 | ---- | C] () -- C:\Users\GM\AppData\Roaming\nvModes.001
[2014.01.13 22:34:53 | 000,027,050 | ---- | C] () -- C:\Users\GM\AppData\Roaming\nvModes.dat
[2014.01.11 23:47:44 | 000,000,886 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2012.08.03 21:10:15 | 000,000,009 | ---- | C] () -- C:\Windows\nwn.ini
[2012.08.01 22:08:18 | 000,000,526 | ---- | C] () -- C:\Windows\eReg.dat
[2011.06.24 16:17:29 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.01.31 14:46:17 | 000,005,998 | ---- | C] () -- C:\ProgramData\Yahoo! Companion
[2007.04.28 11:46:51 | 000,000,644 | RHS- | C] () -- C:\Users\GM\ntuser.pol

========== ZeroAccess Check ==========

[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

< >

< >

< MD5 for: AGP440.SYS >
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2011.01.17 02:48:37 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2011.01.17 02:48:37 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2011.01.17 02:48:37 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.19 08:33:01 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2006.11.02 10:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe

< MD5 for: CDROM.SYS >
[2008.01.19 06:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.19 06:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2013.10.03 14:16:48 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=165E9D93A84A7F55EBEEB1B554110680 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23235_none_78542a95b127239a\cryptsvc.dll
[2006.11.02 10:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
[2013.04.24 05:00:30 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=3EDE4C1F9672C972479201544969ADCB -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18831_none_77c6b0b4980cf0e4\cryptsvc.dll
[2013.04.17 13:30:06 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=58CEF2D243575512657452B9E89A2E1F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18827_none_77d7825c97ff6cfd\cryptsvc.dll
[2013.07.08 05:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=684C130BBC6DB681BAD4920A4C944AA5 -- C:\Windows\System32\cryptsvc.dll
[2013.07.08 05:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=684C130BBC6DB681BAD4920A4C944AA5 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18881_none_7790a11898357c99\cryptsvc.dll
[2008.01.19 08:34:00 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2012.04.23 17:00:53 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=75C6A297E364014840B48ECCD7525E30 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_77e34ec697f67015\cryptsvc.dll
[2013.07.08 03:50:53 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=828805E2E7F529B24849AD52740288DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23154_none_783d888db13844fe\cryptsvc.dll
[2012.04.23 15:48:06 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=C979AEA8C4D8F875CD25507D08980006 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_78447b63b1339621\cryptsvc.dll
[2013.04.17 12:28:51 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=CC8E2C87016A07892B5448D764BF8A30 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23097_none_781547d5b15603a0\cryptsvc.dll
[2012.06.02 12:09:26 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=DD9CCF40ED80DD0D62F1B607A1EA4449 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_7837de25b13bb212\cryptsvc.dll
[2012.06.02 01:02:32 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=F1E8C34892336D33EDDCDFE44E474F64 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_77bddd9098134535\cryptsvc.dll
[2009.04.11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
[2013.04.24 04:46:45 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=FBE051C07C3D2B9011ECB1C7A73120C1 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23101_none_7870974bb1126d44\cryptsvc.dll

< MD5 for: ENETHOOK.DLL >
[2007.06.13 15:53:50 | 000,090,112 | R--- | M] (acer) MD5=B6A1D439109F7294C1BE14D5DC0C41AC -- C:\Acer\Empowering Technology\eNet\eNetHook.dll
[2007.06.13 15:53:50 | 000,090,112 | R--- | M] (acer) MD5=B6A1D439109F7294C1BE14D5DC0C41AC -- C:\Windows\System32\eNetHook.dll

< MD5 for: EXPLORER.EXE >
[2011.01.17 02:47:53 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2011.01.17 02:47:52 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2011.01.17 02:47:52 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2011.01.17 03:15:48 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2011.01.17 03:15:48 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2011.01.17 02:47:52 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2009.04.11 07:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll

< MD5 for: IASTOR.SYS >
[2007.02.12 14:37:22 | 000,537,368 | ---- | M] (Intel Corporation) MD5=2EE127D5407DA3957EE54711C9AED6EC -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2007.02.12 06:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\DRV\SATA\iastor.sys
[2007.02.12 14:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\iaStor.sys
[2007.02.12 06:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\System32\drivers\iaStor.sys
[2007.02.12 14:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_1cb29a96\iaStor.sys
[2007.02.12 06:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_8f0cb06b\iaStor.sys

< MD5 for: IASTORV.SYS >
[2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2006.11.02 10:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\drivers\isapnp.sys
[2006.11.02 10:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.19 08:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008.01.19 08:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.19 08:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.19 08:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys

< MD5 for: LSASS.EXE >
[2011.01.17 02:45:34 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2011.01.17 03:11:09 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2011.01.17 02:45:34 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2011.01.17 02:32:57 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2012.06.01 23:37:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=613DEB66A91820F0A41915B40BB8833F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22869_none_a882cf8373379c5f\lsass.exe
[2006.11.02 10:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6A0E382E74280E4CC0DF17FE2661D003 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
[2011.01.17 02:45:32 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2011.11.16 15:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\System32\lsass.exe
[2011.11.16 15:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_a806cc745a10ffad\lsass.exe
[2011.11.16 15:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_a808ceee5a0f2f82\lsass.exe
[2011.01.17 02:45:33 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2011.01.17 02:32:57 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2011.01.17 02:45:35 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2011.01.17 02:45:36 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2011.01.17 03:11:08 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2011.01.17 03:11:09 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2011.01.17 02:32:55 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2011.01.17 02:32:55 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2011.01.17 02:32:55 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2011.11.16 14:57:04 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=EBFAEB786C46B407930811F94F08877D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_a8916b6f732db5f5\lsass.exe
[2011.01.17 02:32:55 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2009.04.11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009.04.11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2006.11.02 10:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2008.01.19 08:43:31 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

< MD5 for: NETLOGON.DLL >
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVRAID.SYS >
[2008.01.19 08:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.19 08:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\drivers\nvraid.sys
[2006.11.02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SMSS.EXE >
[2013.07.08 02:18:50 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=18CE0D0DCB7AF0D3E67ECF12BDE1382D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23154_none_ae7897262f9a96cf\smss.exe
[2013.03.09 02:16:53 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=44A40B18D9F6315D35F4539A41ECDE0D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23076_none_ae64f5fc2fa90438\smss.exe
[2008.01.19 08:33:31 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
[2013.05.02 02:27:42 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=AF2F8F104F119DD10AFA8B54A006F1B6 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23103_none_aeada6782f72f1c3\smss.exe
[2013.03.09 02:28:08 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=BE7480C91E89EB82FC080F772C220AE4 -- C:\Windows\System32\smss.exe
[2013.03.09 02:28:08 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=BE7480C91E89EB82FC080F772C220AE4 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18805_none_ae2630391653543e\smss.exe
[2006.11.02 10:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_aa03e6011c468ee6\smss.exe

< MD5 for: SVCHOST.EXE >
[2006.11.02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008.01.19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2013.04.04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.26 09:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2013.05.08 04:40:36 | 000,914,792 | ---- | M] (Microsoft Corporation) MD5=078218D74C4EFC2CE7E4C6DF22A94F2F -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23106_none_b59411ab7ca4df04\tcpip.sys
[2009.04.11 07:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011.09.20 22:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2011.01.17 03:16:59 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2011.01.17 03:16:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011.06.17 21:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2012.03.30 13:39:11 | 000,905,600 | ---- | M] (Microsoft Corporation) MD5=27D470DABC77BC60D0A3B0E4DEB6CB91 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_b50896786388e1d5\tcpip.sys
[2011.01.17 02:35:43 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2011.01.17 02:35:42 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2011.01.17 03:17:00 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2013.01.04 12:28:19 | 000,914,792 | ---- | M] (Microsoft Corporation) MD5=3535CD93F944C00F098E73E12EE7FEB6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23013_none_b5863efb7cafb1c9\tcpip.sys
[2011.01.17 02:35:43 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2011.01.17 02:35:44 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2011.01.17 02:44:45 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2013.05.08 05:37:21 | 000,905,576 | ---- | M] (Microsoft Corporation) MD5=548E198BAE21EFC21F8B5F0C1728AD27 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18835_none_b4e92aca63a0494d\tcpip.sys
[2011.01.17 02:44:46 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2010.06.16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2011.01.17 03:16:58 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011.06.17 21:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010.06.16 17:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2013.07.05 04:20:37 | 000,914,880 | ---- | M] (Microsoft Corporation) MD5=6D0D344F643E28B31262AC2682109A3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23152_none_b55a00e77cd1055d\tcpip.sys
[2013.01.04 12:28:18 | 000,905,576 | ---- | M] (Microsoft Corporation) MD5=74E2D020C47BB2B2FCCBA29A518A7EB4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18764_none_b4c7b8d663b986a2\tcpip.sys
[2010.06.16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011.09.20 22:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2008.04.26 09:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2011.01.17 03:16:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2011.01.17 02:35:42 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2013.07.05 05:53:33 | 000,905,664 | ---- | M] (Microsoft Corporation) MD5=D18D53974FD715D50FC76F9FFE1C830D -- C:\Windows\System32\drivers\tcpip.sys
[2013.07.05 05:53:33 | 000,905,664 | ---- | M] (Microsoft Corporation) MD5=D18D53974FD715D50FC76F9FFE1C830D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18880_none_b4ae19bc63cd564f\tcpip.sys
[2006.11.02 09:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2011.01.17 02:35:43 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2012.03.30 13:39:11 | 000,914,304 | ---- | M] (Microsoft Corporation) MD5=EE7E10BED85C312C1D5D30C435BDDA9F -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22828_none_b58096797cb31c04\tcpip.sys
[2008.01.19 08:43:39 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2011.01.17 03:16:58 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2013.04.04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.01.19 08:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Users\GM\AppData\Local\Temp\ws2_32.dll
[2008.01.19 08:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\System32\ws2_32.dll
[2008.01.19 08:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
[2006.11.02 10:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[15 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[31 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\d466afb6be5767b9d088613852f47744\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d466afb6be5767b9d088613852f47744\*.tmp -> ]
[202 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2005.08.16 08:49:12 | 000,040,960 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\junction.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.11.10 22:30:21 | 000,000,000 | ---D | M] -- C:\Users\GM\AppData\Roaming\Canon
[2007.04.28 11:48:49 | 000,000,000 | ---D | M] -- C:\Users\GM\AppData\Roaming\ESET
[2013.11.10 22:31:39 | 000,000,000 | ---D | M] -- C:\Users\GM\AppData\Roaming\GHISLER
[2007.04.28 11:47:06 | 000,000,000 | ---D | M] -- C:\Users\GM\AppData\Roaming\Identities
[2011.03.15 23:18:04 | 000,000,000 | ---D | M] -- C:\Users\GM\AppData\Roaming\Intel
[2007.04.28 11:48:41 | 000,000,000 | ---D | M] -- C:\Users\GM\AppData\Roaming\Macromedia
[2006.11.02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\GM\AppData\Roaming\Media Center Programs
[2014.01.25 19:24:49 | 000,000,000 | --SD | M] -- C:\Users\GM\AppData\Roaming\Microsoft
[2014.01.28 21:24:04 | 000,000,000 | ---D | M] -- C:\Users\GM\AppData\Roaming\Razor
[2014.02.01 23:02:14 | 000,000,000 | ---D | M] -- C:\Users\GM\AppData\Roaming\Skype
[2013.11.10 22:30:23 | 000,000,000 | ---D | M] -- C:\Users\GM\AppData\Roaming\T-Mobile
[2014.02.03 22:44:35 | 000,000,000 | ---D | M] -- C:\Users\GM\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2007.08.16 12:17:12 | 006,660,096 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2007.08.16 12:17:10 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2007.08.16 12:17:12 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2007.08.16 12:17:20 | 015,712,256 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2007.08.16 12:17:22 | 006,012,928 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.02.04 14:46:05 | 000,003,168 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014.02.04 14:46:05 | 000,003,168 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014.02.04 10:53:18 | 000,144,194 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2014.02.04 10:53:18 | 000,125,260 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2014.02.04 10:53:18 | 000,655,342 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2014.02.04 10:53:18 | 000,644,748 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2014.02.04 10:53:18 | 001,565,436 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >
[2005.08.16 08:49:12 | 000,040,960 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\junction.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.04.11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation)
"WindowsWelcomeCenter" = rundll32.exe oobefldr.dll,ShowWelcomeCenter
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2013.11.14 16:42:42 | 020,584,608 | R--- | M] (Skype Technologies S.A.)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.02.04 14:56:09 | 000,000,512 | ---- | M] () MD5=E9F764183419A6C133B42A94E6F836E4 -- C:\PhysicalMBR.bin

< >

[martivan]

OTL log (part 2)

< *crack* /s >
[2010.04.19 09:30:20 | 000,397,540 | ---- | M] () -- \Games\Špidla\Princ z Persie a hamizny kalif\animations\level_13\concubine_russian\halif_use_nutcracker.anim
[2010.04.19 09:30:20 | 000,365,264 | ---- | M] () -- \Games\Špidla\Princ z Persie a hamizny kalif\animations\level_13\concubine_russian\halif_use_nutcracker_trap.anim
[2010.02.09 12:03:08 | 000,201,648 | ---- | M] () -- \Games\Špidla\Princ z Persie a hamizny kalif\animations\level_13\halif\halif_use_nutcracker.anim
[2010.02.09 12:03:08 | 000,409,396 | ---- | M] () -- \Games\Špidla\Princ z Persie a hamizny kalif\animations\level_13\halif\halif_use_nutcracker_trap.anim
[2010.02.09 12:03:06 | 000,010,400 | ---- | M] () -- \Games\Špidla\Princ z Persie a hamizny kalif\animations\level_13\nutcracker\halif_use_nutcracker.anim
[2010.02.09 12:03:06 | 000,022,644 | ---- | M] () -- \Games\Špidla\Princ z Persie a hamizny kalif\animations\level_13\nutcracker\halif_use_nutcracker_trap.anim
[2010.02.10 08:41:40 | 000,087,536 | ---- | M] () -- \Games\Špidla\Princ z Persie a hamizny kalif\Models\predmet\level_13\nutcracker\nutcracker.dds
[2010.02.10 08:41:40 | 000,242,690 | ---- | M] () -- \Games\Špidla\Princ z Persie a hamizny kalif\Models\predmet\level_13\nutcracker\nutcracker.msh
[2010.02.09 12:02:36 | 000,000,004 | ---- | M] () -- \Games\Špidla\Princ z Persie a hamizny kalif\Models\predmet\level_13\nutcracker\nutcracker.rgd
[2009.09.22 07:11:16 | 000,185,850 | ---- | M] () -- \Games\Špidla\Princ z Persie a hamizny kalif\Models\STATIC\Level_1\barrel_crack\barrel_crack01.msh
[2009.09.22 07:11:16 | 000,190,774 | ---- | M] () -- \Games\Špidla\Princ z Persie a hamizny kalif\Models\STATIC\Level_1\barrel_crack\barrel_crack02.msh
[2009.09.22 07:11:16 | 000,177,770 | ---- | M] () -- \Games\Špidla\Princ z Persie a hamizny kalif\Models\STATIC\Level_1\barrel_crack\barrel_crack03.msh
[2009.09.22 07:11:16 | 000,174,690 | ---- | M] () -- \Games\Špidla\Princ z Persie a hamizny kalif\Models\STATIC\Level_1\barrel_crack\barrel_crack04.msh
[2009.09.22 07:11:16 | 000,164,146 | ---- | M] () -- \Games\Špidla\Princ z Persie a hamizny kalif\Models\STATIC\Level_1\barrel_crack\barrel_crack05.msh
[2009.09.22 07:11:16 | 000,179,614 | ---- | M] () -- \Games\Špidla\Princ z Persie a hamizny kalif\Models\STATIC\Level_1\barrel_crack\barrel_crack06.msh
[2010.02.09 12:02:38 | 000,005,556 | ---- | M] () -- \Games\Špidla\Princ z Persie a hamizny kalif\persons\objects\level_13\nutcracker\nutcracker.per
[2010.04.19 09:30:14 | 000,003,401 | ---- | M] () -- \Games\Špidla\Princ z Persie a hamizny kalif\persons\objects\level_13\nutcracker\nutcracker.xml
[2010.02.10 08:41:44 | 000,005,556 | ---- | M] () -- \Games\Špidla\Princ z Persie a hamizny kalif\persons\objects\level_13\nutcracker_dummy\nutcracker_dummy.per
[2010.03.22 15:29:14 | 000,001,724 | ---- | M] () -- \Games\Špidla\Princ z Persie a hamizny kalif\persons\objects\level_13\nutcracker_dummy\nutcracker_dummy.xml
[2010.04.19 09:30:14 | 000,000,086 | ---- | M] () -- \Games\Špidla\Princ z Persie a hamizny kalif\scripts\levels\level_13\halif_use_nutcracker.script
[2010.04.19 09:30:14 | 000,000,310 | ---- | M] () -- \Games\Špidla\Princ z Persie a hamizny kalif\scripts\levels\level_13\trap_nutcracker.script
[2010.03.11 12:22:56 | 000,013,614 | ---- | M] () -- \Games\Špidla\Princ z Persie a hamizny kalif\sounds\objects\level_13\nutcracker\crack.wav
[2010.03.11 12:22:56 | 000,136,398 | ---- | M] () -- \Games\Špidla\Princ z Persie a hamizny kalif\sounds\objects\level_13\nutcracker\nutcracker_trap.wav
[2010.06.24 09:56:10 | 000,101,652 | ---- | M] () -- \Games\Špidla\Princ z Persie a hamizny kalif\sounds\PERSONS\halif\lvl13\use_nutcracker.ogg
[2010.06.24 09:56:06 | 000,210,482 | ---- | M] () -- \Games\Špidla\Princ z Persie a hamizny kalif\sounds\PERSONS\halif\lvl13\use_nutcracker_trap.ogg
[2010.02.09 12:02:38 | 000,131,200 | ---- | M] () -- \Games\Špidla\Princ z Persie a hamizny kalif\textures\Interface\icons\nutcracker.dds
[2013.11.30 17:27:56 | 000,062,238 | ---- | M] () -- \Program Files\GIMP 2\share\gimp\2.0\patterns\cracked.pat
[2011.07.08 19:15:24 | 000,009,752 | ---- | M] () -- \Users\Dětičky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\CWXPU34L\firecracker_icon.0[2].png
[2010.04.19 09:30:20 | 000,397,540 | ---- | M] () -- \Users\Magdalena\AppData\Roaming\spidla\wrapper_trial\Princ z Persie a hamižný kalif\animations\level_13\concubine_russian\halif_use_nutcracker.anim
[2010.04.19 09:30:20 | 000,365,264 | ---- | M] () -- \Users\Magdalena\AppData\Roaming\spidla\wrapper_trial\Princ z Persie a hamižný kalif\animations\level_13\concubine_russian\halif_use_nutcracker_trap.anim
[2010.02.09 12:03:08 | 000,201,648 | ---- | M] () -- \Users\Magdalena\AppData\Roaming\spidla\wrapper_trial\Princ z Persie a hamižný kalif\animations\level_13\halif\halif_use_nutcracker.anim
[2010.02.09 12:03:08 | 000,409,396 | ---- | M] () -- \Users\Magdalena\AppData\Roaming\spidla\wrapper_trial\Princ z Persie a hamižný kalif\animations\level_13\halif\halif_use_nutcracker_trap.anim
[2010.02.09 12:03:06 | 000,010,400 | ---- | M] () -- \Users\Magdalena\AppData\Roaming\spidla\wrapper_trial\Princ z Persie a hamižný kalif\animations\level_13\nutcracker\halif_use_nutcracker.anim
[2010.02.09 12:03:06 | 000,022,644 | ---- | M] () -- \Users\Magdalena\AppData\Roaming\spidla\wrapper_trial\Princ z Persie a hamižný kalif\animations\level_13\nutcracker\halif_use_nutcracker_trap.anim
[2010.02.10 08:41:40 | 000,087,536 | ---- | M] () -- \Users\Magdalena\AppData\Roaming\spidla\wrapper_trial\Princ z Persie a hamižný kalif\Models\predmet\level_13\nutcracker\nutcracker.dds
[2010.02.10 08:41:40 | 000,242,690 | ---- | M] () -- \Users\Magdalena\AppData\Roaming\spidla\wrapper_trial\Princ z Persie a hamižný kalif\Models\predmet\level_13\nutcracker\nutcracker.msh
[2010.02.09 12:02:36 | 000,000,004 | ---- | M] () -- \Users\Magdalena\AppData\Roaming\spidla\wrapper_trial\Princ z Persie a hamižný kalif\Models\predmet\level_13\nutcracker\nutcracker.rgd
[2009.09.22 07:11:16 | 000,185,850 | ---- | M] () -- \Users\Magdalena\AppData\Roaming\spidla\wrapper_trial\Princ z Persie a hamižný kalif\Models\STATIC\Level_1\barrel_crack\barrel_crack01.msh
[2009.09.22 07:11:16 | 000,190,774 | ---- | M] () -- \Users\Magdalena\AppData\Roaming\spidla\wrapper_trial\Princ z Persie a hamižný kalif\Models\STATIC\Level_1\barrel_crack\barrel_crack02.msh
[2009.09.22 07:11:16 | 000,177,770 | ---- | M] () -- \Users\Magdalena\AppData\Roaming\spidla\wrapper_trial\Princ z Persie a hamižný kalif\Models\STATIC\Level_1\barrel_crack\barrel_crack03.msh
[2009.09.22 07:11:16 | 000,174,690 | ---- | M] () -- \Users\Magdalena\AppData\Roaming\spidla\wrapper_trial\Princ z Persie a hamižný kalif\Models\STATIC\Level_1\barrel_crack\barrel_crack04.msh
[2009.09.22 07:11:16 | 000,164,146 | ---- | M] () -- \Users\Magdalena\AppData\Roaming\spidla\wrapper_trial\Princ z Persie a hamižný kalif\Models\STATIC\Level_1\barrel_crack\barrel_crack05.msh
[2009.09.22 07:11:16 | 000,179,614 | ---- | M] () -- \Users\Magdalena\AppData\Roaming\spidla\wrapper_trial\Princ z Persie a hamižný kalif\Models\STATIC\Level_1\barrel_crack\barrel_crack06.msh
[2010.02.09 12:02:38 | 000,005,556 | ---- | M] () -- \Users\Magdalena\AppData\Roaming\spidla\wrapper_trial\Princ z Persie a hamižný kalif\persons\objects\level_13\nutcracker\nutcracker.per
[2010.04.19 09:30:14 | 000,003,401 | ---- | M] () -- \Users\Magdalena\AppData\Roaming\spidla\wrapper_trial\Princ z Persie a hamižný kalif\persons\objects\level_13\nutcracker\nutcracker.xml
[2010.02.10 08:41:44 | 000,005,556 | ---- | M] () -- \Users\Magdalena\AppData\Roaming\spidla\wrapper_trial\Princ z Persie a hamižný kalif\persons\objects\level_13\nutcracker_dummy\nutcracker_dummy.per
[2010.03.22 15:29:14 | 000,001,724 | ---- | M] () -- \Users\Magdalena\AppData\Roaming\spidla\wrapper_trial\Princ z Persie a hamižný kalif\persons\objects\level_13\nutcracker_dummy\nutcracker_dummy.xml
[2010.04.19 09:30:14 | 000,000,086 | ---- | M] () -- \Users\Magdalena\AppData\Roaming\spidla\wrapper_trial\Princ z Persie a hamižný kalif\scripts\levels\level_13\halif_use_nutcracker.script
[2010.04.19 09:30:14 | 000,000,310 | ---- | M] () -- \Users\Magdalena\AppData\Roaming\spidla\wrapper_trial\Princ z Persie a hamižný kalif\scripts\levels\level_13\trap_nutcracker.script
[2010.03.11 12:22:56 | 000,013,614 | ---- | M] () -- \Users\Magdalena\AppData\Roaming\spidla\wrapper_trial\Princ z Persie a hamižný kalif\sounds\objects\level_13\nutcracker\crack.wav
[2010.03.11 12:22:56 | 000,136,398 | ---- | M] () -- \Users\Magdalena\AppData\Roaming\spidla\wrapper_trial\Princ z Persie a hamižný kalif\sounds\objects\level_13\nutcracker\nutcracker_trap.wav
[2010.06.24 09:56:10 | 000,101,652 | ---- | M] () -- \Users\Magdalena\AppData\Roaming\spidla\wrapper_trial\Princ z Persie a hamižný kalif\sounds\PERSONS\halif\lvl13\use_nutcracker.ogg
[2010.06.24 09:56:06 | 000,210,482 | ---- | M] () -- \Users\Magdalena\AppData\Roaming\spidla\wrapper_trial\Princ z Persie a hamižný kalif\sounds\PERSONS\halif\lvl13\use_nutcracker_trap.ogg
[2010.02.09 12:02:38 | 000,131,200 | ---- | M] () -- \Users\Magdalena\AppData\Roaming\spidla\wrapper_trial\Princ z Persie a hamižný kalif\textures\Interface\icons\nutcracker.dds

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2007.04.25 15:33:36 | 000,457,216 | ---- | M] () -- \Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
[2009.12.23 21:21:28 | 000,069,632 | ---- | M] () -- \Games\NWNOL\Neverwinter\Live\PhysXLoader.dll
[2011.07.03 04:32:14 | 000,057,856 | ---- | M] () -- \Games\razor\Loader.dll
[2009.03.18 15:39:34 | 000,070,936 | ---- | M] () -- \Games\Špidla\Princ z Persie a hamizny kalif\PhysXLoader.dll
[2007.04.02 10:13:36 | 000,010,952 | ---- | M] () -- \Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\mm\MediaCtrl\ImageLoader.kc
[2006.07.20 01:36:42 | 000,010,768 | ---- | M] () -- \Program Files\Acer Arcade Deluxe\DV Wizard\mm\MediaCtrl\ImageLoader.kc
[2006.07.20 01:36:44 | 000,003,438 | ---- | M] () -- \Program Files\Acer Arcade Deluxe\DV Wizard\mm\MediaCtrl\News\NewsCategoryLoader.kc
[2006.07.20 01:36:44 | 000,006,361 | ---- | M] () -- \Program Files\Acer Arcade Deluxe\DV Wizard\mm\MediaCtrl\News\NewsFeedLoader.kc
[2006.07.20 01:36:58 | 000,003,485 | ---- | M] () -- \Program Files\Acer Arcade Deluxe\DV Wizard\widget\langloader.kc
[2006.07.20 01:36:58 | 000,012,395 | ---- | M] () -- \Program Files\Acer Arcade Deluxe\DV Wizard\widget\layoutloader.kc
[2007.05.29 13:10:18 | 000,011,301 | ---- | M] () -- \Program Files\Acer Arcade Deluxe\DVDivine\mm\MediaCtrl\ImageLoader.kc
[2007.05.29 13:10:24 | 000,003,482 | ---- | M] () -- \Program Files\Acer Arcade Deluxe\DVDivine\widget\langloader.kc
[2007.05.29 13:10:24 | 000,012,392 | ---- | M] () -- \Program Files\Acer Arcade Deluxe\DVDivine\widget\layoutloader.kc
[2007.04.02 10:14:46 | 000,010,952 | ---- | M] () -- \Program Files\Acer Arcade Deluxe\HomeMedia\mm\MediaCtrl\ImageLoader.kc
[2007.05.24 13:36:36 | 000,010,774 | ---- | M] () -- \Program Files\Acer Arcade Deluxe\Play Movie\mm\MediaCtrl\ImageLoader.kc
[2007.05.24 13:36:40 | 000,003,491 | ---- | M] () -- \Program Files\Acer Arcade Deluxe\Play Movie\widget\langloader.kc
[2007.05.24 13:36:40 | 000,012,401 | ---- | M] () -- \Program Files\Acer Arcade Deluxe\Play Movie\widget\layoutloader.kc
[2006.05.10 14:05:30 | 000,011,442 | ---- | M] () -- \Program Files\Acer Arcade Deluxe\SportsCap\mm\MediaCtrl\ImageLoader.kc
[2006.05.10 14:05:32 | 000,003,438 | ---- | M] () -- \Program Files\Acer Arcade Deluxe\SportsCap\mm\MediaCtrl\News\NewsCategoryLoader.kc
[2006.05.10 14:05:32 | 000,006,361 | ---- | M] () -- \Program Files\Acer Arcade Deluxe\SportsCap\mm\MediaCtrl\News\NewsFeedLoader.kc
[2006.05.10 14:05:32 | 000,003,485 | ---- | M] () -- \Program Files\Acer Arcade Deluxe\SportsCap\widget\langloader.kc
[2006.05.10 14:05:32 | 000,012,395 | ---- | M] () -- \Program Files\Acer Arcade Deluxe\SportsCap\widget\layoutloader.kc
[2007.07.27 15:31:32 | 000,011,415 | ---- | M] () -- \Program Files\Acer Arcade Deluxe\TV Joy\mm\MediaCtrl\ImageLoader.kc
[2007.07.27 15:31:34 | 000,003,492 | ---- | M] () -- \Program Files\Acer Arcade Deluxe\TV Joy\widget\langloader.kc
[2007.07.27 15:31:34 | 000,012,402 | ---- | M] () -- \Program Files\Acer Arcade Deluxe\TV Joy\widget\layoutloader.kc
[2006.08.31 22:38:08 | 000,010,928 | ---- | M] () -- \Program Files\Acer Arcade Deluxe\VideoMagician\mm\MediaCtrl\ImageLoader.kc
[2007.06.03 03:06:22 | 000,004,960 | ---- | M] () -- \Program Files\Acer GameZone\Zuma Deluxe\images\LoaderBar.gif
[2007.06.03 03:06:24 | 000,001,064 | ---- | M] () -- \Program Files\Acer GameZone\Zuma Deluxe\images\_LoaderBar.gif
[2013.07.04 19:31:30 | 000,044,032 | R--- | M] () -- \Program Files\Calibre2\DLLs\PyISAPI_loader.dll
[2012.10.31 02:13:01 | 000,000,194 | ---- | M] () -- \Program Files\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2012.09.25 03:39:16 | 000,112,128 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2011.03.08 08:43:28 | 000,013,734 | ---- | M] () -- \Program Files\GIMP 2\Python\Lib\unittest\loader.py
[2014.02.04 10:46:30 | 000,001,753 | ---- | M] () -- \Program Files\Malwarebytes Anti-Exploit\Loader.log
[2013.12.17 10:14:14 | 000,044,856 | ---- | M] () -- \Program Files\Malwarebytes Anti-Exploit\mbae-loader.exe
[2011.06.03 00:19:42 | 001,111,552 | ---- | M] () -- \Program Files\Memostation\bin\adownloader.exe
[2011.04.24 21:46:18 | 001,841,152 | ---- | M] () -- \Program Files\Memostation\bin\msdownloader.exe
[2040.02.06 07:28:14 | 000,000,668 | ---- | M] () -- \Program Files\Memostation\help\cz\highslide\graphics\loader.gif
[2040.02.06 07:28:14 | 000,000,673 | ---- | M] () -- \Program Files\Memostation\help\cz\highslide\graphics\loader.white.gif
[2009.05.29 04:52:00 | 000,071,008 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.07.15 00:12:14 | 000,833,432 | ---- | M] () -- \ProgramData\HappyCloud\Application\HCLOTROLoader.exe
[2013.05.26 14:22:50 | 000,273,053 | ---- | M] () -- \ProgramData\HappyCloud\Application\HCLOTROLoader.ico
[2013.06.19 14:59:00 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.06.19 14:59:00 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.10.09 17:07:12 | 000,006,012 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.10.09 17:07:12 | 000,021,956 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.06.19 14:59:00 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.07.15 00:12:14 | 000,833,432 | ---- | M] () -- \Users\All Users\HappyCloud\Application\HCLOTROLoader.exe
[2013.05.26 14:22:50 | 000,273,053 | ---- | M] () -- \Users\All Users\HappyCloud\Application\HCLOTROLoader.ico
[2013.06.19 14:59:00 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.06.19 14:59:00 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.10.09 17:07:12 | 000,006,012 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.10.09 17:07:12 | 000,021,956 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.06.19 14:59:00 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2011.12.23 08:52:39 | 000,064,606 | ---- | M] () -- \Users\Dětičky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2XFX07GA\Blitz3GamePreloader[1].swf
[2011.08.31 05:57:37 | 000,052,939 | ---- | M] () -- \Users\Dětičky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\93MC7N1Y\bank1_preloader[1].jpg
[2011.10.26 19:53:47 | 000,195,573 | ---- | M] () -- \Users\Dětičky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\93MC7N1Y\FV_Preloader.R.1.10.013.002.90697[1].swf
[2011.09.15 18:18:10 | 000,133,677 | ---- | M] () -- \Users\Dětičky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\93MC7N1Y\Preloader[1].swf
[2011.12.23 08:28:38 | 000,003,712 | ---- | M] () -- \Users\Dětičky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\A80DSG2D\loader[1].js
[2013.01.12 05:34:25 | 000,001,232 | ---- | M] () -- \Users\Dětičky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\A80DSG2D\oneMscomJsCssLoader[1].js
[2011.12.23 08:28:36 | 000,086,136 | ---- | M] () -- \Users\Dětičky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\A80DSG2D\Preloader[1].swf
[2011.06.21 05:48:45 | 000,052,662 | ---- | M] () -- \Users\Dětičky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\CWXPU34L\Blitz3GamePreloader[1].swf
[2011.05.06 18:53:23 | 000,052,022 | ---- | M] () -- \Users\Dětičky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\CWXPU34L\game_preloader[1].swf
[2011.06.11 16:14:36 | 000,032,531 | ---- | M] () -- \Users\Dětičky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\CWXPU34L\preloader[1].swf
[2011.09.15 18:22:55 | 000,052,939 | ---- | M] () -- \Users\Dětičky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ESRL1BVP\bank1_preloader[1].jpg
[2012.08.06 10:49:28 | 000,180,135 | ---- | M] () -- \Users\Dětičky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ESRL1BVP\FeatureLoader.js[1].js
[2011.10.26 19:55:43 | 000,124,996 | ---- | M] () -- \Users\Dětičky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ESRL1BVP\mega_content_halloween_preloader[1].jpg
[2011.11.30 19:21:07 | 000,004,630 | ---- | M] () -- \Users\Dětičky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\F95DYPBR\Loader_540894[1].js
[2011.07.08 18:57:47 | 000,194,100 | ---- | M] () -- \Users\Dětičky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\HMA9W865\saloon_V_preloader[1].jpg
[2011.05.06 18:48:39 | 000,002,023 | ---- | M] () -- \Users\Dětičky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\HMA9W865\vbulletin_post_loader[1].js
[2012.08.06 10:47:58 | 000,009,427 | ---- | M] () -- \Users\Dětičky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S7LBBDKQ\ajax-loader[1].gif
[2011.09.15 18:22:41 | 000,018,446 | ---- | M] () -- \Users\Dětičky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W6FVP8XK\FeatureLoader.js[1].js
[2012.08.06 11:03:28 | 000,002,756 | ---- | M] () -- \Users\Dětičky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W6FVP8XK\RmsLoader[1].js
[2012.11.21 09:49:22 | 000,179,856 | ---- | M] () -- \Users\Dětičky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X3IUR9YC\Preloader[1].swf
[2011.08.31 05:56:45 | 000,110,844 | ---- | M] () -- \Users\Dětičky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZWNE381W\FV_Preloader.R.1.8.021.013.78614[1].swf
[2011.07.08 18:57:48 | 000,001,405 | ---- | M] () -- \Users\Dětičky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZWNE381W\loader[1].js
[2009.03.18 15:39:34 | 000,070,936 | ---- | M] () -- \Users\Magdalena\AppData\Roaming\spidla\wrapper_trial\Princ z Persie a hamižný kalif\PhysXLoader.dll
[2012.11.16 23:51:13 | 002,070,207 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
[2013.10.30 18:17:07 | 000,003,208 | ---- | M] () -- \Users\Zuzka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepbnnnkkadjhjahcafoaglimekefifl\0.9.1_0\images\ajax-loader.gif
[2013.10.30 18:17:14 | 000,000,350 | ---- | M] () -- \Users\Zuzka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepbnnnkkadjhjahcafoaglimekefifl\0.9.1_0\scripts\utils\google_analytics_loader.js
[2013.07.08 18:24:39 | 000,001,511 | ---- | M] () -- \Users\Zuzka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HHD33HV0\AdLoader[1].htm
[2013.07.08 18:24:39 | 000,109,448 | ---- | M] () -- \Users\Zuzka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J0DB10AD\AdLoader-b3e321cab5fbc3c4ed10b513bb467bae.min[1].js
[2008.01.19 08:34:04 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.06.10 14:42:32 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2011.02.03 11:46:16 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2011.02.03 11:46:16 | 000,027,648 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winload.exe.mui_3bc5b827
[2011.02.03 11:46:16 | 000,019,968 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winresume.exe.mui_ff8b5358
[2011.03.15 20:53:59 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2011.03.15 20:53:59 | 000,986,600 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winload.exe_75835076
[2011.03.15 20:53:59 | 000,926,184 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winresume.exe_85cd1215
[2011.02.03 11:44:01 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2011.02.03 11:44:01 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2011.01.16 23:15:35 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2011.01.16 23:15:26 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2011.01.16 23:15:44 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2011.01.16 23:15:26 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2011.01.16 23:15:57 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2011.01.16 23:15:59 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2011.01.16 23:16:05 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2011.01.16 23:15:34 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2011.01.16 23:15:25 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2011.01.16 23:15:44 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2011.01.16 23:15:26 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2011.01.16 23:15:57 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2011.01.16 23:15:59 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2011.01.16 23:16:04 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008.01.19 04:14:52 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2011.01.16 23:15:22 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2011.01.16 23:15:21 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008.01.19 00:00:00 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2011.01.16 23:15:14 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2011.01.16 23:15:14 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2009.04.11 00:12:44 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2006.11.02 11:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008.01.19 00:05:22 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2006.11.02 13:34:33 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6000.16386_none_43bd59f592b7be86\dmloader.dll
[2008.01.19 08:34:04 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008.01.19 08:34:04 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2012.10.08 12:01:03 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.02.19 02:11:23 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.09.10 01:57:06 | 000,003,072 | ---- | M] () -- \Users\Magdalena\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.serialzone.cz_0.localstorage
[2013.09.10 01:57:06 | 000,003,608 | ---- | M] () -- \Users\Magdalena\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.serialzone.cz_0.localstorage-journal
[2011.11.20 13:27:34 | 000,000,024 | ---- | M] () -- \Users\Magdalena\AppData\Local\Google\Picasa2\cache\cacheindex_serial.pmp
[2009.10.30 04:03:30 | 000,032,468 | ---- | M] () -- \Users\Magdalena\Documents\HP\ŽvB\RT\serials.rtf
[2013.07.07 19:22:36 | 000,003,072 | ---- | M] () -- \Users\Zuzka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.serialzone.cz_0.localstorage
[2013.07.07 19:22:36 | 000,003,608 | ---- | M] () -- \Users\Zuzka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.serialzone.cz_0.localstorage-journal
[2013.10.14 23:30:17 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.03.31 19:04:50 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.30 05:42:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.02.19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.08 12:01:03 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.10.14 23:17:53 | 002,346,496 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1bf91944c0a39048bb079c5d81f90529\System.Runtime.Serialization.ni.dll
[2013.10.14 23:17:27 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\aecbf967d699e9d2da69afdf5412491c\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.12.20 20:03:22 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\a281f3909e9182522777315b3a25ec5a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.12.20 20:03:22 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\a281f3909e9182522777315b3a25ec5a\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2013.12.20 20:03:29 | 002,825,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\66ce786a0b16af8c3f5c480cd6e84376\System.Runtime.Serialization.ni.dll
[2013.12.20 20:03:29 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\66ce786a0b16af8c3f5c480cd6e84376\System.Runtime.Serialization.ni.dll.aux
[2013.12.20 20:10:36 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\6b054c1a64987a9caa2a1c98b070f47f\System.Xml.Serialization.ni.dll
[2013.12.20 20:10:36 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\6b054c1a64987a9caa2a1c98b070f47f\System.Xml.Serialization.ni.dll.aux
[2013.09.11 22:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013.09.11 22:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013.09.11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2004.07.15 13:31:54 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2009.03.30 05:42:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.03.31 19:04:50 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.08 12:01:09 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 22:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 22:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2008.01.19 08:36:21 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2007.01.08 22:04:49 | 000,005,632 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2006.11.02 09:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2007.01.08 22:04:55 | 000,004,096 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\grserial.sys.mui
[2007.01.08 22:04:55 | 000,010,240 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2008.01.19 06:49:35 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_33048ac2\serial.sys
[2006.11.02 09:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_9d4661e2\serial.sys
[2006.11.02 08:41:49 | 001,010,560 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_91bbdacd\smserial.sys
[2008.01.19 06:49:35 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_44880ea7\serial.sys
[2006.11.02 09:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_ac874de4\serial.sys
[2006.11.02 09:51:28 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_a24cc104\grserial.sys
[2008.01.19 06:49:33 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_bec36faa\grserial.sys
[2011.03.15 20:54:05 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61.manifest
[2011.03.15 20:54:05 | 000,017,384 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61_kdcom.dll_db5e7744
[2011.02.03 11:44:14 | 000,005,632 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_4e6ae191e3aac47c_serialui.dll.mui_7d29d2a3
[2011.03.15 20:54:27 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805_serialui.dll_bea29328
[2006.11.02 13:33:50 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3.manifest
[2011.01.17 02:17:33 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16708_none_d2461403b7e6edc1.manifest
[2011.01.17 02:17:33 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.20864_none_bb7eca1fd1887f4d.manifest
[2008.01.19 00:05:26 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf.manifest
[2011.01.17 02:17:01 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18096_none_d22b4019b82faa94.manifest
[2010.04.12 19:45:00 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18457_none_d2272799b833601d.manifest
[2011.01.17 02:17:01 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22208_none_bb54690bd1df5a1e.manifest
[2010.04.12 19:51:10 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22668_none_bb5a6a37d1d9f36c.manifest
[2009.04.11 00:16:00 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18005_none_d1fe4b6bb888c0d3.manifest
[2010.04.12 19:29:50 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18239_none_d200f0e1b88673fe.manifest
[2012.10.08 17:24:13 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18707_none_d1fe1cdfb888f64c.manifest
[2010.04.12 20:40:05 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22380_none_bb39189bd2286c0e.manifest
[2012.10.08 16:03:48 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22945_none_bb34a4b3d22c88bd.manifest
[2007.01.08 22:01:12 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_cs-cz_5ff98b2cc72ba40d.manifest
[2006.11.02 13:39:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_en-us_bb16054302d6ef1f.manifest
[2011.01.17 02:17:07 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16708_en-us_bb0dd4d302de58ed.manifest
[2011.01.16 23:38:03 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_cs-cz_5ff511dac72f8cd8.manifest
[2011.01.17 02:17:07 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20864_en-us_a4468aef1c7fea79.manifest
[2011.01.16 23:38:03 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_cs-cz_492cfaeee0d2050d.manifest
[2008.01.19 04:14:26 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18000_cs-cz_5fce0ce8c7834cd9.manifest
[2011.01.17 02:16:36 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18096_en-us_baf300e9032715c0.manifest
[2011.01.16 23:38:00 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_cs-cz_5fcff690c7819979.manifest
[2010.04.12 18:23:06 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18457_en-us_baeee869032acb49.manifest
[2011.01.17 02:16:36 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22208_en-us_a41c29db1cd6c54a.manifest
[2011.01.16 23:37:59 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_cs-cz_490422d4e1275f6f.manifest
[2010.04.12 18:31:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22668_en-us_a4222b071cd15e98.manifest
[2009.04.11 11:04:50 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18005_cs-cz_5fa99224c7d4e0ed.manifest
[2010.04.12 23:15:50 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_cs-cz_5fac379ac7d29418.manifest
[2010.04.12 18:44:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_en-us_bac8b1b1037ddf2a.manifest
[2012.10.08 20:37:20 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18707_cs-cz_5fa96398c7d51666.manifest
[2012.10.08 17:20:22 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18707_en-us_bac5ddaf03806178.manifest
[2010.04.12 23:51:48 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_cs-cz_48e45f54e1748c28.manifest
[2010.04.12 19:41:31 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_en-us_a400d96b1d1fd73a.manifest
[2012.10.08 17:22:39 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22945_cs-cz_48dfeb6ce178a8d7.manifest
[2012.10.08 16:00:20 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22945_en-us_a3fc65831d23f3e9.manifest
[2006.11.02 13:33:50 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526.manifest
[2011.01.17 02:17:33 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16708_none_0289499ddf8deef4.manifest
[2011.01.17 02:17:32 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.20864_none_ebc1ffb9f92f8080.manifest
[2008.01.19 00:04:20 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2.manifest
[2011.01.17 02:17:01 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18096_none_026e75b3dfd6abc7.manifest
[2010.04.12 19:44:39 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18457_none_026a5d33dfda6150.manifest
[2011.01.17 02:17:01 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22208_none_eb979ea5f9865b51.manifest
[2010.04.12 19:50:49 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22668_none_eb9d9fd1f980f49f.manifest
[2009.04.11 00:15:32 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18005_none_02418105e02fc206.manifest
[2010.04.12 19:29:29 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18239_none_0244267be02d7531.manifest
[2012.10.08 17:23:59 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18707_none_02415279e02ff77f.manifest
[2010.04.12 20:39:45 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22380_none_eb7c4e35f9cf6d41.manifest
[2012.10.08 16:03:34 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22945_none_eb77da4df9d389f0.manifest
[2006.11.02 11:18:20 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6000.16386_none_0f7ecb22afbfde41.manifest
[2008.01.19 00:01:04 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6001.18000_none_11b58d1eacaaef15.manifest
[2009.04.11 00:13:32 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61.manifest
[2006.11.02 11:02:09 | 000,001,406 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.0.6000.16386_none_2a8610ec098ae6c4.manifest
[2006.11.02 13:33:50 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68.manifest
[2011.01.17 02:17:20 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16708_none_0763f56b20648936.manifest
[2011.01.17 02:17:20 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.20864_none_f09cab873a061ac2.manifest
[2008.01.19 00:13:44 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834.manifest
[2011.01.17 02:16:52 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18096_none_0749218120ad4609.manifest
[2010.04.12 19:47:49 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18457_none_0745090120b0fb92.manifest
[2011.01.17 02:16:52 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22208_none_f0724a733a5cf593.manifest
[2010.04.12 19:53:39 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22668_none_f0784b9f3a578ee1.manifest
[2009.04.11 00:18:56 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18005_none_071c2cd321065c48.manifest
[2010.04.12 19:32:33 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18239_none_071ed24921040f73.manifest
[2012.10.08 17:26:11 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18707_none_071bfe47210691c1.manifest
[2010.04.12 20:42:39 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22380_none_f056fa033aa60783.manifest
[2012.10.08 16:05:32 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22945_none_f052861b3aaa2432.manifest
[2006.10.20 02:14:53 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.16386_none_483e6ea12378b3a8\System.Runtime.Serialization.Formatters.Soap.dll
[2011.01.17 02:11:30 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.16720_none_4838f505237d831c\System.Runtime.Serialization.Formatters.Soap.dll
[2011.01.17 02:11:30 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.20883_none_31710ba93d1fc80f\System.Runtime.Serialization.Formatters.Soap.dll
[2008.01.05 12:26:58 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.18000_none_4812f05d23d05c74\System.Runtime.Serialization.Formatters.Soap.dll
[2011.01.17 02:10:59 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.18111_none_4813d9bb23cf8fbd\System.Runtime.Serialization.Formatters.Soap.dll
[2011.01.17 02:10:59 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.22230_none_31484a573d7508d0\System.Runtime.Serialization.Formatters.Soap.dll
[2009.03.30 05:42:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6002.18005_none_47ee75992421f088\System.Runtime.Serialization.Formatters.Soap.dll
[2007.01.08 22:03:07 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6000.16386_cs-cz_0167850d1d10bca1\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.01.17 02:21:47 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6000.16754_cs-cz_0164b12f1d133e9e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.01.17 02:21:47 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6000.20921_cs-cz_ea944dc536bd060d\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.01.05 12:27:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6001.18000_cs-cz_013c06c91d68656d\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.01.17 02:21:29 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6001.18145_cs-cz_013f95e51d654b3f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.01.17 02:21:29 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6001.22269_cs-cz_ea739499370b4477\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 19:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6002.18005_cs-cz_01178c051db9f981\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2006.11.02 13:36:03 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3\System.Runtime.Serialization.dll
[2011.01.17 02:18:35 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16708_none_d2461403b7e6edc1\System.Runtime.Serialization.dll
[2011.01.17 02:18:35 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.20864_none_bb7eca1fd1887f4d\System.Runtime.Serialization.dll
[2008.01.05 12:21:39 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf\System.Runtime.Serialization.dll
[2011.01.17 02:18:24 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18096_none_d22b4019b82faa94\System.Runtime.Serialization.dll
[2010.04.12 13:20:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18457_none_d2272799b833601d\System.Runtime.Serialization.dll
[2011.01.17 02:18:24 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22208_none_bb54690bd1df5a1e\System.Runtime.Serialization.dll
[2010.04.12 13:22:02 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22668_none_bb5a6a37d1d9f36c\System.Runtime.Serialization.dll
[2009.02.18 19:38:43 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18005_none_d1fe4b6bb888c0d3\System.Runtime.Serialization.dll
[2010.04.12 13:21:15 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18239_none_d200f0e1b88673fe\System.Runtime.Serialization.dll
[2012.10.08 12:01:09 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18707_none_d1fe1cdfb888f64c\System.Runtime.Serialization.dll
[2010.04.12 13:22:02 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22380_none_bb39189bd2286c0e\System.Runtime.Serialization.dll
[2012.10.08 11:59:43 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22945_none_bb34a4b3d22c88bd\System.Runtime.Serialization.dll
[2007.01.08 22:05:25 | 000,081,920 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_cs-cz_5ff98b2cc72ba40d\System.RunTime.Serialization.Resources.dll
[2011.01.17 02:22:47 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_cs-cz_5ff511dac72f8cd8\System.RunTime.Serialization.Resources.dll
[2011.01.17 02:22:47 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_cs-cz_492cfaeee0d2050d\System.RunTime.Serialization.Resources.dll
[2008.01.05 12:27:23 | 000,086,016 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18000_cs-cz_5fce0ce8c7834cd9\System.RunTime.Serialization.Resources.dll
[2011.01.17 02:22:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_cs-cz_5fcff690c7819979\System.RunTime.Serialization.Resources.dll
[2011.01.17 02:22:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_cs-cz_490422d4e1275f6f\System.RunTime.Serialization.Resources.dll
[2009.02.19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18005_cs-cz_5fa99224c7d4e0ed\System.RunTime.Serialization.Resources.dll
[2009.02.19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_cs-cz_5fac379ac7d29418\System.RunTime.Serialization.Resources.dll
[2009.02.19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18707_cs-cz_5fa96398c7d51666\System.RunTime.Serialization.Resources.dll
[2009.02.19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_cs-cz_48e45f54e1748c28\System.RunTime.Serialization.Resources.dll
[2009.02.19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22945_cs-cz_48dfeb6ce178a8d7\System.RunTime.Serialization.Resources.dll
[2006.11.02 13:36:03 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526\System.Runtime.Serialization.dll
[2011.01.17 02:18:35 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16708_none_0289499ddf8deef4\System.Runtime.Serialization.dll
[2011.01.17 02:18:35 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.20864_none_ebc1ffb9f92f8080\System.Runtime.Serialization.dll
[2008.01.05 12:21:38 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2\System.Runtime.Serialization.dll
[2011.01.17 02:18:24 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18096_none_026e75b3dfd6abc7\System.Runtime.Serialization.dll
[2010.04.12 13:19:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18457_none_026a5d33dfda6150\System.Runtime.Serialization.dll
[2011.01.17 02:18:24 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22208_none_eb979ea5f9865b51\System.Runtime.Serialization.dll
[2010.04.12 13:21:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22668_none_eb9d9fd1f980f49f\System.Runtime.Serialization.dll
[2009.02.18 19:38:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18005_none_02418105e02fc206\System.Runtime.Serialization.dll
[2010.04.12 13:21:01 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18239_none_0244267be02d7531\System.Runtime.Serialization.dll
[2012.10.08 12:01:03 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18707_none_02415279e02ff77f\System.Runtime.Serialization.dll
[2010.04.12 13:21:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22380_none_eb7c4e35f9cf6d41\System.Runtime.Serialization.dll
[2012.10.08 11:59:29 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22945_none_eb77da4df9d389f0\System.Runtime.Serialization.dll
[2007.01.08 22:04:55 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_f15fa7f9f28d5343\serial.sys.mui
[2008.01.19 06:49:35 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf_31bf3856ad364e35_6.0.6001.18000_none_955c449145dbf667\serial.sys
[2007.01.08 22:04:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_bdf5a8f7ae6b024a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.01.17 02:21:41 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6000.16754_cs-cz_be141fbfae547065\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.01.17 02:21:34 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6000.20921_cs-cz_bebb2d56c75c6d7e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.01.05 12:27:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_c02c6af3ab56131e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.01.17 02:21:23 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.18145_cs-cz_c0062e9bab71febc\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.01.17 02:21:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.22269_cs-cz_c07e2cb6c49c3bc4\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 19:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6002.18005_cs-cz_c217e3ffa877de6a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2007.01.08 22:04:49 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_4c341f95e6bfb3a8\serialui.dll.mui
[2007.01.08 22:04:49 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_4e6ae191e3aac47c\serialui.dll.mui
[2006.11.02 10:46:12 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6000.16386_none_f2cadf9221bfabe5\serialui.dll
[2008.01.19 08:36:21 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6001.18000_none_f501a18e1eaabcb9\serialui.dll
[2008.01.19 08:36:21 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805\serialui.dll
[2007.01.08 22:05:22 | 000,081,920 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_5b3d50955593c887\System.RunTime.Serialization.Resources.dll
[2011.01.17 02:22:44 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.16730_cs-cz_5b6d660d55709964\System.RunTime.Serialization.Resources.dll
[2011.01.17 02:22:43 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.20895_cs-cz_5bbb24c26eba5f87\System.RunTime.Serialization.Resources.dll
[2008.01.05 12:27:23 | 000,086,016 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_5d741291527ed95b\System.RunTime.Serialization.Resources.dll
[2011.01.17 02:22:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.18121_cs-cz_5d5f74e9528e27bb\System.RunTime.Serialization.Resources.dll
[2011.01.17 02:22:35 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.22243_cs-cz_5dd572706bba3215\System.RunTime.Serialization.Resources.dll
[2009.02.19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6002.18005_cs-cz_5f5f8b9d4fa0a4a7\System.RunTime.Serialization.Resources.dll
[2007.01.08 22:03:22 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_c27f608a4f515351\serial.sys.mui
[2008.01.19 06:49:35 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.0.6001.18000_none_f897b0b1b85e4433\serial.sys
[2007.01.08 22:04:55 | 000,004,096 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_b4070b50f198e261\grserial.sys.mui
[2008.01.19 06:49:33 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.0.6001.18000_none_72a9e15f343dcd03\grserial.sys
[2006.11.02 13:36:02 | 000,888,832 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68\System.Runtime.Serialization.dll
[2011.01.17 02:18:30 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16708_none_0763f56b20648936\System.Runtime.Serialization.dll
[2011.01.17 02:18:30 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.20864_none_f09cab873a061ac2\System.Runtime.Serialization.dll
[2008.01.05 12:21:38 | 000,929,792 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834\System.Runtime.Serialization.dll
[2011.01.17 02:18:20 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18096_none_0749218120ad4609\System.Runtime.Serialization.dll
[2010.04.12 13:19:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18457_none_0745090120b0fb92\System.Runtime.Serialization.dll
[2011.01.17 02:18:20 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22208_none_f0724a733a5cf593\System.Runtime.Serialization.dll
[2010.04.12 13:21:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22668_none_f0784b9f3a578ee1\System.Runtime.Serialization.dll
[2009.02.18 19:38:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18005_none_071c2cd321065c48\System.Runtime.Serialization.dll
[2010.04.12 13:21:01 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18239_none_071ed24921040f73\System.Runtime.Serialization.dll
[2012.10.08 12:01:03 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18707_none_071bfe47210691c1\System.Runtime.Serialization.dll
[2010.04.12 13:21:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22380_none_f056fa033aa60783\System.Runtime.Serialization.dll
[2012.10.08 11:59:29 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22945_none_f052861b3aaa2432\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:A95A95AC
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:0A73A758
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:B203B914
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:AA9519A6
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:94188BC6
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:9F683177

< End of report >

[martivan]

OTL log extras

OTL Extras logfile created on: 4.2.2014 14:53:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Magdalena\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 1,61 Gb Available Physical Memory | 53,69% Memory free
4,90 Gb Paging File | 3,48 Gb Available in Paging File | 70,93% Paging File free
Paging file location(s): c:\pagefile.sys 2048 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,69 Gb Total Space | 2,33 Gb Free Space | 2,09% Space Free | Partition Type: NTFS
Drive D: | 108,20 Gb Total Space | 4,89 Gb Free Space | 4,52% Space Free | Partition Type: NTFS

Computer Name: MAGDALENA-ACER | User Name: GM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{653E2DBE-B9E3-4E70-8347-A3F80A83FF04}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C58E235-05BF-43F7-9CF8-661A9066ADED}" = dir=in | app=c:\program files\acer arcade deluxe\sportscap\sportscap.exe |
"{1969FF93-467C-414B-809A-C9B906DF86AE}" = dir=in | app=c:\program files\acer arcade deluxe\dvdivine\dvdivine.exe |
"{220DAEEF-6E54-4CF2-82F2-9228A8146180}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{3547E381-F877-45B2-A886-5D0211025CF1}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe |
"{691F7397-6E1E-48F8-BF6E-A7DEACC46EE0}" = dir=in | app=c:\program files\acer arcade deluxe\tv joy\tv joy.exe |
"{6C46B0F5-E1E2-428A-B2A4-96438048AED0}" = dir=in | app=c:\program files\acer arcade deluxe\dv wizard\dv wizard.exe |
"{6C9BEBE0-292D-4B83-8D61-B8EB51C34584}" = dir=in | app=c:\program files\acer arcade deluxe\videomagician\videomagician.exe |
"{8455EAD5-DF01-49FD-A6FA-AC8C0B9BFBC1}" = dir=in | app=c:\program files\acer arcade deluxe\tv joy\tveservice.exe |
"{ADB9FD22-9CC1-4FB8-AD09-16B995CB4186}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C32E9199-BFC4-42ED-938F-ACBD21AFD2BC}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\pmvservice.exe |
"{E3944252-B701-4DF0-9760-9CB2EA400D69}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{F77C6AD8-94CE-4D11-ADB6-22590DCB5991}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\playmovie.exe |
"TCP Query User{ECB2CC3C-B0A6-4F49-BC10-24983CECCD11}D:\gamesd\lord of the rings online\lotroclient.exe" = protocol=6 | dir=in | app=d:\gamesd\lord of the rings online\lotroclient.exe |
"TCP Query User{F0E0AD47-10B4-490C-84A8-25A4240A3F62}F:\games\uoml_zvb\zvb-klient.exe" = protocol=6 | dir=in | app=f:\games\uoml_zvb\zvb-klient.exe |
"UDP Query User{B46E29BF-9D79-4875-A3F3-91A0F6C31717}D:\gamesd\lord of the rings online\lotroclient.exe" = protocol=17 | dir=in | app=d:\gamesd\lord of the rings online\lotroclient.exe |
"UDP Query User{F9D70558-A9BF-44B2-8149-EE65FA0F5618}F:\games\uoml_zvb\zvb-klient.exe" = protocol=17 | dir=in | app=f:\games\uoml_zvb\zvb-klient.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.4900
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{0C808377-8C23-44ED-9016-05F42E6D4900}" = Nokia Suite
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series" = Canon MG5300 series MP Drivers
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP610_series" = Canon MP610 series
"{123F4E9B-80E6-3A84-BDD4-3CB3AC59ABF0}" = Microsoft .NET Framework 4.5.1 (CSY)
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{1A8FE52B-983B-46B6-A2EF-9A75DDCAFCEF}" = ESET Smart Security
"{22C37D82-6137-40BF-8625-7A846ED65F3A}_is1" = FolderIco 1.0
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 51
"{29373274-977E-413C-A4DE-DC0F8E80C429}" = Nokia Connectivity Cable Driver
"{2A83AD05-56E6-3FBD-8752-B4143162EF59}" = Google Talk Plugin
"{32C74893-0243-4235-A6F3-201F0E5D2C03}" = Software602 Print2PDF
"{35C0A1E4-D02A-412C-841F-266DBB116ABB}" = Software Intel(R) PROSet/Wireless WiFi
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Acer Crystal Eye webcam
"{3F50AF3B-8997-4916-0095-99D63DDB785A}" = Harry Potter TM
"{41FB29BC-F985-4334-BD3E-C2F0A173BFF7}_is1" = Memostation 2011
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D9EE5BD-93DF-4473-9F57-E73E9F36DC84}" = calibre
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{56D4499E-AC3E-4B8D-91C9-C700C148C44B}" = Google Drive
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7
"{69EBB61F-8A46-4CF7-A6B3-0FB2A734074D}" = Bontia Studio 4.5
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}" = AION Free-To-Play
"{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{8190420D-F4BA-4744-8940-A466F81AF89C}_is1" = Ulož.to File Manager verze 1.6
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111263673}" = Treasures of the Deep
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111271497}" = Mystery Case Files - Prime Suspects
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111310630}" = Big Kahuna Reef 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111473353}" = Dynasty
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11170417}" = Luxor 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112179547}" = Mystery Case Files Ravenhearst
"{86ACE727-A4F2-4B28-A37D-254D9CC03156}" = Zaklínač - Rozšířená edice
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager
"{91120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA047D7C-5E7C-4878-B75C-77589151B563}" = Acer Crystal Eye webcam
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{Ahoj Benatky}_is1" = Ahoj Benátky v1.0cs
"{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}" = NVIDIA PhysX
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer 3.72
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{C82D8932-EB28-4da6-9582-33D515D46F04}" = Huawei Drivers
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{DF7B213D-2065-41ED-BB51-7A3EED31EA7B}" = Ultima Online: Mondain's Legacy
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Deluxe
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F149E0CB-984E-4EED-89F9-4CB9D66A5CF3}" = nia
"{FA37AF66-D12A-4BC7-B1DE-3D50C05A4EDB}" = Software602 Form Filler
"{Princ z Persie a hamizny kalif}_is1" = Princ z Persie a hamižný kalif v1.6
"{Sedm divu sveta}_is1" = Sedm divů světa v1.0
"{Tajemná písmena}_is1" = Tajemná písmena 1.51
"{Zeleny mesic}_is1" = Zelený měsíc v1.0
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
"7-Zip" = 7-Zip 9.22beta
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Audacity_is1" = Audacity 2.0.3
"Audio Editor Deluxe_is1" = Audio Editor Deluxe v9.0.1
"Canon MG5300 series On-screen Manual" = Canon MG5300 series On-screen Manual
"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner
"CleanUp!" = CleanUp!
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"Defraggler" = Defraggler
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Exact Audio Copy" = Exact Audio Copy 1.0beta2
"Family Tree Builder" = MyHeritage Family Tree Builder
"Fraps" = Fraps
"GIMP-2_is1" = GIMP 2.8.10
"Google Chrome" = Google Chrome
"GridVista" = Acer GridVista
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}" = AION Free-To-Play
"IrfanView" = IrfanView (remove only)
"LManager" = Launch Manager
"Malwarebytes Anti-Exploit_is1" = Malwarebytes Anti-Exploit version 0.09.5.0250
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Minutka" = Minutka 1.3
"Miranda IM" = Miranda IM 0.10.20
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"MP Navigator EX 5.0" = Canon MP Navigator EX 5.0
"Nokia Suite" = Nokia Suite
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"ProInst" = Intel PROSet Wireless
"Registrace uživatele zařízení Canon MG5300 series" = Registrace uživatele zařízení Canon MG5300 series
"Registrace uživatele zařízení Canon MP610 series" = Registrace uživatele zařízení Canon MP610 series
"STANDARDR" = Microsoft Office Standard 2007
"StepMania" = StepMania (remove only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Šifrování_is1" = Šifrování 0.4
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"T-Mobile Communication Centre" = T-Mobile Internet Manager
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.1.2
"Winamp" = Winamp
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"World of Warcraft" = World of Warcraft
"ŽvB Updater" = ŽvB Updater

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 19.9.2013 7:50:35 | Computer Name = Magdalena-ACER | Source = Windows Search Service | ID = 3013
Description =

Error - 19.9.2013 12:06:09 | Computer Name = Magdalena-ACER | Source = EventSystem | ID = 4621
Description =

Error - 19.9.2013 17:11:06 | Computer Name = Magdalena-ACER | Source = Application Error | ID = 1000
Description = Chybující aplikace CNSEUPDT.EXE, verze 1.3.5.0, časové razítko 0x4e3a32f0,
chybující modul CNMDWLD.DLL, verze 1.0.0.0, časové razítko 0x4cad61a4, kód výjimky
0xc0000005, posun chyby 0x000024c0, ID procesu 0xf48, čas spuštění aplikace 0x01ceb4dc5b524bf3.

Error - 21.9.2013 13:50:48 | Computer Name = Magdalena-ACER | Source = Application Error | ID = 1000
Description = Chybující aplikace zvb-klient.exe, verze 5.0.9.1, časové razítko 0x4609984d,
chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000, kód výjimky
0xc0000005, posun chyby 0x0c247cdf, ID procesu 0xf34, čas spuštění aplikace 0x01ceb6f013375517.

Error - 22.9.2013 7:25:14 | Computer Name = Magdalena-ACER | Source = ESENT | ID = 467
Description = Windows (2140) Windows: Databáze C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb:
Index System_ItemFolderPathDisplayNarrow405 tabulky SystemIndex_0A je poškozen
(0).

Error - 22.9.2013 7:25:15 | Computer Name = Magdalena-ACER | Source = Windows Search Service | ID = 7040
Description =

Error - 22.9.2013 21:37:14 | Computer Name = Magdalena-ACER | Source = Application Hang | ID = 1002
Description = Program lotroclient.exe verze 1103.52.9929.8030 přestal spolupracovat
se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení
problémů. ID procesu: 1b20 Čas zahájení: 01ceb7dc410e7e00 Čas ukončení: 2548

Error - 23.9.2013 8:04:47 | Computer Name = Magdalena-ACER | Source = Application Error | ID = 1000
Description = Chybující aplikace TurbineLauncher.exe, verze 0.0.0.0, časové razítko
0x521482a0, chybující modul TurbineLauncher.exe, verze 0.0.0.0, časové razítko
0x521482a0, kód výjimky 0xc0000005, posun chyby 0x00052984, ID procesu 0x14bc, čas
spuštění aplikace 0x01ceb85437691400.

Error - 23.9.2013 8:09:24 | Computer Name = Magdalena-ACER | Source = Application Error | ID = 1000
Description = Chybující aplikace TurbineLauncher.exe, verze 0.0.0.0, časové razítko
0x521482a0, chybující modul TurbineLauncher.exe, verze 0.0.0.0, časové razítko
0x521482a0, kód výjimky 0xc0000005, posun chyby 0x00052984, ID procesu 0x12d0, čas
spuštění aplikace 0x01ceb8552b5ae070.

Error - 24.9.2013 9:52:45 | Computer Name = Magdalena-ACER | Source = Application Hang | ID = 1002
Description = Program lotroclient.exe verze 1104.53.3086.8026 přestal spolupracovat
se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení
problémů. ID procesu: dbc Čas zahájení: 01ceb92c73668040 Čas ukončení: 194

Error - 26.9.2013 19:34:02 | Computer Name = Magdalena-ACER | Source = Application Error | ID = 1000
Description = Chybující aplikace WINWORD.EXE, verze 12.0.4518.1014, časové razítko
0x45428028, chybující modul wwlib.dll, verze 12.0.4518.1014, časové razítko 0x454285fb,
kód výjimky 0xc0000005, posun chyby 0x00049021, ID procesu 0x1408, čas spuštění
aplikace 0x01cebb10af7cc8a8.

Error - 27.9.2013 6:34:08 | Computer Name = Magdalena-ACER | Source = Application Error | ID = 1000
Description = Chybující aplikace CNSEMAIN.EXE, verze 1.3.5.0, časové razítko 0x4e3a3451,
chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000, kód výjimky
0xc0000005, posun chyby 0x00000000, ID procesu 0x3bc, čas spuštění aplikace 0x01cebb0b17643cb8.

Error - 2.10.2013 13:58:54 | Computer Name = Magdalena-ACER | Source = EventSystem | ID = 4621
Description =

Error - 6.10.2013 9:17:16 | Computer Name = Magdalena-ACER | Source = VSS | ID = 8194
Description =

[ OSession Events ]
Error - 10.12.2012 20:54:24 | Computer Name = Magdalena-ACER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 245 seconds with 240 seconds of active time. This session ended with a crash.

Error - 7.1.2013 17:16:16 | Computer Name = Magdalena-ACER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 145552
seconds with 18900 seconds of active time. This session ended with a crash.

Error - 12.2.2013 13:22:09 | Computer Name = Magdalena-ACER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 176713
seconds with 2280 seconds of active time. This session ended with a crash.

Error - 22.4.2013 11:36:54 | Computer Name = Magdalena-ACER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 78199
seconds with 240 seconds of active time. This session ended with a crash.

Error - 28.5.2013 10:06:09 | Computer Name = Magdalena-ACER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 147246
seconds with 2040 seconds of active time. This session ended with a crash.

Error - 9.6.2013 21:18:52 | Computer Name = Magdalena-ACER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 19764
seconds with 7440 seconds of active time. This session ended with a crash.

Error - 2.7.2013 8:37:50 | Computer Name = Magdalena-ACER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 250946
seconds with 6240 seconds of active time. This session ended with a crash.

Error - 26.9.2013 19:34:01 | Computer Name = Magdalena-ACER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 83
seconds with 60 seconds of active time. This session ended with a crash.

Error - 28.1.2014 11:00:57 | Computer Name = Magdalena-ACER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 59689
seconds with 360 seconds of active time. This session ended with a crash.

Error - 28.1.2014 14:23:52 | Computer Name = Magdalena-ACER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 10996
seconds with 1740 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 1.2.2014 11:38:53 | Computer Name = Magdalena-ACER | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error - 1.2.2014 18:00:52 | Computer Name = Magdalena-ACER | Source = DCOM | ID = 10010
Description =

Error - 1.2.2014 18:12:09 | Computer Name = Magdalena-ACER | Source = volmgr | ID = 262193
Description = Konfigurace stránkovacího souboru pro výpis stavu systému se nezdařila.
Přesvědčte se, zda na spouštěcím oddílu disku je stránkovací soubor a zda je na
něm dostatek místa pro uložení obsahu celé fyzické paměti.

Error - 1.2.2014 18:12:20 | Computer Name = Magdalena-ACER | Source = volmgr | ID = 262193
Description = Konfigurace stránkovacího souboru pro výpis stavu systému se nezdařila.
Přesvědčte se, zda na spouštěcím oddílu disku je stránkovací soubor a zda je na
něm dostatek místa pro uložení obsahu celé fyzické paměti.

Error - 1.2.2014 18:12:34 | Computer Name = Magdalena-ACER | Source = Service Control Manager | ID = 7000
Description =

Error - 1.2.2014 18:14:02 | Computer Name = Magdalena-ACER | Source = Service Control Manager | ID = 7022
Description =

Error - 4.2.2014 5:45:47 | Computer Name = Magdalena-ACER | Source = volmgr | ID = 262193
Description = Konfigurace stránkovacího souboru pro výpis stavu systému se nezdařila.
Přesvědčte se, zda na spouštěcím oddílu disku je stránkovací soubor a zda je na
něm dostatek místa pro uložení obsahu celé fyzické paměti.

Error - 4.2.2014 5:45:59 | Computer Name = Magdalena-ACER | Source = volmgr | ID = 262193
Description = Konfigurace stránkovacího souboru pro výpis stavu systému se nezdařila.
Přesvědčte se, zda na spouštěcím oddílu disku je stránkovací soubor a zda je na
něm dostatek místa pro uložení obsahu celé fyzické paměti.

Error - 4.2.2014 5:46:13 | Computer Name = Magdalena-ACER | Source = Service Control Manager | ID = 7000
Description =

Error - 4.2.2014 5:47:38 | Computer Name = Magdalena-ACER | Source = Service Control Manager | ID = 7022
Description =


< End of report >

[Márty84]

Jestli tam ted ten profil je, smazte ho.

Vypnete antivir, at nebrani programu v praci.
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[ClearAllRestorePoints]

:services
gupdate
SkypeUpdate
gupdatem
gusvc

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1464193139-767828990-2745750160-1000Core1ce81294d8ec796.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1464193139-767828990-2745750160-1000UA1ce8129508cec66.job
C:\Windows\tasks\Malwarebytes Anti-Exploit.job

:otl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://cs.intl.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
IE - HKLM\..\SearchScopes,DefaultScope = {DECA3892-BA8F-44b8-A993-A466AD694AE4}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No CLSID value found.
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[15 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[31 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\d466afb6be5767b9d088613852f47744\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d466afb6be5767b9d088613852f47744\*.tmp -> ]
[202 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:A95A95AC
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:0A73A758
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:B203B914
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:AA9519A6
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:94188BC6
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:9F683177

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=-
"SunJavaUpdateSched"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"=-
"Skype"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Search Protection]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetPanel]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

[martivan]

Uff, něco je špatně.
Spustila jsem OTL podle návodu. Aplikace začala pracovat, po chvíli vypnula Průzkumníka a poté upadla a vyhodila okno, že kvůli chybě programu ukončila činnost. Odklikla jsem OK, ale Průzkumník už zpátky nenaběhl. Aktivní zůstalo okno notepadu, kam jsem si předtím vykopírovala ten kód ke vložení do OTL. Počítač nebyl zamrzlý, takže jsem přes trojkombinaci vyvolala Správce úloh a přes něj spustila Průzkumníka. Ten naběhl, ALE... na ploše mám pozadí od svého profilu, jenže ikony od admina (nejspíš). Při klepnutí na winsowsí klávesu vyběhne taky nabídka admina, včetně jeho ikony. Při volbě přepnout uživatele jsem v nabídce profilů přihlášená ve svém profilu, v adminovském ne, ale pokud se vrátím do svého profilu, stále tam mám stav popsaný výše (kombinace mého a adminího profilu). Kromě toho mi připadá divné, že na ploše jsou dva soubory desktop.ini s poloprůhlednými ikonami, jeden z 27. dubna 2007 (282 b) a druhý ze 3. února 2011 (vytvořeno 2. listopadu 2006, změněno 3. února 2011, otevřeno 2.listopadu 2006; 174 b). Kromě toho jsou tam ikony aplikací, které tam byly, a 4 textové soubory RKreport a složka RK_Quarantine.

[Márty84]

Pc restartujte do nouzoveho rezimu a provedte krok s OTL v nem.


Na se tyka tech souboru desktop.ini....
Zrejme se odkryly skryte a systemove soubory a slozky
http://www.tipypropc.cz/jak-v-pruzkumni ... e-soubory/
Akorat vy je samozrejme misto zobrazeni nechate skryt.