WS.malware.2

[Bluefox151]

Dobrý den,
Norton 360 hlásí WS.Malware.2, když se ho pokusím opravit objeví se BSOD. Pomůžete mi prosím?

S pozdravem Filip

[Bluefox151]

c:\User\MSI\AppData\Roaming\google.exe


FRST log:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by MSI (administrator) on GAARAOFTHESAND on 31-03-2015 20:40:05
Running from C:\Users\MSI\Desktop
Loaded Profiles: MSI (Available profiles: MSI)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Hi-Rez Studios) D:\Hry\Smite\HiPatchService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
(n6WRe2) C:\Users\MSI\AppData\Roaming\windows.exe
() C:\Users\MSI\AppData\Roaming\google.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(KYE) C:\Program Files (x86)\Manticore\MTHid.exe
() C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Filefacts.net) C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe
() C:\Program Files (x86)\Genius\DeathTaker\trayicon.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
() C:\Windows\inf\msubckje\msubckje.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-27] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [LogMeIn GUI] => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
HKLM\...\Run: [225659c6fa2732024934dc96358cf4cb] => C:\Users\MSI\AppData\Roaming\windows.exe [120832 2015-03-29] (n6WRe2)
HKLM\...\Run: [0d3375618302c289613b400989a76e30] => C:\Users\MSI\AppData\Roaming\google.exe [107520 2015-03-31] ()
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Manticore] => C:\Program Files (x86)\Manticore\MThid.exe [293376 2013-02-01] (KYE)
HKLM-x32\...\Run: [DeathTaker] => C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe [303616 2013-04-03] ()
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [mncxgsfSrv] => C:\Windows\system32\mncxgsf.vbe
HKLM-x32\...\Run: [mncrvthSrv] => C:\Windows\system32\mncrvth.vbe
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2014-03-11] (Power Software Ltd)
HKLM-x32\...\Run: [Smart File Advisor] => C:\Program Files (x86)\Smart File Advisor\sfa.exe [283248 2014-10-10] (Filefacts.net)
HKLM-x32\...\Run: [SFAUpdater] => C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe [655472 2014-10-10] (Filefacts.net)
HKLM-x32\...\Run: [mnclhmpSrv] => C:\Windows\system32\mnclhmp.vbe
HKLM-x32\...\Run: [msqicqSrv] => C:\Windows\SysWOW64\msqicq.vbe [649 2014-07-06] ()
HKLM-x32\...\Run: [NtVdmSrv] => C:\Windows\inf\ntvdm.vbe [1219 2013-06-20] ()
HKLM-x32\...\Run: [MSStp] => C:\Windows\inf\msstp.vbe [1584 2014-03-06] ()
HKLM-x32\...\Run: [mncgihywlSrv] => C:\Windows\system32\mncgihywl.vbe
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1949592 2015-02-14] (APN)
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Run: [ISUSPM] => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Run: [MKLOL] => "C:\Program Files (x86)\MKJogo\MKLOL\MK.exe" -auto
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Run: [cz.seznam.software.autoupdate] => "C:\Users\MSI\AppData\Roaming\Seznam.cz\szninstall.exe" -c
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Run: [cz.seznam.software.szndesktop] => "C:\Users\MSI\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Run: [Adobe Drivers] => C:\WINDOWS\system32\Windows Firewall\config\svchost.exe
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Run: [BackgroundContainerV2] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\MSI\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Run: [Facebook Update] => C:\Users\MSI\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-10-24] (Facebook Inc.)
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Run: [225659c6fa2732024934dc96358cf4cb] => C:\Users\MSI\AppData\Roaming\windows.exe [120832 2015-03-29] (n6WRe2)
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Run: [0d3375618302c289613b400989a76e30] => C:\Users\MSI\AppData\Roaming\google.exe [107520 2015-03-31] ()
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\MountPoints2: H - H:\Setup.exe
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\MountPoints2: {1b961140-f986-11e3-9ea2-d43d7ef31bec} - H:\autorun.exe
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\MountPoints2: {23c9cbaa-85f5-11e3-a409-806e6f6e6963} - E:\setup.exe
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\MountPoints2: {51eee015-5c47-11e4-9f4e-d43d7ef31bec} - H:\Setup.exe
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\MountPoints2: {68c48d93-0278-11e4-adc0-d43d7ef31bec} - K:\setup.exe
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Winlogon: [Shell] C:\Windows\expstart.exe [925184 2015-03-24] () <==== ATTENTION
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-01-28] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{7411487A-FF21-481E-AB53-BF27FF30E042}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0d3375618302c289613b400989a76e30.exe ()
Startup: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\225659c6fa2732024934dc96358cf4cb.exe ()
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/secur ... =21.6.0.32
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/secur ... =21.6.0.32
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/secur ... =21.6.0.32
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.reerd.com
URLSearchHook: HKLM-x32 - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Users\MSI\AppData\LocalLow\BS_Player_ControlBar\prxtbBS_0.dll (ClientConnect Ltd.)
URLSearchHook: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Users\MSI\AppData\LocalLow\BS_Player_ControlBar\prxtbBS_0.dll (ClientConnect Ltd.)
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {0D260770-E6F9-423F-8ABF-BC0A10C2CC56} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {20FCDCFE-F4B1-4FDD-B82A-58F76992265B} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {24FE2CFC-8C15-477B-8E29-8F5C7A8C77EE} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {4A216A52-C0D3-4D86-8570-178823E0238D} URL = http://www.mapy.cz/?query={searchTerms} ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {5BEAC1C7-247C-414D-9105-DE094692BB67} URL = http://search.conduit.com/ResultsExt.as ... 32615&UM=1
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {961CA2F3-9139-4F44-94F4-359CEEA9E064} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {B461C106-836A-4F19-9249-28402DAEB27A} URL = http://www.novinky.cz/hledej?w={searchT ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {B90FF399-4517-4634-9E1F-B331D6C96EE2} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {E2837E77-2E07-4413-AD67-38FA914A4B8F} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {EB188080-C56D-4159-AB86-5FC3201C404D} URL = http://encyklopedie.seznam.cz/search?q= ... arch_16194
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-22] (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> D:\Hry\ARC\Arc\Plugins\ArcPluginIE.dll [2014-12-18] (Perfect World Entertainment Inc)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-22] (Oracle Corporation)
BHO-x32: BS Player ControlBar Toolbar -> {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} -> C:\Users\MSI\AppData\LocalLow\BS_Player_ControlBar\prxtbBS_0.dll [2014-04-10] (ClientConnect Ltd.)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Users\MSI\AppData\LocalLow\BS_Player_ControlBar\prxtbBS_0.dll [2014-04-10] (ClientConnect Ltd.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> No Name - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\MSI\AppData\Roaming\Mozilla\Firefox\Profiles\bl1y1xf2.default
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3321459&octid ... 891205EACF
FF DefaultSearchEngine: Trovi search
FF SelectedSearchEngine: Trovi search
FF Homepage: hxxp://www.reerd.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-17] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> D:\Hry\ARC\Arc\Plugins\npArcPluginFF.dll [2014-12-18] (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-31] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3133602536-102226362-2941794219-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\MSI\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3133602536-102226362-2941794219-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\MSI\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-04] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\MSI\AppData\Roaming\Mozilla\Firefox\Profiles\bl1y1xf2.default\user.js [2014-08-18]
FF SearchPlugin: C:\Users\MSI\AppData\Roaming\Mozilla\Firefox\Profiles\bl1y1xf2.default\searchplugins\trovi-search.xml [2014-07-19]
FF Extension: Seznam lištička - C:\Users\MSI\AppData\Roaming\Mozilla\Firefox\Profiles\bl1y1xf2.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-12-15]
FF Extension: Firefox Old Version Update Hotfix - C:\Users\MSI\AppData\Roaming\Mozilla\Firefox\Profiles\bl1y1xf2.default\Extensions\firefox-hotfix@mozilla.org.xpi [2014-12-09]
FF Extension: Hotspot Shield Helper (Please allow this installation) - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.0.47\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2015-03-31]

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "hxxp://www.reerd.com/"
CHR DefaultSuggestURL: Default -> http://ssmsp.ask.com/query?sstype=prefi ... earchTerms}
CHR Profile: C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-31]
CHR Extension: (Google Docs) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-31]
CHR Extension: (Google Drive) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-31]
CHR Extension: (Twisted Fate) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\behhgldcbkbflalpfcoaoaihjeekahip [2015-03-31]
CHR Extension: (YouTube) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-31]
CHR Extension: (Google Search) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-31]
CHR Extension: (Google Sheets) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-31]
CHR Extension: (New Tab Redirect) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2015-03-31]
CHR Extension: (Google Wallet) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-31]
CHR Extension: (Gmail) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2015-02-14]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-21]
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-24]
CHR HKLM-x32\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2015-02-14]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-21]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [177560 2015-01-31] (APN LLC.)
S3 ArcService; D:\Hry\ARC\Arc\ArcService.exe [88400 2014-12-18] (Perfect World Entertainment Inc)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2014-10-29] (BitRaider, LLC)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-06-26] (BitRaider, LLC)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2013-11-21] (Futuremark)
U2 HiPatchService; D:\Hry\Smite\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [180200 2013-02-13] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-17] (Intel Corporation)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [29728 2013-05-28] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\N360.exe [265000 2015-03-07] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3191392 2014-05-15] (INCA Internet Co., Ltd.)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2013-12-09] (Qualcomm Atheros) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2014-11-27] (Microsoft Corporation) [File not signed]
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [80080 2013-11-08] (Qualcomm Atheros, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20150321.001\BHDrvx64.sys [1622744 2015-02-03] (Symantec Corporation)
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-06-27] (BitRaider)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-03] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20150330.001\IDSvia64.sys [671448 2015-03-27] (Symantec Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-02-13] ()
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
S4 LMIRfsClientNP; No ImagePath
S3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150330.032\ENG64.SYS [129752 2015-03-31] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150330.032\EX64.SYS [2137304 2015-03-31] (Symantec Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-06-21] (Duplex Secure Ltd.)
S1 SRTSP; C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-06-21] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-03-31] ()
U3 ae61ry1b; C:\Windows\System32\Drivers\ae61ry1b.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero size file/folder)
S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X]
S3 BlueletSCOAudio; system32\DRIVERS\BlueletSCOAudio.sys [X]
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S0 BTHidEnum; System32\Drivers\vbtenum.sys [X]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-31 20:40 - 2015-03-31 20:40 - 00032509 _____ () C:\Users\MSI\Desktop\FRST.txt
2015-03-31 20:39 - 2015-03-31 20:40 - 00000000 ____D () C:\FRST
2015-03-31 20:39 - 2015-03-31 20:39 - 02095616 _____ (Farbar) C:\Users\MSI\Downloads\FRST64.exe
2015-03-31 20:39 - 2015-03-31 20:39 - 02095616 _____ (Farbar) C:\Users\MSI\Desktop\FRST64.exe
2015-03-31 20:04 - 2015-03-31 20:04 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-03-31 19:11 - 2015-03-31 19:11 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-31 19:11 - 2015-03-31 19:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-31 19:10 - 2015-03-31 20:15 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-31 19:10 - 2015-03-31 20:04 - 00000942 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-31 19:10 - 2015-03-31 19:10 - 00003942 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-03-31 19:10 - 2015-03-31 19:10 - 00003690 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-03-31 19:00 - 2015-03-31 19:01 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\MSI\Downloads\SpyHunter-Installer.exe
2015-03-31 18:54 - 2015-03-31 18:54 - 00107520 _____ () C:\Users\MSI\AppData\Roaming\google.exe
2015-03-29 19:52 - 2015-03-29 19:52 - 09242612 _____ () C:\Users\MSI\Downloads\SasukeMod.rar
2015-03-29 19:26 - 2015-03-29 19:26 - 01197921 _____ () C:\Windows\unins002.exe
2015-03-29 19:26 - 2015-03-29 19:26 - 00007159 _____ () C:\Windows\unins002.dat
2015-03-29 19:25 - 2015-03-29 19:25 - 00892635 _____ (Seemann, Deji, Alien ) C:\Users\MSI\Downloads\CLEO4_setup.exe
2015-03-29 19:06 - 2015-03-29 19:06 - 00019038 _____ () C:\Users\MSI\Downloads\gtapoweroftheninjastrelok_1328793412.torrent
2015-03-29 18:58 - 2015-03-29 19:43 - 00000000 ____D () C:\Users\MSI\Documents\GTA San Andreas User Files
2015-03-29 17:37 - 2015-03-29 18:57 - 754051051 _____ () C:\Users\MSI\Downloads\GTA-San-Andreas (2).rar
2015-03-29 17:30 - 2015-03-31 20:40 - 00020512 _____ () C:\Users\MSI\AppData\Roaming\windows.exe.tmp
2015-03-29 17:30 - 2015-03-29 17:30 - 00120832 _____ (n6WRe2) C:\Users\MSI\AppData\Roaming\windows.exe
2015-03-29 14:49 - 2015-03-29 14:49 - 00529107 _____ () C:\Users\MSI\Downloads\all-r90_b115.zip
2015-03-25 08:00 - 2015-03-11 06:06 - 00943616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-25 08:00 - 2015-03-11 06:06 - 00760832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-25 08:00 - 2015-03-11 06:06 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-25 08:00 - 2015-03-11 06:06 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-25 08:00 - 2015-03-11 06:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-25 08:00 - 2015-03-11 06:05 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-25 08:00 - 2015-03-11 06:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-25 08:00 - 2015-03-11 06:02 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-24 22:14 - 2015-03-24 22:32 - 00000867 _____ () C:\Users\Public\Desktop\Mass Effect 3.lnk
2015-03-24 08:13 - 2015-03-24 08:13 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2015-03-21 21:22 - 2015-03-21 21:22 - 00000684 _____ () C:\Users\Public\Desktop\Mass Effect 2.lnk
2015-03-21 21:22 - 2015-03-21 21:22 - 00000000 ____D () C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP
2015-03-21 21:22 - 2015-03-21 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 2
2015-03-21 21:15 - 2015-03-21 21:22 - 00018137 _____ () C:\Users\MSI\Documents\Install Mass Effect 2.log
2015-03-21 20:20 - 2015-03-21 20:20 - 00792416 _____ (Shark Labs) C:\Users\MSI\Downloads\CFSetup381.exe
2015-03-21 20:20 - 2015-03-21 20:20 - 00000000 ____D () C:\Program Files (x86)\Clownfish
2015-03-21 17:47 - 2015-03-21 17:47 - 00712597 _____ (Remote Mouse ) C:\Users\MSI\Downloads\RemoteMouse (1).exe
2015-03-19 18:21 - 2015-03-19 18:22 - 03739096 _____ () C:\Users\MSI\Downloads\bandicam-2015-03-19-17-20-08-286.avi
2015-03-18 22:47 - 2015-03-18 22:47 - 00000764 _____ () C:\Users\Public\Desktop\Heroes of the Storm.lnk
2015-03-18 22:47 - 2015-03-18 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2015-03-18 22:35 - 2015-03-18 22:35 - 00000733 _____ () C:\Users\Public\Desktop\Star Wars The Force Unleashed 2.lnk
2015-03-18 22:35 - 2015-03-18 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Wars The Force Unleashed 2
2015-03-18 15:26 - 2015-03-18 15:26 - 00000671 _____ () C:\Users\Public\Desktop\Mass Effect.lnk
2015-03-18 15:26 - 2015-03-18 15:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect
2015-03-16 20:46 - 2015-03-16 20:46 - 00000790 _____ () C:\Users\MSI\Desktop\Counter-Strike 1.6.lnk
2015-03-16 20:46 - 2015-03-16 20:46 - 00000740 _____ () C:\Users\MSI\Desktop\Half-Life.lnk
2015-03-16 20:46 - 2015-03-16 20:46 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2015-03-16 20:33 - 2015-03-16 20:41 - 283749156 _____ (Valve ) C:\Users\MSI\Downloads\cs16full_v42i_cskocz.exe
2015-03-16 08:24 - 2015-03-16 08:24 - 00288588 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2015-03-16 08:24 - 2015-03-16 08:24 - 00284788 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2015-03-15 15:34 - 2015-03-15 15:34 - 00000996 _____ () C:\Users\MSI\Desktop\GameSpy Arcade.lnk
2015-03-15 15:34 - 2015-03-15 15:34 - 00000695 _____ () C:\Users\Public\Desktop\Halo.lnk
2015-03-15 15:34 - 2015-03-15 15:34 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2015-03-15 15:34 - 2015-03-15 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2015-03-15 15:34 - 2015-03-15 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2015-03-15 15:34 - 2015-03-15 15:34 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2015-03-15 15:34 - 2015-03-15 15:34 - 00000000 ____D () C:\Program Files (x86)\GameSpy Arcade
2015-03-15 14:45 - 2015-03-15 15:21 - 641996800 _____ () C:\Users\MSI\Downloads\Halo-Combat-Evolved.iso
2015-03-15 11:49 - 2015-03-24 22:52 - 00000000 ____D () C:\Users\MSI\Documents\BioWare
2015-03-15 01:01 - 2015-03-15 01:02 - 11422713 _____ () C:\Users\MSI\Downloads\starmann65---Synthesia-Dream-s-2k11.zip
2015-03-15 00:47 - 2015-03-15 00:48 - 11838703 _____ () C:\Users\MSI\Downloads\Synthesia.rar
2015-03-15 00:42 - 2015-03-15 01:07 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\Synthesia
2015-03-15 00:42 - 2015-03-15 01:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthesia
2015-03-15 00:42 - 2015-03-15 01:03 - 00000000 ____D () C:\Program Files (x86)\Synthesia
2015-03-15 00:42 - 2015-03-15 00:42 - 00001913 _____ () C:\Users\Public\Desktop\Synthesia.lnk
2015-03-15 00:41 - 2015-03-15 00:41 - 03772184 _____ (Synthesia LLC) C:\Users\MSI\Downloads\Synthesia-10.1-installer.exe
2015-03-15 00:25 - 2015-03-15 00:25 - 00003040 _____ () C:\Windows\System32\Tasks\{B76583C1-6545-4388-9C33-6AB05BFA5B9C}
2015-03-11 20:06 - 2015-03-11 20:06 - 00000000 _____ () C:\Users\MSI\Downloads\stažený soubor.htm
2015-03-11 08:17 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 08:17 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 08:17 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 08:17 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 08:17 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 08:17 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 08:17 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 08:17 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 08:17 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 08:17 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 08:17 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 08:17 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 08:17 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 08:17 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 08:17 - 2015-02-24 05:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 08:17 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 08:17 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 08:17 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 08:17 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 08:17 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 08:17 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 08:17 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 08:17 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 08:17 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 08:17 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 08:17 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 08:17 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 08:17 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 08:17 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 08:17 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 08:17 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 08:17 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 08:17 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 08:17 - 2015-02-20 05:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 08:17 - 2015-02-20 05:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 08:17 - 2015-02-20 04:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 08:17 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 08:17 - 2015-02-20 04:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 08:17 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 08:17 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 08:17 - 2015-02-20 04:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 08:17 - 2015-02-20 04:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 08:17 - 2015-02-20 04:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 08:17 - 2015-02-20 04:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 08:17 - 2015-02-20 04:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 08:17 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 08:17 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 08:17 - 2015-02-20 04:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 08:17 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 08:17 - 2015-02-20 04:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 08:17 - 2015-02-20 04:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 08:17 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 08:17 - 2015-02-20 04:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 08:17 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 08:17 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 08:17 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 08:17 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 08:17 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 08:17 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 08:17 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 08:17 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 08:17 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 08:17 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 08:17 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 08:17 - 2015-02-20 03:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 08:17 - 2015-02-20 03:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 08:17 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 08:17 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 08:17 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 08:17 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 08:17 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 08:17 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 08:17 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 08:17 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 08:17 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 08:17 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 08:17 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 08:17 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 08:17 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 08:17 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 08:17 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 08:17 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 08:17 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 08:17 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 08:17 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 08:17 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 08:17 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 08:17 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 08:17 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 08:17 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 08:17 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 08:17 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 08:17 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 08:17 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 08:17 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 08:17 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 08:17 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 08:17 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 08:17 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 08:17 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 08:17 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 08:17 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 08:17 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 08:17 - 2015-01-31 05:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 08:17 - 2015-01-31 05:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 08:17 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 08:17 - 2015-01-31 01:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 08:17 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 08:17 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 08:17 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 08:16 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 08:16 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-08 20:01 - 2015-03-08 20:01 - 00026156 _____ () C:\Users\MSI\Downloads\[HorribleSubs] Shinmai Maou no Testament - 09 [720p].mkv.torrent
2015-03-08 16:45 - 2015-03-08 16:45 - 00002168 _____ () C:\Users\MSI\Desktop\Dawn of War - Dark Crusade.lnk
2015-03-08 16:44 - 2015-03-08 16:44 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\THQ
2015-03-08 16:43 - 2015-03-08 16:43 - 00000000 ____D () C:\Program Files (x86)\THQ
2015-03-08 16:41 - 2015-03-08 16:41 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\InstallShield
2015-03-08 15:00 - 2015-03-08 15:00 - 00276688 _____ () C:\Windows\Minidump\030815-12760-01.dmp
2015-03-07 22:42 - 2015-03-07 22:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CUT2 Evolution
2015-03-07 22:19 - 2015-03-07 22:19 - 00003138 _____ () C:\Windows\System32\Tasks\{F4733665-5BED-4F24-998A-CB329E5641CD}
2015-03-07 22:19 - 2006-07-17 12:25 - 34950005 _____ () C:\Users\MSI\Downloads\JunkWarv110Beta.ut4mod
2015-03-07 22:18 - 2015-03-07 22:19 - 17072060 _____ () C:\Users\MSI\Downloads\JunkWarv110Beta.exe
2015-03-07 22:17 - 2015-03-07 22:18 - 08180262 _____ () C:\Users\MSI\Downloads\arkon2004_v40-1.zip
2015-03-07 22:17 - 2015-03-07 22:17 - 13323776 _____ () C:\Users\MSI\Downloads\ut2004-winpatch3369.exe
2015-03-07 22:15 - 2015-03-07 22:15 - 00000881 _____ () C:\Users\MSI\Desktop\Play UT2004.lnk
2015-03-07 22:15 - 2015-03-07 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Tournament 2004
2015-03-05 22:35 - 2015-03-05 22:35 - 00276688 _____ () C:\Windows\Minidump\030515-8814-01.dmp
2015-03-05 08:13 - 2015-03-05 08:13 - 00262144 ____N () C:\Windows\Minidump\030515-9110-01.dmp
2015-03-04 19:38 - 2015-03-04 19:38 - 00276688 _____ () C:\Windows\Minidump\030415-8689-01.dmp
2015-03-04 17:20 - 2015-03-04 17:21 - 29720272 _____ () C:\Users\MSI\Downloads\SWTOR_setup.exe
2015-03-04 16:44 - 2015-03-04 16:44 - 00000000 ____D () C:\ProgramData\Installations
2015-03-03 21:46 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-03-03 21:46 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-03-03 21:46 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-03-03 21:46 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-03-02 01:13 - 2015-03-02 01:13 - 00276688 _____ () C:\Windows\Minidump\030215-9406-01.dmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-31 20:30 - 2014-10-24 14:24 - 00000920 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3133602536-102226362-2941794219-1000UA.job
2015-03-31 20:11 - 2009-07-14 06:45 - 00020880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-31 20:11 - 2009-07-14 06:45 - 00020880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-31 20:09 - 2009-07-14 17:18 - 06094662 _____ () C:\Windows\system32\perfh005.dat
2015-03-31 20:09 - 2009-07-14 17:18 - 01975424 _____ () C:\Windows\system32\perfc005.dat
2015-03-31 20:09 - 2009-07-14 07:13 - 00006228 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-31 20:07 - 2014-01-25 21:22 - 01233134 _____ () C:\Windows\WindowsUpdate.log
2015-03-31 20:05 - 2014-04-18 07:45 - 00000330 _____ () C:\Users\MSI\rgut
2015-03-31 20:04 - 2014-01-25 23:37 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\Skype
2015-03-31 20:04 - 2014-01-25 21:57 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-03-31 20:03 - 2014-01-25 21:37 - 01379874 _____ () C:\Windows\PFRO.log
2015-03-31 20:03 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-31 20:03 - 2009-07-14 06:51 - 00133367 _____ () C:\Windows\setupact.log
2015-03-31 19:56 - 2014-01-26 02:06 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-31 19:11 - 2014-01-25 21:34 - 00000000 ____D () C:\Users\MSI\AppData\Local\Google
2015-03-31 19:11 - 2014-01-25 21:34 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-31 19:10 - 2014-12-14 12:17 - 00000000 ____D () C:\Users\MSI\AppData\Local\Deployment
2015-03-31 14:30 - 2014-10-24 14:24 - 00000898 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3133602536-102226362-2941794219-1000Core.job
2015-03-31 07:08 - 2014-10-07 01:09 - 00000030 _____ () C:\Users\MSI\AppData\Roaming\msquiku.dat
2015-03-30 19:52 - 2014-02-21 23:14 - 00000000 ____D () C:\Users\MSI\AppData\Local\Battle.net
2015-03-29 19:57 - 2014-01-27 00:39 - 00000000 ____D () C:\Users\MSI\AppData\Local\CrashDumps
2015-03-29 19:06 - 2014-01-29 17:05 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\uTorrent
2015-03-29 18:58 - 2014-02-01 11:47 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-03-28 20:25 - 2014-02-06 23:12 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\TS3Client
2015-03-28 10:22 - 2015-01-16 21:37 - 00000000 ____D () C:\Users\MSI\AppData\Local\Warframe
2015-03-25 16:12 - 2014-10-11 08:28 - 00000448 ____H () C:\Windows\Tasks\Norton Security Scan for MSI.job
2015-03-25 15:43 - 2014-06-22 08:20 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Identity Safe
2015-03-25 15:04 - 2014-12-11 16:32 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-25 15:04 - 2014-08-11 12:50 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-24 22:30 - 2014-02-12 22:31 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-03-24 22:14 - 2014-12-20 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2015-03-24 19:10 - 2014-01-25 23:47 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2015-03-24 18:52 - 2014-11-21 20:50 - 00925184 _____ () C:\Windows\expstart.exe
2015-03-24 15:33 - 2014-06-21 08:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe
2015-03-24 15:33 - 2014-06-21 08:29 - 00000000 ____D () C:\Windows\system32\Drivers\NSTx64
2015-03-24 08:08 - 2014-06-21 08:36 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2015-03-24 08:08 - 2014-06-21 08:36 - 00002319 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2015-03-24 08:08 - 2014-06-21 08:35 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2015-03-24 08:08 - 2014-06-21 08:35 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2015-03-21 21:22 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-21 17:51 - 2014-02-09 21:08 - 00000056 _____ () C:\Windows\wincheater.ini
2015-03-21 09:44 - 2014-08-26 23:41 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-03-18 23:10 - 2015-02-23 23:17 - 00000000 ____D () C:\Users\MSI\Documents\Heroes of the Storm
2015-03-18 23:08 - 2014-01-25 22:04 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-03-17 16:17 - 2014-08-16 08:55 - 00000000 ____D () C:\Games
2015-03-15 15:51 - 2014-01-26 00:52 - 00000000 ____D () C:\Users\MSI\Documents\My Games
2015-03-15 11:06 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-15 00:27 - 2014-01-26 00:51 - 00375522 _____ () C:\Windows\DirectX.log
2015-03-14 22:20 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-11 18:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-03-11 16:58 - 2009-07-14 06:45 - 00410256 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-11 16:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-11 16:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 08:30 - 2014-01-28 21:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-11 08:28 - 2014-01-27 07:39 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 08:25 - 2014-01-27 07:39 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-08 16:43 - 2014-01-25 21:32 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-08 15:00 - 2014-01-26 17:53 - 00000000 ____D () C:\Windows\Minidump
2015-03-04 08:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing

==================== Files in the root of some directories =======

2015-03-31 18:54 - 2015-03-31 18:54 - 0107520 _____ () C:\Users\MSI\AppData\Roaming\google.exe
2014-10-07 01:09 - 2014-10-07 01:09 - 0009197 _____ () C:\Users\MSI\AppData\Roaming\mskwdgi.dat
2014-10-07 01:09 - 2015-03-31 07:08 - 0000030 _____ () C:\Users\MSI\AppData\Roaming\msquiku.dat
2015-02-03 22:10 - 2015-02-03 22:10 - 0000094 _____ () C:\Users\MSI\AppData\Roaming\settings.xml
2015-03-29 17:30 - 2015-03-29 17:30 - 0120832 _____ (n6WRe2) C:\Users\MSI\AppData\Roaming\windows.exe
2015-03-29 17:30 - 2015-03-31 20:40 - 0020512 _____ () C:\Users\MSI\AppData\Roaming\windows.exe.tmp
2015-01-16 00:30 - 2015-01-16 00:30 - 0003584 _____ () C:\Users\MSI\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-07 12:12 - 2014-09-07 12:15 - 0000000 _____ () C:\Users\MSI\AppData\Local\Driver_LOM_8161Present.flag
2014-01-25 21:32 - 2014-09-07 12:14 - 0000690 _____ () C:\Users\MSI\AppData\Local\killertool.log
2014-10-22 21:41 - 2014-10-22 21:41 - 0000000 ___SH () C:\Users\MSI\AppData\Local\LumaEmu
2015-01-18 10:30 - 2015-01-18 10:30 - 0000000 _____ () C:\Users\MSI\AppData\Local\{5D3DDE03-8D9A-49D1-A2D4-BC2CBE87EBD7}

Some content of TEMP:
====================
C:\Users\MSI\AppData\Local\Temp\devcon64.exe
C:\Users\MSI\AppData\Local\Temp\ose00001.exe
C:\Users\MSI\AppData\Local\Temp\_is17F3.exe
C:\Users\MSI\AppData\Local\Temp\_is5151.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-25 16:14

==================== End Of Log ============================

[Bluefox151]

Ahoj,

Udělal jsem jak jste psali výše, a posílám log z Combofixu:

ComboFix 15-04-01.01 - MSI 31.03.2015 21:11:09.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8136.6213 [GMT 2:00]
Spuštěný z: c:\users\MSI\Desktop\combofix.exe
AV: Norton 360 *Enabled/Updated* {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
FW: Norton 360 *Enabled* {6BFC5632-188D-B806-D13E-C607121B42A0}
SP: Norton 360 *Enabled/Updated* {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
C:\StarCraftII_CZ_1.13.exe
c:\starcraftii_cz_1.13.exe\StarCraftII_CZ_1.13.exe
c:\users\MSI\AppData\Roaming\google.exe
c:\users\MSI\AppData\Roaming\Microsoft\Windows Firewall
c:\users\MSI\AppData\Roaming\Mozilla\Firefox\Profiles\bl1y1xf2.default\searchplugins\trovi-search.xml
c:\users\MSI\AppData\Roaming\windows.exe
c:\users\MSI\AppData\Roaming\windows.exe.tmp
c:\windows\inf\ntvdm.vbe
c:\windows\msxml4-KB954430-enu.LOG
c:\windows\msxml4-KB973688-enu.LOG
D:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-02-28 do 2015-03-31 )))))))))))))))))))))))))))))))
.
.
2015-03-31 18:39 . 2015-03-31 18:40 -------- d-----w- C:\FRST
2015-03-31 18:04 . 2015-03-31 18:42 94656 ----a-w- c:\windows\system32\WPRO_41_2001woem.tmp
2015-03-29 17:26 . 2015-03-29 17:26 1197921 ----a-w- c:\windows\unins002.exe
2015-03-29 15:30 . 2015-03-29 15:30 120832 ----a-w- c:\users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\225659c6fa2732024934dc96358cf4cb.exe
2015-03-29 15:29 . 2015-03-31 16:54 107520 ----a-w- c:\users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0d3375618302c289613b400989a76e30.exe
2015-03-25 06:00 . 2015-03-11 04:06 677888 ----a-w- c:\windows\system32\generaltel.dll
2015-03-25 06:00 . 2015-03-11 04:06 760832 ----a-w- c:\windows\system32\invagent.dll
2015-03-25 06:00 . 2015-03-11 04:06 414720 ----a-w- c:\windows\system32\devinv.dll
2015-03-25 06:00 . 2015-03-11 04:06 943616 ----a-w- c:\windows\system32\appraiser.dll
2015-03-25 06:00 . 2015-03-11 04:05 30720 ----a-w- c:\windows\system32\acmigration.dll
2015-03-25 06:00 . 2015-03-11 04:05 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-03-25 06:00 . 2015-03-11 04:05 192000 ----a-w- c:\windows\system32\aepic.dll
2015-03-25 06:00 . 2015-03-11 04:02 1107456 ----a-w- c:\windows\system32\aeinv.dll
2015-03-24 13:17 . 2015-03-24 13:17 -------- d-----w- c:\windows\system32\drivers\NSTx64\7DE070B0.02A
2015-03-21 19:22 . 2015-03-21 19:22 -------- d-----w- c:\windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP
2015-03-21 19:22 . 2015-03-21 19:22 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2015-03-21 19:06 . 2015-03-24 06:08 -------- d-----w- c:\windows\system32\drivers\N360x64\1507000.00B
2015-03-21 18:20 . 2015-03-21 18:20 -------- d-----w- c:\program files (x86)\Clownfish
2015-03-15 13:34 . 2015-03-15 13:34 -------- d-----w- c:\program files (x86)\GameSpy Arcade
2015-03-15 13:34 . 2015-03-15 13:34 -------- d-----w- c:\program files (x86)\MSXML 4.0
2015-03-14 22:42 . 2015-03-14 23:07 -------- d-----w- c:\users\MSI\AppData\Roaming\Synthesia
2015-03-14 22:42 . 2015-03-14 23:03 -------- d-----w- c:\program files (x86)\Synthesia
2015-03-11 06:16 . 2015-02-04 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2015-03-11 06:16 . 2015-02-04 02:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2015-03-08 14:43 . 2015-03-08 14:43 -------- d-----w- c:\program files (x86)\THQ
2015-03-08 14:41 . 2015-03-08 14:41 -------- d-----w- c:\users\MSI\AppData\Roaming\InstallShield
2015-03-04 14:44 . 2015-03-04 14:44 -------- d-----w- c:\programdata\Installations
2015-03-03 19:46 . 2015-01-09 03:14 91136 ----a-w- c:\windows\system32\wdi.dll
2015-03-03 19:46 . 2015-01-09 03:14 950272 ----a-w- c:\windows\system32\perftrack.dll
2015-03-03 19:46 . 2015-01-09 03:14 29696 ----a-w- c:\windows\system32\powertracker.dll
2015-03-03 19:46 . 2015-01-09 02:48 76800 ----a-w- c:\windows\SysWow64\wdi.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-31 18:42 . 2014-01-25 19:57 34752 ----a-w- c:\windows\system32\drivers\WPRO_41_2001.sys
2015-03-24 16:52 . 2014-11-21 18:50 925184 ----a-w- c:\windows\expstart.exe
2015-03-11 06:25 . 2014-01-27 05:39 122905848 ----a-w- c:\windows\system32\MRT.exe
2015-03-06 05:42 . 2015-03-11 06:17 341504 ----a-w- c:\windows\system32\schannel.dll
2015-03-06 05:10 . 2015-03-11 06:17 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-02-05 15:56 . 2014-01-26 00:06 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-05 15:56 . 2014-01-26 00:06 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-28 22:15 . 2015-01-28 22:15 684313 ----a-w- c:\windows\SysWow64\unins000.exe
2015-01-27 23:36 . 2015-02-11 13:16 1239720 ----a-w- c:\windows\system32\aitstatic.exe
2015-01-22 14:37 . 2014-10-17 12:10 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\users\MSI\AppData\LocalLow\BS_Player_ControlBar\prxtbBS_0.dll" [2014-04-10 423744]
.
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
2014-04-10 08:59 423744 ----a-w- c:\users\MSI\AppData\LocalLow\BS_Player_ControlBar\prxtbBS_0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\users\MSI\AppData\LocalLow\BS_Player_ControlBar\prxtbBS_0.dll" [2014-04-10 423744]
.
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"BackgroundContainerV2"="c:\users\MSI\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll" [2014-03-31 325952]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-01-23 31087200]
"Xvid"="c:\program files (x86)\Xvid\CheckUpdate.exe" [2011-01-17 8192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Sound Blaster Cinema"="c:\program files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" [2012-11-29 711680]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-09-11 766208]
"Manticore"="c:\program files (x86)\Manticore\MThid.exe" [2013-02-01 293376]
"DeathTaker"="c:\program files (x86)\Genius\DeathTaker\mousehid.exe" [2013-04-03 303616]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2014-03-11 337432]
"Smart File Advisor"="c:\program files (x86)\Smart File Advisor\sfa.exe" [2014-10-10 283248]
"SFAUpdater"="c:\program files (x86)\Smart File Advisor\SFAUpdater.exe" [2014-10-10 655472]
"msqicqSrv"="c:\windows\system32\msqicq.vbe" [2014-07-06 649]
"MSStp"="c:\windows\inf\msstp.vbe" [2014-03-05 1584]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"ApnTBMon"="c:\program files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [2015-02-14 1949592]
.
c:\users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
0d3375618302c289613b400989a76e30.exe [2015-3-31 107520]
225659c6fa2732024934dc96358cf4cb.exe [2015-3-29 120832]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
iSCTsysTray.lnk - c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [2013-2-13 249320]
Killer Network Manager.lnk - c:\windows\Installer\{7411487A-FF21-481E-AB53-BF27FF30E042}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe -minimize [2014-9-7 72040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableRegedit"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ArcService;Arc Service;d:\hry\ARC\Arc\ArcService.exe;d:\hry\ARC\Arc\ArcService.exe [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 BRDriver64;BRDriver64;c:\programdata\BitRaider\BRDriver64.sys;c:\programdata\BitRaider\BRDriver64.sys [x]
R3 BRDriver64_1_3_3_E02B25FC;BRDriver64_1_3_3_E02B25FC;c:\programdata\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys;c:\programdata\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [x]
R3 BRSptStub;BitRaider Mini-Support Service Stub Loader;c:\programdata\BitRaider\BRSptStub.exe;c:\programdata\BitRaider\BRSptStub.exe [x]
R3 BRSptSvc;BitRaider Mini-Support Service;c:\programdata\BitRaider\BRSptSvc.exe;c:\programdata\BitRaider\BRSptSvc.exe [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe [x]
R3 GPUZ;GPUZ;c:\windows\TEMP\GPUZ.sys;c:\windows\TEMP\GPUZ.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 MSICDSetup;MSICDSetup;e:\cdriver64.sys;e:\CDriver64.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;e:\ntiolib_x64.sys;e:\NTIOLib_X64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1507000.00B\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1507000.00B\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1507000.00B\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1507000.00B\SYMEFA64.SYS [x]
S1 BfLwf;Qualcomm Atheros Bandwidth Control;c:\windows\system32\DRIVERS\bflwfx64.sys;c:\windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x]
S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20150321.001\BHDrvx64.sys;c:\program files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20150321.001\BHDrvx64.sys [x]
S1 ccSet_N360;N360 Settings Manager;c:\windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N360x64\1507000.00B\ccSetx64.sys [x]
S1 ccSet_NST;Norton Identity Safe Settings Manager;c:\windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20150330.001\IDSvia64.sys;c:\program files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20150330.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1507000.00B\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\N360x64\1507000.00B\SYMNETS.SYS [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 APNMCP;Ask Update Service;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 ISCTAgent;Intel(R) Smart Connect Technology Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe ;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MSI_Trigger_Service;MSI_Trigger_Service;c:\program files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe;c:\program files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [x]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\21.7.0.11\N360.exe;c:\program files (x86)\Norton 360\Engine\21.7.0.11\N360.exe [x]
S2 NCO;Norton Identity Safe;c:\program files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe;c:\program files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [x]
S2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe [x]
S2 UnsignedThemes;Unsigned Themes;c:\windows\UnsignedThemesSvc.exe;c:\windows\UnsignedThemesSvc.exe [x]
S2 uxpatch;uxpatch;c:\windows\system32\drivers\uxpatch.sys;c:\windows\SYSNATIVE\drivers\uxpatch.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 Ke2200;NDIS Miniport Driver for the Killer e2200 PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\e22w7x64.sys;c:\windows\SYSNATIVE\DRIVERS\e22w7x64.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys;c:\windows\SYSNATIVE\drivers\WPRO_41_2001.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-03-31 17:11 1061704 ----a-w- c:\program files (x86)\Google\Chrome\Application\41.0.2272.101\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-03-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-26 15:56]
.
2015-03-31 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3133602536-102226362-2941794219-1000Core.job
- c:\users\MSI\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-10-24 12:25]
.
2015-03-31 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3133602536-102226362-2941794219-1000UA.job
- c:\users\MSI\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-10-24 12:25]
.
2015-03-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-03-31 17:10]
.
2015-03-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-03-31 17:10]
.
2015-03-25 c:\windows\Tasks\Norton Security Scan for MSI.job
- c:\progra~2\NORTON~4\Engine\410~1.28\Nss.exe [2014-10-11 06:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-06-27 7191768]
"MBCfg64"="c:\windows\system32\MBCfg64.dll" [2013-04-23 34432]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.reerd.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\MSI\AppData\Roaming\Mozilla\Firefox\Profiles\bl1y1xf2.default\
FF - prefs.js: browser.search.selectedEngine - Trovi search
FF - prefs.js: browser.startup.homepage - hxxp://www.reerd.com
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-ISUSPM - c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
Wow6432Node-HKCU-Run-MKLOL - c:\program files (x86)\MKJogo\MKLOL\MK.exe
Wow6432Node-HKCU-Run-cz.seznam.software.autoupdate - c:\users\MSI\AppData\Roaming\Seznam.cz\szninstall.exe
Wow6432Node-HKCU-Run-cz.seznam.software.szndesktop - c:\users\MSI\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
Wow6432Node-HKCU-Run-Adobe Drivers - c:\windows\system32\Windows Firewall\config\svchost.exe
Wow6432Node-HKCU-Run-Remote Mouse - c:\program files (x86)\Remote Mouse\RemoteMouse.exe
Wow6432Node-HKCU-Run-225659c6fa2732024934dc96358cf4cb - c:\users\MSI\AppData\Roaming\windows.exe
Wow6432Node-HKCU-Run-0d3375618302c289613b400989a76e30 - c:\users\MSI\AppData\Roaming\google.exe
Wow6432Node-HKLM-Run-mncxgsfSrv - c:\windows\system32\mncxgsf.vbe
Wow6432Node-HKLM-Run-mncrvthSrv - c:\windows\system32\mncrvth.vbe
Wow6432Node-HKLM-Run-mnclhmpSrv - c:\windows\system32\mnclhmp.vbe
Wow6432Node-HKLM-Run-NtVdmSrv - c:\windows\inf\ntvdm.vbe
Wow6432Node-HKLM-Run-mncgihywlSrv - c:\windows\system32\mncgihywl.vbe
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
WebBrowser-{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - (no file)
HKLM-Run-LogMeIn GUI - c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe
HKLM-Run-225659c6fa2732024934dc96358cf4cb - c:\users\MSI\AppData\Roaming\windows.exe
HKLM-Run-0d3375618302c289613b400989a76e30 - c:\users\MSI\AppData\Roaming\google.exe
AddRemove-Dead Space 2_is1 - d:\hry\Dead Space 2\unins000.exe
AddRemove-Half-Life: Blue Shift - d:\hry\HALF-L~1.FUL\HALF-L~1\BLUE-S~1\bshift\UNWISE.EXE
AddRemove-IECT1750559 - c:\programdata\Conduit\IE\CT1750559\UninstallerUI.exe
AddRemove-League of Legends CZ 3.11 - d:\hry\League of Legends\Uninstall.exe
AddRemove-Plague Inc Evolved_is1 - d:\hry\Plague Inc Evolved\Uninstall\unins000.exe
AddRemove-StarCraft II - c:\program files (x86)\Common Files\Blizzard Entertainment\StarCraft II\Uninstall.exe
AddRemove-{0C555271-81C3-AAB9-1426-FA0C4AC27853}_is1 - d:\hry\Star Wars - The Force Unleashed\unins000.exe
AddRemove-{141B8BA9-BFFD-4635-AF64-078E31010EC3}_is1 - d:\hry\FINAL FANTASY VII\unins000.exe
AddRemove-{18E669FD-E93C-4F7A-B1C2-EE304BF0DC10}_is1 - d:\hry\etina na hru Half-Life 2 Episode 1
AddRemove-{22E1BC3A-5B6F-FE1C-5060-F41533D140BF}_is1 - d:\hry\unreal tournament 3 full game\Minecraft 1.4 Free Full Download\unins000.exe
AddRemove-{804582D3-E274-B7EB-D083-E6FF2A5813DB}_is1 - d:\hry\unreal tournament 3 full game\unins000.exe
AddRemove-{C8B24A74-589B-8D96-C1EA-9A1662B56D37}_is1 - c:\program files (x86)\Fraps 3.5.9 CZ pln verze!!! - by kopiha\unins000.exe
AddRemove-MKLOL - c:\program files (x86)\MKJogo\MKLOL\MKuInst.exe
AddRemove-SeznamInstall - c:\users\MSI\AppData\Roaming\Seznam.cz\szninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\21.7.0.11\N360.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\21.7.0.11\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NCO]
"ImagePath"="\"c:\program files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe\" /s \"NCO\" /m \"c:\program files (x86)\Norton Identity Safe\Engine\2014.7.11.42\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
"ImagePath"="\SystemRoot\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS"
"TrustedImagePaths"="c:\program files (x86)\Norton 360\Engine\21.7.0.11;c:\program files (x86)\Norton 360\Engine64\21.7.0.11"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3133602536-102226362-2941794219-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-03-31 21:15:23
ComboFix-quarantined-files.txt 2015-03-31 19:15
.
Před spuštěním: Volných bajtů: 33 725 612 032
Po spuštění: Volných bajtů: 32 916 090 880
.
- - End Of File - - EA77EF76ED08C9EDAD7B58A8300E0470
A36C5E4F47E84449FF07ED3517B43A31

[Bluefox151]

Ahoj,

Soubory:
c:\windows\system32\msqicq.vbe
c:\users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0d3375618302c289613b400989a76e30.exe zde i 225659c6fa2732024934dc96358cf4cb.exe

Tam nejsou.

[Bluefox151]

FRST log

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by MSI (administrator) on GAARAOFTHESAND on 31-03-2015 21:46:09
Running from C:\Users\MSI\Desktop
Loaded Profiles: MSI (Available profiles: MSI)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Hi-Rez Studios) D:\Hry\Smite\HiPatchService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(KYE) C:\Program Files (x86)\Manticore\MTHid.exe
() C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
() C:\Program Files (x86)\Genius\DeathTaker\trayicon.exe
(Filefacts.net) C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-27] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [LogMeIn GUI] => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
HKLM\...\Run: [225659c6fa2732024934dc96358cf4cb] => "C:\Users\MSI\AppData\Roaming\windows.exe" ..
HKLM\...\Run: [0d3375618302c289613b400989a76e30] => "C:\Users\MSI\AppData\Roaming\google.exe" ..
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Manticore] => C:\Program Files (x86)\Manticore\MThid.exe [293376 2013-02-01] (KYE)
HKLM-x32\...\Run: [DeathTaker] => C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe [303616 2013-04-03] ()
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2014-03-11] (Power Software Ltd)
HKLM-x32\...\Run: [Smart File Advisor] => C:\Program Files (x86)\Smart File Advisor\sfa.exe [283248 2014-10-10] (Filefacts.net)
HKLM-x32\...\Run: [SFAUpdater] => C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe [655472 2014-10-10] (Filefacts.net)
HKLM-x32\...\Run: [msqicqSrv] => C:\Windows\SysWOW64\msqicq.vbe [649 2014-07-06] ()
HKLM-x32\...\Run: [MSStp] => C:\Windows\inf\msstp.vbe
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1949592 2015-02-14] (APN)
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Run: [BackgroundContainerV2] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\MSI\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Run: [225659c6fa2732024934dc96358cf4cb] => "C:\Users\MSI\AppData\Roaming\windows.exe" ..
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Run: [0d3375618302c289613b400989a76e30] => "C:\Users\MSI\AppData\Roaming\google.exe" ..
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{7411487A-FF21-481E-AB53-BF27FF30E042}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/secur ... =21.6.0.32
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/secur ... =21.6.0.32
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.reerd.com
URLSearchHook: HKLM-x32 - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Users\MSI\AppData\LocalLow\BS_Player_ControlBar\prxtbBS_0.dll (ClientConnect Ltd.)
URLSearchHook: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Users\MSI\AppData\LocalLow\BS_Player_ControlBar\prxtbBS_0.dll (ClientConnect Ltd.)
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {0D260770-E6F9-423F-8ABF-BC0A10C2CC56} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {20FCDCFE-F4B1-4FDD-B82A-58F76992265B} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {24FE2CFC-8C15-477B-8E29-8F5C7A8C77EE} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {4A216A52-C0D3-4D86-8570-178823E0238D} URL = http://www.mapy.cz/?query={searchTerms} ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {5BEAC1C7-247C-414D-9105-DE094692BB67} URL = http://search.conduit.com/ResultsExt.as ... 32615&UM=1
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {961CA2F3-9139-4F44-94F4-359CEEA9E064} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {B461C106-836A-4F19-9249-28402DAEB27A} URL = http://www.novinky.cz/hledej?w={searchT ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {B90FF399-4517-4634-9E1F-B331D6C96EE2} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {E2837E77-2E07-4413-AD67-38FA914A4B8F} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {EB188080-C56D-4159-AB86-5FC3201C404D} URL = http://encyklopedie.seznam.cz/search?q= ... arch_16194
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-22] (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> D:\Hry\ARC\Arc\Plugins\ArcPluginIE.dll [2014-12-18] (Perfect World Entertainment Inc)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-22] (Oracle Corporation)
BHO-x32: BS Player ControlBar Toolbar -> {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} -> C:\Users\MSI\AppData\LocalLow\BS_Player_ControlBar\prxtbBS_0.dll [2014-04-10] (ClientConnect Ltd.)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Users\MSI\AppData\LocalLow\BS_Player_ControlBar\prxtbBS_0.dll [2014-04-10] (ClientConnect Ltd.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> No Name - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\MSI\AppData\Roaming\Mozilla\Firefox\Profiles\bl1y1xf2.default
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3321459&octid ... 891205EACF
FF DefaultSearchEngine: Trovi search
FF SelectedSearchEngine: Trovi search
FF Homepage: hxxp://www.reerd.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-17] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> D:\Hry\ARC\Arc\Plugins\npArcPluginFF.dll [2014-12-18] (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-31] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3133602536-102226362-2941794219-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\MSI\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3133602536-102226362-2941794219-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\MSI\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-04] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\MSI\AppData\Roaming\Mozilla\Firefox\Profiles\bl1y1xf2.default\user.js [2015-03-31]
FF Extension: Seznam lištička - C:\Users\MSI\AppData\Roaming\Mozilla\Firefox\Profiles\bl1y1xf2.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-12-15]
FF Extension: Firefox Old Version Update Hotfix - C:\Users\MSI\AppData\Roaming\Mozilla\Firefox\Profiles\bl1y1xf2.default\Extensions\firefox-hotfix@mozilla.org.xpi [2014-12-09]
FF Extension: Hotspot Shield Helper (Please allow this installation) - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.0.47\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2015-03-31]

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "hxxp://www.reerd.com/"
CHR DefaultSuggestURL: Default -> http://ssmsp.ask.com/query?sstype=prefi ... earchTerms}
CHR Profile: C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-31]
CHR Extension: (Google Docs) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-31]
CHR Extension: (Google Drive) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-31]
CHR Extension: (Twisted Fate) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\behhgldcbkbflalpfcoaoaihjeekahip [2015-03-31]
CHR Extension: (YouTube) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-31]
CHR Extension: (Google Search) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-31]
CHR Extension: (Google Sheets) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-31]
CHR Extension: (New Tab Redirect) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2015-03-31]
CHR Extension: (Google Wallet) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-31]
CHR Extension: (Gmail) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2015-02-14]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-21]
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-24]
CHR HKLM-x32\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2015-02-14]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-21]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [177560 2015-01-31] (APN LLC.)
S3 ArcService; D:\Hry\ARC\Arc\ArcService.exe [88400 2014-12-18] (Perfect World Entertainment Inc)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2014-10-29] (BitRaider, LLC)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-06-26] (BitRaider, LLC)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2013-11-21] (Futuremark)
U2 HiPatchService; D:\Hry\Smite\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [180200 2013-02-13] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-17] (Intel Corporation)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [29728 2013-05-28] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\N360.exe [265000 2015-03-07] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3191392 2014-05-15] (INCA Internet Co., Ltd.)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2013-12-09] (Qualcomm Atheros) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2014-11-27] (Microsoft Corporation) [File not signed]
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [80080 2013-11-08] (Qualcomm Atheros, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20150321.001\BHDrvx64.sys [1622744 2015-02-03] (Symantec Corporation)
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-06-27] (BitRaider)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-03] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20150330.001\IDSvia64.sys [671448 2015-03-27] (Symantec Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-02-13] ()
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150330.032\ENG64.SYS [129752 2015-03-31] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150330.032\EX64.SYS [2137304 2015-03-31] (Symantec Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-06-21] (Duplex Secure Ltd.)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-06-21] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-03-31] ()
U3 a38f0ai0; C:\Windows\System32\Drivers\a38f0ai0.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X]
S3 BlueletSCOAudio; system32\DRIVERS\BlueletSCOAudio.sys [X]
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S0 BTHidEnum; System32\Drivers\vbtenum.sys [X]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X]
S3 catchme; \??\C:\combofix\catchme.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-31 21:30 - 2015-03-31 21:30 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-03-31 21:22 - 2015-03-31 21:22 - 00027914 _____ () C:\ComboFix.txt
2015-03-31 21:10 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-31 21:10 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-31 21:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-31 21:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-31 21:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-31 21:10 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-03-31 21:10 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-03-31 21:10 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-03-31 21:08 - 2015-03-31 21:22 - 00000000 ____D () C:\Qoobox
2015-03-31 21:08 - 2015-03-31 21:14 - 00000000 ____D () C:\Windows\erdnt
2015-03-31 21:01 - 2015-03-31 21:01 - 05617096 ____R (Swearware) C:\Users\MSI\Desktop\combofix.exe
2015-03-31 20:43 - 2015-03-31 20:43 - 02095616 _____ (Farbar) C:\Users\MSI\Downloads\FRST64 (1).exe
2015-03-31 20:42 - 2015-03-31 20:42 - 00026075 _____ () C:\Users\MSI\Desktop\FRST.rar
2015-03-31 20:40 - 2015-03-31 21:46 - 00029711 _____ () C:\Users\MSI\Desktop\FRST.txt
2015-03-31 20:40 - 2015-03-31 20:40 - 00037969 _____ () C:\Users\MSI\Desktop\Addition.txt
2015-03-31 20:39 - 2015-03-31 21:46 - 00000000 ____D () C:\FRST
2015-03-31 20:39 - 2015-03-31 20:39 - 02095616 _____ (Farbar) C:\Users\MSI\Downloads\FRST64.exe
2015-03-31 20:39 - 2015-03-31 20:39 - 02095616 _____ (Farbar) C:\Users\MSI\Desktop\FRST64.exe
2015-03-31 19:11 - 2015-03-31 19:11 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-31 19:11 - 2015-03-31 19:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-31 19:10 - 2015-03-31 21:30 - 00000942 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-31 19:10 - 2015-03-31 21:15 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-31 19:10 - 2015-03-31 19:10 - 00003942 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-03-31 19:10 - 2015-03-31 19:10 - 00003690 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-03-31 19:00 - 2015-03-31 19:01 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\MSI\Downloads\SpyHunter-Installer.exe
2015-03-29 19:52 - 2015-03-29 19:52 - 09242612 _____ () C:\Users\MSI\Downloads\SasukeMod.rar
2015-03-29 19:26 - 2015-03-29 19:26 - 01197921 _____ () C:\Windows\unins002.exe
2015-03-29 19:26 - 2015-03-29 19:26 - 00007159 _____ () C:\Windows\unins002.dat
2015-03-29 19:25 - 2015-03-29 19:25 - 00892635 _____ (Seemann, Deji, Alien ) C:\Users\MSI\Downloads\CLEO4_setup.exe
2015-03-29 19:06 - 2015-03-29 19:06 - 00019038 _____ () C:\Users\MSI\Downloads\gtapoweroftheninjastrelok_1328793412.torrent
2015-03-29 18:58 - 2015-03-29 19:43 - 00000000 ____D () C:\Users\MSI\Documents\GTA San Andreas User Files
2015-03-29 17:37 - 2015-03-29 18:57 - 754051051 _____ () C:\Users\MSI\Downloads\GTA-San-Andreas (2).rar
2015-03-29 14:49 - 2015-03-29 14:49 - 00529107 _____ () C:\Users\MSI\Downloads\all-r90_b115.zip
2015-03-25 08:00 - 2015-03-11 06:06 - 00943616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-25 08:00 - 2015-03-11 06:06 - 00760832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-25 08:00 - 2015-03-11 06:06 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-25 08:00 - 2015-03-11 06:06 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-25 08:00 - 2015-03-11 06:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-25 08:00 - 2015-03-11 06:05 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-25 08:00 - 2015-03-11 06:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-25 08:00 - 2015-03-11 06:02 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-24 22:14 - 2015-03-24 22:32 - 00000867 _____ () C:\Users\Public\Desktop\Mass Effect 3.lnk
2015-03-24 08:13 - 2015-03-24 08:13 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2015-03-21 21:22 - 2015-03-21 21:22 - 00000684 _____ () C:\Users\Public\Desktop\Mass Effect 2.lnk
2015-03-21 21:22 - 2015-03-21 21:22 - 00000000 ____D () C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP
2015-03-21 21:22 - 2015-03-21 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 2
2015-03-21 21:15 - 2015-03-21 21:22 - 00018137 _____ () C:\Users\MSI\Documents\Install Mass Effect 2.log
2015-03-21 20:20 - 2015-03-21 20:20 - 00792416 _____ (Shark Labs) C:\Users\MSI\Downloads\CFSetup381.exe
2015-03-21 20:20 - 2015-03-21 20:20 - 00000000 ____D () C:\Program Files (x86)\Clownfish
2015-03-21 17:47 - 2015-03-21 17:47 - 00712597 _____ (Remote Mouse ) C:\Users\MSI\Downloads\RemoteMouse (1).exe
2015-03-19 18:21 - 2015-03-19 18:22 - 03739096 _____ () C:\Users\MSI\Downloads\bandicam-2015-03-19-17-20-08-286.avi
2015-03-18 22:47 - 2015-03-18 22:47 - 00000764 _____ () C:\Users\Public\Desktop\Heroes of the Storm.lnk
2015-03-18 22:47 - 2015-03-18 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2015-03-18 22:35 - 2015-03-18 22:35 - 00000733 _____ () C:\Users\Public\Desktop\Star Wars The Force Unleashed 2.lnk
2015-03-18 22:35 - 2015-03-18 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Wars The Force Unleashed 2
2015-03-18 15:26 - 2015-03-18 15:26 - 00000671 _____ () C:\Users\Public\Desktop\Mass Effect.lnk
2015-03-18 15:26 - 2015-03-18 15:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect
2015-03-16 20:46 - 2015-03-16 20:46 - 00000790 _____ () C:\Users\MSI\Desktop\Counter-Strike 1.6.lnk
2015-03-16 20:46 - 2015-03-16 20:46 - 00000740 _____ () C:\Users\MSI\Desktop\Half-Life.lnk
2015-03-16 20:46 - 2015-03-16 20:46 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2015-03-16 20:33 - 2015-03-16 20:41 - 283749156 _____ (Valve ) C:\Users\MSI\Downloads\cs16full_v42i_cskocz.exe
2015-03-15 15:34 - 2015-03-15 15:34 - 00000996 _____ () C:\Users\MSI\Desktop\GameSpy Arcade.lnk
2015-03-15 15:34 - 2015-03-15 15:34 - 00000695 _____ () C:\Users\Public\Desktop\Halo.lnk
2015-03-15 15:34 - 2015-03-15 15:34 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2015-03-15 15:34 - 2015-03-15 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2015-03-15 15:34 - 2015-03-15 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2015-03-15 15:34 - 2015-03-15 15:34 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2015-03-15 15:34 - 2015-03-15 15:34 - 00000000 ____D () C:\Program Files (x86)\GameSpy Arcade
2015-03-15 14:45 - 2015-03-15 15:21 - 641996800 _____ () C:\Users\MSI\Downloads\Halo-Combat-Evolved.iso
2015-03-15 11:49 - 2015-03-24 22:52 - 00000000 ____D () C:\Users\MSI\Documents\BioWare
2015-03-15 01:01 - 2015-03-15 01:02 - 11422713 _____ () C:\Users\MSI\Downloads\starmann65---Synthesia-Dream-s-2k11.zip
2015-03-15 00:47 - 2015-03-15 00:48 - 11838703 _____ () C:\Users\MSI\Downloads\Synthesia.rar
2015-03-15 00:42 - 2015-03-15 01:07 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\Synthesia
2015-03-15 00:42 - 2015-03-15 01:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthesia
2015-03-15 00:42 - 2015-03-15 01:03 - 00000000 ____D () C:\Program Files (x86)\Synthesia
2015-03-15 00:42 - 2015-03-15 00:42 - 00001913 _____ () C:\Users\Public\Desktop\Synthesia.lnk
2015-03-15 00:41 - 2015-03-15 00:41 - 03772184 _____ (Synthesia LLC) C:\Users\MSI\Downloads\Synthesia-10.1-installer.exe
2015-03-15 00:25 - 2015-03-15 00:25 - 00003040 _____ () C:\Windows\System32\Tasks\{B76583C1-6545-4388-9C33-6AB05BFA5B9C}
2015-03-11 20:06 - 2015-03-11 20:06 - 00000000 _____ () C:\Users\MSI\Downloads\stažený soubor.htm
2015-03-11 08:17 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 08:17 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 08:17 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 08:17 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 08:17 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 08:17 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 08:17 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 08:17 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 08:17 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 08:17 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 08:17 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 08:17 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 08:17 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 08:17 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 08:17 - 2015-02-24 05:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 08:17 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 08:17 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 08:17 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 08:17 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 08:17 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 08:17 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 08:17 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 08:17 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 08:17 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 08:17 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 08:17 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 08:17 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 08:17 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 08:17 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 08:17 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 08:17 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 08:17 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 08:17 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 08:17 - 2015-02-20 05:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 08:17 - 2015-02-20 05:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 08:17 - 2015-02-20 04:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 08:17 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 08:17 - 2015-02-20 04:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 08:17 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 08:17 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 08:17 - 2015-02-20 04:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 08:17 - 2015-02-20 04:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 08:17 - 2015-02-20 04:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 08:17 - 2015-02-20 04:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 08:17 - 2015-02-20 04:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 08:17 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 08:17 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 08:17 - 2015-02-20 04:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 08:17 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 08:17 - 2015-02-20 04:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 08:17 - 2015-02-20 04:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 08:17 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 08:17 - 2015-02-20 04:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 08:17 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 08:17 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 08:17 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 08:17 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 08:17 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 08:17 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 08:17 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 08:17 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 08:17 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 08:17 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 08:17 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 08:17 - 2015-02-20 03:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 08:17 - 2015-02-20 03:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 08:17 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 08:17 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 08:17 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 08:17 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 08:17 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 08:17 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 08:17 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 08:17 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 08:17 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 08:17 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 08:17 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 08:17 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 08:17 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 08:17 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 08:17 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 08:17 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 08:17 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 08:17 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 08:17 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 08:17 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 08:17 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 08:17 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 08:17 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 08:17 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 08:17 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 08:17 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 08:17 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 08:17 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 08:17 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 08:17 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 08:17 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 08:17 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 08:17 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 08:17 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 08:17 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 08:17 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 08:17 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 08:17 - 2015-01-31 05:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 08:17 - 2015-01-31 05:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 08:17 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 08:17 - 2015-01-31 01:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 08:17 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 08:17 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 08:17 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 08:16 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 08:16 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-08 20:01 - 2015-03-08 20:01 - 00026156 _____ () C:\Users\MSI\Downloads\[HorribleSubs] Shinmai Maou no Testament - 09 [720p].mkv.torrent
2015-03-08 16:45 - 2015-03-08 16:45 - 00002168 _____ () C:\Users\MSI\Desktop\Dawn of War - Dark Crusade.lnk
2015-03-08 16:44 - 2015-03-08 16:44 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\THQ
2015-03-08 16:43 - 2015-03-08 16:43 - 00000000 ____D () C:\Program Files (x86)\THQ
2015-03-08 16:41 - 2015-03-08 16:41 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\InstallShield
2015-03-08 15:00 - 2015-03-08 15:00 - 00276688 _____ () C:\Windows\Minidump\030815-12760-01.dmp
2015-03-07 22:42 - 2015-03-07 22:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CUT2 Evolution
2015-03-07 22:19 - 2015-03-07 22:19 - 00003138 _____ () C:\Windows\System32\Tasks\{F4733665-5BED-4F24-998A-CB329E5641CD}
2015-03-07 22:19 - 2006-07-17 12:25 - 34950005 _____ () C:\Users\MSI\Downloads\JunkWarv110Beta.ut4mod
2015-03-07 22:18 - 2015-03-07 22:19 - 17072060 _____ () C:\Users\MSI\Downloads\JunkWarv110Beta.exe
2015-03-07 22:17 - 2015-03-07 22:18 - 08180262 _____ () C:\Users\MSI\Downloads\arkon2004_v40-1.zip
2015-03-07 22:17 - 2015-03-07 22:17 - 13323776 _____ () C:\Users\MSI\Downloads\ut2004-winpatch3369.exe
2015-03-07 22:15 - 2015-03-07 22:15 - 00000881 _____ () C:\Users\MSI\Desktop\Play UT2004.lnk
2015-03-07 22:15 - 2015-03-07 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Tournament 2004
2015-03-05 22:35 - 2015-03-05 22:35 - 00276688 _____ () C:\Windows\Minidump\030515-8814-01.dmp
2015-03-05 08:13 - 2015-03-05 08:13 - 00262144 ____N () C:\Windows\Minidump\030515-9110-01.dmp
2015-03-04 19:38 - 2015-03-04 19:38 - 00276688 _____ () C:\Windows\Minidump\030415-8689-01.dmp
2015-03-04 17:20 - 2015-03-04 17:21 - 29720272 _____ () C:\Users\MSI\Downloads\SWTOR_setup.exe
2015-03-04 16:44 - 2015-03-04 16:44 - 00000000 ____D () C:\ProgramData\Installations
2015-03-03 21:46 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-03-03 21:46 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-03-03 21:46 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-03-03 21:46 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-03-02 01:13 - 2015-03-02 01:13 - 00276688 _____ () C:\Windows\Minidump\030215-9406-01.dmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-31 21:45 - 2014-01-25 21:22 - 01246584 _____ () C:\Windows\WindowsUpdate.log
2015-03-31 21:37 - 2009-07-14 17:18 - 06119382 _____ () C:\Windows\system32\perfh005.dat
2015-03-31 21:37 - 2009-07-14 17:18 - 01983780 _____ () C:\Windows\system32\perfc005.dat
2015-03-31 21:37 - 2009-07-14 07:13 - 00006228 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-31 21:37 - 2009-07-14 06:45 - 00020880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-31 21:37 - 2009-07-14 06:45 - 00020880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-31 21:31 - 2014-04-18 07:45 - 00000330 _____ () C:\Users\MSI\rgut
2015-03-31 21:31 - 2014-01-25 23:37 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\Skype
2015-03-31 21:30 - 2014-01-25 21:57 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-03-31 21:30 - 2014-01-25 21:37 - 01381540 _____ () C:\Windows\PFRO.log
2015-03-31 21:30 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-31 21:30 - 2009-07-14 06:51 - 00133479 _____ () C:\Windows\setupact.log
2015-03-31 21:22 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-03-31 21:15 - 2014-04-23 00:52 - 00000000 ____D () C:\Users\dub_cm_auto
2015-03-31 20:56 - 2014-01-26 02:06 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-31 20:30 - 2014-10-24 14:24 - 00000920 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3133602536-102226362-2941794219-1000UA.job
2015-03-31 19:11 - 2014-01-25 21:34 - 00000000 ____D () C:\Users\MSI\AppData\Local\Google
2015-03-31 19:11 - 2014-01-25 21:34 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-31 19:10 - 2014-12-14 12:17 - 00000000 ____D () C:\Users\MSI\AppData\Local\Deployment
2015-03-31 14:30 - 2014-10-24 14:24 - 00000898 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3133602536-102226362-2941794219-1000Core.job
2015-03-31 07:08 - 2014-10-07 01:09 - 00000030 _____ () C:\Users\MSI\AppData\Roaming\msquiku.dat
2015-03-30 19:52 - 2014-02-21 23:14 - 00000000 ____D () C:\Users\MSI\AppData\Local\Battle.net
2015-03-29 19:57 - 2014-01-27 00:39 - 00000000 ____D () C:\Users\MSI\AppData\Local\CrashDumps
2015-03-29 19:06 - 2014-01-29 17:05 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\uTorrent
2015-03-29 18:58 - 2014-02-01 11:47 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-03-28 20:25 - 2014-02-06 23:12 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\TS3Client
2015-03-28 10:22 - 2015-01-16 21:37 - 00000000 ____D () C:\Users\MSI\AppData\Local\Warframe
2015-03-25 16:12 - 2014-10-11 08:28 - 00000448 ____H () C:\Windows\Tasks\Norton Security Scan for MSI.job
2015-03-25 15:43 - 2014-06-22 08:20 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Identity Safe
2015-03-25 15:04 - 2014-12-11 16:32 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-25 15:04 - 2014-08-11 12:50 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-24 22:30 - 2014-02-12 22:31 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-03-24 22:14 - 2014-12-20 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2015-03-24 19:10 - 2014-01-25 23:47 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2015-03-24 18:52 - 2014-11-21 20:50 - 00925184 _____ () C:\Windows\expstart.exe
2015-03-24 15:33 - 2014-06-21 08:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe
2015-03-24 15:33 - 2014-06-21 08:29 - 00000000 ____D () C:\Windows\system32\Drivers\NSTx64
2015-03-24 08:08 - 2014-06-21 08:36 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2015-03-24 08:08 - 2014-06-21 08:36 - 00002319 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2015-03-24 08:08 - 2014-06-21 08:35 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2015-03-24 08:08 - 2014-06-21 08:35 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2015-03-21 21:22 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-21 17:51 - 2014-02-09 21:08 - 00000056 _____ () C:\Windows\wincheater.ini
2015-03-21 09:44 - 2014-08-26 23:41 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-03-18 23:10 - 2015-02-23 23:17 - 00000000 ____D () C:\Users\MSI\Documents\Heroes of the Storm
2015-03-18 23:08 - 2014-01-25 22:04 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-03-17 16:17 - 2014-08-16 08:55 - 00000000 ____D () C:\Games
2015-03-15 15:51 - 2014-01-26 00:52 - 00000000 ____D () C:\Users\MSI\Documents\My Games
2015-03-15 11:06 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-15 00:27 - 2014-01-26 00:51 - 00375522 _____ () C:\Windows\DirectX.log
2015-03-14 22:20 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-11 18:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-03-11 16:58 - 2009-07-14 06:45 - 00410256 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-11 16:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-11 16:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 08:30 - 2014-01-28 21:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-11 08:28 - 2014-01-27 07:39 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 08:25 - 2014-01-27 07:39 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-08 16:43 - 2014-01-25 21:32 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-08 15:00 - 2014-01-26 17:53 - 00000000 ____D () C:\Windows\Minidump
2015-03-04 08:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing

==================== Files in the root of some directories =======

2014-10-07 01:09 - 2014-10-07 01:09 - 0009197 _____ () C:\Users\MSI\AppData\Roaming\mskwdgi.dat
2014-10-07 01:09 - 2015-03-31 07:08 - 0000030 _____ () C:\Users\MSI\AppData\Roaming\msquiku.dat
2015-02-03 22:10 - 2015-02-03 22:10 - 0000094 _____ () C:\Users\MSI\AppData\Roaming\settings.xml
2015-01-16 00:30 - 2015-01-16 00:30 - 0003584 _____ () C:\Users\MSI\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-07 12:12 - 2014-09-07 12:15 - 0000000 _____ () C:\Users\MSI\AppData\Local\Driver_LOM_8161Present.flag
2014-01-25 21:32 - 2014-09-07 12:14 - 0000690 _____ () C:\Users\MSI\AppData\Local\killertool.log
2014-10-22 21:41 - 2014-10-22 21:41 - 0000000 ___SH () C:\Users\MSI\AppData\Local\LumaEmu
2015-01-18 10:30 - 2015-01-18 10:30 - 0000000 _____ () C:\Users\MSI\AppData\Local\{5D3DDE03-8D9A-49D1-A2D4-BC2CBE87EBD7}

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-25 16:14

==================== End Of Log ============================

[Bluefox151]

AdwCleaner log:

# AdwCleaner v4.200 - Log vytvooen 31/03/2015 v 22:04:54
# Aktualizováno 29/03/2015 by Xplode
# Databáze : 2015-03-29.1 [Server]
# Operaení system : Windows 7 Ultimate Service Pack 1 (x64)
# Uživatelské jméno : MSI - GAARAOFTHESAND
# Spuštino z : C:\Users\MSI\Downloads\adwcleaner_4.200.exe
# Nastavení : Eištiní

***** [ Služby ] *****

Služba Smazáno : APNMCP

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\apn
Složka Smazáno : C:\ProgramData\AskPartnerNetwork
Složka Smazáno : C:\ProgramData\Conduit
Složka Smazáno : C:\Program Files (x86)\AskPartnerNetwork
Složka Smazáno : C:\Program Files (x86)\BS_Player_ControlBar
Složka Smazáno : C:\Users\MSI\AppData\Local\Temp\apn
Složka Smazáno : C:\Users\MSI\AppData\Local\AskPartnerNetwork
Složka Smazáno : C:\Users\MSI\AppData\Local\Conduit
Složka Smazáno : C:\Users\MSI\AppData\LocalLow\BS_Player_ControlBar
Složka Smazáno : C:\Users\MSI\AppData\LocalLow\Conduit
Složka Smazáno : C:\Users\MSI\AppData\Roaming\OpenCandy
Složka Smazáno : C:\Users\MSI\AppData\Roaming\Mozilla\Firefox\Profiles\bl1y1xf2.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Složka Smazáno : C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna
Soubor Smazáno : C:\Users\MSI\AppData\Roaming\Mozilla\Firefox\Profiles\bl1y1xf2.default\invalidprefs.js
Soubor Smazáno : C:\Users\MSI\AppData\Roaming\Mozilla\Firefox\Profiles\bl1y1xf2.default\user.js

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíe Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Klíe Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
Klíe Smazáno : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
Klíe Smazáno : HKCU\Software\Classes\pokki
Klíe Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduitapps.com
Klíe Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Klíe Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Hodnota Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainerV2]
Klíe Smazáno : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT1750559
Klíe Smazáno : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{055DD326-956C-4827-9467-A172509E81B3}
Klíe Smazáno : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Klíe Smazáno : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Smazáno : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Klíe Smazáno : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Klíe Smazáno : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Klíe Smazáno : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Klíe Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Klíe Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Klíe Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Klíe Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{055DD326-956C-4827-9467-A172509E81B3}
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1600EA03-14BC-4CDE-9A25-19AF2DDB7AAE}
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63EB1CCA-1760-4B4D-B259-8F85E0C769E2}
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Klíe Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Klíe Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5BEAC1C7-247C-414D-9105-DE094692BB67}
Klíe Smazáno : HKCU\Software\AskPartnerNetwork
Klíe Smazáno : HKCU\Software\Conduit
Klíe Smazáno : HKCU\Software\InstallCore
Klíe Smazáno : HKCU\Software\Softonic
Klíe Smazáno : HKCU\Software\AppDataLow\Toolbar
Klíe Smazáno : HKCU\Software\AppDataLow\Software\BackgroundContainer
Klíe Smazáno : HKCU\Software\AppDataLow\Software\Conduit
Klíe Smazáno : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Klíe Smazáno : HKCU\Software\AppDataLow\Software\BackgroundContainerV2
Klíe Smazáno : HKCU\Software\AppDataLow\Software\BS_Player_ControlBar
Klíe Smazáno : HKLM\SOFTWARE\AskPartnerNetwork
Klíe Smazáno : HKLM\SOFTWARE\Conduit
Klíe Smazáno : HKLM\SOFTWARE\BS_Player_ControlBar
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smart File Advisor_is1
Klíe Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF

***** [ Prohlížeee ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v33.1.1 (x86 cs)

[bl1y1xf2.default\prefs.js] - Oádek Smazáno : user_pref("browser.newtab.url", "hxxp://www.trovi.com/?gd=&ctid=CT3321459&octid ... 9-159B-4DE[...]
[bl1y1xf2.default\prefs.js] - Oádek Smazáno : user_pref("browser.search.defaultenginename", "Trovi search");
[bl1y1xf2.default\prefs.js] - Oádek Smazáno : user_pref("browser.search.selectedEngine", "Trovi search");

-\\ Google Chrome v41.0.2272.101

[C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559&CUI=UN22722774103232615&UM=1
[C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : icpgjfneehieebagbmdbhnlpiopdcmna
[C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : aaaaaiabcopkplhgaedhbloeejhhankf
[C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Homepage] : hxxp://www.search.ask.com/?gct=hp

*************************

AdwCleaner[R0].txt - [9896 bytu] - [31/03/2015 22:04:20]
AdwCleaner[S0].txt - [8259 bytu] - [31/03/2015 22:04:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8317 bytu] ##########

[Bluefox151]

Ahoj,

Provedl jsem scan RogueKilleru zde je log:

RogueKiller V10.5.8.0 (x64) [Mar 30 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : MSI [Práva správce]
Started from : C:\Users\MSI\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 03/31/2015 22:16:28

¤¤¤ Procesy : 1 ¤¤¤
[Suspicious.Path] UnsignedThemesSvc.exe(1092) -- C:\Windows\UnsignedThemesSvc.exe[7] -> Zastaveno [TermProc]

¤¤¤ Registry : 24 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | 225659c6fa2732024934dc96358cf4cb : "C:\Users\MSI\AppData\Roaming\windows.exe" .. -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | 0d3375618302c289613b400989a76e30 : "C:\Users\MSI\AppData\Roaming\google.exe" .. -> Nalezeno
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-3133602536-102226362-2941794219-1000\Software\Microsoft\Windows\CurrentVersion\Run | 225659c6fa2732024934dc96358cf4cb : "C:\Users\MSI\AppData\Roaming\windows.exe" .. -> Nalezeno
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-3133602536-102226362-2941794219-1000\Software\Microsoft\Windows\CurrentVersion\Run | 0d3375618302c289613b400989a76e30 : "C:\Users\MSI\AppData\Roaming\google.exe" .. -> Nalezeno
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-3133602536-102226362-2941794219-1000\Software\Microsoft\Windows\CurrentVersion\Run | 225659c6fa2732024934dc96358cf4cb : "C:\Users\MSI\AppData\Roaming\windows.exe" .. -> Nalezeno
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-3133602536-102226362-2941794219-1000\Software\Microsoft\Windows\CurrentVersion\Run | 0d3375618302c289613b400989a76e30 : "C:\Users\MSI\AppData\Roaming\google.exe" .. -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\GPUZ (\??\C:\Windows\TEMP\GPUZ.sys) -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\UnsignedThemes (C:\Windows\UnsignedThemesSvc.exe) -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GPUZ (\??\C:\Windows\TEMP\GPUZ.sys) -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\UnsignedThemes (C:\Windows\UnsignedThemesSvc.exe) -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\GPUZ (\??\C:\Windows\TEMP\GPUZ.sys) -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\UnsignedThemes (C:\Windows\UnsignedThemesSvc.exe) -> Nalezeno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/secur ... =21.6.0.32 -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/secur ... =21.6.0.32 -> Nalezeno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/secur ... =21.6.0.32 -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/secur ... =21.6.0.32 -> Nalezeno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3133602536-102226362-2941794219-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.reerd.com -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3133602536-102226362-2941794219-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.reerd.com -> Nalezeno
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 7 (Driver: Nahrán) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_CREATE[0] : Unknown @ 0x66b52c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_CLOSE[2] : Unknown @ 0x66b52c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0x66b52c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0x66b52c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_POWER[22] : Unknown @ 0x66b52c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0x66b52c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_PNP[27] : Unknown @ 0x66b52c0

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] bl1y1xf2.default : user_pref("browser.startup.homepage", "http://www.reerd.com"); -> Nalezeno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD1003FZEX-00MK2A0 ATA Device +++++
--- User ---
[MBR] a1dde0b572fc0f88621649d92da260f4
[BSP] 63a1e373cb16943ba4681a993b551fbd : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: KINGSTON SV300S37A120G ATA Device +++++
--- User ---
[MBR] 0789d5e31ea12e163961ff67fb02766f
[BSP] fa17c5642a30f1052fd98621f8ce0213 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 114371 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: Kingston DataTraveler 3.0 USB Device +++++
--- User ---
[MBR] 0072980bd79688df9d651431eb45ac10
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 15279 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

[Bluefox151]

Ahoj,

Zajímavost: Provedl jsem rychlé prověření Nortona a tentokrát nenašel žádný Malware, ale nevím jestli je to v pohodě.

[Bluefox151]

Ahoj,

Otázka: Jak smažu v Roguekilleru registry?

[Bluefox151]

Ahoj provedl jstem FRST scan zde jsou výsledky:

FRST log:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by MSI (administrator) on GAARAOFTHESAND on 01-04-2015 14:05:40
Running from C:\Users\MSI\Desktop
Loaded Profiles: MSI (Available profiles: MSI)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hi-Rez Studios) D:\Hry\Smite\HiPatchService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(KYE) C:\Program Files (x86)\Manticore\MTHid.exe
() C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Filefacts.net) C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe
() C:\Program Files (x86)\Genius\DeathTaker\trayicon.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-27] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [LogMeIn GUI] => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Manticore] => C:\Program Files (x86)\Manticore\MThid.exe [293376 2013-02-01] (KYE)
HKLM-x32\...\Run: [DeathTaker] => C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe [303616 2013-04-03] ()
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2014-03-11] (Power Software Ltd)
HKLM-x32\...\Run: [Smart File Advisor] => C:\Program Files (x86)\Smart File Advisor\sfa.exe [283248 2014-10-10] (Filefacts.net)
HKLM-x32\...\Run: [SFAUpdater] => C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe [655472 2014-10-10] (Filefacts.net)
HKLM-x32\...\Run: [msqicqSrv] => C:\Windows\SysWOW64\msqicq.vbe [649 2014-07-06] ()
HKLM-x32\...\Run: [MSStp] => C:\Windows\inf\msstp.vbe
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Winlogon: [Shell] C:\Windows\expstart.exe [925184 2015-03-31] () <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{7411487A-FF21-481E-AB53-BF27FF30E042}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/secur ... =21.6.0.32
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/secur ... =21.6.0.32
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.reerd.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {0D260770-E6F9-423F-8ABF-BC0A10C2CC56} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {20FCDCFE-F4B1-4FDD-B82A-58F76992265B} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {24FE2CFC-8C15-477B-8E29-8F5C7A8C77EE} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {4A216A52-C0D3-4D86-8570-178823E0238D} URL = http://www.mapy.cz/?query={searchTerms} ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {961CA2F3-9139-4F44-94F4-359CEEA9E064} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {B461C106-836A-4F19-9249-28402DAEB27A} URL = http://www.novinky.cz/hledej?w={searchT ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {B90FF399-4517-4634-9E1F-B331D6C96EE2} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {E2837E77-2E07-4413-AD67-38FA914A4B8F} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {EB188080-C56D-4159-AB86-5FC3201C404D} URL = http://encyklopedie.seznam.cz/search?q= ... arch_16194
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-22] (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> D:\Hry\ARC\Arc\Plugins\ArcPluginIE.dll [2014-12-18] (Perfect World Entertainment Inc)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-22] (Oracle Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\MSI\AppData\Roaming\Mozilla\Firefox\Profiles\bl1y1xf2.default
FF Homepage: hxxp://www.reerd.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-04-01] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-01] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-17] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> D:\Hry\ARC\Arc\Plugins\npArcPluginFF.dll [2014-12-18] (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-31] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3133602536-102226362-2941794219-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\MSI\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3133602536-102226362-2941794219-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\MSI\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-04] (Unity Technologies ApS)
FF Extension: Hotspot Shield Helper (Please allow this installation) - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.0.47\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2015-04-01]

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "hxxp://www.reerd.com/"
CHR Profile: C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-31]
CHR Extension: (Google Docs) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-31]
CHR Extension: (Google Drive) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-31]
CHR Extension: (Twisted Fate) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\behhgldcbkbflalpfcoaoaihjeekahip [2015-03-31]
CHR Extension: (YouTube) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-31]
CHR Extension: (Google Search) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-31]
CHR Extension: (Google Sheets) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-31]
CHR Extension: (New Tab Redirect) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2015-03-31]
CHR Extension: (Google Wallet) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-31]
CHR Extension: (Gmail) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-21]
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-24]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-21]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ArcService; D:\Hry\ARC\Arc\ArcService.exe [88400 2014-12-18] (Perfect World Entertainment Inc)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2014-10-29] (BitRaider, LLC)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-06-26] (BitRaider, LLC)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2013-11-21] (Futuremark)
U2 HiPatchService; D:\Hry\Smite\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [180200 2013-02-13] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-17] (Intel Corporation)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [29728 2013-05-28] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\N360.exe [265000 2015-03-07] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3191392 2014-05-15] (INCA Internet Co., Ltd.)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2013-12-09] (Qualcomm Atheros) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2014-11-27] (Microsoft Corporation) [File not signed]
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [80080 2013-11-08] (Qualcomm Atheros, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20150321.001\BHDrvx64.sys [1622744 2015-02-03] (Symantec Corporation)
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-06-27] (BitRaider)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-03] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20150330.001\IDSvia64.sys [671448 2015-03-27] (Symantec Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-02-13] ()
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150330.032\ENG64.SYS [129752 2015-03-31] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150330.032\EX64.SYS [2137304 2015-03-31] (Symantec Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-06-21] (Duplex Secure Ltd.)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-06-21] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-04-01] ()
U3 akxrwf9b; C:\Windows\System32\Drivers\akxrwf9b.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero size file/folder)
S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X]
S3 BlueletSCOAudio; system32\DRIVERS\BlueletSCOAudio.sys [X]
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S0 BTHidEnum; System32\Drivers\vbtenum.sys [X]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X]
S3 catchme; \??\C:\combofix\catchme.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys 9E9AE678BBA7E4B80E28F99CE23BC2D2
C:\Windows\System32\DRIVERS\atikmpag.sys 7A75C6913E3AD123C06D753B5642468E
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys 90C53BD47979FB8814F465A08B885102
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\drivers\AtihdW76.sys 37CB595C0AB20ECBFA5170D3185690DB
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bflwfx64.sys 15370F00194819D8194E655B77E24054
C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20150321.001\BHDrvx64.sys 99EE5EB9FCBAD85F1992C47C5BB68649
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\ProgramData\BitRaider\BRDriver64.sys D4F84730BE7FEB435D119792F84EA934
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bridge.sys 5C2F352A4E961D72518261257AAE204B
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys 0510396A957E9FD7205BA62D3CAE4528
C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys 0510396A957E9FD7205BA62D3CAE4528
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 27667A788130A7F7A5858DE27572E6D7
C:\Windows\system32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dtsoftbus01.sys 33F90B202E9DD9B7D489EB59310FDC34
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 47A68B3DBBB34D4FE61DE221A8536627
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys B9773081AAF65E6D553496BA0CADCBB3
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hamachi.sys 1E6438D4EA6E1174A3B3B1EDC4DE660B
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20150330.001\IDSvia64.sys 4A2CAA578E0A829A15CD76CEC66A1E41
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ikbevent.sys E18725531054FE222115873AC1CCB02B
C:\Windows\System32\DRIVERS\imsevent.sys 45060257BCA3D60204FEC29F6E6DE458
C:\Windows\System32\drivers\RTKVHD64.sys E551BB77E7D436380139977124BDFF62
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\ISCTD64.sys 4EE2423C38F43D37F8497A672FD10BDC
C:\Windows\System32\DRIVERS\iusb3hcs.sys 78D369F8A81A341109FBA1DB64B4C512
C:\Windows\System32\DRIVERS\iusb3hub.sys 5B632ABA038CE2E2D5D2D1115C6B26D1
C:\Windows\System32\DRIVERS\iusb3xhc.sys EA841584EF59528D11F20355770E427E
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\e22w7x64.sys 819433A6CFC8771F0A2B0BB8EF6125B1
C:\Windows\System32\Drivers\ksecdd.sys 56ED3EE5FED6BF2FC1305CF872042868
C:\Windows\System32\Drivers\ksecpkg.sys 8BA90F480705D7153AD0060CCA62222A
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lmimirr.sys 413ECDCFAD9A82804D3674C8D7EEC24E
C:\Windows\system32\drivers\LMIRfsDriver.sys C57D3FAA50E6F395759FFB7C709BD944
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MBfilt64.sys 8FF2D95CBA49B405C5DE27039FF0BF35
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys 2BB3EAE2EA641515D4B205CAB29E1624
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys 87BCD1034CBF33537D4D4C251D39BA26
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150330.032\ENG64.SYS 54F4B358F41C664CBDE4507D67EED1CD
C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150330.032\EX64.SYS A74D67EEEB3938FD2FA3B65B24C32C44
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ED6E75158D28D33A2E2A020AC5B2B59D
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RootMdm.sys 388D3DD1A6457280F3BADBA9F3ACD6B1
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\Drivers\SCDEmu.sys 20AE08C7072DD0263651F7E6D60D0ACD
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\sptd.sys 74D30C2EF66C2EB19F17ED5423AA8038
C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS E163E10191958FF6A2B0B48353F9E9FD
C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS 68E7B6708B9EEE021301C483825D05EA
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS 5C9EE2303CA7F267665D75237862B39C
C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS 9F31630D7FC2DD9D5DA1CE359AAD1F46
C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 97E11C50CE52277B377396EA8838E539
C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS 2C95265BE19F338E1C1090E4E91055BB
C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS 5570A74FF9B1EFBC5154DD1E2F05C517
C:\Windows\System32\DRIVERS\taphss.sys B70DF208E97536CA9F29289E609F5B16
C:\Windows\System32\DRIVERS\taphss6.sys BCF5E78E87D258088346E399E406E501
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\system32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\system32\drivers\uxpatch.sys 297EE9C666FC8BB96A232DB0DDBA1E49
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\System32\drivers\WPRO_41_2001.sys 7CA09731EB7FC99B910C7F239E57720F
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\Drivers\akxrwf9b.sys

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== Three Months Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-31 22:09 - 2015-04-01 13:58 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-03-31 22:09 - 2015-03-31 22:21 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-03-31 22:08 - 2015-03-31 22:08 - 20436568 _____ () C:\Users\MSI\Downloads\RogueKillerX64.exe
2015-03-31 22:08 - 2015-03-31 22:08 - 20436568 _____ () C:\Users\MSI\Desktop\RogueKillerX64.exe
2015-03-31 22:04 - 2015-03-31 22:04 - 00000000 ____D () C:\AdwCleaner
2015-03-31 22:03 - 2015-03-31 22:03 - 02208768 _____ () C:\Users\MSI\Downloads\adwcleaner_4.200.exe
2015-03-31 21:30 - 2015-04-01 14:03 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-03-31 21:22 - 2015-03-31 21:22 - 00027914 _____ () C:\ComboFix.txt
2015-03-31 21:10 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-31 21:10 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-31 21:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-31 21:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-31 21:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-31 21:10 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-03-31 21:10 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-03-31 21:10 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-03-31 21:08 - 2015-03-31 21:22 - 00000000 ____D () C:\Qoobox
2015-03-31 21:08 - 2015-03-31 21:14 - 00000000 ____D () C:\Windows\erdnt
2015-03-31 21:01 - 2015-03-31 21:01 - 05617096 ____R (Swearware) C:\Users\MSI\Desktop\combofix.exe
2015-03-31 20:43 - 2015-03-31 20:43 - 02095616 _____ (Farbar) C:\Users\MSI\Downloads\FRST64 (1).exe
2015-03-31 20:40 - 2015-04-01 14:05 - 00044319 _____ () C:\Users\MSI\Desktop\FRST.txt
2015-03-31 20:40 - 2015-03-31 21:46 - 00039639 _____ () C:\Users\MSI\Desktop\Addition.txt
2015-03-31 20:39 - 2015-04-01 14:05 - 00000000 ____D () C:\FRST
2015-03-31 20:39 - 2015-03-31 20:39 - 02095616 _____ (Farbar) C:\Users\MSI\Downloads\FRST64.exe
2015-03-31 20:39 - 2015-03-31 20:39 - 02095616 _____ (Farbar) C:\Users\MSI\Desktop\FRST64.exe
2015-03-31 19:11 - 2015-03-31 19:11 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-31 19:11 - 2015-03-31 19:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-31 19:10 - 2015-04-01 14:03 - 00000942 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-31 19:10 - 2015-04-01 07:15 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-31 19:10 - 2015-03-31 19:10 - 00003942 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-03-31 19:10 - 2015-03-31 19:10 - 00003690 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-03-31 19:00 - 2015-03-31 19:01 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\MSI\Downloads\SpyHunter-Installer.exe
2015-03-29 19:52 - 2015-03-29 19:52 - 09242612 _____ () C:\Users\MSI\Downloads\SasukeMod.rar
2015-03-29 19:26 - 2015-03-29 19:26 - 01197921 _____ () C:\Windows\unins002.exe
2015-03-29 19:26 - 2015-03-29 19:26 - 00007159 _____ () C:\Windows\unins002.dat
2015-03-29 19:25 - 2015-03-29 19:25 - 00892635 _____ (Seemann, Deji, Alien ) C:\Users\MSI\Downloads\CLEO4_setup.exe
2015-03-29 19:06 - 2015-03-29 19:06 - 00019038 _____ () C:\Users\MSI\Downloads\gtapoweroftheninjastrelok_1328793412.torrent
2015-03-29 18:58 - 2015-03-29 19:43 - 00000000 ____D () C:\Users\MSI\Documents\GTA San Andreas User Files
2015-03-29 17:37 - 2015-03-29 18:57 - 754051051 _____ () C:\Users\MSI\Downloads\GTA-San-Andreas (2).rar
2015-03-29 14:49 - 2015-03-29 14:49 - 00529107 _____ () C:\Users\MSI\Downloads\all-r90_b115.zip
2015-03-25 08:00 - 2015-03-11 06:06 - 00943616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-25 08:00 - 2015-03-11 06:06 - 00760832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-25 08:00 - 2015-03-11 06:06 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-25 08:00 - 2015-03-11 06:06 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-25 08:00 - 2015-03-11 06:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-25 08:00 - 2015-03-11 06:05 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-25 08:00 - 2015-03-11 06:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-25 08:00 - 2015-03-11 06:02 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-24 22:14 - 2015-03-24 22:32 - 00000867 _____ () C:\Users\Public\Desktop\Mass Effect 3.lnk
2015-03-24 08:13 - 2015-03-24 08:13 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2015-03-21 21:22 - 2015-03-21 21:22 - 00000684 _____ () C:\Users\Public\Desktop\Mass Effect 2.lnk
2015-03-21 21:22 - 2015-03-21 21:22 - 00000000 ____D () C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP
2015-03-21 21:22 - 2015-03-21 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 2
2015-03-21 21:15 - 2015-03-21 21:22 - 00018137 _____ () C:\Users\MSI\Documents\Install Mass Effect 2.log
2015-03-21 20:20 - 2015-03-21 20:20 - 00792416 _____ (Shark Labs) C:\Users\MSI\Downloads\CFSetup381.exe
2015-03-21 20:20 - 2015-03-21 20:20 - 00000000 ____D () C:\Program Files (x86)\Clownfish
2015-03-21 17:47 - 2015-03-21 17:47 - 00712597 _____ (Remote Mouse ) C:\Users\MSI\Downloads\RemoteMouse (1).exe
2015-03-19 18:21 - 2015-03-19 18:22 - 03739096 _____ () C:\Users\MSI\Downloads\bandicam-2015-03-19-17-20-08-286.avi
2015-03-18 22:47 - 2015-03-18 22:47 - 00000764 _____ () C:\Users\Public\Desktop\Heroes of the Storm.lnk
2015-03-18 22:47 - 2015-03-18 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2015-03-18 22:35 - 2015-03-18 22:35 - 00000733 _____ () C:\Users\Public\Desktop\Star Wars The Force Unleashed 2.lnk
2015-03-18 22:35 - 2015-03-18 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Wars The Force Unleashed 2
2015-03-18 15:26 - 2015-03-18 15:26 - 00000671 _____ () C:\Users\Public\Desktop\Mass Effect.lnk
2015-03-18 15:26 - 2015-03-18 15:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect
2015-03-16 20:46 - 2015-03-16 20:46 - 00000790 _____ () C:\Users\MSI\Desktop\Counter-Strike 1.6.lnk
2015-03-16 20:46 - 2015-03-16 20:46 - 00000740 _____ () C:\Users\MSI\Desktop\Half-Life.lnk
2015-03-16 20:46 - 2015-03-16 20:46 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2015-03-16 20:33 - 2015-03-16 20:41 - 283749156 _____ (Valve ) C:\Users\MSI\Downloads\cs16full_v42i_cskocz.exe
2015-03-15 15:34 - 2015-03-15 15:34 - 00000996 _____ () C:\Users\MSI\Desktop\GameSpy Arcade.lnk
2015-03-15 15:34 - 2015-03-15 15:34 - 00000695 _____ () C:\Users\Public\Desktop\Halo.lnk
2015-03-15 15:34 - 2015-03-15 15:34 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2015-03-15 15:34 - 2015-03-15 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2015-03-15 15:34 - 2015-03-15 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2015-03-15 15:34 - 2015-03-15 15:34 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2015-03-15 15:34 - 2015-03-15 15:34 - 00000000 ____D () C:\Program Files (x86)\GameSpy Arcade
2015-03-15 14:45 - 2015-03-15 15:21 - 641996800 _____ () C:\Users\MSI\Downloads\Halo-Combat-Evolved.iso
2015-03-15 11:49 - 2015-03-24 22:52 - 00000000 ____D () C:\Users\MSI\Documents\BioWare
2015-03-15 01:01 - 2015-03-15 01:02 - 11422713 _____ () C:\Users\MSI\Downloads\starmann65---Synthesia-Dream-s-2k11.zip
2015-03-15 00:47 - 2015-03-15 00:48 - 11838703 _____ () C:\Users\MSI\Downloads\Synthesia.rar
2015-03-15 00:42 - 2015-03-15 01:07 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\Synthesia
2015-03-15 00:42 - 2015-03-15 01:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthesia
2015-03-15 00:42 - 2015-03-15 01:03 - 00000000 ____D () C:\Program Files (x86)\Synthesia
2015-03-15 00:42 - 2015-03-15 00:42 - 00001913 _____ () C:\Users\Public\Desktop\Synthesia.lnk
2015-03-15 00:41 - 2015-03-15 00:41 - 03772184 _____ (Synthesia LLC) C:\Users\MSI\Downloads\Synthesia-10.1-installer.exe
2015-03-15 00:25 - 2015-03-15 00:25 - 00003040 _____ () C:\Windows\System32\Tasks\{B76583C1-6545-4388-9C33-6AB05BFA5B9C}
2015-03-11 20:06 - 2015-03-11 20:06 - 00000000 _____ () C:\Users\MSI\Downloads\stažený soubor.htm
2015-03-11 08:17 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 08:17 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 08:17 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 08:17 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 08:17 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 08:17 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 08:17 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 08:17 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 08:17 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 08:17 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 08:17 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 08:17 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 08:17 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 08:17 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 08:17 - 2015-02-24 05:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 08:17 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 08:17 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 08:17 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 08:17 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 08:17 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 08:17 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 08:17 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 08:17 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 08:17 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 08:17 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 08:17 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 08:17 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 08:17 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 08:17 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 08:17 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 08:17 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 08:17 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 08:17 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 08:17 - 2015-02-20 05:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 08:17 - 2015-02-20 05:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 08:17 - 2015-02-20 04:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 08:17 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 08:17 - 2015-02-20 04:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 08:17 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 08:17 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 08:17 - 2015-02-20 04:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 08:17 - 2015-02-20 04:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 08:17 - 2015-02-20 04:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 08:17 - 2015-02-20 04:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 08:17 - 2015-02-20 04:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 08:17 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 08:17 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 08:17 - 2015-02-20 04:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 08:17 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 08:17 - 2015-02-20 04:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 08:17 - 2015-02-20 04:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 08:17 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 08:17 - 2015-02-20 04:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 08:17 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 08:17 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 08:17 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 08:17 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 08:17 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 08:17 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 08:17 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 08:17 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 08:17 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 08:17 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 08:17 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 08:17 - 2015-02-20 03:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 08:17 - 2015-02-20 03:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 08:17 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 08:17 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 08:17 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 08:17 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 08:17 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 08:17 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 08:17 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 08:17 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 08:17 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 08:17 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 08:17 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 08:17 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 08:17 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 08:17 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 08:17 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 08:17 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 08:17 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 08:17 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 08:17 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 08:17 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 08:17 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 08:17 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 08:17 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 08:17 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 08:17 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 08:17 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 08:17 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 08:17 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 08:17 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 08:17 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 08:17 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 08:17 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 08:17 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 08:17 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 08:17 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 08:17 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 08:17 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 08:17 - 2015-01-31 05:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 08:17 - 2015-01-31 05:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 08:17 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 08:17 - 2015-01-31 01:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 08:17 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 08:17 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 08:17 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 08:16 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 08:16 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-08 20:01 - 2015-03-08 20:01 - 00026156 _____ () C:\Users\MSI\Downloads\[HorribleSubs] Shinmai Maou no Testament - 09 [720p].mkv.torrent
2015-03-08 16:45 - 2015-03-08 16:45 - 00002168 _____ () C:\Users\MSI\Desktop\Dawn of War - Dark Crusade.lnk
2015-03-08 16:44 - 2015-03-08 16:44 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\THQ
2015-03-08 16:43 - 2015-03-08 16:43 - 00000000 ____D () C:\Program Files (x86)\THQ
2015-03-08 16:41 - 2015-03-08 16:41 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\InstallShield
2015-03-08 15:00 - 2015-03-08 15:00 - 00276688 _____ () C:\Windows\Minidump\030815-12760-01.dmp
2015-03-07 22:42 - 2015-03-07 22:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CUT2 Evolution
2015-03-07 22:19 - 2015-03-07 22:19 - 00003138 _____ () C:\Windows\System32\Tasks\{F4733665-5BED-4F24-998A-CB329E5641CD}
2015-03-07 22:19 - 2006-07-17 12:25 - 34950005 _____ () C:\Users\MSI\Downloads\JunkWarv110Beta.ut4mod
2015-03-07 22:18 - 2015-03-07 22:19 - 17072060 _____ () C:\Users\MSI\Downloads\JunkWarv110Beta.exe
2015-03-07 22:17 - 2015-03-07 22:18 - 08180262 _____ () C:\Users\MSI\Downloads\arkon2004_v40-1.zip
2015-03-07 22:17 - 2015-03-07 22:17 - 13323776 _____ () C:\Users\MSI\Downloads\ut2004-winpatch3369.exe
2015-03-07 22:15 - 2015-03-07 22:15 - 00000881 _____ () C:\Users\MSI\Desktop\Play UT2004.lnk
2015-03-07 22:15 - 2015-03-07 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Tournament 2004
2015-03-05 22:35 - 2015-03-05 22:35 - 00276688 _____ () C:\Windows\Minidump\030515-8814-01.dmp
2015-03-05 08:13 - 2015-03-05 08:13 - 00262144 ____N () C:\Windows\Minidump\030515-9110-01.dmp
2015-03-04 19:38 - 2015-03-04 19:38 - 00276688 _____ () C:\Windows\Minidump\030415-8689-01.dmp
2015-03-04 17:20 - 2015-03-04 17:21 - 29720272 _____ () C:\Users\MSI\Downloads\SWTOR_setup.exe
2015-03-04 16:44 - 2015-03-04 16:44 - 00000000 ____D () C:\ProgramData\Installations
2015-03-03 21:46 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-03-03 21:46 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-03-03 21:46 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-03-03 21:46 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-03-02 01:13 - 2015-03-02 01:13 - 00276688 _____ () C:\Windows\Minidump\030215-9406-01.dmp
2015-02-28 16:06 - 2015-02-28 16:06 - 00276688 _____ () C:\Windows\Minidump\022815-21309-01.dmp
2015-02-26 21:35 - 2015-02-26 21:39 - 68819569 _____ () C:\Users\MSI\Downloads\Audiosurf.rar
2015-02-25 08:26 - 2015-01-09 01:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 08:26 - 2015-01-09 01:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-23 23:17 - 2015-03-18 23:10 - 00000000 ____D () C:\Users\MSI\Documents\Heroes of the Storm
2015-02-20 13:09 - 2015-02-20 13:09 - 10347150 _____ () C:\Users\MSI\Downloads\Ice-WoW-4.3.4.zip
2015-02-19 12:38 - 2015-02-19 12:38 - 00000746 _____ () C:\Users\Public\Desktop\Half-Life 2 Episode Two.lnk
2015-02-19 12:38 - 2015-02-19 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Half-Life 2 Episode Two
2015-02-19 10:33 - 2015-02-19 10:33 - 00000000 ____D () C:\Users\MSI\AppData\Local\Steam
2015-02-18 15:52 - 2015-02-18 15:52 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\roi
2015-02-15 19:59 - 2015-02-15 19:59 - 00093039 _____ () C:\Users\MSI\Downloads\cap_fonts.zip
2015-02-11 15:16 - 2015-01-28 01:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 15:15 - 2014-12-08 05:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 15:15 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 15:15 - 2014-11-26 05:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 15:15 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-09 20:14 - 2015-02-03 23:21 - 92623171 _____ () C:\Users\MSI\Desktop\DJ SONA ETHEREAL LW.wmv
2015-02-07 14:38 - 2015-02-07 14:38 - 00000801 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk
2015-02-07 14:38 - 2015-02-07 14:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2015-02-07 14:20 - 2015-02-07 14:20 - 00495916 _____ () C:\Users\MSI\Downloads\KaraborLauncherIP.zip
2015-02-03 23:20 - 2015-02-03 23:20 - 00431456 _____ () C:\Users\MSI\Downloads\W7DSA (2).zip
2015-02-03 23:19 - 2015-02-03 23:21 - 92623171 _____ () C:\Users\MSI\Downloads\bandicam_2015-02-03_22-02-41-210.wmv
2015-02-03 22:57 - 2015-02-03 22:57 - 09495760 _____ (Bandisoft) C:\Users\MSI\Downloads\bdcamsetup.exe
2015-02-03 22:52 - 2015-02-03 22:53 - 07293075 _____ () C:\Users\MSI\Downloads\Bandicam (2).rar
2015-02-03 22:49 - 2015-02-03 22:49 - 09388100 _____ () C:\Users\MSI\Downloads\Bandicam By MexyMike.rar
2015-02-03 22:42 - 2015-02-03 22:42 - 00431456 _____ () C:\Users\MSI\Downloads\W7DSA (1).zip
2015-02-03 22:41 - 2015-02-03 22:41 - 00431456 _____ () C:\Users\MSI\Downloads\W7DSA.zip
2015-02-03 22:24 - 2015-02-03 22:26 - 94296765 _____ () C:\Users\MSI\Downloads\bandicam_2015-02-03_20-57-59-686.wmv
2015-02-03 22:10 - 2015-02-03 22:10 - 00001308 _____ () C:\Users\Public\Desktop\Free Avi TO Wmv Converter.lnk
2015-02-03 22:10 - 2015-02-03 22:10 - 00000094 _____ () C:\Users\MSI\AppData\Roaming\settings.xml
2015-02-03 22:10 - 2015-02-03 22:10 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\convertaudiofree
2015-02-03 22:10 - 2015-02-03 22:10 - 00000000 ____D () C:\Users\MSI\AppData\Local\SkinSoft
2015-02-03 22:10 - 2015-02-03 22:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Avi To Wmv Converter
2015-02-03 22:10 - 2015-02-03 22:10 - 00000000 ____D () C:\Program Files (x86)\convertaudiofree
2015-02-03 22:09 - 2015-02-03 22:09 - 16741872 _____ (convertaudiofree) C:\Users\MSI\Downloads\avitowmv_setup.exe
2015-01-31 16:08 - 2015-01-31 16:08 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\RenPy
2015-01-31 14:12 - 2015-01-31 14:12 - 00000211 _____ () C:\Users\MSI\Desktop\Without Within.url
2015-01-29 00:15 - 2015-01-29 00:15 - 00684313 _____ () C:\Windows\SysWOW64\unins000.exe
2015-01-29 00:15 - 2015-01-29 00:15 - 00001159 _____ () C:\Windows\SysWOW64\unins000.dat
2015-01-29 00:15 - 2015-01-29 00:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screensavers
2015-01-29 00:15 - 2007-06-19 11:05 - 06006512 _____ () C:\Windows\SysWOW64\WorldofWarcraft.scr
2015-01-29 00:12 - 2015-01-29 00:13 - 57622422 _____ () C:\Users\MSI\Downloads\wowthemev45.zip
2015-01-18 10:32 - 2015-01-18 10:32 - 00262144 ____N () C:\Windows\Minidump\011815-8299-01.dmp
2015-01-18 10:30 - 2015-01-18 10:30 - 00000000 _____ () C:\Users\MSI\AppData\Local\{5D3DDE03-8D9A-49D1-A2D4-BC2CBE87EBD7}
2015-01-16 21:37 - 2015-03-28 10:22 - 00000000 ____D () C:\Users\MSI\AppData\Local\Warframe
2015-01-16 17:42 - 2015-01-16 17:42 - 00000211 _____ () C:\Users\MSI\Desktop\Warframe.url
2015-01-16 00:30 - 2015-01-16 00:30 - 00003584 _____ () C:\Users\MSI\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-15 20:24 - 2015-01-16 00:52 - 00412255 _____ () C:\Users\MSI\Downloads\Já.pptx
2015-01-14 15:12 - 2014-12-19 05:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 15:12 - 2014-12-19 03:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 15:12 - 2014-12-11 19:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 15:12 - 2014-12-06 06:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 15:12 - 2014-12-06 05:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 15:12 - 2014-12-06 05:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-09 21:38 - 2015-01-09 21:38 - 00000000 ____D () C:\Crash
2015-01-09 15:04 - 2015-01-09 15:04 - 00000000 ____D () C:\Users\MSI\AppData\Local\SCE
2015-01-08 21:54 - 2004-12-30 05:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\npptNT2.sys
2015-01-08 21:54 - 2003-07-15 14:17 - 00005174 _____ () C:\Windows\SysWOW64\nppt9x.vxd
2015-01-08 21:44 - 2015-01-08 21:44 - 00000211 _____ () C:\Users\MSI\Desktop\PlanetSide 2.url
2015-01-03 00:52 - 2015-01-03 00:52 - 00002061 _____ () C:\Users\MSI\Desktop\Wow – zástupce.lnk
2015-01-01 22:34 - 2015-01-01 22:42 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\Arc
2015-01-01 22:34 - 2015-01-01 22:34 - 00000000 ____D () C:\Users\Public\Documents\Arc
2015-01-01 22:33 - 2015-01-01 22:33 - 00000575 _____ () C:\Users\Public\Desktop\PWI.lnk
2015-01-01 22:33 - 2015-01-01 22:33 - 00000547 _____ () C:\Users\Public\Desktop\Arc.lnk
2015-01-01 22:33 - 2015-01-01 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
2015-01-01 22:31 - 2015-01-01 22:32 - 10317808 _____ (Perfect World Entertainment) C:\Users\MSI\Downloads\ArcInstall_PWI_20141223.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-01 14:03 - 2014-01-25 23:37 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\Skype
2015-04-01 14:03 - 2014-01-25 21:57 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-04-01 14:03 - 2014-01-25 21:37 - 01383950 _____ () C:\Windows\PFRO.log
2015-04-01 14:03 - 2014-01-25 21:22 - 01343262 _____ () C:\Windows\WindowsUpdate.log
2015-04-01 14:03 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-01 14:03 - 2009-07-14 06:51 - 00134207 _____ () C:\Windows\setupact.log
2015-04-01 13:59 - 2009-07-14 06:45 - 00020880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-01 13:59 - 2009-07-14 06:45 - 00020880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-01 13:58 - 2009-07-14 17:18 - 06181182 _____ () C:\Windows\system32\perfh005.dat
2015-04-01 13:58 - 2009-07-14 17:18 - 02004670 _____ () C:\Windows\system32\perfc005.dat
2015-04-01 13:58 - 2009-07-14 07:13 - 00006228 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-01 13:56 - 2014-01-26 02:06 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-01 07:10 - 2014-08-26 20:52 - 00000000 ____D () C:\Users\MSI\AppData\Local\Adobe
2015-04-01 07:10 - 2014-01-26 02:06 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-01 07:10 - 2014-01-26 02:06 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-01 07:10 - 2014-01-26 02:06 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-01 01:01 - 2014-10-07 01:09 - 00000030 _____ () C:\Users\MSI\AppData\Roaming\msquiku.dat
2015-04-01 00:25 - 2014-02-21 23:14 - 00000000 ____D () C:\Users\MSI\AppData\Local\Battle.net
2015-03-31 23:30 - 2014-10-24 14:24 - 00000920 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3133602536-102226362-2941794219-1000UA.job
2015-03-31 22:30 - 2014-11-21 20:50 - 00925184 _____ () C:\Windows\expstart.exe
2015-03-31 21:31 - 2014-04-18 07:45 - 00000330 _____ () C:\Users\MSI\rgut
2015-03-31 21:22 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-03-31 21:15 - 2014-04-23 00:52 - 00000000 ____D () C:\Users\dub_cm_auto
2015-03-31 19:11 - 2014-01-25 21:34 - 00000000 ____D () C:\Users\MSI\AppData\Local\Google
2015-03-31 19:11 - 2014-01-25 21:34 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-31 19:10 - 2014-12-14 12:17 - 00000000 ____D () C:\Users\MSI\AppData\Local\Deployment
2015-03-31 14:30 - 2014-10-24 14:24 - 00000898 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3133602536-102226362-2941794219-1000Core.job
2015-03-29 19:57 - 2014-01-27 00:39 - 00000000 ____D () C:\Users\MSI\AppData\Local\CrashDumps
2015-03-29 19:06 - 2014-01-29 17:05 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\uTorrent
2015-03-29 18:58 - 2014-02-01 11:47 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-03-28 20:25 - 2014-02-06 23:12 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\TS3Client
2015-03-25 16:12 - 2014-10-11 08:28 - 00000448 ____H () C:\Windows\Tasks\Norton Security Scan for MSI.job
2015-03-25 15:43 - 2014-06-22 08:20 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Identity Safe
2015-03-25 15:04 - 2014-12-11 16:32 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-25 15:04 - 2014-08-11 12:50 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-24 22:30 - 2014-02-12 22:31 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-03-24 22:14 - 2014-12-20 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2015-03-24 19:10 - 2014-01-25 23:47 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2015-03-24 15:33 - 2014-06-21 08:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe
2015-03-24 15:33 - 2014-06-21 08:29 - 00000000 ____D () C:\Windows\system32\Drivers\NSTx64
2015-03-24 08:08 - 2014-06-21 08:36 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2015-03-24 08:08 - 2014-06-21 08:36 - 00002319 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2015-03-24 08:08 - 2014-06-21 08:35 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2015-03-24 08:08 - 2014-06-21 08:35 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2015-03-21 21:22 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-21 17:51 - 2014-02-09 21:08 - 00000056 _____ () C:\Windows\wincheater.ini
2015-03-21 09:44 - 2014-08-26 23:41 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-03-18 23:08 - 2014-01-25 22:04 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-03-17 16:17 - 2014-08-16 08:55 - 00000000 ____D () C:\Games
2015-03-15 15:51 - 2014-01-26 00:52 - 00000000 ____D () C:\Users\MSI\Documents\My Games
2015-03-15 11:06 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-15 00:27 - 2014-01-26 00:51 - 00375522 _____ () C:\Windows\DirectX.log
2015-03-14 22:20 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-11 18:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-03-11 16:58 - 2009-07-14 06:45 - 00410256 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-11 16:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-11 16:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 08:30 - 2014-01-28 21:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-11 08:28 - 2014-01-27 07:39 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 08:25 - 2014-01-27 07:39 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-08 16:43 - 2014-01-25 21:32 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-08 15:00 - 2014-01-26 17:53 - 00000000 ____D () C:\Windows\Minidump
2015-03-04 08:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing

==================== Files in the root of some directories =======

2014-10-07 01:09 - 2014-10-07 01:09 - 0009197 _____ () C:\Users\MSI\AppData\Roaming\mskwdgi.dat
2014-10-07 01:09 - 2015-04-01 01:01 - 0000030 _____ () C:\Users\MSI\AppData\Roaming\msquiku.dat
2015-02-03 22:10 - 2015-02-03 22:10 - 0000094 _____ () C:\Users\MSI\AppData\Roaming\settings.xml
2015-01-16 00:30 - 2015-01-16 00:30 - 0003584 _____ () C:\Users\MSI\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-07 12:12 - 2014-09-07 12:15 - 0000000 _____ () C:\Users\MSI\AppData\Local\Driver_LOM_8161Present.flag
2014-01-25 21:32 - 2014-09-07 12:14 - 0000690 _____ () C:\Users\MSI\AppData\Local\killertool.log
2014-10-22 21:41 - 2014-10-22 21:41 - 0000000 ___SH () C:\Users\MSI\AppData\Local\LumaEmu
2015-01-18 10:30 - 2015-01-18 10:30 - 0000000 _____ () C:\Users\MSI\AppData\Local\{5D3DDE03-8D9A-49D1-A2D4-BC2CBE87EBD7}

Some content of TEMP:
====================
C:\Users\MSI\AppData\Local\Temp\dllnt_dump.dll
C:\Users\MSI\AppData\Local\Temp\Quarantine.exe
C:\Users\MSI\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Spr vce spouçtŘnˇ syst‚mu Windows
--------------------
identifik tor {bootmgr}
device partition=\Device\HarddiskVolume2
description Windows Boot Manager
locale cs-CZ
inherit {globalsettings}
default {current}
resumeobject {d720cef7-85f4-11e3-aac5-9165f208093e}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Zav dŘcˇ program pro spouçtŘnˇ syst‚mu Windows
-------------------
identifik tor {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale cs-CZ
inherit {bootloadersettings}
osdevice partition=C:
systemroot \Windows
resumeobject {d720cef7-85f4-11e3-aac5-9165f208093e}
nx OptIn

Obnovenˇ z hibernace
---------------------
identifik tor {d720cef7-85f4-11e3-aac5-9165f208093e}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale cs-CZ
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No

Testov nˇ pamŘti syst‚mu Windows
---------------------
identifik tor {memdiag}
device partition=\Device\HarddiskVolume2
path \boot\memtest.exe
description Diagnostika pamŘti syst‚mu Windows
locale cs-CZ
inherit {globalsettings}
badmemoryaccess Yes

Nastavenˇ slu§by EMS
------------
identifik tor {emssettings}
bootems Yes

Nastavenˇ ladicˇho programu
-----------------
identifik tor {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

Chyby pamŘti RAM
-----------
identifik tor {badmemory}

Glob lnˇ nastavenˇ
---------------
identifik tor {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Nastavenˇ spouçtŘcˇho zavadŘźe
--------------------
identifik tor {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Nastavenˇ hypervisoru
-------------------
identifik tor {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Nastavenˇ zavadŘźe obnovenˇ
----------------------
identifik tor {resumeloadersettings}
inherit {globalsettings}



LastRegBack: 2015-03-25 16:14

==================== End Of Log ============================

[Bluefox151]

Addition log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by MSI at 2015-04-01 14:05:58
Running from C:\Users\MSI\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
3DMark (HKLM-x32\...\{e1e3b41b-1078-4885-a74f-393ca384b1aa}) (Version: 1.2.250.0 - Futuremark)
3DMark (Version: 1.2.250.0 - Futuremark) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AMD Catalyst Install Manager (HKLM\...\{47F6824F-CA45-FAD2-2F5B-906D36BA3393}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Assassin's Creed Brotherhood verze 1.03 (HKLM-x32\...\{D7DA3C85-8B10-49E6-8D4E-94198829504E}_is1) (Version: 1.03 - tomi2k9)
Assassins Creed III v1.0.1 (HKLM-x32\...\Assassins Creed III_is1) (Version: 1.0.1 - Ubisoft)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.0.2.655 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.9 - BitRaider, LLC)
BlueSoleil 3.2.2.8 - PC Bluetooth Software + Crack - vLcB version for Windows (HKLM-x32\...\{FDCB670A-0CC6-ED38-0D9E-7A9F5D1D3961}_is1) (Version: for Windows - )
BlueSoleil 3.2.2.8 - PC Bluetooth Software + Crack - vLcB.rar version for Windows (HKLM-x32\...\{9C743CBA-EB84-29E1-E85A-B4D656928034}_is1) (Version: for Windows - )
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.66.1075 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
Counter Strike 1.6 WH+AB version for Windows (HKLM-x32\...\{DA31BCD8-9E5B-F16D-74E7-7A5624781802}_is1) (Version: for Windows - )
Counter-Strike 1.6 v42 (HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Counter-Strike 1.6_is1) (Version: - Valve)
CustoPackTools (HKLM\...\CustoPackTools) (Version: - neOceane)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dawn of War - Dark Crusade (HKLM-x32\...\{9866DCB2-346F-4D66-9032-F49F88ED30AC}) (Version: 1.20 - THQ)
Dead Space 2 version 1.1 (HKLM-x32\...\Dead Space 2_is1) (Version: 1.1 - )
Dead Space version 1.0.0.222 (HKLM-x32\...\Dead Space_is1) (Version: 1.0.0.222 - )
DeathTaker Gaming Mouse (HKLM-x32\...\{0614BCA9-3613-4171-8128-621991A9FBF2}}_is1) (Version: - )
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version: - )
Duke Nukem 3D Megaton Edition by CSmania.RU (HKLM-x32\...\Duke Nukem 3D Megaton Edition_is1) (Version: - bugme666)
etina na hru Half-Life 2 Episode 1, FUNKN, ODZKOUENO version for Windows (HKLM-x32\...\{18E669FD-E93C-4F7A-B1C2-EE304BF0DC10}_is1) (Version: for Windows - )
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FINAL FANTASY VII (HKLM-x32\...\{141B8BA9-BFFD-4635-AF64-078E31010EC3}_is1) (Version: 1.0 - Square Enix)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Fraps 3.5.9 CZ pln verze!!! - by kopiha version for Windows (HKLM-x32\...\{C8B24A74-589B-8D96-C1EA-9A1662B56D37}_is1) (Version: for Windows - )
Free Avi To Wmv Converter (HKLM-x32\...\{98EA0F47-4B69-4BD3-8422-2AF9C45F15C3}) (Version: 1.0.0 - convertaudiofree)
Free Sound Recorder v9.6.1 (HKLM-x32\...\Free Sound Recorder_is1) (Version: - Copyright(C) 2005-2013 FreeSoundRecorder Technologies, Inc.)
Futuremark SystemInfo (HKLM-x32\...\{991C8DEA-3C01-45B8-A62B-1BB69BDC277D}) (Version: 4.23.255 - Futuremark)
Gameforge Live 1.10.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.10.0 - Gameforge)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Half-Life (HKLM-x32\...\Half-Life_is1) (Version: Half-Life - Non Steam - KingSOFT DVD)
Half-Life 2: Episode Two (HKLM-x32\...\Half-Life 2: Episode Two_is1) (Version: - HorseDIC86)
Half-Life: Blue Shift (HKLM-x32\...\Half-Life: Blue Shift) (Version: - )
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hotspot Shield 4.42.0.25251 (HKLM-x32\...\Hotspot Shield 4.42.0.25251) (Version: 4.42.0.25251 - YouTube)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.10.1372 - Intel Corporation)
Intel(R) Smart Connect Technology 4.0 x64 (HKLM\...\{F971B444-C3D5-4AFD-A891-32B9DF79EBC7}) (Version: 4.0.41.2072 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
League of Legends CZ 3.11 (HKLM-x32\...\League of Legends CZ 3.11) (Version: 3.11 - Veronika Lounová)
Malware Scan (HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Malware Scan) (Version: - )
Managed DirectX (0901) (x32 Version: 4.09.00.0901 - Microsoft) Hidden
Manticore Gaming Keyboard (HKLM-x32\...\{0DAEFA4F-E394-4D1F-8F1A-6A2180561290}}_is1) (Version: - )
Mass Effect (HKLM-x32\...\{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}) (Version: 1.00 - Electronic Arts, Inc.)
Mass Effect 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.00 - Electronic Arts, Inc.)
Mass Effect 3 1.5 (HKLM-x32\...\Mass Effect 3_is1) (Version: - )
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Halo (HKLM-x32\...\Halo) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Minecraft 1.4 Free Full Download version for Windows (HKLM-x32\...\{22E1BC3A-5B6F-FE1C-5060-F41533D140BF}_is1) (Version: for Windows - )
Minecraft 1.5.2 version for Windows (HKLM-x32\...\{D82B870F-E566-47E1-7D36-D79BD55A882B}_is1) (Version: for Windows - )
Minecraft1.6.2 (HKLM-x32\...\Minecraft1.6.2) (Version: - )
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 33.1.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 cs)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Norton 360 (HKLM-x32\...\N360) (Version: 21.7.0.11 - Symantec Corporation)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.11.42 - Symantec Corporation)
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.1.0.28 - Symantec Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Plague Inc Evolved (HKLM-x32\...\Plague Inc Evolved_is1) (Version: 0.7.5.1 - Decepticon)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\SOE-PlanetSide 2) (Version: - Sony Online Entertainment)
Portal (HKLM-x32\...\Portal) (Version: - )
Portal 2 (HKLM-x32\...\Portal 2_is1) (Version: Portal 2 - Fenixx--Repack--(20.04.2011))
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.9 - Power Software Ltd)
Quake 4(TM) (HKLM-x32\...\InstallShield_{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}) (Version: 1.2 - Název společnosti:)
Quake 4(TM) (x32 Version: 1.2 - Název společnosti:) Hidden
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.38.1281 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.38.1281 - Qualcomm Atheros) Hidden
Qualcomm Atheros Network Manager (Version: 1.1.38.1281 - Qualcomm Atheros) Hidden
Qualcomm Atheros Performance Suite (HKLM-x32\...\{70352071-9C2B-4EF0-88E6-9F16FEBAEB36}) (Version: 1.1.38.1281 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6959 - Realtek Semiconductor Corp.)
Royal Quest (HKLM-x32\...\Steam App 295550) (Version: - Katauri)
Sada-Microsoft-Office-Compatibility-Pack-pro-formaty-souboru-aplikace-Word-Excel-a-PowerPoint-2007 version for Windows (HKLM-x32\...\{773CCF7E-1782-9CA3-BF35-B47FEB90A309}_is1) (Version: for Windows - )
Scorpions WinCheater (HKLM-x32\...\Scorpions WinCheater 1.30 (DB 34.0)_is1) (Version: - )
Scorpions WinCheater (HKLM-x32\...\Scorpions WinCheater 2.07 (s databází 157)_is1) (Version: - )
Search App by Ask (HKLM-x32\...\{4F524A2D-5350-4500-76A7-A758B70C1902}) (Version: 12.25.2.60 - APN, LLC) <==== ATTENTION
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2326.4 - Hi-Rez Studios)
Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.02 - Creative Technology Limited)
SpeechRedist (HKLM-x32\...\{8795CBED-55E2-4693-9F14-84EC446935BE}) (Version: 1.0.0 - Epic Games Inc.)
Star Wars - The Force Unleashed version for Windows (HKLM-x32\...\{0C555271-81C3-AAB9-1426-FA0C4AC27853}_is1) (Version: for Windows - )
Star Wars The Force Unleashed 2 verze CZ (HKLM-x32\...\{22622C76-8785-4F8C-A7D6-7ED788485C79}_is1) (Version: CZ - tomi2k9)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: - Bioware/EA)
Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028 (HKLM-x32\...\Star Wars.The Force Unleashed.Ultimate Sith Edit~4A370C4E_is1) (Version: Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028 - Fenixx--Repack--(04.02.2012))
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 1.3.6.19269 - Blizzard Entertainment)
StarCraft II: Heart of the Swarm (c) Blizzard Entertainment version 1 (HKLM-x32\...\U3RhckNyYWZ0IElJOiBIZWFydCBvZiB0aGUgU3dhcm0gKGMp~BFC02D25_is1) (Version: 1 - )
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Synthesia (remove only) (HKLM-x32\...\Synthesia) (Version: 10.1 - Synthesia LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Unity Web Player (HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unreal Tournament 2004 (HKLM-x32\...\UT2004) (Version: - )
unreal tournament 3 full game version for Windows (HKLM-x32\...\{804582D3-E274-B7EB-D083-E6FF2A5813DB}_is1) (Version: for Windows - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
UxStyle Core Beta (HKLM\...\{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}) (Version: 0.2.1.1 - The Within Network, LLC)
Vegas Pro 10.0 (HKLM-x32\...\{6D592E30-11EC-11E0-859C-0013D3D69929}) (Version: 10.0.469 - Sony)
VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.5 - MSI)
VideoConverter (HKLM-x32\...\{34E0B96C-427D-4CF7-AEB7-8B23D7BA9074}) (Version: 1.0.0 - Glint Technologies)
Virtual DJ - Atomix Productions (HKLM-x32\...\Virtual DJ - Atomix Productions) (Version: - )
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Without Within (HKLM-x32\...\Steam App 345650) (Version: - InvertMouse)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Screensaver (HKLM-x32\...\World of Warcraft Screensaver_is1) (Version: - )
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

29-03-2015 19:00:02 Windows Zálohování
31-03-2015 21:10:25 ComboFix created restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-03-31 21:21 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {071641B8-DB1E-4D1B-AF88-5873CB617617} - System32\Tasks\{B76583C1-6545-4388-9C33-6AB05BFA5B9C} => pcalua.exe -a H:\setup.exe -d H:\
Task: {08450DCC-2B14-4A5A-82AB-0D2662631433} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {0A444519-8727-45EB-A7A1-847ED0287A88} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3133602536-102226362-2941794219-1000UA => C:\Users\MSI\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-10-24] (Facebook Inc.)
Task: {0B72DC64-5BF7-4828-8C93-D06C6582D859} - System32\Tasks\{DF4C5F71-05B5-498D-B6B8-9DD34F69B249} => D:\Hry\Megaman\arj.exe
Task: {15460657-256A-4B3A-B81B-7B12D457AEAE} - System32\Tasks\{8F4DD08D-889A-4AEB-B037-A7A29941F83E} => D:\Hry\Megaman\arj.exe
Task: {1C8F0554-D9FD-43BD-8A9B-97FEA0871732} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\WSCStub.exe [2015-03-07] (Symantec Corporation)
Task: {34609CF8-9C0C-47BA-9E60-487BFADF116E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {424EFB85-0E71-4DEA-991C-14D9440E4F1F} - System32\Tasks\{3E9A5E17-9935-42A0-A92C-07EFFDD9CF41} => D:\Programy\Steam2\Steam\Steam.exe
Task: {445E4702-A0CE-4DF0-A13A-B16752761ED1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {4ABC1C15-8050-4D6A-8164-0B333EB0F8AD} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {5221C21C-8F77-4427-B121-F37AD5ABBAD1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-01] (Adobe Systems Incorporated)
Task: {5CAF057A-3661-4837-83C2-DAA7878CD2EB} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {6CD55D10-3A2A-47DD-B598-9D6406006213} - System32\Tasks\{F4733665-5BED-4F24-998A-CB329E5641CD} => pcalua.exe -a C:\Users\MSI\Downloads\JunkWarv110Beta.exe -d C:\Users\MSI\Downloads
Task: {706521F1-1597-4F75-A61F-F947947D442C} - System32\Tasks\{B3E878C3-8150-4E59-B56F-B70DB710E40F} => pcalua.exe -a "D:\Hry\Rust\SMILE ERROR\vcredist2010sp1_x64.exe" -d "D:\Hry\Rust\SMILE ERROR"
Task: {78A53505-FE83-4012-8DAF-D5D40DED13E2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3133602536-102226362-2941794219-1000Core => C:\Users\MSI\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-10-24] (Facebook Inc.)
Task: {90AC2F98-3666-4770-91D7-A077E4DCDC5B} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {9EDCB153-632F-4D5E-AF58-A2A90E949F71} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3133602536-102226362-2941794219-1000
Task: {A9610D64-472F-442F-83CE-306E372F6BE7} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {AB0DF774-4393-48F4-A24E-CCD30A81239F} - System32\Tasks\Norton Security Scan for MSI => C:\Program Files (x86)\Norton Security Scan\Engine\4.1.0.28\Nss.exe [2014-01-27] (Symantec Corporation)
Task: {ADF793E8-0DBC-4C22-819E-C97B178FE063} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-31] (Google Inc.)
Task: {EFE05F55-CCCA-4E8A-8B96-81F49025B488} - System32\Tasks\{EC721CE2-3C4B-4F36-B721-42FB27DD2144} => pcalua.exe -a J:\Support\net.exe -d J:\Support
Task: {F16797B5-4D8B-4BA5-8FC6-AB513782F79A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-31] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3133602536-102226362-2941794219-1000Core.job => C:\Users\MSI\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3133602536-102226362-2941794219-1000UA.job => C:\Users\MSI\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for MSI.job => C:\PROGRA~2\NORTON~4\Engine\410~1.28\Nss.exe

==================== Loaded Modules (whitelisted) ==============

2013-02-13 11:35 - 2013-02-13 11:35 - 00180200 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-02-13 11:35 - 2013-02-13 11:35 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-01-25 21:34 - 2012-11-01 12:21 - 00325120 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2013-12-09 15:07 - 2013-12-09 15:07 - 00300544 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2014-01-30 15:24 - 2013-04-03 11:04 - 00303616 _____ () C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe
2014-01-30 15:24 - 2013-01-03 17:09 - 00222720 _____ () C:\Program Files (x86)\Genius\DeathTaker\trayicon.exe
2014-01-30 15:16 - 2013-01-15 18:06 - 00061952 _____ () C:\Program Files (x86)\Manticore\HidDevice.dll
2014-01-30 15:16 - 2011-10-11 18:32 - 00054784 _____ () C:\Program Files (x86)\Manticore\KBHook1.dll
2014-01-30 15:24 - 2013-01-15 19:06 - 00061952 _____ () C:\Program Files (x86)\Genius\DeathTaker\HidDevice.dll
2015-03-31 19:11 - 2015-03-14 12:12 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libglesv2.dll
2015-03-31 19:11 - 2015-03-14 12:12 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libegl.dll
2015-03-31 19:11 - 2015-03-14 12:12 - 09278792 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\pdf.dll
2014-01-25 21:35 - 2013-05-17 01:06 - 01199576 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3133602536-102226362-2941794219-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MSI\AppData\Roaming\Microsoft\Windows DreamScene\DreamScene.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-3133602536-102226362-2941794219-500 - Administrator - Disabled)
Guest (S-1-5-21-3133602536-102226362-2941794219-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3133602536-102226362-2941794219-1002 - Limited - Enabled)
MSI (S-1-5-21-3133602536-102226362-2941794219-1000 - Administrator - Enabled) => C:\Users\MSI

==================== Faulty Device Manager Devices =============

Name: LogMeIn Kernel Information Provider
Description: LogMeIn Kernel Information Provider
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: LMIInfo
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/01/2015 01:58:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo. První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error: (04/01/2015 01:58:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (04/01/2015 01:58:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (04/01/2015 07:13:14 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo. První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error: (04/01/2015 07:13:14 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (04/01/2015 07:13:14 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (04/01/2015 01:06:31 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo. První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error: (04/01/2015 01:06:31 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (04/01/2015 01:06:31 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (03/31/2015 10:32:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo. První hodnota DWORD v datové oblasti obsahuje kód chyby.


System errors:
=============
Error: (04/01/2015 02:03:26 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název GAARAOFTHESAND :0 nelze zaregistrovat v rozhraní s IP adresou 192.168.1.2.
Počítač s IP adresou 192.168.1.5 nepovolil získání názvu
tímto počítačem.

Error: (04/01/2015 02:03:26 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název GAARAOFTHESAND :20 nelze zaregistrovat v rozhraní s IP adresou 192.168.1.2.
Počítač s IP adresou 192.168.1.5 nepovolil získání názvu
tímto počítačem.

Error: (04/01/2015 02:03:25 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
BTHidMgr

Error: (04/01/2015 02:03:26 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{D2CE94D9-FF86-4982-B8EB-D6085D0D5871}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (04/01/2015 02:03:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba LogMeIn Kernel Information Provider neuspěla při spuštění v důsledku následující chyby:
%%3

Error: (04/01/2015 01:58:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Unsigned Themes byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/01/2015 01:52:23 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název GAARAOFTHESAND :20 nelze zaregistrovat v rozhraní s IP adresou 192.168.1.2.
Počítač s IP adresou 192.168.1.5 nepovolil získání názvu
tímto počítačem.

Error: (04/01/2015 01:52:23 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název GAARAOFTHESAND :0 nelze zaregistrovat v rozhraní s IP adresou 192.168.1.2.
Počítač s IP adresou 192.168.1.5 nepovolil získání názvu
tímto počítačem.

Error: (04/01/2015 01:52:23 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{D2CE94D9-FF86-4982-B8EB-D6085D0D5871}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (04/01/2015 01:52:21 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
BTHidMgr


Microsoft Office Sessions:
=========================
Error: (01/16/2015 00:30:23 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 917 seconds with 540 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2015-03-31 21:21:50.087
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\combofix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-03-31 21:21:50.056
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\combofix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-03-31 21:21:50.025
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\combofix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-03-31 21:21:49.993
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\combofix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-03-31 21:13:41.412
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\combofix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-03-31 21:13:41.381
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\combofix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 23%
Total physical RAM: 8136.01 MB
Available physical RAM: 6199.52 MB
Total Pagefile: 16270.21 MB
Available Pagefile: 14025.46 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:30.16 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:148.84 GB) NTFS
Drive h: (ME3D1) (CDROM) (Total:4.3 GB) (Free:0 GB) CDFS
Drive i: (ME3D2) (CDROM) (Total:4.04 GB) (Free:0 GB) CDFS
Drive j: (ME3D3) (CDROM) (Total:4.17 GB) (Free:0 GB) CDFS
Drive k: (Crysis 3 - DVD1) (CDROM) (Total:4.34 GB) (Free:0 GB) UDF
Drive l: (USB 16GB) (Removable) (Total:14.92 GB) (Free:14.82 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 708289E6)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 70828993)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 14.9 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

[Bluefox151]

Shortcut log:

Users shortcut scan result (x64) Version: 11-03-2015
Ran by MSI at 2015-04-01 14:06:14
Running from C:\Users\MSI\Desktop
Boot Mode: Normal
==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)



Shortcut: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.0.47\Norton Identity Safe.lnk -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\coSAStub.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk -> D:\Programy\BS player\BSPlayer\bsplayer.exe (AB Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1029-7B44-AB0000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk -> C:\Program Files (x86)\LogMeIn\Ignition\LMIIgnition.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk -> C:\Program Files (x86)\LogMeIn\x64\LogMeInToolkit.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint Viewer .lnk -> C:\Windows\Installer\{95140000-00AF-0405-0000-0000000FF1CE}\ppvwicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scorpion's WinCheater 2.lnk -> D:\Programy\Scorpions WinCheater\Cheater2.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scorpions WinCheater.lnk -> D:\Programy\Scorpions WinCheater\cheater.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.lnk -> D:\Hry\StarCraft II\StarCraft II.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Check for Updates.lnk -> C:\Program Files (x86)\Xvid\autoupdate-windows.exe (Xvid Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Release Notes.lnk -> C:\Program Files (x86)\Xvid\releasenotes.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Uninstall Xvid Video Codec.lnk -> C:\Program Files (x86)\Xvid\uninstall.exe (Xvid Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Xvid MiniConvert.lnk -> C:\Program Files (x86)\Xvid\MiniConvert.exe (Xvid Solutions)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Advanced\Nic's FourCC Changer.lnk -> C:\Program Files (x86)\Xvid\AviC.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Advanced\Nic's MiniCalc.lnk -> C:\Program Files (x86)\Xvid\MiniCalc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Advanced\Some Quantization Matrices.lnk -> C:\Program Files (x86)\Xvid\Xvid_Quant_Matrices.zip ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Advanced\StatsReader 2.1.lnk -> C:\Program Files (x86)\Xvid\StatsReader.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Advanced\StatsReader Notes.lnk -> C:\Program Files (x86)\Xvid\statsreader.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft\World of Warcraft.lnk -> D:\Hry\World of Warcraft\World of Warcraft Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\winrar.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual DJ\Rip DVD.lnk -> C:\Program Files (x86)\VirtualDJ\ripdvd.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual DJ\Rip Vinyl.lnk -> C:\Program Files (x86)\VirtualDJ\ripvinyl.exe (Atomix Productions)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual DJ\Setup QuickStart.lnk -> C:\Users\MSI\Documents\VirtualDJ\VirtualDJ 6 - Setup Quick Guide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual DJ\User Guide.lnk -> C:\Users\MSI\Documents\VirtualDJ\VirtualDJ 6 - User Guide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual DJ\Virtual DJ Trial.lnk -> C:\Program Files (x86)\VirtualDJ\virtualdj_trial.exe (Atomix Productions)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve\Half-Life\Readme.lnk -> C:\Program Files (x86)\Valve\Half-Life\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve\Half-Life\Uninstall Half-Life.lnk -> C:\Program Files (x86)\Valve\Half-Life\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve\Half-Life\Visit KingSOFT (Spanish Web Page).lnk -> C:\Program Files (x86)\Valve\Half-Life\KingSOFT.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\unreal tournament 3 full game\unreal tournament 3 full game.lnk -> D:\Hry\unreal tournament 3 full game\unreal tournament 3 full game.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Tournament 2004\Play UT2004.lnk -> D:\Hry\Unreal tournament 2004\System\UT2004.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Tournament 2004\Release Notes.lnk -> D:\Hry\Unreal tournament 2004\Help\ReadMe.int.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Tournament 2004\UT2004 Editor.lnk -> D:\Hry\Unreal tournament 2004\System\UnrealEd.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Tournament 2004\UT2004 Manual.lnk -> D:\Hry\Unreal tournament 2004\Manual\Manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Tournament 2004\UT2004 Web Page.lnk -> D:\Hry\Unreal tournament 2004\System\UnrealTournament2004Web.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander\Total Commander 64 bit.lnk -> C:\totalcmd\TOTALCMD64.EXE (Ghisler Software GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander\Total Commander Help.lnk -> C:\totalcmd\TOTALCMD.CHM ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander\Total Commander.lnk -> C:\totalcmd\TOTALCMD.EXE (Ghisler Software GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander\Uninstall or Repair Total Commander.lnk -> C:\totalcmd\TCUNIN64.EXE ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk -> C:\Program Files\TeamSpeak 3 Client\Uninstall.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthesia\Play Synthesia.lnk -> C:\Program Files (x86)\Synthesia\Synthesia.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthesia\Synthesia Configuration.lnk -> C:\Program Files (x86)\Synthesia\SynthesiaConfig.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthesia\Synthesia.lnk -> C:\Program Files (x86)\Synthesia\Synthesia.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthesia\Uninstall Synthesia.lnk -> C:\Program Files (x86)\Synthesia\uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthesia\View Readme.lnk -> C:\Program Files (x86)\Synthesia\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> D:\Programy\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarGame\Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028\Star Wars.The Force Unleashed.Ultimate Sith Edition.(Ëŕóí÷ĺđ).lnk -> D:\Hry\Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028\SWTFU Launcher.exe (Lucas Arts, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarGame\Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028\Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028.lnk -> D:\Hry\Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028\SWTFU.exe (Aspyr Media, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarGame\Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028\Äĺčíńňŕëëčđîâŕňü Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028.lnk -> D:\Hry\Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028\Uninstall\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarGame\Portal 2\Portal 2.lnk -> D:\Hry\Portal 2\Launcher.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarGame\Portal 2\Äĺčíńňŕëëčđîâŕňü Portal 2.lnk -> D:\Hry\Portal 2\Uninstall\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II\Battle.net Account Management.lnk -> D:\Hry\StarCraft II\Support\BattlenetAccount.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II\Blizzard Technical Support.lnk -> D:\Hry\StarCraft II\Support\TechSupport.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II\StarCraft II - Manual.lnk -> D:\Hry\StarCraft II\Support\Manual.pdf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II\StarCraft II - Map Editor.lnk -> D:\Hry\StarCraft II\Support\SC2Editor.exe (Blizzard Entertainment, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II\StarCraft II - Repair.lnk -> D:\Hry\StarCraft II\Support\Repair.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II\StarCraft II - Uninstall.lnk -> C:\Program Files (x86)\Common Files\Blizzard Entertainment\StarCraft II\Uninstall.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II\StarCraft II.lnk -> D:\Hry\StarCraft II\StarCraft II.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Wars The Force Unleashed 2\Odinstalovat aplikaci Star Wars The Force Unleashed 2.lnk -> D:\Hry\Star Wars The Force Unleashed 2\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Wars The Force Unleashed 2\Star Wars The Force Unleashed 2.lnk -> D:\Hry\Star Wars The Force Unleashed 2\SWTFU2.exe (LucasArts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Wars - The Force Unleashed\Star Wars - The Force Unleashed.lnk -> D:\Hry\Star Wars - The Force Unleashed\Star Wars - The Force Unleashed.rar (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX\FINAL FANTASY XIV - A Realm Reborn\FINAL FANTASY XIV - A Realm Reborn.lnk -> D:\Hry\final fantasy\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX\FINAL FANTASY XIV - A Realm Reborn\FINAL FANTASY XIV System Information.lnk -> D:\Hry\final fantasy\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivsysinfo.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX\FINAL FANTASY VII\FINAL FANTASY VII.lnk -> D:\Hry\FINAL FANTASY VII\FF7_Launcher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX\FINAL FANTASY VII\Uninstall FINAL FANTASY VII.lnk -> D:\Hry\FINAL FANTASY VII\unins000.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Vegas Pro 10.0\Vegas Pro 10.0 Readme.lnk -> C:\Program Files (x86)\Sony\Vegas Pro 10.0\Readme\Vegas_readme.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Vegas Pro 10.0\Vegas Pro 10.0.lnk -> C:\Program Files (x86)\Sony\Vegas Pro 10.0\vegas100.exe (Sony Creative Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Vegas Pro 10.0\Video Capture 6.0 Readme.lnk -> C:\Program Files (x86)\Sony\Vegas Pro 10.0\Readme\Videocapture_readme.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart File Advisor\Smart File Advisor Updater.lnk -> C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe (Filefacts.net)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart File Advisor\Startup Application Checker.lnk -> C:\Program Files (x86)\Smart File Advisor\StartupChecker.exe (Filefacts.net)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra\Blue Shift\Blue Shift Console.LNK -> D:\Hry\Half-Life.1.FULL\Half-Life\Blue-Shift\bshift.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra\Blue Shift\Blue Shift Readme.LNK -> D:\Hry\Half-Life.1.FULL\Half-Life\Blue-Shift\readme.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra\Blue Shift\Blue Shift.LNK -> D:\Hry\Half-Life.1.FULL\Half-Life\Blue-Shift\bshift.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra\Blue Shift\Register Blue Shift.LNK -> D:\Hry\Half-Life.1.FULL\Half-Life\Blue-Shift\regbshift.url (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra\Blue Shift\Sierra Web Site.LNK -> D:\Hry\Half-Life.1.FULL\Half-Life\Blue-Shift\sierra.url (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra\Blue Shift\Uninstall Blue Shift.LNK -> D:\Hry\Half-Life.1.FULL\Half-Life\Blue-Shift\bshift\UNWISE.EXE (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screensavers\Uninstall namename Screensaver.lnk -> C:\Windows\SysWOW64\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sada-Microsoft-Office-Compatibility-Pack-pro-formaty-souboru-aplikace-Word-Excel-a-PowerPoint-2007\Sada-Microsoft-Office-Compatibility-Pack-pro-formaty-souboru-aplikace-Word-Excel-a-PowerPoint-2007.lnk -> D:\Programy\Power Point\Sada-Microsoft-Office-Compatibility-Pack-pro-formaty-souboru-aplikace-Word-Excel-a-PowerPoint-2007\Sada-Microsoft-Office-Compatibility-Pack-pro-formaty-souboru-aplikace-Word-Excel-a-PowerPoint-2007.exe ( )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qualcomm Atheros\PerformanceSuite\Killer Diagnostics.lnk -> C:\Program Files\Qualcomm Atheros\Network Manager\KillerDiagnose\KillerDiagnose.exe (Microsoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qualcomm Atheros\PerformanceSuite\Killer Network Manager.lnk -> C:\Windows\Installer\{7411487A-FF21-481E-AB53-BF27FF30E042}\NetworkManager.exe_57A52662FCCD47C9AAA02E5E7FCEFD5C.exe (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quake 4\Dokumentace.lnk -> D:\Hry\Quake IV\Docs\help.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quake 4\Quake 4.lnk -> D:\Hry\Quake IV\Quake4.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\PowerISO Help.lnk -> C:\Program Files (x86)\PowerISO\PowerISO.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\PowerISO Virtual Drive Manager.lnk -> C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\PowerISO.lnk -> C:\Program Files (x86)\PowerISO\PowerISO.exe (Power Software Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\Uninstall PowerISO.lnk -> C:\Program Files (x86)\PowerISO\uninstall.exe (Power Software Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment\Arc\Arc.lnk -> D:\Hry\ARC\Arc\ArcLauncher.exe (Perfect World Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment\Arc\Repair Arc.lnk -> D:\Hry\ARC\Arc\ArcRepair.exe (Perfect World Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan\Norton Security Scan.LNK -> C:\Program Files (x86)\Norton Security Scan\Engine\4.1.0.28\Nss.exe (Symantec Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan\Uninstall Norton Security Scan.LNK -> C:\Program Files (x86)\Norton Security Scan\Engine\4.1.0.28\InstWrap.exe (Symantec Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360\Norton 360.lnk -> C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\uistub.exe (Symantec Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft 1.5.2\Minecraft 1.5.2.lnk -> D:\Hry\Minecraft 1.5.2\Minecraft 1.5.2.exe (AnjoCaido)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft 1.4 Free Full Download\Minecraft 1.4 Free Full Download.lnk -> D:\Hry\unreal tournament 3 full game\Minecraft 1.4 Free Full Download\Minecraft 1.4 Free Full Download.rar (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Access 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Groove 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\GrooveIcon.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office InfoPath 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office OneNote 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Outlook 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Publisher 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Nástroje sady Microsoft Office\Diagnostické nástroje sady Microsoft Office.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Nástroje sady Microsoft Office\Digitální certifikát pro projekty v jazyce VBA.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Nástroje sady Microsoft Office\Galerie médií.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Nástroje sady Microsoft Office\Microsoft Office 2007 Jazykové nastavení.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Nástroje sady Microsoft Office\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Halo\Halo Readme.lnk -> D:\Hry\Halo CE\Readme.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Halo\Halo.lnk -> D:\Hry\Halo CE\halo.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 2\Mass Effect 2.lnk -> D:\Hry\Mass Effect 2\MassEffect2Launcher.exe (BioWare)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 2\Odinstalovat hru Mass Effect 2.lnk -> C:\Program Files (x86)\Common Files\BioWare\Uninstall Mass Effect 2.exe (BioWare)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 2\Podpora a pomoc k produktu od společnosti EA.lnk -> D:\Hry\Mass Effect 2\docs\EA Help\Electronic_Arts_Technical_Support.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 2\Zobrazit soubor Readme.lnk -> D:\Hry\Mass Effect 2\docs\ctimne.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect\Mass Effect.lnk -> D:\Hry\Mass Effect\MassEffectLauncher.exe (BioWare)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect\Uninstall Mass Effect.lnk -> C:\Program Files (x86)\Common Files\BioWare\Uninstall Mass Effect.exe (BioWare)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect\View Readme_en.txt.lnk -> D:\Hry\Mass Effect\docs\readme_en.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect\Web Links\BioWare Website.lnk -> D:\Hry\Mass Effect\docs\Web Links\BioWare Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect\Web Links\Mass Effect Website.lnk -> D:\Hry\Mass Effect\docs\Web Links\Mass Effect Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect\Web Links\Support WebSite.lnk -> D:\Hry\Mass Effect\docs\Web Links\Support WebSite.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends\League of Legends.lnk -> D:\LoLko\lol.launcher.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Smart Connect Technology.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTControl.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry\Mass Effect 3\Mass Effect 3.lnk -> D:\Hry\Mass Effect 3\Binaries\Win32\MassEffect3.exe (BioWare)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry\Mass Effect 3\Odinstalovat Mass Effect 3.lnk -> D:\Hry\Mass Effect 3\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry\Assassins Creed III\Assassins Creed III.lnk -> D:\Hry\Assassins Creed III\AC3SP.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry\Assassins Creed III\Odinstalovat aplikaci Assassins Creed III.lnk -> D:\Hry\Assassins Creed III\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios\Hi-Rez Diagnostics and Support.lnk -> D:\Hry\Smite\HiRezGamesDiagAndSupport.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm\Heroes of the Storm.lnk -> D:\Hry\Heroes of the Storm\Heroes of the Storm.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Half-Life 2 Episode Two\Half-Life 2 Episode Two.lnk -> D:\Hry\HL 2 EP 2\Half-Life 2 Episode Two\Episode Two.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Half-Life 2 Episode Two\Uninstall Half-Life 2 Episode Two.lnk -> D:\Hry\HL 2 EP 2\Half-Life 2 Episode Two\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genius\Manticore\Nastavení ovladače Manticore.lnk -> C:\Program Files (x86)\Manticore\MTCfg.exe (KYE)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genius\Manticore\Odinstalovat aplikaci .lnk -> C:\Windows\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genius\DeathTaker\DeathTaker Driver Setting.lnk -> C:\Program Files (x86)\Genius\DeathTaker\DTCfg.exe (TODO: <Company name>)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genius\DeathTaker\Odinstalovat aplikaci .lnk -> C:\Windows\unins001.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade\GameSpy Arcade.lnk -> C:\Program Files (x86)\GameSpy Arcade\Aphex.exe (GameSpy Industries, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade\Uninstall GameSpy Arcade.lnk -> C:\Program Files (x86)\GameSpy Arcade\UNWISE.EXE ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live\Gameforge Live.lnk -> D:\Programy\GameforgeLive\GameforgeLive.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live\Odinstalovat aplikaci Gameforge Live.lnk -> D:\Programy\GameforgeLive\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Sound Recorder\Free Sound Recorder.lnk -> C:\Program Files (x86)\Free Sound Recorder\FreeSoundRecorder.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Sound Recorder\Uninstall.lnk -> C:\Program Files (x86)\Free Sound Recorder\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Avi To Wmv Converter\Free Avi TO Wmv Converter.lnk -> C:\Program Files (x86)\convertaudiofree\Free Avi To Wmv Converter\FreeAviTOWmvConverter.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps 3.5.9 CZ pln verze!!! - by kopiha\Fraps 3.5.9 CZ pln verze!!! - by kopiha.lnk -> C:\Program Files (x86)\Fraps 3.5.9 CZ pln verze!!! - by kopiha\Fraps 3.5.9 CZ pln verze!!! - by kopiha.rar (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps\Fraps.lnk -> D:\Programy\Fraps\fraps.exe (Beepa P/L)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps\Uninstall.lnk -> D:\Programy\Fraps\uninstall.exe (Beepa Pty Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\etina na hru Half-Life 2 Episode 1, FUNKN, ODZKOUENO\etina na hru Half-Life 2 Episode 1, FUNKN, ODZKOUENO.lnk -> D:\Hry\etina na hru Half-Life 2 Episode 1, FUNKN, ODZKOUENO\etina na hru Half-Life 2 Episode 1, FUNKN, ODZKOUENO.rar (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA\BioWare\Star Wars - The Old Republic\Star Wars - The Old Republic.lnk -> D:\Hry\Star Wars-The Old Republic\launcher.exe (BioWare)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA\BioWare\Star Wars - The Old Republic\SWTOR Customer Support.lnk -> D:\Hry\Star Wars-The Old Republic\SWTOR Customer Support.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA\BioWare\Star Wars - The Old Republic\Uninstall Star Wars - The Old Republic.lnk -> C:\Program Files (x86)\Common Files\BioWare\Uninstall Star Wars - The Old Republic.exe (BioWare, LucasArts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA\BioWare\Star Wars - The Old Republic\View License.lnk -> D:\Hry\Star Wars-The Old Republic\EUALAs\EUALA_en.rtf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA\BioWare\Star Wars - The Old Republic\View Readme.lnk -> D:\Hry\Star Wars-The Old Republic\readmes\readme_en.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duke Nukem 3D Megaton Edition\Duke Caribbean Life's a Beach.lnk -> D:\Hry\Duke Nukem 3D Megaton Edition\DukeCaribbeanLifesABeach.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duke Nukem 3D Megaton Edition\Duke It Out in D.C..lnk -> D:\Hry\Duke Nukem 3D Megaton Edition\DukeItOutInDC.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duke Nukem 3D Megaton Edition\Duke Nuclear Winter.lnk -> D:\Hry\Duke Nukem 3D Megaton Edition\DukeNuclearWinter.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duke Nukem 3D Megaton Edition\Duke Nukem 3D Atomic Edition (Classic).lnk -> D:\Hry\Duke Nukem 3D Megaton Edition\DukeNukem3DClassic.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duke Nukem 3D Megaton Edition\Duke Nukem 3D Atomic Edition (OpenGL).lnk -> D:\Hry\Duke Nukem 3D Megaton Edition\DukeNukem3DOpenGL.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duke Nukem 3D Megaton Edition\Uninstall Duke Nukem 3D Megaton Edition.lnk -> D:\Hry\Duke Nukem 3D Megaton Edition\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Battle.net Account Management.lnk -> D:\Hry\Diablo III\BattlenetAccount.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Blizzard Technical Support.lnk -> D:\Hry\Diablo III\TechSupport.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Diablo III - Manual.lnk -> D:\Hry\Diablo III\Manual.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Diablo III.lnk -> D:\Hry\Diablo III\Diablo III Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Space 2\Dead Space 2.lnk -> D:\Hry\Dead Space 2\deadspace2.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Space 2\Uninstall the game.lnk -> D:\Hry\Dead Space 2\unins000.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Space\Dead Space.lnk -> D:\Hry\Dead Space\Dead Space.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Space\Uninstall the game.lnk -> D:\Hry\Dead Space\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DAEMON Tools Lite.lnk -> D:\Programy\DAEMON Tools Lite\DTLite.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DTGadget.lnk -> C:\Program Files (x86)\DAEMON Tools Lite\DT.gadget ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\SPTD Setup.lnk -> D:\Programy\DAEMON Tools Lite\SPTDinst-x64.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CUT2 Evolution\Release Notes.lnk -> D:\Hry\Unreal tournament 2004\ChaosUT2\Help\ChaosUT2_PR36_Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CustoPackTools\CustoPack Tools.lnk -> C:\Program Files (x86)\CustoPackTools\CustoPackTools.exe (neOceane)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CustoPackTools\Uninstall CustoPackTools.lnk -> C:\Program Files (x86)\CustoPackTools\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative\Creative Software AutoUpdate.lnk -> C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe (Creative Technology Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative\Sound Blaster Cinema\Sound Blaster Cinema.lnk -> C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe (Creative Technology Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter Strike 1.6 WH+AB\Counter Strike 1.6 WH+AB.lnk -> C:\Program Files (x86)\Counter Strike 1.6 WH+AB\Counter Strike 1.6 WH+AB.zip ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by Decepticon\Plague Inc Evolved\Plague Inc Evolved.lnk -> D:\Hry\Plague Inc Evolved\PlagueIncEvolved.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by Decepticon\Plague Inc Evolved\Uninstall Plague Inc Evolved.lnk -> D:\Hry\Plague Inc Evolved\Uninstall\unins000.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player\BS.Player FREE.lnk -> D:\Programy\BS player\BSPlayer\bsplayer.exe (AB Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player\Uninstall BS.Player FREE.lnk -> D:\Programy\BS player\BSPlayer\uninstall.EXE ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueSoleil 3.2.2.8 - PC Bluetooth Software + Crack - vLcB.rar\BlueSoleil 3.2.2.8 - PC Bluetooth Software + Crack - vLcB.rar.lnk -> D:\Programy\Bluetooth\BlueSoleil 3.2.2.8 - PC Bluetooth Software + Crack - vLcB.rar\BlueSoleil 3.2.2.8 - PC Bluetooth Software + Crack - vLcB.rar.exe ( )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueSoleil 3.2.2.8 - PC Bluetooth Software + Crack - vLcB\BlueSoleil 3.2.2.8 - PC Bluetooth Software + Crack - vLcB.lnk -> D:\Programy\Bluetooth\BlueSoleil 3.2.2.8 - PC Bluetooth Software + Crack - vLcB\BlueSoleil 3.2.2.8 - PC Bluetooth Software + Crack - vLcB.rar ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net\Battle.net.lnk -> C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam\Bandicam.lnk -> D:\Programy\Bandicam\bdcam.exe (www.Bandisoft.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam\BandiFix.lnk -> D:\Programy\Bandicam\bdfix.exe (Bandisoft.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam\Uninstall.lnk -> D:\Programy\Bandicam\uninstall.exe (Bandisoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed Brotherhood\Assassin's Creed Brotherhood.lnk -> D:\Hry\Assassin's Creed Brotherhood\ACBSP.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed Brotherhood\Odinstalovat aplikaci Assassin's Creed Brotherhood.lnk -> D:\Hry\Assassin's Creed Brotherhood\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\AMD Catalyst Control Center.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk -> C:\Windows\System32\NetProj.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{F1AB869D-89BC-4FC9-B966-FE7B566543D0}\PlayTasks\2\Repair.lnk -> D:\Hry\StarCraft II\Support\Repair.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{F1AB869D-89BC-4FC9-B966-FE7B566543D0}\PlayTasks\1\Map Editor.lnk -> D:\Hry\StarCraft II\Support\SC2Editor.exe (Blizzard Entertainment, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{F1AB869D-89BC-4FC9-B966-FE7B566543D0}\PlayTasks\0\Play.lnk -> D:\Hry\StarCraft II\StarCraft II.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{DD2F644A-6DF8-4B14-9FAA-C4A3481D4FA7}\PlayTasks\4\Detekční nástroj.lnk -> D:\Hry\Assassins creed\Detection\Detection.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{DD2F644A-6DF8-4B14-9FAA-C4A3481D4FA7}\PlayTasks\3\Herní příručka.lnk -> D:\Hry\Assassins creed\Support\Manual\AssassinsCreed.pdf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{DD2F644A-6DF8-4B14-9FAA-C4A3481D4FA7}\PlayTasks\2\ReadMe.txt.lnk -> D:\Hry\Assassins creed\Support\ReadMe\ReadMe.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{DD2F644A-6DF8-4B14-9FAA-C4A3481D4FA7}\PlayTasks\1\Registrace.lnk -> D:\Hry\Assassins creed\Register\RegistrationReminder.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{DD2F644A-6DF8-4B14-9FAA-C4A3481D4FA7}\PlayTasks\0\Hrát.lnk -> D:\Hry\Assassins creed\AssassinsCreed_Launcher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{A792D24D-8AC1-408D-AC01-39D05863905C}\PlayTasks\3\Konfigurace.lnk -> D:\Hry\Mass Effect 2\Binaries\MassEffect2Config.exe (BioWare)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{A792D24D-8AC1-408D-AC01-39D05863905C}\PlayTasks\2\Zobrazit soubor Readme.lnk -> D:\Hry\Mass Effect 2\docs\ctimne.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{A792D24D-8AC1-408D-AC01-39D05863905C}\PlayTasks\1\Podpora a pomoc k produktu od společnosti EA.lnk -> D:\Hry\Mass Effect 2\docs\EA Help\Electronic_Arts_Technical_Support.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{A792D24D-8AC1-408D-AC01-39D05863905C}\PlayTasks\0\Mass Effect 2.lnk -> D:\Hry\Mass Effect 2\MassEffect2Launcher.exe (BioWare)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{52FDCB23-48CF-4704-9CE9-35E01DBE76DA}\PlayTasks\0\Mass Effect.lnk -> D:\Hry\Mass Effect\MassEffectLauncher.exe (BioWare)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{482FD6A4-603E-435F-BFE7-75F03F35ED13}\PlayTasks\4\Detekční nástroj.lnk -> D:\Hry\Assassins creed 1\Detection\Detection.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{482FD6A4-603E-435F-BFE7-75F03F35ED13}\PlayTasks\3\Herní příručka.lnk -> D:\Hry\Assassins creed 1\Support\Manual\AssassinsCreed.pdf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{482FD6A4-603E-435F-BFE7-75F03F35ED13}\PlayTasks\2\ReadMe.txt.lnk -> D:\Hry\Assassins creed 1\Support\ReadMe\ReadMe.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{482FD6A4-603E-435F-BFE7-75F03F35ED13}\PlayTasks\1\Registrace.lnk -> D:\Hry\Assassins creed 1\Register\RegistrationReminder.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{482FD6A4-603E-435F-BFE7-75F03F35ED13}\PlayTasks\0\Hrát.lnk -> D:\Hry\Assassins creed 1\AssassinsCreed_Launcher.exe (No File)
Shortcut: C:\ProgramData\Media Center Programs\MassEffectLauncher.lnk -> D:\Hry\Mass Effect\Binaries\MassEffectLauncher-MCE.mcl ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\fbwuser6A7E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\fbwuser6A7E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\fbwuser6A7E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\fbwuser6A7E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\fbwuser6A7E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\fbwuser6A7E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\fbwuser6A7E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\fbwuser6A7E\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\fbwuserCECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\fbwuserCECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\fbwuserCECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\fbwuserCECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\fbwuserCECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\fbwuserCECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\fbwuserCECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\fbwuserCECA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\MSI\Links\Desktop.lnk -> C:\Users\MSI\Desktop ()
Shortcut: C:\Users\MSI\Links\Downloads.lnk -> C:\Users\MSI\Downloads ()
Shortcut: C:\Users\MSI\Documents\StarCraft II\Bluefox.127@2.lnk -> C:\Users\MSI\Documents\StarCraft II\Accounts\403676145\2-S2-1-5218948 ()
Shortcut: C:\Users\MSI\Documents\StarCraft II\Fairlight.321@2.lnk -> C:\Users\MSI\Documents\StarCraft II\Accounts\138331459\2-S2-1-3709478 ()
Shortcut: C:\Users\MSI\Documents\Heroes of the Storm\T_45174808_128@2.lnk -> C:\Users\MSI\Documents\Heroes of the Storm\Accounts\403676145\2-Hero-1-1550327 ()
Shortcut: C:\Users\MSI\Desktop\Bandicam.lnk -> D:\Programy\Bandicam\bdcam.exe (www.Bandisoft.com)
Shortcut: C:\Users\MSI\Desktop\Best Video Converter.lnk -> C:\Users\MSI\AppData\Roaming\Microsoft\Installer\{34E0B96C-427D-4CF7-AEB7-8B23D7BA9074}\_D79CF1FD236D59291BA183.exe ()
Shortcut: C:\Users\MSI\Desktop\Dawn of War - Dark Crusade.lnk -> C:\Program Files (x86)\THQ\Dawn of War - Dark Crusade\DarkCrusade.exe (THQ Canada Inc.)
Shortcut: C:\Users\MSI\Desktop\Duke Caribbean Life's a Beach.lnk -> D:\Hry\Duke Nukem 3D Megaton Edition\DukeCaribbeanLifesABeach.exe (No File)
Shortcut: C:\Users\MSI\Desktop\Duke It Out in D.C..lnk -> D:\Hry\Duke Nukem 3D Megaton Edition\DukeItOutInDC.exe (No File)
Shortcut: C:\Users\MSI\Desktop\Duke Nuclear Winter.lnk -> D:\Hry\Duke Nukem 3D Megaton Edition\DukeNuclearWinter.exe (No File)
Shortcut: C:\Users\MSI\Desktop\Duke Nukem 3D Atomic Edition (Classic).lnk -> D:\Hry\Duke Nukem 3D Megaton Edition\DukeNukem3DClassic.exe ()
Shortcut: C:\Users\MSI\Desktop\Free Sound Recorder.lnk -> C:\Program Files (x86)\Free Sound Recorder\FreeSoundRecorder.exe ()
Shortcut: C:\Users\MSI\Desktop\GameSpy Arcade.lnk -> C:\Program Files (x86)\GameSpy Arcade\Aphex.exe (GameSpy Industries, Inc.)
Shortcut: C:\Users\MSI\Desktop\Instalační soubory Norton.lnk -> C:\Users\Public\Downloads\Norton\{N360211018-SHPD-FSD40014} ()
Shortcut: C:\Users\MSI\Desktop\Minecraft 1.5.2 – zástupce.lnk -> D:\Hry\Minecraft 1.5.2\Minecraft 1.5.2.exe (AnjoCaido)
Shortcut: C:\Users\MSI\Desktop\MK LOL.lnk -> C:\Program Files (x86)\MKJogo\MKLOL\Bin\MKIM.exe ()
Shortcut: C:\Users\MSI\Desktop\Play UT2004.lnk -> D:\Hry\Unreal tournament 2004\System\UT2004.exe ()
Shortcut: C:\Users\MSI\Desktop\Portal CZ.lnk -> D:\Hry\Portal 1\Portal\PLAY_PoRTaL.bat ()
Shortcut: C:\Users\MSI\Desktop\Scorpion's WinCheater 2.lnk -> D:\Programy\Scorpions WinCheater\Cheater2.exe ()
Shortcut: C:\Users\MSI\Desktop\Scorpions WinCheater.lnk -> D:\Programy\Scorpions WinCheater\cheater.exe ()
Shortcut: C:\Users\MSI\Desktop\TechPowerUp GPU-Z.lnk -> C:\Program Files (x86)\GPU-Z\GPU-Z.exe (techPowerUp (www.techpowerup.com))
Shortcut: C:\Users\MSI\Desktop\Virtual DJ Trial.lnk -> C:\Program Files (x86)\VirtualDJ\virtualdj_trial.exe (Atomix Productions)
Shortcut: C:\Users\MSI\Desktop\WoW Cata.lnk -> D:\Hry\WoW Cata\Wow.exe (Blizzard Entertainment)
Shortcut: C:\Users\MSI\Desktop\Wow – zástupce.lnk -> D:\Hry\WoW\World of Warcraft\Wow.exe (Blizzard Entertainment)
Shortcut: C:\Users\MSI\Desktop\µTorrent.lnk -> C:\Users\MSI\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\winrar.chm ()
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent\Složka nastavení.lnk -> C:\Users\MSI\AppData\Roaming\uTorrent ()
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent\Uninstall.lnk -> C:\Users\MSI\AppData\Roaming\uTorrent\uninstall.exe ()
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent\µTorrent.lnk -> C:\Users\MSI\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\THQ\Dawn of War - Dark Crusade\Dawn of War - Dark Crusade - konfigurace.lnk -> C:\Program Files (x86)\THQ\Dawn of War - Dark Crusade\GraphicsConfig.exe (Relic Entertainment)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\THQ\Dawn of War - Dark Crusade\Soubor ReadMe.lnk -> C:\Program Files (x86)\THQ\Dawn of War - Dark Crusade\readme.html ()
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\THQ\Dawn of War - Dark Crusade\Spustit Dawn of War - Dark Crusade.lnk -> C:\Program Files (x86)\THQ\Dawn of War - Dark Crusade\DarkCrusade.exe (THQ Canada Inc.)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II\StarCraft II Public Test.lnk -> D:\Hry\StarCraft II\StarCraft II Public Test.exe (No File)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton\Instalační soubory Norton.lnk -> C:\Users\Public\Downloads\Norton\{N360211018-SHPD-FSD40014} ()
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo\MKLOL\MK LOL.lnk -> C:\Program Files (x86)\MKJogo\MKLOL\MK.exe (No File)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft.lnk -> C:\Users\MSI\AppData\Roaming\.minecraft\minecraft launcher\Minecraft Launcher.exe (No File)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Uninstall.lnk -> C:\Users\MSI\AppData\Roaming\.minecraft\minecraft launcher\Uninstall.exe ()
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Malware Scan\Malware Scan.lnk -> C:\Program Files (x86)\Malware Scan\MalwareScan.exe (Orbitech)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Malware Scan\Uninstall Malware Scan.lnk -> C:\Program Files (x86)\Malware Scan\Uninstal.exe ()
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lord games\Ravenholm\Jdi na Ravenholm.wz.cz.lnk -> D:\Hry\Half Life 2\Ravenholm\RAVENHOLM.WZ.CZ.url (No File)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lord games\Ravenholm\Manuál k modu Ravenholm.lnk -> D:\Hry\Half Life 2\Ravenholm\MANUAL.html (No File)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online\Drakensang Online.lnk -> C:\Program Files (x86)\Drakensang Online\thinclient.exe ()
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online\Uninstall.lnk -> C:\Program Files (x86)\Drakensang Online\Uninstall.exe ()
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6\Odinstalovat Counter-Strike 1.6.lnk -> D:\Hry\Counter Strike 1.6\unins000.exe ()
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Office\Naposledy otevřené\Carl-Friedrich-Gauss.LNK -> C:\Users\MSI\Downloads\Carl-Friedrich-Gauss.doc ()
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Office\Naposledy otevřené\CLEO ReadMe.LNK -> D:\Hry\GTA San Andreas\CLEO ReadMe.rtf (No File)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Office\Naposledy otevřené\GTA San Andreas.LNK -> D:\Hry\GTA San Andreas (No File)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Office\Naposledy otevřené\Half-Life 2 Episode One.LNK -> D:\Hry\Half-Life 2 Episode One (No File)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Office\Naposledy otevřené\Halo CE.LNK -> D:\Hry\Halo CE ()
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Office\Naposledy otevřené\INTENSO (L).LNK -> L:\ ()
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Office\Naposledy otevřené\Jak_vytvorit_kvalitni_prezentaci.LNK -> C:\Users\MSI\Downloads\Jak_vytvorit_kvalitni_prezentaci.ppt (No File)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Office\Naposledy otevřené\Místní disk (D).LNK -> D:\ ()
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Office\Naposledy otevřené\NAVOD NA CRACK FAIRLIGHT.LNK -> D:\Hry\NAVOD NA CRACK FAIRLIGHT.doc (No File)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Office\Naposledy otevřené\Normal.LNK -> C:\Users\MSI\AppData\Roaming\Microsoft\Šablony\Normal.dotm ()
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Office\Naposledy otevřené\Readme.LNK -> D:\Hry\Halo CE\Readme.rtf ()
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Office\Naposledy otevřené\Stachelberg.LNK -> D:\Stachelberg.pptx ()
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Office\Naposledy otevřené\Stažené soubory.LNK -> C:\Users\MSI\Downloads ()
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Office\Naposledy otevřené\Šablony.LNK -> C:\Users\MSI\AppData\Roaming\Microsoft\Šablony ()
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk -> D:\Programy\Bandicam\bdcam.exe (www.Bandisoft.com)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BS.Player FREE.lnk -> D:\Programy\BS player\BSPlayer\bsplayer.exe (AB Team)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\BitTorrent.lnk -> C:\Users\MSI\AppData\Roaming\BitTorrent\BitTorrent.exe (No File)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\DAEMON Tools Lite.lnk -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\League of Legends.lnk -> D:\LoLko\lol.launcher.exe ()
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Steam.lnk -> D:\Programy\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\MSI\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Wow – zástupce (2).lnk -> D:\Hry\WoW\World of Warcraft\Wow.exe (Blizzard Entertainment)
Shortcut: C:\Users\MSI\AppData\Local\Microsoft\Windows\GameExplorer\{E5F92D05-1821-4F81-A3C9-03D5BCD657D5}\PlayTasks\0\Hrát.lnk -> D:\Hry\Quake IV\Quake4.exe ()
Shortcut: C:\Users\MSI\AppData\Local\Microsoft\Windows\GameExplorer\{DE45D0B4-FBA4-4A53-8A95-FEDC37D81535}\PlayTasks\0\Hrát.lnk -> D:\Hry\Halo CE\halo.exe (Microsoft Corporation)
Shortcut: C:\Users\MSI\AppData\Local\Microsoft\Windows\GameExplorer\{CF8C2CDE-E376-47BC-8D63-4C2558983703}\PlayTasks\0\Hrát.lnk -> D:\Hry\Star Wars Knights Jedi knight Jedi Academy\JediAcademy.exe (No File)
Shortcut: C:\Users\MSI\AppData\Local\Microsoft\Windows\GameExplorer\{834DC1AC-A042-4237-AF70-9375E13C01AD}\PlayTasks\0\Hrát.lnk -> D:\Hry\Half-Life 2 Episode One\hl2.exe (No File)
Shortcut: C:\Users\MSI\AppData\Local\Microsoft\Windows\GameExplorer\{80EC980E-2780-4B52-8D7A-6B67440DA9FC}\PlayTasks\0\Hrát.lnk -> D:\Hry\Unreal Tournament 1999 Komplet Hra\UnrealTournament\System\UnrealTournament.exe ()
Shortcut: C:\Users\MSI\AppData\Local\Microsoft\Windows\GameExplorer\{6E01E840-EF47-450F-9E82-A3778AFF0531}\PlayTasks\0\Hrát.lnk -> D:\Hry\Half-Life 2 Episode One\hl2.exe (No File)
Shortcut: C:\Users\MSI\AppData\Local\Microsoft\Windows\GameExplorer\{6BDDA7E4-9575-4504-8A7F-F2EEE7B1EE3C}\PlayTasks\0\Hrát.lnk -> C:\Program Files (x86)\Valve\Half-Life\hl.exe (Valve)
Shortcut: C:\Users\MSI\AppData\Local\Microsoft\Windows\GameExplorer\{5A6E019B-CF1E-4443-9248-A9BAB1F98D48}\PlayTasks\0\Hrát.lnk -> C:\Program Files\LucasArts\SWKotOR\launcher.exe (No File)
Shortcut: C:\Users\MSI\AppData\Local\Microsoft\Windows\GameExplorer\{4ECE80DD-21F7-465D-AEBC-61B146824317}\PlayTasks\0\Hrát.lnk -> D:\Hry\Portal 1\Portal\hl2.exe ()
Shortcut: C:\Users\MSI\AppData\Local\Microsoft\Windows\GameExplorer\{4BA18A59-5245-4C37-9368-7D9C27FD6844}\PlayTasks\0\Hrát.lnk -> D:\Hry\Lego Star wars\LegoStarwars.exe (No File)
Shortcut: C:\Users\MSI\AppData\Local\Microsoft\Windows\GameExplorer\{4A2AB1FA-A226-411B-8400-881D6B9A40B2}\PlayTasks\0\Hrát.lnk -> D:\Hry\Half-Life.1.FULL\Half-Life\hl.exe (No File)
Shortcut: C:\Users\MSI\AppData\Local\Microsoft\Windows\GameExplorer\{45360EE9-7949-45ED-B1DF-80BC603C6E14}\PlayTasks\0\Hrát.lnk -> D:\Hry\Unreal tournament 2004\System\UT2004.exe ()
Shortcut: C:\Users\Public\Desktop\3DMark.lnk -> D:\Programy\3d mark\bin\x64\3DMark.exe (Futuremark)
Shortcut: C:\Users\Public\Desktop\Adobe Reader XI.lnk -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\Arc.lnk -> D:\Hry\ARC\Arc\ArcLauncher.exe (Perfect World Entertainment)
Shortcut: C:\Users\Public\Desktop\Assassin's Creed Brotherhood.lnk -> D:\Hry\Assassin's Creed Brotherhood\ACBSP.exe ()
Shortcut: C:\Users\Public\Desktop\Assassins Creed III.lnk -> D:\Hry\Assassins Creed III\AC3SP.exe ()
Shortcut: C:\Users\Public\Desktop\Battle.net.lnk -> C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment)
Shortcut: C:\Users\Public\Desktop\BS.Player FREE.lnk -> D:\Programy\BS player\BSPlayer\bsplayer.exe (AB Team)
Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\Public\Desktop\DAEMON Tools Lite.lnk -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
Shortcut: C:\Users\Public\Desktop\Dead Space.lnk -> D:\Hry\Dead Space\Dead Space.exe ()
Shortcut: C:\Users\Public\Desktop\DeathTaker Driver Setting.lnk -> C:\Program Files (x86)\Genius\DeathTaker\DTCfg.exe (TODO: <Company name>)
Shortcut: C:\Users\Public\Desktop\Diablo III.lnk -> D:\Hry\Diablo III\Diablo III Launcher.exe (Blizzard Entertainment)
Shortcut: C:\Users\Public\Desktop\Fraps.lnk -> D:\Programy\Fraps\fraps.exe (Beepa P/L)
Shortcut: C:\Users\Public\Desktop\Free Avi TO Wmv Converter.lnk -> C:\Program Files (x86)\convertaudiofree\Free Avi To Wmv Converter\FreeAviTOWmvConverter.exe ()
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Half-Life 2 Episode Two.lnk -> D:\Hry\HL 2 EP 2\Half-Life 2 Episode Two\Episode Two.exe ()
Shortcut: C:\Users\Public\Desktop\Halo.lnk -> D:\Hry\Halo CE\halo.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Heroes of the Storm.lnk -> D:\Hry\Heroes of the Storm\Heroes of the Storm.exe (Blizzard Entertainment)
Shortcut: C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk -> D:\Hry\Smite\HiRezGamesDiagAndSupport.exe (Hewlett-Packard Company)
Shortcut: C:\Users\Public\Desktop\Killer Network Manager.lnk -> C:\Windows\Installer\{7411487A-FF21-481E-AB53-BF27FF30E042}\NetworkManager.exe_E38B8113745D486384C281C6EE6C49DB.exe (Flexera Software LLC)
Shortcut: C:\Users\Public\Desktop\League of Legends.lnk -> D:\LoLko\lol.launcher.exe ()
Shortcut: C:\Users\Public\Desktop\Mass Effect 2.lnk -> D:\Hry\Mass Effect 2\MassEffect2Launcher.exe (BioWare)
Shortcut: C:\Users\Public\Desktop\Mass Effect 3.lnk -> D:\Hry\Mass Effect 3\Binaries\Win32\MassEffect3.exe (BioWare)
Shortcut: C:\Users\Public\Desktop\Mass Effect.lnk -> D:\Hry\Mass Effect\MassEffectLauncher.exe (BioWare)
Shortcut: C:\Users\Public\Desktop\Nastavení ovladače Manticore.lnk -> C:\Program Files (x86)\Manticore\MTCfg.exe (KYE)
Shortcut: C:\Users\Public\Desktop\Norton 360.lnk -> C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\uistub.exe (Symantec Corporation)
Shortcut: C:\Users\Public\Desktop\Portal 2.lnk -> D:\Hry\Portal 2\Launcher.exe ()
Shortcut: C:\Users\Public\Desktop\PowerISO.lnk -> C:\Program Files (x86)\PowerISO\PowerISO.exe (Power Software Ltd)
Shortcut: C:\Users\Public\Desktop\Quake 4.lnk -> D:\Hry\Quake IV\Quake4.exe ()
Shortcut: C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk -> D:\Hry\Star Wars-The Old Republic\launcher.exe (BioWare)
Shortcut: C:\Users\Public\Desktop\Star Wars The Force Unleashed 2.lnk -> D:\Hry\Star Wars The Force Unleashed 2\SWTFU2.exe (LucasArts)
Shortcut: C:\Users\Public\Desktop\Star Wars.The Force Unleashed.Ultimate Sith Edition.(Ëŕóí÷ĺđ).lnk -> D:\Hry\Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028\SWTFU Launcher.exe (Lucas Arts, Inc.)
Shortcut: C:\Users\Public\Desktop\Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028.lnk -> D:\Hry\Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028\SWTFU.exe (Aspyr Media, Inc.)
Shortcut: C:\Users\Public\Desktop\StarCraft II.lnk -> D:\Hry\StarCraft II\StarCraft II.exe (Blizzard Entertainment)
Shortcut: C:\Users\Public\Desktop\Steam.lnk -> D:\Programy\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Public\Desktop\Synthesia.lnk -> C:\Program Files (x86)\Synthesia\Synthesia.exe ()
Shortcut: C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\Public\Desktop\Total Commander 64 bit.lnk -> C:\totalcmd\TOTALCMD64.EXE (Ghisler Software GmbH)
Shortcut: C:\Users\Public\Desktop\Vegas Pro 10.0.lnk -> C:\Program Files (x86)\Sony\Vegas Pro 10.0\vegas100.exe (Sony Creative Software Inc.)
Shortcut: C:\Users\Public\Desktop\World of Warcraft.lnk -> D:\Hry\World of Warcraft\World of Warcraft Launcher.exe (Blizzard Entertainment)




ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Configure Decoder.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> xvid.ax,Configure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Configure Encoder.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> xvidvfw.dll,Configure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Advanced\xvid_encraw.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k ""C:\Program Files (x86)\Xvid\xvid_encraw.exe"" -h
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve\Half-Life\Dedicated Server.lnk -> C:\Program Files (x86)\Valve\Half-Life\hlds.exe (Valve) -> -nomaster -insecure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve\Half-Life\Half-Life.lnk -> C:\Program Files (x86)\Valve\Half-Life\hl.exe (Valve) -> -nomaster
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve\Half-Life\MODs\Blue Shift.lnk -> C:\Program Files (x86)\Valve\Half-Life\hl.exe (Valve) -> -nomaster -game bshift
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve\Half-Life\MODs\Deathmatch Classic.lnk -> C:\Program Files (x86)\Valve\Half-Life\hl.exe (Valve) -> -nomaster -game dmc
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve\Half-Life\MODs\Opposing Force.lnk -> C:\Program Files (x86)\Valve\Half-Life\hl.exe (Valve) -> -nomaster -game gearbox
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve\Half-Life\MODs\Ricochet.lnk -> C:\Program Files (x86)\Valve\Half-Life\hl.exe (Valve) -> -nomaster -game ricochet
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve\Half-Life\MODs\Team Fortress Classic.lnk -> C:\Program Files (x86)\Valve\Half-Life\hl.exe (Valve) -> -nomaster -game tfc
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Tournament 2004\Uninstall Unreal Tournament 2004.lnk -> D:\Hry\Unreal tournament 2004\System\Setup.exe () -> uninstall "UT2004"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Tournament 2004\UT2004 Safe Mode.lnk -> D:\Hry\Unreal tournament 2004\System\UT2004.exe () -> -safe
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk -> C:\Windows\Installer\{7411487A-FF21-481E-AB53-BF27FF30E042}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC) -> -minimize
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quake 4\Odinstalovat hru Quake 4.lnk -> C:\Program Files (x86)\Common Files\InstallShield\Driver\9\Intel 32\IDriver.exe (InstallShield Software Corporation) -> /M{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment\Arc\Uninstall Arc.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{CED8E25B-122A-4E80-B612-7F99B93284B3}\setup.exe (Perfect World Entertainment) -> -runfromtemp -l0x0409 -removeonly
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe\Norton Identity Safe.LNK -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\cosastub.exe (Symantec Corporation) -> /install /force
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe\Odinstalovat aplikaci Norton Identity Safe.LNK -> C:\Program Files (x86)\NortonInstaller\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST\LicenseType\2014.7.11.42\inststub.exe (Symantec Corporation) -> /X/shortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360\LiveUpdate.lnk -> C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\uistub.exe (Symantec Corporation) -> /lu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360\Support.lnk -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\symerr.exe (Symantec Corporation) -> /support
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360\Uninstall Norton 360.lnk -> C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\A5E82D02\21.7.0.11\inststub.exe (Symantec Corporation) -> /X /shortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Halo\Uninstall Halo.lnk -> D:\Hry\Halo CE\UNINSTAL.EXE (Microsoft Corporation) -> /runtemp
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios\Smite.lnk -> D:\Hry\Smite\HiRezLauncherUI.exe (Hi-Rez Studios Inc.) -> game=300 product=17
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios\Uninstall All Hi-Rez Games.lnk -> D:\Hry\Smite\HiRezGamesDiagAndSupport.exe (Hewlett-Packard Company) -> uninstall=all
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CUT2 Evolution\ChaosUT2.lnk -> D:\Hry\Unreal tournament 2004\System\UT2004.exe () -> -MOD=ChaosUT2
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CUT2 Evolution\UnInstall ChaosUT2.lnk -> D:\Hry\Unreal tournament 2004\System\Setup.exe () -> uninstall "CUT2Evolution"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\Nápověda.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe (ATI Technologies Inc.) -> Start Help -help
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\fbwuser6A7E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\fbwuser6A7E\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\fbwuserCECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\fbwuserCECA\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\MSI\Desktop\Blue Shift.lnk -> C:\Program Files (x86)\Valve\Half-Life\hl.exe (Valve) -> -nomaster -game bshift
ShortcutWithArgument: C:\Users\MSI\Desktop\Counter-Strike 1.6.lnk -> D:\Hry\Counter Strike 1.6\csko.exe (Valve) -> -steam -game cstrike
ShortcutWithArgument: C:\Users\MSI\Desktop\Half-Life.lnk -> D:\Hry\Counter Strike 1.6\hl.exe (Valve) -> -steam
ShortcutWithArgument: C:\Users\MSI\Desktop\Opposing Force.lnk -> C:\Program Files (x86)\Valve\Half-Life\hl.exe (Valve) -> -nomaster -game gearbox
ShortcutWithArgument: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\THQ\Dawn of War - Dark Crusade\Odinstalovat Dawn of War - Dark Crusade.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{9866DCB2-346F-4D66-9032-F49F88ED30AC}\setup.exe (Macrovision Corporation) -> -runfromtemp -l0x0005
ShortcutWithArgument: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6\Counter-Strike 1.6.lnk -> D:\Hry\Counter Strike 1.6\csko.exe (Valve) -> -steam -game cstrike
ShortcutWithArgument: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6\Half-Life.lnk -> D:\Hry\Counter Strike 1.6\hl.exe (Valve) -> -steam
ShortcutWithArgument: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\Předvolby\nízký výkon.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe (ATI Technologies Inc.) -> Start Load profilename="nízký výkon"
ShortcutWithArgument: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\Předvolby\vysoký výkon.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe (ATI Technologies Inc.) -> Start Load profilename="vysoký výkon"
ShortcutWithArgument: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff
ShortcutWithArgument: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\Public\Desktop\PWI.lnk -> D:\Hry\ARC\Arc\ArcLauncher.exe (Perfect World Entertainment) -> gamecustom pwi
ShortcutWithArgument: C:\Users\Public\Desktop\Smite.lnk -> D:\Hry\Smite\HiRezLauncherUI.exe (Hi-Rez Studios Inc.) -> game=300 product=17


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Xvid Homepage.url -> hxxp://www.xvid.org
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xiph.Org\Open Codecs\Website.url -> hxxp://xiph.org/dshow/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Wars The Force Unleashed 2\Aplikace Star Wars The Force Unleashed 2 na internetu.url -> hxxp://www.tomi2k9.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX\FINAL FANTASY VII\FINAL FANTASY VII on the Web.url -> hxxp://weblet.square-enix.com/banner.php?id=c8544ea6a695c04f337683bc2ffb4b06
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Halo\Bungie.net.url -> hxxp://www.bungie.net/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Halo\Play Halo Online with Gamespy Arcade.url -> hxxp://www.gamespyarcade.com/features/launch.a ... distID=811
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Halo\Web Links\Halo Homepage.url -> hxxp://www.microsoft.com/games/Halo
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Halo\Web Links\Register Online.url -> hxxp://www.microsoft.com/games/product_registration/Halo
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 2\Internetové odkazy\Webová stránka Mass Effect 2.url -> hxxp://go.bioware.com/masseffect2/pc/launcher/community/cz
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 2\Internetové odkazy\Webová stránka podpory.url -> hxxp://go.bioware.com/masseffect2/pc/launcher/support/cz
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 2\Internetové odkazy\Webová stránka společnosti BioWare.url -> hxxp://go.bioware.com/masseffect2/pc/launcher/bioware/cz
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 2\Internetové odkazy\Webová stránka společnosti EA.url -> hxxp://go.bioware.com/masseffect2/pc/launcher/ea/cz
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live\Webová stránka Gameforge Live.url -> hxxp://gfl.gameforge.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Sound Recorder\Free Sound Recorder on the Web.url -> hxxp://www.freesoundrecorder.net/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Sound Recorder\Guide.url -> hxxp://www.freesoundrecorder.net/help.html
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duke Nukem 3D Megaton Edition\Посетить CSmania.RU.url -> hxxp://no-steam.ru/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam\Home page.url -> hxxp://www.bandicam.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed Brotherhood\Aplikace Assassin's Creed Brotherhood na internetu.url -> hxxp://www.tomi2k9.blogspot.com/
InternetURL: C:\Users\MSI\Favorites\Facebook.url -> https://www.facebook.com/
InternetURL: C:\Users\MSI\Favorites\Ultimate Naruto.url -> hxxp://ninja.joyfun.com/
InternetURL: C:\Users\MSI\Favorites\žákovská přihlášení.url -> hxxp://mail.4zsrf.cz:8088/login.aspx
InternetURL: C:\Users\MSI\Favorites\Windows Live\Get Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72700
InternetURL: C:\Users\MSI\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72681
InternetURL: C:\Users\MSI\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72682
InternetURL: C:\Users\MSI\Favorites\Weby společnosti Microsoft\Aplikace Internet Explorer na webu Microsoft.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72186
InternetURL: C:\Users\MSI\Favorites\Weby společnosti Microsoft\Doplňky pro aplikaci Internet Explorer.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\MSI\Favorites\Weby společnosti Microsoft\Microsoft Doma.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72406
InternetURL: C:\Users\MSI\Favorites\Weby společnosti Microsoft\Microsoft v práci.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72407
InternetURL: C:\Users\MSI\Favorites\Weby společnosti Microsoft\Systém Windows.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72629
InternetURL: C:\Users\MSI\Favorites\Weby společnosti Microsoft\Windows Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\MSI\Favorites\Weby společnosti Microsoft\Windows Vista.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72756
InternetURL: C:\Users\MSI\Favorites\Links\Navrhované weby.url -> https://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\MSI\Downloads\Naruto (Icon Pack 17)\Artist Credit.url -> hxxp://www.narutofandom.com/
InternetURL: C:\Users\MSI\Downloads\Naruto (Icon Pack 17)\~AnimeIconz~.url -> hxxp://www.animeiconz.tk/
InternetURL: C:\Users\MSI\Desktop\Garry's Mod.url -> steam://rungameid/4000
InternetURL: C:\Users\MSI\Desktop\PlanetSide 2.url -> steam://rungameid/218230
InternetURL: C:\Users\MSI\Desktop\Royal Quest.url -> steam://rungameid/295550
InternetURL: C:\Users\MSI\Desktop\Team Fortress 2.url -> steam://rungameid/440
InternetURL: C:\Users\MSI\Desktop\Warframe.url -> steam://rungameid/230410
InternetURL: C:\Users\MSI\Desktop\Without Within.url -> steam://rungameid/345650
InternetURL: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade\GameSpy Arcade Help.url -> hxxp://www.gamespyarcade.com/help/
InternetURL: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade\GameSpy Arcade Website.url -> hxxp://www.gamespyarcade.com/
InternetURL: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade\GameSpy.com Gaming's Homepage.url -> hxxp://www.gamespy.com/
InternetURL: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade\Register GameSpy Arcade.url -> hxxp://www.gamespyarcade.com/register/
InternetURL: C:\Users\MSI\AppData\Roaming\.minecraft\Read Me!.url -> hxxp://welcome.teamextrememc.com

==================== End of log =============================

[Bluefox151]

TDSSKiller log:

33.0342 0x0608 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
14:11:37.0987 0x0608 ============================================================
14:11:37.0987 0x0608 Current date / time: 2015/04/01 14:11:37.0987
14:11:37.0987 0x0608 SystemInfo:
14:11:37.0987 0x0608
14:11:37.0987 0x0608 OS Version: 6.1.7601 ServicePack: 1.0
14:11:37.0987 0x0608 Product type: Workstation
14:11:37.0987 0x0608 ComputerName: GAARAOFTHESAND
14:11:37.0988 0x0608 UserName: MSI
14:11:37.0988 0x0608 Windows directory: C:\Windows
14:11:37.0988 0x0608 System windows directory: C:\Windows
14:11:37.0988 0x0608 Running under WOW64
14:11:37.0988 0x0608 Processor architecture: Intel x64
14:11:37.0988 0x0608 Number of processors: 4
14:11:37.0988 0x0608 Page size: 0x1000
14:11:37.0988 0x0608 Boot type: Normal boot
14:11:37.0988 0x0608 ============================================================
14:11:38.0690 0x0608 KLMD registered as C:\Windows\system32\drivers\29577860.sys
14:11:38.0802 0x0608 System UUID: {EA4C59C3-8F5F-DB17-C7F7-0F013DF1A659}
14:11:39.0026 0x0608 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:11:39.0027 0x0608 Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:11:39.0030 0x0608 Drive \Device\Harddisk2\DR2 - Size: 0x3BB000000 ( 14.92 Gb ), SectorSize: 0x200, Cylinders: 0x79B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:11:39.0032 0x0608 ============================================================
14:11:39.0032 0x0608 \Device\Harddisk0\DR0:
14:11:39.0032 0x0608 MBR partitions:
14:11:39.0032 0x0608 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
14:11:39.0032 0x0608 \Device\Harddisk1\DR1:
14:11:39.0033 0x0608 MBR partitions:
14:11:39.0033 0x0608 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:11:39.0033 0x0608 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
14:11:39.0033 0x0608 \Device\Harddisk2\DR2:
14:11:39.0033 0x0608 MBR partitions:
14:11:39.0033 0x0608 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1DD7800
14:11:39.0033 0x0608 ============================================================
14:11:39.0034 0x0608 C: <-> \Device\Harddisk1\DR1\Partition2
14:11:39.0076 0x0608 D: <-> \Device\Harddisk0\DR0\Partition1
14:11:39.0077 0x0608 ============================================================
14:11:39.0077 0x0608 Initialize success
14:11:39.0077 0x0608 ============================================================
14:12:35.0867 0x0744 ============================================================
14:12:35.0867 0x0744 Scan started
14:12:35.0867 0x0744 Mode: Manual; SigCheck; TDLFS;
14:12:35.0867 0x0744 ============================================================
14:12:35.0867 0x0744 KSN ping started
14:12:39.0245 0x0744 KSN ping finished: true
14:12:39.0462 0x0744 ================ Scan system memory ========================
14:12:39.0462 0x0744 System memory - ok
14:12:39.0462 0x0744 ================ Scan services =============================
14:12:39.0506 0x0744 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:12:39.0548 0x0744 1394ohci - ok
14:12:39.0560 0x0744 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:12:39.0568 0x0744 ACPI - ok
14:12:39.0571 0x0744 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:12:39.0577 0x0744 AcpiPmi - ok
14:12:39.0583 0x0744 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:12:39.0589 0x0744 AdobeARMservice - ok
14:12:39.0614 0x0744 [ B0FE8D243A4EC6727D7EC5019C4B26B1, 6A319A77E19937208237BDBD2A545367EEC7B4B7ED732E0BAF616070C2FD88A3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:12:39.0622 0x0744 AdobeFlashPlayerUpdateSvc - ok
14:12:39.0632 0x0744 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:12:39.0643 0x0744 adp94xx - ok
14:12:39.0650 0x0744 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:12:39.0659 0x0744 adpahci - ok
14:12:39.0664 0x0744 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:12:39.0671 0x0744 adpu320 - ok
14:12:39.0675 0x0744 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:12:39.0692 0x0744 AeLookupSvc - ok
14:12:39.0701 0x0744 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
14:12:39.0713 0x0744 AFD - ok
14:12:39.0716 0x0744 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
14:12:39.0721 0x0744 agp440 - ok
14:12:39.0724 0x0744 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
14:12:39.0730 0x0744 ALG - ok
14:12:39.0732 0x0744 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
14:12:39.0737 0x0744 aliide - ok
14:12:39.0744 0x0744 [ BAEB14025E23CB568DF127631252822F, 23686C2B9DDA8B877F24C3FDBDC9C57F31B44129102160A3CC1CDC7DC44DDECF ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:12:39.0754 0x0744 AMD External Events Utility - ok
14:12:39.0756 0x0744 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
14:12:39.0761 0x0744 amdide - ok
14:12:39.0764 0x0744 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:12:39.0770 0x0744 AmdK8 - ok
14:12:40.0000 0x0744 [ 9E9AE678BBA7E4B80E28F99CE23BC2D2, C10AE63D8D7B4B836B3D0118C25E1D9283DE1800CF1031F19FA5E11431FBF932 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:12:40.0164 0x0744 amdkmdag - ok
14:12:40.0184 0x0744 [ 7A75C6913E3AD123C06D753B5642468E, AFB153A61DE0AB1C80246ED89D351A242863CCD379FA87465B3B6878B5119368 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
14:12:40.0197 0x0744 amdkmdap - ok
14:12:40.0200 0x0744 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:12:40.0206 0x0744 AmdPPM - ok
14:12:40.0209 0x0744 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:12:40.0215 0x0744 amdsata - ok
14:12:40.0220 0x0744 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:12:40.0227 0x0744 amdsbs - ok
14:12:40.0229 0x0744 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:12:40.0234 0x0744 amdxata - ok
14:12:40.0237 0x0744 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
14:12:40.0243 0x0744 AppID - ok
14:12:40.0245 0x0744 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:12:40.0250 0x0744 AppIDSvc - ok
14:12:40.0253 0x0744 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
14:12:40.0260 0x0744 Appinfo - ok
14:12:40.0265 0x0744 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
14:12:40.0272 0x0744 AppMgmt - ok
14:12:40.0276 0x0744 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
14:12:40.0282 0x0744 arc - ok
14:12:40.0285 0x0744 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:12:40.0291 0x0744 arcsas - ok
14:12:40.0459 0x0744 [ A4E421F80C5122E27B314B84875651DF, 3297E43882AFEE10558D5F6C15B4F9B42E2F4E8471F5D1EDE6D894A2A65562E3 ] ArcService D:\Hry\ARC\Arc\ArcService.exe
14:12:40.0479 0x0744 ArcService - ok
14:12:40.0502 0x0744 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:12:40.0525 0x0744 aspnet_state - ok
14:12:40.0530 0x0744 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:12:40.0553 0x0744 AsyncMac - ok
14:12:40.0556 0x0744 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
14:12:40.0562 0x0744 atapi - ok
14:12:40.0567 0x0744 [ 37CB595C0AB20ECBFA5170D3185690DB, 23CA3DC63C35649021AAFF0721BA8A7DF546B5CD1530A35AAAC3E742A787A7D2 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
14:12:40.0573 0x0744 AtiHDAudioService - ok
14:12:40.0585 0x0744 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:12:40.0598 0x0744 AudioEndpointBuilder - ok
14:12:40.0609 0x0744 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:12:40.0623 0x0744 AudioSrv - ok
14:12:40.0626 0x0744 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:12:40.0635 0x0744 AxInstSV - ok
14:12:40.0644 0x0744 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:12:40.0655 0x0744 b06bdrv - ok
14:12:40.0662 0x0744 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:12:40.0670 0x0744 b57nd60a - ok
14:12:40.0674 0x0744 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
14:12:40.0680 0x0744 BDESVC - ok
14:12:40.0683 0x0744 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
14:12:40.0700 0x0744 Beep - ok
14:12:40.0713 0x0744 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
14:12:40.0727 0x0744 BFE - ok
14:12:40.0730 0x0744 [ 15370F00194819D8194E655B77E24054, D6133DD3A7B08E9E1FDA1A75DB4CEC708DCA760010DE69E1B4F6CF29D2651A96 ] BfLwf C:\Windows\system32\DRIVERS\bflwfx64.sys
14:12:40.0736 0x0744 BfLwf - ok
14:12:40.0763 0x0744 [ 99EE5EB9FCBAD85F1992C47C5BB68649, 604B618F0106B09207B262E22E70E152C4104FB2602C009F19EBEB342D0E9CE7 ] BHDrvx64 C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20150321.001\BHDrvx64.sys
14:12:40.0788 0x0744 BHDrvx64 - ok
14:12:40.0804 0x0744 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
14:12:40.0830 0x0744 BITS - ok
14:12:40.0833 0x0744 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:12:40.0839 0x0744 blbdrive - ok
14:12:40.0841 0x0744 BlueletAudio - ok
14:12:40.0843 0x0744 BlueletSCOAudio - ok
14:12:40.0847 0x0744 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:12:40.0853 0x0744 bowser - ok
14:12:40.0858 0x0744 [ D4F84730BE7FEB435D119792F84EA934, AE66026CEF3E3F71A210C903E55C327955872B22F01E80FC3410B0AA1355062C ] BRDriver64 C:\ProgramData\BitRaider\BRDriver64.sys
14:12:40.0863 0x0744 BRDriver64 - ok
14:12:40.0866 0x0744 BRDriver64_1_3_3_E02B25FC - ok
14:12:40.0868 0x0744 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:12:40.0874 0x0744 BrFiltLo - ok
14:12:40.0876 0x0744 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:12:40.0882 0x0744 BrFiltUp - ok
14:12:40.0886 0x0744 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
14:12:40.0904 0x0744 BridgeMP - ok
14:12:40.0909 0x0744 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
14:12:40.0916 0x0744 Browser - ok
14:12:40.0921 0x0744 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:12:40.0930 0x0744 Brserid - ok
14:12:40.0932 0x0744 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:12:40.0939 0x0744 BrSerWdm - ok
14:12:40.0946 0x0744 [ 448917845F097FCE9D4554C3D2001EF3, BDCBEC01579D7CF28963E4E13CDC5B26E4B69CA24FA2CC4D6E24CAE0DDBCB3FE ] BRSptStub C:\ProgramData\BitRaider\BRSptStub.exe
14:12:40.0955 0x0744 BRSptStub - ok
14:12:40.0964 0x0744 [ 78561B78811A147B99CB47EBBD2D2847, 4EF1ED64CAF0549B43A660FF70D5035DFD59CCD22E7353150E8A13944C936520 ] BRSptSvc C:\ProgramData\BitRaider\BRSptSvc.exe
14:12:40.0974 0x0744 BRSptSvc - ok
14:12:40.0976 0x0744 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:12:40.0983 0x0744 BrUsbMdm - ok
14:12:40.0985 0x0744 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:12:40.0990 0x0744 BrUsbSer - ok
14:12:40.0991 0x0744 BT - ok
14:12:40.0993 0x0744 BTHidEnum - ok
14:12:40.0994 0x0744 BTHidMgr - ok
14:12:40.0997 0x0744 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:12:41.0004 0x0744 BTHMODEM - ok
14:12:41.0008 0x0744 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
14:12:41.0025 0x0744 bthserv - ok
14:12:41.0027 0x0744 catchme - ok
14:12:41.0032 0x0744 [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys
14:12:41.0038 0x0744 ccSet_N360 - ok
14:12:41.0044 0x0744 [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_NST C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys
14:12:41.0051 0x0744 ccSet_NST - ok
14:12:41.0053 0x0744 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:12:41.0071 0x0744 cdfs - ok
14:12:41.0075 0x0744 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:12:41.0082 0x0744 cdrom - ok
14:12:41.0085 0x0744 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
14:12:41.0102 0x0744 CertPropSvc - ok
14:12:41.0104 0x0744 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:12:41.0111 0x0744 circlass - ok
14:12:41.0119 0x0744 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
14:12:41.0128 0x0744 CLFS - ok
14:12:41.0134 0x0744 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:12:41.0140 0x0744 clr_optimization_v2.0.50727_32 - ok
14:12:41.0146 0x0744 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:12:41.0152 0x0744 clr_optimization_v2.0.50727_64 - ok
14:12:41.0161 0x0744 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:12:41.0177 0x0744 clr_optimization_v4.0.30319_32 - ok
14:12:41.0180 0x0744 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:12:41.0193 0x0744 clr_optimization_v4.0.30319_64 - ok
14:12:41.0195 0x0744 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:12:41.0200 0x0744 CmBatt - ok
14:12:41.0203 0x0744 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:12:41.0207 0x0744 cmdide - ok
14:12:41.0216 0x0744 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
14:12:41.0229 0x0744 CNG - ok
14:12:41.0231 0x0744 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:12:41.0236 0x0744 Compbatt - ok
14:12:41.0239 0x0744 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:12:41.0246 0x0744 CompositeBus - ok
14:12:41.0247 0x0744 COMSysApp - ok
14:12:41.0248 0x0744 cpuz136 - ok
14:12:41.0250 0x0744 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:12:41.0255 0x0744 crcdisk - ok
14:12:41.0260 0x0744 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:12:41.0268 0x0744 CryptSvc - ok
14:12:41.0277 0x0744 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
14:12:41.0288 0x0744 CSC - ok
14:12:41.0301 0x0744 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
14:12:41.0314 0x0744 CscService - ok
14:12:41.0324 0x0744 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:12:41.0347 0x0744 DcomLaunch - ok
14:12:41.0354 0x0744 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
14:12:41.0374 0x0744 defragsvc - ok
14:12:41.0377 0x0744 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:12:41.0394 0x0744 DfsC - ok
14:12:41.0400 0x0744 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:12:41.0410 0x0744 Dhcp - ok
14:12:41.0412 0x0744 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
14:12:41.0429 0x0744 discache - ok
14:12:41.0432 0x0744 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:12:41.0437 0x0744 Disk - ok
14:12:41.0442 0x0744 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:12:41.0449 0x0744 Dnscache - ok
14:12:41.0455 0x0744 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
14:12:41.0474 0x0744 dot3svc - ok
14:12:41.0478 0x0744 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
14:12:41.0496 0x0744 DPS - ok
14:12:41.0498 0x0744 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:12:41.0503 0x0744 drmkaud - ok
14:12:41.0509 0x0744 [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:12:41.0517 0x0744 dtsoftbus01 - ok
14:12:41.0534 0x0744 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:12:41.0551 0x0744 DXGKrnl - ok
14:12:41.0553 0x0744 EagleX64 - ok
14:12:41.0557 0x0744 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
14:12:41.0574 0x0744 EapHost - ok
14:12:41.0629 0x0744 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:12:41.0675 0x0744 ebdrv - ok
14:12:41.0690 0x0744 [ 47A68B3DBBB34D4FE61DE221A8536627, BC61CE4BD4F3A12C75BA6EB9D239F24CD3F54495DE9D6C901F4DAF5D92E8366B ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
14:12:41.0701 0x0744 eeCtrl - ok
14:12:41.0703 0x0744 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] EFS C:\Windows\System32\lsass.exe
14:12:41.0708 0x0744 EFS - ok
14:12:41.0721 0x0744 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:12:41.0735 0x0744 ehRecvr - ok
14:12:41.0739 0x0744 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
14:12:41.0746 0x0744 ehSched - ok
14:12:41.0756 0x0744 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:12:41.0767 0x0744 elxstor - ok
14:12:41.0772 0x0744 [ B9773081AAF65E6D553496BA0CADCBB3, 3A77A12544755BFA1ABAA6DC53E5F03522627F57EF7092E3CC54C6431C75076A ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
14:12:41.0778 0x0744 EraserUtilRebootDrv - ok
14:12:41.0781 0x0744 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:12:41.0786 0x0744 ErrDev - ok
14:12:41.0795 0x0744 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
14:12:41.0816 0x0744 EventSystem - ok
14:12:41.0821 0x0744 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
14:12:41.0840 0x0744 exfat - ok
14:12:41.0845 0x0744 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:12:41.0864 0x0744 fastfat - ok
14:12:41.0876 0x0744 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
14:12:41.0889 0x0744 Fax - ok
14:12:41.0892 0x0744 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:12:41.0897 0x0744 fdc - ok
14:12:41.0899 0x0744 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
14:12:41.0916 0x0744 fdPHost - ok
14:12:41.0918 0x0744 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
14:12:41.0934 0x0744 FDResPub - ok
14:12:41.0937 0x0744 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:12:41.0943 0x0744 FileInfo - ok
14:12:41.0945 0x0744 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:12:41.0970 0x0744 Filetrace - ok
14:12:41.0972 0x0744 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:12:41.0977 0x0744 flpydisk - ok
14:12:41.0986 0x0744 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:12:41.0994 0x0744 FltMgr - ok
14:12:42.0014 0x0744 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
14:12:42.0034 0x0744 FontCache - ok
14:12:42.0037 0x0744 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:12:42.0042 0x0744 FontCache3.0.0.0 - ok
14:12:42.0045 0x0744 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:12:42.0050 0x0744 FsDepends - ok
14:12:42.0052 0x0744 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:12:42.0057 0x0744 Fs_Rec - ok
14:12:42.0067 0x0744 [ B0DAD5527EF954308839B0A6EF9413BF, B08C4D3472F28314C131BC36ED9EFFE5697239E4CB5C937E126C56B04D9E9357 ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
14:12:42.0077 0x0744 Futuremark SystemInfo Service - ok
14:12:42.0085 0x0744 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:12:42.0094 0x0744 fvevol - ok
14:12:42.0097 0x0744 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:12:42.0102 0x0744 gagp30kx - ok
14:12:42.0116 0x0744 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
14:12:42.0141 0x0744 gpsvc - ok
14:12:42.0143 0x0744 GPUZ - ok
14:12:42.0147 0x0744 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:12:42.0152 0x0744 gupdate - ok
14:12:42.0155 0x0744 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:12:42.0160 0x0744 gupdatem - ok
14:12:42.0162 0x0744 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
14:12:42.0167 0x0744 hamachi - ok
14:12:42.0169 0x0744 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:12:42.0174 0x0744 hcw85cir - ok
14:12:42.0182 0x0744 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:12:42.0193 0x0744 HdAudAddService - ok
14:12:42.0197 0x0744 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:12:42.0204 0x0744 HDAudBus - ok
14:12:42.0207 0x0744 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:12:42.0212 0x0744 HidBatt - ok
14:12:42.0215 0x0744 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:12:42.0223 0x0744 HidBth - ok
14:12:42.0225 0x0744 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:12:42.0232 0x0744 HidIr - ok
14:12:42.0234 0x0744 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
14:12:42.0251 0x0744 hidserv - ok
14:12:42.0254 0x0744 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:12:42.0259 0x0744 HidUsb - ok
14:12:42.0328 0x0744 [ C193FE8507607B2917A6F9B554132559, 962B065219D305B2DE1B4816D234438FBF8F6A79D45389683A21657733C14D5B ] HiPatchService D:\Hry\Smite\HiPatchService.exe
14:12:42.0337 0x0744 HiPatchService - detected UnsignedFile.Multi.Generic ( 1 )
14:12:45.0068 0x0744 HiPatchService ( UnsignedFile.Multi.Generic ) - warning
14:12:45.0068 0x0744 Force sending object to P2P due to detect: HiPatchService
14:12:47.0840 0x0744 Object send P2P result: true
14:12:50.0533 0x0744 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:12:50.0569 0x0744 hkmsvc - ok
14:12:50.0578 0x0744 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:12:50.0588 0x0744 HomeGroupListener - ok
14:12:50.0593 0x0744 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:12:50.0601 0x0744 HomeGroupProvider - ok
14:12:50.0604 0x0744 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:12:50.0610 0x0744 HpSAMD - ok
14:12:50.0624 0x0744 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:12:50.0649 0x0744 HTTP - ok
14:12:50.0651 0x0744 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:12:50.0656 0x0744 hwpolicy - ok
14:12:50.0660 0x0744 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:12:50.0666 0x0744 i8042prt - ok
14:12:50.0674 0x0744 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:12:50.0684 0x0744 iaStorV - ok
14:12:50.0688 0x0744 [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
14:12:50.0691 0x0744 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
14:12:53.0352 0x0744 Detect skipped due to KSN trusted
14:12:53.0352 0x0744 IDriverT - ok
14:12:53.0404 0x0744 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:12:53.0432 0x0744 idsvc - ok
14:12:53.0445 0x0744 [ 4A2CAA578E0A829A15CD76CEC66A1E41, 4F01D251EC8EE2AC99C7540C8D4636EFF89B3F72EDE26412EE741E01EE3B8E02 ] IDSVia64 C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20150330.001\IDSvia64.sys
14:12:53.0458 0x0744 IDSVia64 - ok
14:12:53.0461 0x0744 IEEtwCollectorService - ok
14:12:53.0463 0x0744 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:12:53.0469 0x0744 iirsp - ok
14:12:53.0471 0x0744 [ E18725531054FE222115873AC1CCB02B, 0FC4B9D5DF77E19E4732759B848B4BCBBD44A124304FA8333BB3B7BC37E15FB8 ] ikbevent C:\Windows\system32\DRIVERS\ikbevent.sys
14:12:53.0476 0x0744 ikbevent - ok
14:12:53.0490 0x0744 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
14:12:53.0506 0x0744 IKEEXT - ok
14:12:53.0509 0x0744 [ 45060257BCA3D60204FEC29F6E6DE458, C9FB92FEEFC0DC5386B545A8E429D60B932360B9044A920F6F2EDD5CF3B7B5A0 ] imsevent C:\Windows\system32\DRIVERS\imsevent.sys
14:12:53.0513 0x0744 imsevent - ok
14:12:53.0569 0x0744 [ E551BB77E7D436380139977124BDFF62, 34C339D5FDAE67E6A73753D0607B5D9E5735421C2EF93C183844AF5D858BFE82 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:12:53.0617 0x0744 IntcAzAudAddService - ok
14:12:53.0635 0x0744 [ DDA8E5AD97231AB50B81FED04C28F64C, 5C9E8F7CC45A9AE7FF12A02641562E271D84894DFA7C50218AC2AAA298251B60 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
14:12:53.0646 0x0744 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
14:12:56.0400 0x0744 Detect skipped due to KSN trusted
14:12:56.0400 0x0744 Intel(R) Capability Licensing Service Interface - ok
14:12:56.0443 0x0744 [ 86FE509640D77FB0998FC8B1FF5523C6, 13E895DEB9B84379251699D7E52C5E3FD888994425DE01B6C4634F9E959D5584 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
14:12:56.0469 0x0744 Intel(R) Capability Licensing Service TCP IP Interface - ok
14:12:56.0471 0x0744 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
14:12:56.0476 0x0744 intelide - ok
14:12:56.0478 0x0744 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:12:56.0484 0x0744 intelppm - ok
14:12:56.0488 0x0744 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:12:56.0505 0x0744 IPBusEnum - ok
14:12:56.0508 0x0744 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:12:56.0525 0x0744 IpFilterDriver - ok
14:12:56.0536 0x0744 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:12:56.0548 0x0744 iphlpsvc - ok
14:12:56.0551 0x0744 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:12:56.0557 0x0744 IPMIDRV - ok
14:12:56.0561 0x0744 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:12:56.0579 0x0744 IPNAT - ok
14:12:56.0581 0x0744 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:12:56.0588 0x0744 IRENUM - ok
14:12:56.0590 0x0744 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:12:56.0595 0x0744 isapnp - ok
14:12:56.0600 0x0744 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:12:56.0608 0x0744 iScsiPrt - ok
14:12:56.0611 0x0744 [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT C:\Windows\system32\DRIVERS\ISCTD64.sys
14:12:56.0616 0x0744 ISCT - ok
14:12:56.0621 0x0744 [ 3DD3B19BB2981F459482D664DA9C7F16, BCA3AAE5A5C4DF04B2C5776BF1E2E805107BDD504CA4B725C3EDAF862DCCDF11 ] ISCTAgent C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
14:12:56.0628 0x0744 ISCTAgent - ok
14:12:56.0630 0x0744 [ 78D369F8A81A341109FBA1DB64B4C512, E584F693255CCBF7006E7D35984149CF599BB0849A8F02EFDD6223DF0D606049 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
14:12:56.0635 0x0744 iusb3hcs - ok
14:12:56.0642 0x0744 [ 5B632ABA038CE2E2D5D2D1115C6B26D1, 605A8FFA704E4369CF9D17DF8630DC9E196B8920D47F1CC5151759E60B234C1F ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
14:12:56.0651 0x0744 iusb3hub - ok
14:12:56.0665 0x0744 [ EA841584EF59528D11F20355770E427E, 515737761BB2A0A233F4AD141E28D93E3B9789320A15B7D5FB3DB5AC3CD8E249 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
14:12:56.0679 0x0744 iusb3xhc - ok
14:12:56.0685 0x0744 [ 9BFDEFD51800A2D47D43919653F4BEF4, C7221D9F82F7F04343EDA6FE41A4EC4C97F6DC4170780AA3983C8735369A5026 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
14:12:56.0692 0x0744 jhi_service - ok
14:12:56.0694 0x0744 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:12:56.0700 0x0744 kbdclass - ok
14:12:56.0702 0x0744 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:12:56.0707 0x0744 kbdhid - ok
14:12:56.0711 0x0744 [ 819433A6CFC8771F0A2B0BB8EF6125B1, 37BE3545E3782CFA56F1A890B389CDF37C48F177CEE3EF23F4FDDF3D2A094DD3 ] Ke2200 C:\Windows\system32\DRIVERS\e22w7x64.sys
14:12:56.0718 0x0744 Ke2200 - ok
14:12:56.0720 0x0744 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] KeyIso C:\Windows\system32\lsass.exe
14:12:56.0725 0x0744 KeyIso - ok
14:12:56.0728 0x0744 [ 56ED3EE5FED6BF2FC1305CF872042868, 44F77AE3CD83284800FF106156ABCB63047327855E2535EE278289AF6F05579C ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:12:56.0734 0x0744 KSecDD - ok
14:12:56.0738 0x0744 [ 8BA90F480705D7153AD0060CCA62222A, B3E610DFAB382368114D026947084A72AFC4F5BF9C28317F411D4ED91E0B3192 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:12:56.0745 0x0744 KSecPkg - ok
14:12:56.0747 0x0744 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:12:56.0764 0x0744 ksthunk - ok
14:12:56.0771 0x0744 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
14:12:56.0792 0x0744 KtmRm - ok
14:12:56.0798 0x0744 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
14:12:56.0816 0x0744 LanmanServer - ok
14:12:56.0820 0x0744 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:12:56.0837 0x0744 LanmanWorkstation - ok
14:12:56.0841 0x0744 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:12:56.0858 0x0744 lltdio - ok
14:12:56.0865 0x0744 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:12:56.0885 0x0744 lltdsvc - ok
14:12:56.0887 0x0744 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:12:56.0903 0x0744 lmhosts - ok
14:12:56.0906 0x0744 LMIInfo - ok
14:12:56.0908 0x0744 [ 413ECDCFAD9A82804D3674C8D7EEC24E, C8A65ED0B079D16D1A4449E840B4A9475388FBE61B5A84DFEFC35F4FB3B9A9B1 ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
14:12:56.0912 0x0744 lmimirr - ok
14:12:56.0914 0x0744 LMIRfsClientNP - ok
14:12:56.0916 0x0744 [ C57D3FAA50E6F395759FFB7C709BD944, 7B0B86F0E710934D57801E1F7BB048AD878F871147B2A16BBF81219A4022B499 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
14:12:56.0921 0x0744 LMIRfsDriver - ok
14:12:56.0929 0x0744 [ 53CC0D5394A28C3344285357E85B2DA1, F02B892E21DABC14143770BA2F710CACDC6437811CEB86EECAB0A6A6F3F8359E ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:12:56.0938 0x0744 LMS - ok
14:12:56.0943 0x0744 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:12:56.0949 0x0744 LSI_FC - ok
14:12:56.0952 0x0744 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:12:56.0958 0x0744 LSI_SAS - ok
14:12:56.0960 0x0744 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:12:56.0966 0x0744 LSI_SAS2 - ok
14:12:56.0969 0x0744 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:12:56.0976 0x0744 LSI_SCSI - ok
14:12:56.0979 0x0744 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
14:12:56.0996 0x0744 luafv - ok
14:12:56.0999 0x0744 [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
14:12:57.0003 0x0744 MBfilt - ok
14:12:57.0006 0x0744 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:12:57.0013 0x0744 Mcx2Svc - ok
14:12:57.0015 0x0744 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:12:57.0020 0x0744 megasas - ok
14:12:57.0027 0x0744 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:12:57.0035 0x0744 MegaSR - ok
14:12:57.0038 0x0744 [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
14:12:57.0043 0x0744 MEIx64 - ok
14:12:57.0049 0x0744 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
14:12:57.0055 0x0744 Microsoft Office Groove Audit Service - ok
14:12:57.0057 0x0744 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
14:12:57.0075 0x0744 MMCSS - ok
14:12:57.0077 0x0744 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
14:12:57.0094 0x0744 Modem - ok
14:12:57.0096 0x0744 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:12:57.0102 0x0744 monitor - ok
14:12:57.0107 0x0744 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:12:57.0112 0x0744 mouclass - ok
14:12:57.0114 0x0744 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:12:57.0120 0x0744 mouhid - ok
14:12:57.0123 0x0744 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:12:57.0129 0x0744 mountmgr - ok
14:12:57.0133 0x0744 [ DFCD29AB147716CA72416FA7D2196D46, ED60BF354347697F69A78C9FBE1ADCBE0C3EB4C2CC8DB97A7FA03A68BD796066 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:12:57.0138 0x0744 MozillaMaintenance - ok
14:12:57.0142 0x0744 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
14:12:57.0149 0x0744 mpio - ok
14:12:57.0152 0x0744 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:12:57.0169 0x0744 mpsdrv - ok
14:12:57.0184 0x0744 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:12:57.0211 0x0744 MpsSvc - ok
14:12:57.0215 0x0744 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:12:57.0222 0x0744 MRxDAV - ok
14:12:57.0226 0x0744 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:12:57.0233 0x0744 mrxsmb - ok
14:12:57.0240 0x0744 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:12:57.0249 0x0744 mrxsmb10 - ok
14:12:57.0253 0x0744 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:12:57.0259 0x0744 mrxsmb20 - ok
14:12:57.0261 0x0744 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
14:12:57.0266 0x0744 msahci - ok
14:12:57.0270 0x0744 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:12:57.0277 0x0744 msdsm - ok
14:12:57.0281 0x0744 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
14:12:57.0288 0x0744 MSDTC - ok
14:12:57.0291 0x0744 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:12:57.0308 0x0744 Msfs - ok
14:12:57.0310 0x0744 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:12:57.0326 0x0744 mshidkmdf - ok
14:12:57.0327 0x0744 MSICDSetup - ok
14:12:57.0329 0x0744 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:12:57.0334 0x0744 msisadrv - ok
14:12:57.0338 0x0744 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:12:57.0356 0x0744 MSiSCSI - ok
14:12:57.0358 0x0744 msiserver - ok
14:12:57.0360 0x0744 [ B80E0434E7027E87259FD2FA28AA1543, E4301504578566C8DE4757F6DC3C9A70CF79C005E631154C2BCD34DFAC1111C2 ] MSI_Trigger_Service C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
14:12:57.0378 0x0744 MSI_Trigger_Service - ok
14:12:57.0380 0x0744 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:12:57.0396 0x0744 MSKSSRV - ok
14:12:57.0398 0x0744 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:12:57.0414 0x0744 MSPCLOCK - ok
14:12:57.0415 0x0744 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:12:57.0431 0x0744 MSPQM - ok
14:12:57.0439 0x0744 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:12:57.0448 0x0744 MsRPC - ok
14:12:57.0451 0x0744 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:12:57.0456 0x0744 mssmbios - ok
14:12:57.0458 0x0744 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:12:57.0474 0x0744 MSTEE - ok
14:12:57.0476 0x0744 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:12:57.0481 0x0744 MTConfig - ok
14:12:57.0483 0x0744 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
14:12:57.0489 0x0744 Mup - ok
14:12:57.0498 0x0744 [ 06F83F2E1FE29115E2D397046BA3C10D, 6551E1A580B6FB7047D445F81305451BB0408859376DE9EA2132F5C5EB48993A ] N360 C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\N360.exe
14:12:57.0506 0x0744 N360 - ok
14:12:57.0515 0x0744 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
14:12:57.0537 0x0744 napagent - ok
14:12:57.0544 0x0744 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:12:57.0555 0x0744 NativeWifiP - ok
14:12:57.0559 0x0744 [ 54F4B358F41C664CBDE4507D67EED1CD, CDCA0A778AF596933CD7CBF1119FCA551ECC03CBBD4F1E8213C3FD2FECA902F2 ] NAVENG C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150330.032\ENG64.SYS
14:12:57.0565 0x0744 NAVENG - ok
14:12:57.0601 0x0744 [ A74D67EEEB3938FD2FA3B65B24C32C44, 4D780B70B57E23A3A155794C4DEEBD856E32D35B789BDF4673AAC8FC3AC4367B ] NAVEX15 C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150330.032\EX64.SYS
14:12:57.0632 0x0744 NAVEX15 - ok
14:12:57.0640 0x0744 [ 4AA10AEFC7E7FB30BAA8706BC5798E1D, 5F3EC3DF7CD99F6CC55C954A512005C77057F705110046CCD8D262CA0872E74A ] NCO C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
14:12:57.0646 0x0744 NCO - ok
14:12:57.0663 0x0744 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
14:12:57.0680 0x0744 NDIS - ok
14:12:57.0683 0x0744 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:12:57.0699 0x0744 NdisCap - ok
14:12:57.0701 0x0744 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:12:57.0717 0x0744 NdisTapi - ok
14:12:57.0720 0x0744 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:12:57.0736 0x0744 Ndisuio - ok
14:12:57.0741 0x0744 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:12:57.0758 0x0744 NdisWan - ok
14:12:57.0761 0x0744 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:12:57.0777 0x0744 NDProxy - ok
14:12:57.0780 0x0744 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:12:57.0797 0x0744 NetBIOS - ok
14:12:57.0803 0x0744 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:12:57.0821 0x0744 NetBT - ok
14:12:57.0824 0x0744 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] Netlogon C:\Windows\system32\lsass.exe
14:12:57.0829 0x0744 Netlogon - ok
14:12:57.0836 0x0744 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
14:12:57.0857 0x0744 Netman - ok
14:12:57.0861 0x0744 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:12:57.0872 0x0744 NetMsmqActivator - ok
14:12:57.0875 0x0744 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:12:57.0883 0x0744 NetPipeActivator - ok
14:12:57.0892 0x0744 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
14:12:57.0914 0x0744 netprofm - ok
14:12:57.0918 0x0744 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:12:57.0925 0x0744 NetTcpActivator - ok
14:12:57.0928 0x0744 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:12:57.0936 0x0744 NetTcpPortSharing - ok
14:12:57.0938 0x0744 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:12:57.0944 0x0744 nfrd960 - ok
14:12:57.0950 0x0744 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
14:12:57.0959 0x0744 NlaSvc - ok
14:12:57.0961 0x0744 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:12:57.0978 0x0744 Npfs - ok
14:12:57.0979 0x0744 npggsvc - ok
14:12:57.0981 0x0744 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
14:12:57.0998 0x0744 nsi - ok
14:12:58.0000 0x0744 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:12:58.0016 0x0744 nsiproxy - ok
14:12:58.0044 0x0744 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:12:58.0070 0x0744 Ntfs - ok
14:12:58.0072 0x0744 NTIOLib_1_0_C - ok
14:12:58.0074 0x0744 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
14:12:58.0090 0x0744 Null - ok
14:12:58.0095 0x0744 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:12:58.0101 0x0744 nvraid - ok
14:12:58.0105 0x0744 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:12:58.0112 0x0744 nvstor - ok
14:12:58.0116 0x0744 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:12:58.0122 0x0744 nv_agp - ok
14:12:58.0132 0x0744 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:12:58.0142 0x0744 odserv - ok
14:12:58.0145 0x0744 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:12:58.0151 0x0744 ohci1394 - ok
14:12:58.0155 0x0744 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:12:58.0161 0x0744 ose - ok
14:12:58.0169 0x0744 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:12:58.0178 0x0744 p2pimsvc - ok
14:12:58.0187 0x0744 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
14:12:58.0198 0x0744 p2psvc - ok
14:12:58.0202 0x0744 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:12:58.0208 0x0744 Parport - ok
14:12:58.0211 0x0744 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:12:58.0217 0x0744 partmgr - ok
14:12:58.0221 0x0744 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:12:58.0229 0x0744 PcaSvc - ok
14:12:58.0233 0x0744 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
14:12:58.0240 0x0744 pci - ok
14:12:58.0242 0x0744 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
14:12:58.0247 0x0744 pciide - ok
14:12:58.0252 0x0744 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:12:58.0259 0x0744 pcmcia - ok
14:12:58.0262 0x0744 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
14:12:58.0267 0x0744 pcw - ok
14:12:58.0279 0x0744 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:12:58.0292 0x0744 PEAUTH - ok
14:12:58.0315 0x0744 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:12:58.0337 0x0744 PeerDistSvc - ok
14:12:58.0359 0x0744 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:12:58.0365 0x0744 PerfHost - ok
14:12:58.0391 0x0744 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
14:12:58.0424 0x0744 pla - ok
14:12:58.0434 0x0744 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:12:58.0444 0x0744 PlugPlay - ok
14:12:58.0447 0x0744 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:12:58.0452 0x0744 PNRPAutoReg - ok
14:12:58.0459 0x0744 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:12:58.0469 0x0744 PNRPsvc - ok
14:12:58.0478 0x0744 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:12:58.0500 0x0744 PolicyAgent - ok
14:12:58.0505 0x0744 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
14:12:58.0524 0x0744 Power - ok

[Bluefox151]

TDSSKiller log část 2: (Více než 100000 znaků, tak proto jsem to rozdělili na 2 části)

58.0527 0x0744 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:12:58.0544 0x0744 PptpMiniport - ok
14:12:58.0547 0x0744 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:12:58.0553 0x0744 Processor - ok
14:12:58.0558 0x0744 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
14:12:58.0565 0x0744 ProfSvc - ok
14:12:58.0567 0x0744 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:12:58.0573 0x0744 ProtectedStorage - ok
14:12:58.0577 0x0744 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:12:58.0594 0x0744 Psched - ok
14:12:58.0625 0x0744 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:12:58.0649 0x0744 ql2300 - ok
14:12:58.0653 0x0744 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:12:58.0659 0x0744 ql40xx - ok
14:12:58.0668 0x0744 [ F8AAB89156398C856660C35FD40C2E70, C8DA8113CD0522482181F756A5B8FE6D1DF648B5472D4750EA4FB4B46956B8BB ] Qualcomm Atheros Killer Service V2 C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
14:12:58.0674 0x0744 Qualcomm Atheros Killer Service V2 - detected UnsignedFile.Multi.Generic ( 1 )
14:13:01.0444 0x0744 Qualcomm Atheros Killer Service V2 ( UnsignedFile.Multi.Generic ) - warning
14:13:04.0165 0x0744 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
14:13:04.0197 0x0744 QWAVE - ok
14:13:04.0201 0x0744 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:13:04.0211 0x0744 QWAVEdrv - ok
14:13:04.0213 0x0744 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:13:04.0232 0x0744 RasAcd - ok
14:13:04.0235 0x0744 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:13:04.0252 0x0744 RasAgileVpn - ok
14:13:04.0255 0x0744 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
14:13:04.0273 0x0744 RasAuto - ok
14:13:04.0276 0x0744 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:13:04.0293 0x0744 Rasl2tp - ok
14:13:04.0300 0x0744 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
14:13:04.0320 0x0744 RasMan - ok
14:13:04.0324 0x0744 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:13:04.0341 0x0744 RasPppoe - ok
14:13:04.0344 0x0744 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:13:04.0361 0x0744 RasSstp - ok
14:13:04.0367 0x0744 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:13:04.0387 0x0744 rdbss - ok
14:13:04.0389 0x0744 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:13:04.0396 0x0744 rdpbus - ok
14:13:04.0397 0x0744 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:13:04.0414 0x0744 RDPCDD - ok
14:13:04.0419 0x0744 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:13:04.0426 0x0744 RDPDR - ok
14:13:04.0427 0x0744 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:13:04.0444 0x0744 RDPENCDD - ok
14:13:04.0446 0x0744 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:13:04.0462 0x0744 RDPREFMP - ok
14:13:04.0466 0x0744 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:13:04.0471 0x0744 RdpVideoMiniport - ok
14:13:04.0476 0x0744 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:13:04.0483 0x0744 RDPWD - ok
14:13:04.0489 0x0744 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:13:04.0496 0x0744 rdyboost - ok
14:13:04.0500 0x0744 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:13:04.0517 0x0744 RemoteAccess - ok
14:13:04.0522 0x0744 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:13:04.0540 0x0744 RemoteRegistry - ok
14:13:04.0543 0x0744 [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
14:13:04.0559 0x0744 ROOTMODEM - ok
14:13:04.0562 0x0744 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:13:04.0579 0x0744 RpcEptMapper - ok
14:13:04.0581 0x0744 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
14:13:04.0587 0x0744 RpcLocator - ok
14:13:04.0596 0x0744 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
14:13:04.0619 0x0744 RpcSs - ok
14:13:04.0621 0x0744 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:13:04.0638 0x0744 rspndr - ok
14:13:04.0640 0x0744 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:13:04.0645 0x0744 s3cap - ok
14:13:04.0647 0x0744 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] SamSs C:\Windows\system32\lsass.exe
14:13:04.0653 0x0744 SamSs - ok
14:13:04.0656 0x0744 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:13:04.0662 0x0744 sbp2port - ok
14:13:04.0667 0x0744 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:13:04.0686 0x0744 SCardSvr - ok
14:13:04.0689 0x0744 [ 20AE08C7072DD0263651F7E6D60D0ACD, AF7981F5909B5B928F2D935E40C858E65F32C85433E0C9927557ADB29EFC98CC ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
14:13:04.0696 0x0744 SCDEmu - ok
14:13:04.0698 0x0744 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:13:04.0714 0x0744 scfilter - ok
14:13:04.0733 0x0744 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
14:13:04.0763 0x0744 Schedule - ok
14:13:04.0766 0x0744 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:13:04.0783 0x0744 SCPolicySvc - ok
14:13:04.0787 0x0744 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:13:04.0795 0x0744 SDRSVC - ok
14:13:04.0797 0x0744 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:13:04.0814 0x0744 secdrv - ok
14:13:04.0816 0x0744 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
14:13:04.0832 0x0744 seclogon - ok
14:13:04.0835 0x0744 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
14:13:04.0852 0x0744 SENS - ok
14:13:04.0855 0x0744 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:13:04.0861 0x0744 SensrSvc - ok
14:13:04.0862 0x0744 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:13:04.0868 0x0744 Serenum - ok
14:13:04.0871 0x0744 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:13:04.0877 0x0744 Serial - ok
14:13:04.0880 0x0744 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:13:04.0885 0x0744 sermouse - ok
14:13:04.0890 0x0744 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
14:13:04.0908 0x0744 SessionEnv - ok
14:13:04.0910 0x0744 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:13:04.0916 0x0744 sffdisk - ok
14:13:04.0918 0x0744 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:13:04.0925 0x0744 sffp_mmc - ok
14:13:04.0926 0x0744 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:13:04.0933 0x0744 sffp_sd - ok
14:13:04.0935 0x0744 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:13:04.0940 0x0744 sfloppy - ok
14:13:04.0948 0x0744 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:13:04.0969 0x0744 SharedAccess - ok
14:13:04.0976 0x0744 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:13:04.0997 0x0744 ShellHWDetection - ok
14:13:04.0999 0x0744 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:13:05.0005 0x0744 SiSRaid2 - ok
14:13:05.0007 0x0744 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:13:05.0013 0x0744 SiSRaid4 - ok
14:13:05.0020 0x0744 [ A9C057A9463C25490CF99EA8DF8A4B35, 8F4D1C40D0F17EDBF84ED455B8946F782C7552383F0A07E410A9B6CFF7F51D63 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:13:05.0030 0x0744 SkypeUpdate - ok
14:13:05.0033 0x0744 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:13:05.0050 0x0744 Smb - ok
14:13:05.0053 0x0744 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:13:05.0059 0x0744 SNMPTRAP - ok
14:13:05.0061 0x0744 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
14:13:05.0066 0x0744 spldr - ok
14:13:05.0076 0x0744 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
14:13:05.0089 0x0744 Spooler - ok
14:13:05.0147 0x0744 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
14:13:05.0208 0x0744 sppsvc - ok
14:13:05.0214 0x0744 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:13:05.0232 0x0744 sppuinotify - ok
14:13:05.0240 0x0744 [ 74D30C2EF66C2EB19F17ED5423AA8038, F79AB2B2B60620565FB2169255F95F4B37F6113F0AF776D1BAD02681EBE0DB54 ] sptd C:\Windows\System32\Drivers\sptd.sys
14:13:05.0250 0x0744 sptd - ok
14:13:05.0266 0x0744 [ E163E10191958FF6A2B0B48353F9E9FD, C4F5B83B5C435458AEEC4BD5C6A0FE15F4C3CD5C23CA7F5949A62214634DBB36 ] SRTSP C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS
14:13:05.0281 0x0744 SRTSP - ok
14:13:05.0284 0x0744 [ 68E7B6708B9EEE021301C483825D05EA, 87E262405473A063E3E6E9D1D61D8381C997C95F77317CDBB3C59369436E70C5 ] SRTSPX C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS
14:13:05.0288 0x0744 SRTSPX - ok
14:13:05.0298 0x0744 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:13:05.0309 0x0744 srv - ok
14:13:05.0317 0x0744 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:13:05.0327 0x0744 srv2 - ok
14:13:05.0332 0x0744 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:13:05.0339 0x0744 srvnet - ok
14:13:05.0345 0x0744 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:13:05.0364 0x0744 SSDPSRV - ok
14:13:05.0367 0x0744 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:13:05.0384 0x0744 SstpSvc - ok
14:13:05.0398 0x0744 [ AC8B882D658AF3070167F59AE92E5CA3, 7781475B6A49DCE239FEE2B32767A7E58188EF04BC4BB29E04B40DAFD8214E85 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
14:13:05.0412 0x0744 Steam Client Service - ok
14:13:05.0415 0x0744 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:13:05.0420 0x0744 stexstor - ok
14:13:05.0430 0x0744 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
14:13:05.0445 0x0744 stisvc - ok
14:13:05.0448 0x0744 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:13:05.0453 0x0744 storflt - ok
14:13:05.0455 0x0744 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:13:05.0461 0x0744 storvsc - ok
14:13:05.0463 0x0744 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
14:13:05.0467 0x0744 swenum - ok
14:13:05.0477 0x0744 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
14:13:05.0500 0x0744 swprv - ok
14:13:05.0509 0x0744 [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] SymDS C:\Windows\system32\drivers\N360x64\1507000.00B\SYMDS64.SYS
14:13:05.0519 0x0744 SymDS - ok
14:13:05.0538 0x0744 [ 9F31630D7FC2DD9D5DA1CE359AAD1F46, 296D29EDF53956D1899DE4669AB429C280DF9F183F00AE1CE528E7C575802235 ] SymEFA C:\Windows\system32\drivers\N360x64\1507000.00B\SYMEFA64.SYS
14:13:05.0557 0x0744 SymEFA - ok
14:13:05.0563 0x0744 [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
14:13:05.0569 0x0744 SymEvent - ok
14:13:05.0575 0x0744 [ 2C95265BE19F338E1C1090E4E91055BB, 1E580E9367B1C89B06BD4B34EFD94CD511FD3AA1617D943DDFE0A28B7ED5D5F9 ] SymIRON C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS
14:13:05.0582 0x0744 SymIRON - ok
14:13:05.0593 0x0744 [ 5570A74FF9B1EFBC5154DD1E2F05C517, 2C883A0334CBE4AE257028805C9BB1E529A80F56BA6D341E8EBB83CB3E46FEB7 ] SymNetS C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS
14:13:05.0604 0x0744 SymNetS - ok
14:13:05.0606 0x0744 Synth3dVsc - ok
14:13:05.0637 0x0744 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
14:13:05.0667 0x0744 SysMain - ok
14:13:05.0671 0x0744 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:13:05.0680 0x0744 TabletInputService - ok
14:13:05.0682 0x0744 [ B70DF208E97536CA9F29289E609F5B16, 5D2AF3DE64A6DAF8F0EA8C1F05B13660EA9428450516A6B3FA8AB0C3B3218E2D ] taphss C:\Windows\system32\DRIVERS\taphss.sys
14:13:05.0687 0x0744 taphss - ok
14:13:05.0690 0x0744 [ BCF5E78E87D258088346E399E406E501, FD75AC5A7085E08AB00A2D0CE01970873598E381B6542DC5EBAC240D727AF6D7 ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
14:13:05.0695 0x0744 taphss6 - ok
14:13:05.0702 0x0744 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
14:13:05.0722 0x0744 TapiSrv - ok
14:13:05.0725 0x0744 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
14:13:05.0742 0x0744 TBS - ok
14:13:05.0773 0x0744 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:13:05.0802 0x0744 Tcpip - ok
14:13:05.0832 0x0744 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:13:05.0861 0x0744 TCPIP6 - ok
14:13:05.0865 0x0744 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:13:05.0870 0x0744 tcpipreg - ok
14:13:05.0873 0x0744 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:13:05.0878 0x0744 TDPIPE - ok
14:13:05.0880 0x0744 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:13:05.0885 0x0744 TDTCP - ok
14:13:05.0889 0x0744 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:13:05.0895 0x0744 tdx - ok
14:13:05.0898 0x0744 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
14:13:05.0903 0x0744 TermDD - ok
14:13:05.0915 0x0744 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
14:13:05.0929 0x0744 TermService - ok
14:13:05.0932 0x0744 [ 9201BE2BAB8A9FF8E20D8439AE3BB04D, D973C4FE5B8D02B15476D72B49105840A04DBFF8BCB77117C0354D046E6C02FB ] Themes C:\Windows\system32\themeservice.dll
14:13:05.0934 0x0744 Themes - detected UnsignedFile.Multi.Generic ( 1 )
14:13:08.0700 0x0744 Detect skipped due to KSN trusted
14:13:08.0700 0x0744 Themes - ok
14:13:08.0715 0x0744 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
14:13:08.0763 0x0744 THREADORDER - ok
14:13:08.0767 0x0744 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
14:13:08.0785 0x0744 TrkWks - ok
14:13:08.0790 0x0744 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:13:08.0808 0x0744 TrustedInstaller - ok
14:13:08.0811 0x0744 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:13:08.0816 0x0744 tssecsrv - ok
14:13:08.0819 0x0744 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:13:08.0825 0x0744 TsUsbFlt - ok
14:13:08.0826 0x0744 tsusbhub - ok
14:13:08.0830 0x0744 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:13:08.0847 0x0744 tunnel - ok
14:13:08.0849 0x0744 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:13:08.0855 0x0744 uagp35 - ok
14:13:08.0862 0x0744 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:13:08.0882 0x0744 udfs - ok
14:13:08.0885 0x0744 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:13:08.0892 0x0744 UI0Detect - ok
14:13:08.0895 0x0744 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:13:08.0900 0x0744 uliagpkx - ok
14:13:08.0902 0x0744 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
14:13:08.0908 0x0744 umbus - ok
14:13:08.0910 0x0744 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:13:08.0916 0x0744 UmPass - ok
14:13:08.0921 0x0744 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
14:13:08.0929 0x0744 UmRdpService - ok
14:13:08.0931 0x0744 [ 8F387A1CC015A3F5020700C657A0FC85, 6C3585887858F357C353102CAE5915A26B812C35374BF0126CE2AB1EF4A58EF8 ] UnsignedThemes C:\Windows\UnsignedThemesSvc.exe
14:13:08.0937 0x0744 UnsignedThemes - ok
14:13:08.0943 0x0744 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
14:13:08.0964 0x0744 upnphost - ok
14:13:08.0968 0x0744 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:13:08.0974 0x0744 usbaudio - ok
14:13:08.0978 0x0744 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:13:08.0984 0x0744 usbccgp - ok
14:13:08.0987 0x0744 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:13:08.0993 0x0744 usbcir - ok
14:13:08.0996 0x0744 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
14:13:09.0001 0x0744 usbehci - ok
14:13:09.0008 0x0744 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:13:09.0017 0x0744 usbhub - ok
14:13:09.0020 0x0744 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:13:09.0025 0x0744 usbohci - ok
14:13:09.0027 0x0744 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:13:09.0034 0x0744 usbprint - ok
14:13:09.0036 0x0744 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:13:09.0042 0x0744 USBSTOR - ok
14:13:09.0044 0x0744 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:13:09.0050 0x0744 usbuhci - ok
14:13:09.0052 0x0744 [ 297EE9C666FC8BB96A232DB0DDBA1E49, C4A3BC7495034E32BB2E0100DB0D9A64EE70F65B0F629F4F099412D03ABE8178 ] uxpatch C:\Windows\system32\drivers\uxpatch.sys
14:13:09.0058 0x0744 uxpatch - ok
14:13:09.0060 0x0744 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
14:13:09.0077 0x0744 UxSms - ok
14:13:09.0079 0x0744 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] VaultSvc C:\Windows\system32\lsass.exe
14:13:09.0084 0x0744 VaultSvc - ok
14:13:09.0086 0x0744 VComm - ok
14:13:09.0087 0x0744 VcommMgr - ok
14:13:09.0089 0x0744 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:13:09.0094 0x0744 vdrvroot - ok
14:13:09.0104 0x0744 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
14:13:09.0127 0x0744 vds - ok
14:13:09.0129 0x0744 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:13:09.0136 0x0744 vga - ok
14:13:09.0138 0x0744 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:13:09.0154 0x0744 VgaSave - ok
14:13:09.0156 0x0744 VGPU - ok
14:13:09.0161 0x0744 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:13:09.0168 0x0744 vhdmp - ok
14:13:09.0170 0x0744 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
14:13:09.0175 0x0744 viaide - ok
14:13:09.0180 0x0744 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:13:09.0187 0x0744 vmbus - ok
14:13:09.0189 0x0744 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:13:09.0194 0x0744 VMBusHID - ok
14:13:09.0196 0x0744 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:13:09.0202 0x0744 volmgr - ok
14:13:09.0209 0x0744 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:13:09.0219 0x0744 volmgrx - ok
14:13:09.0225 0x0744 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:13:09.0233 0x0744 volsnap - ok
14:13:09.0238 0x0744 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:13:09.0244 0x0744 vsmraid - ok
14:13:09.0271 0x0744 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
14:13:09.0307 0x0744 VSS - ok
14:13:09.0310 0x0744 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:13:09.0316 0x0744 vwifibus - ok
14:13:09.0324 0x0744 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
14:13:09.0346 0x0744 W32Time - ok
14:13:09.0349 0x0744 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:13:09.0354 0x0744 WacomPen - ok
14:13:09.0357 0x0744 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:13:09.0374 0x0744 WANARP - ok
14:13:09.0377 0x0744 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:13:09.0393 0x0744 Wanarpv6 - ok
14:13:09.0416 0x0744 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:13:09.0437 0x0744 WatAdminSvc - ok
14:13:09.0462 0x0744 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
14:13:09.0486 0x0744 wbengine - ok
14:13:09.0493 0x0744 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:13:09.0503 0x0744 WbioSrvc - ok
14:13:09.0510 0x0744 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:13:09.0522 0x0744 wcncsvc - ok
14:13:09.0525 0x0744 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:13:09.0530 0x0744 WcsPlugInService - ok
14:13:09.0533 0x0744 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:13:09.0538 0x0744 Wd - ok
14:13:09.0552 0x0744 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:13:09.0567 0x0744 Wdf01000 - ok
14:13:09.0570 0x0744 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:13:09.0577 0x0744 WdiServiceHost - ok
14:13:09.0579 0x0744 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:13:09.0586 0x0744 WdiSystemHost - ok
14:13:09.0591 0x0744 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
14:13:09.0600 0x0744 WebClient - ok
14:13:09.0605 0x0744 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:13:09.0625 0x0744 Wecsvc - ok
14:13:09.0633 0x0744 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:13:09.0651 0x0744 wercplsupport - ok
14:13:09.0654 0x0744 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
14:13:09.0672 0x0744 WerSvc - ok
14:13:09.0674 0x0744 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:13:09.0690 0x0744 WfpLwf - ok
14:13:09.0692 0x0744 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:13:09.0697 0x0744 WIMMount - ok
14:13:09.0698 0x0744 WinDefend - ok
14:13:09.0700 0x0744 WinHttpAutoProxySvc - ok
14:13:09.0709 0x0744 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:13:09.0728 0x0744 Winmgmt - ok
14:13:09.0759 0x0744 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
14:13:09.0790 0x0744 WinRM - ok
14:13:09.0809 0x0744 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:13:09.0828 0x0744 Wlansvc - ok
14:13:09.0865 0x0744 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:13:09.0898 0x0744 wlidsvc - ok
14:13:09.0902 0x0744 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:13:09.0908 0x0744 WmiAcpi - ok
14:13:09.0913 0x0744 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:13:09.0921 0x0744 wmiApSrv - ok
14:13:09.0922 0x0744 WMPNetworkSvc - ok
14:13:09.0924 0x0744 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:13:09.0930 0x0744 WPCSvc - ok
14:13:09.0933 0x0744 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:13:09.0941 0x0744 WPDBusEnum - ok
14:13:09.0943 0x0744 [ 7CA09731EB7FC99B910C7F239E57720F, 502F8917A0811F37C39B2B3F5E9B4F38A0E899C30CB29D3ECD87A50FF228E536 ] WPRO_41_2001 C:\Windows\system32\drivers\WPRO_41_2001.sys
14:13:09.0948 0x0744 WPRO_41_2001 - ok
14:13:09.0950 0x0744 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:13:09.0966 0x0744 ws2ifsl - ok
14:13:09.0969 0x0744 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
14:13:09.0978 0x0744 wscsvc - ok
14:13:09.0979 0x0744 WSearch - ok
14:13:10.0019 0x0744 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
14:13:10.0055 0x0744 wuauserv - ok
14:13:10.0060 0x0744 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:13:10.0066 0x0744 WudfPf - ok
14:13:10.0071 0x0744 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:13:10.0079 0x0744 WUDFRd - ok
14:13:10.0082 0x0744 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:13:10.0088 0x0744 wudfsvc - ok
14:13:10.0093 0x0744 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
14:13:10.0102 0x0744 WwanSvc - ok
14:13:10.0103 0x0744 ================ Scan global ===============================
14:13:10.0105 0x0744 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
14:13:10.0111 0x0744 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:13:10.0119 0x0744 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:13:10.0124 0x0744 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:13:10.0131 0x0744 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
14:13:10.0135 0x0744 [ Global ] - ok
14:13:10.0135 0x0744 ================ Scan MBR ==================================
14:13:10.0167 0x0744 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:13:10.0255 0x0744 \Device\Harddisk0\DR0 - ok
14:13:10.0261 0x0744 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:13:10.0492 0x0744 \Device\Harddisk1\DR1 - ok
14:13:10.0494 0x0744 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
14:13:10.0547 0x0744 \Device\Harddisk2\DR2 - ok
14:13:10.0547 0x0744 ================ Scan VBR ==================================
14:13:10.0551 0x0744 [ FD540E945D573F4AD49D7FA95533B0E0 ] \Device\Harddisk0\DR0\Partition1
14:13:10.0611 0x0744 \Device\Harddisk0\DR0\Partition1 - ok
14:13:10.0618 0x0744 [ 7958ECF3660DB52800DAD1EB8279235B ] \Device\Harddisk1\DR1\Partition1
14:13:10.0621 0x0744 \Device\Harddisk1\DR1\Partition1 - ok
14:13:10.0625 0x0744 [ 90A034377829C7B339435ED64DAC777D ] \Device\Harddisk1\DR1\Partition2
14:13:10.0629 0x0744 \Device\Harddisk1\DR1\Partition2 - ok
14:13:10.0634 0x0744 [ C657352766C41AE92E6DEADDF310F4A6 ] \Device\Harddisk2\DR2\Partition1
14:13:10.0637 0x0744 \Device\Harddisk2\DR2\Partition1 - ok
14:13:10.0638 0x0744 ================ Scan generic autorun ======================
14:13:10.0804 0x0744 [ 61389338DF2FE34B240F70B757A7EA27, A8BE0557A3B8BEB706418F27D9C8C4730E1869DC7DF4FDE82BCDF6355628109E ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
14:13:10.0896 0x0744 RTHDVCPL - ok
14:13:10.0904 0x0744 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\RunDLL32.exe
14:13:10.0912 0x0744 MBCfg64 - ok
14:13:10.0912 0x0744 LogMeIn GUI - ok
14:13:10.0925 0x0744 [ CF61EC0DDF6431D727FE13C4AD95C5FD, EE9002487EF11EAA1B058B573FD584431F02A233A9A8E64E095727423CB550C3 ] C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
14:13:10.0935 0x0744 Sound Blaster Cinema - detected UnsignedFile.Multi.Generic ( 1 )
14:13:13.0571 0x0744 Detect skipped due to KSN trusted
14:13:13.0571 0x0744 Sound Blaster Cinema - ok
14:13:13.0582 0x0744 [ C419DF63E0121D72411285780C2FC6CC, F47F854D327C589D174D3BB5B55D5C05F5ACA73DF52A6BEF47596B9010190291 ] C:\Windows\UpdReg.EXE
14:13:13.0596 0x0744 UpdReg - detected UnsignedFile.Multi.Generic ( 1 )
14:13:16.0403 0x0744 Detect skipped due to KSN trusted
14:13:16.0403 0x0744 UpdReg - ok
14:13:16.0418 0x0744 [ 094E4E76FB9AB960A73F841BC6733F42, 01C1BFF17BEC6588E192EC4D7ACB74FC9B95ECA7CB8BB9585B04FC8EA73C3B43 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
14:13:16.0434 0x0744 USB3MON - ok
14:13:16.0455 0x0744 [ B541D17A34FB8E9FD7B5CF66FF2C6607, FD2D06A5DE142682267FB8ADFB5942C3D0D742C0404385DBF196AF0B2A1935B7 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
14:13:16.0468 0x0744 StartCCC - ok
14:13:16.0475 0x0744 [ 0E36820C24A63A3BD3E93C0776B3F29F, A259C98D37132AEF93E2AB36C38E4E34626283114488F733C31075B2E0C06980 ] C:\Program Files (x86)\Manticore\MThid.exe
14:13:16.0480 0x0744 Manticore - detected UnsignedFile.Multi.Generic ( 1 )
14:13:19.0130 0x0744 Manticore ( UnsignedFile.Multi.Generic ) - warning
14:13:19.0131 0x0744 Force sending object to P2P due to detect: C:\Program Files (x86)\Manticore\MThid.exe
14:13:21.0918 0x0744 Object send P2P result: true
14:13:24.0649 0x0744 [ 462CD07EE236F1D149583B0123B64CEA, 8B64CB085FE2C3DE578FB5662923BCCC166096CEF9AAB2AC5DAE1896CE76D849 ] C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe
14:13:24.0655 0x0744 DeathTaker - detected UnsignedFile.Multi.Generic ( 1 )
14:13:27.0304 0x0744 DeathTaker ( UnsignedFile.Multi.Generic ) - warning
14:13:30.0045 0x0744 [ 919F88F5158350947FB255358CEA4907, E67E46DD7185A2B7928BDFFA7893CBF7D4BB92E4881F38E9DDB5E582D2D2D48E ] C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe
14:13:30.0075 0x0744 seznam-listicka-distribuce - ok
14:13:30.0085 0x0744 [ D0DBC5AA602EC8C80ECCDED2C3C58728, 5D5196CAE02560D558591C76BF252BF2B1B0662063925F0704650C204FB530B2 ] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
14:13:30.0094 0x0744 PWRISOVM.EXE - ok
14:13:30.0104 0x0744 [ 6405B55BFDC086253AFB640678242374, 5991D162161D18C511AB7190698E0F4A4CCA4ACBD2F127DFC9D89CDCA6B368AD ] C:\Program Files (x86)\Smart File Advisor\sfa.exe
14:13:30.0112 0x0744 Smart File Advisor - ok
14:13:30.0125 0x0744 [ 095E8C88ED4A66BF566E60F052C26A82, 4A4730C71D41CCE6BF38D21A5131E461853A5DAF6396FD33CE7C337F068B5D3B ] C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe
14:13:30.0137 0x0744 SFAUpdater - ok
14:13:30.0138 0x0744 msqicqSrv - ok
14:13:30.0149 0x0744 MSStp - ok
14:13:30.0154 0x0744 [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
14:13:30.0159 0x0744 GrooveMonitor - ok
14:13:30.0218 0x0744 [ F73154E180105822A5F9B755BA933737, 1CD775B6CE3736A70EC5FC7A6B77A2FEDA70D59B49A66046CC20B341005501D9 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
14:13:30.0267 0x0744 DAEMON Tools Lite - ok
14:13:30.0271 0x0744 Skype - ok
14:13:30.0274 0x0744 [ 6D9E1356A9C1B5F36698FAFF9205E34A, A7E37C2C0F1F35F5434144D5F1D282858D6B3CE995BE6612BA22FB7E83793F77 ] C:\Program Files (x86)\Xvid\CheckUpdate.exe
14:13:30.0275 0x0744 Xvid - detected UnsignedFile.Multi.Generic ( 1 )
14:13:32.0915 0x0744 Detect skipped due to KSN trusted
14:13:32.0915 0x0744 Xvid - ok
14:13:32.0945 0x0744 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:13:32.0967 0x0744 Sidebar - ok
14:13:32.0970 0x0744 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:13:32.0980 0x0744 mctadmin - ok
14:13:33.0000 0x0744 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:13:33.0019 0x0744 Sidebar - ok
14:13:33.0022 0x0744 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:13:33.0031 0x0744 mctadmin - ok
14:13:33.0031 0x0744 Waiting for KSN requests completion. In queue: 10
14:13:34.0031 0x0744 Waiting for KSN requests completion. In queue: 10
14:13:35.0031 0x0744 Waiting for KSN requests completion. In queue: 10
14:13:36.0063 0x0744 AV detected via SS2: Norton 360, C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\WSCStub.exe ( 21.7.0.0 ), 0x51000 ( enabled : updated )
14:13:36.0066 0x0744 FW detected via SS2: Norton 360, C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\WSCStub.exe ( 21.7.0.0 ), 0x51010 ( enabled )
14:13:38.0770 0x0744 ============================================================
14:13:38.0770 0x0744 Scan finished
14:13:38.0770 0x0744 ============================================================
14:13:38.0783 0x0b98 Detected object count: 4
14:13:38.0784 0x0b98 Actual detected object count: 4
14:14:02.0319 0x0b98 HiPatchService ( UnsignedFile.Multi.Generic ) - skipped by user
14:14:02.0320 0x0b98 HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:14:02.0321 0x0b98 Qualcomm Atheros Killer Service V2 ( UnsignedFile.Multi.Generic ) - skipped by user
14:14:02.0321 0x0b98 Qualcomm Atheros Killer Service V2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:14:02.0322 0x0b98 Manticore ( UnsignedFile.Multi.Generic ) - skipped by user
14:14:02.0322 0x0b98 Manticore ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:14:02.0323 0x0b98 DeathTaker ( UnsignedFile.Multi.Generic ) - skipped by user
14:14:02.0323 0x0b98 DeathTaker ( UnsignedFile.Multi.Generic ) - User select action: Skip

[Bluefox151]

Ahoj,

Smazal jsem registry, restartoval, FRST log zde:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by MSI (administrator) on GAARAOFTHESAND on 01-04-2015 17:14:02
Running from C:\Users\MSI\Desktop
Loaded Profiles: MSI (Available profiles: MSI)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hi-Rez Studios) D:\Hry\Smite\HiPatchService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(KYE) C:\Program Files (x86)\Manticore\MTHid.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Filefacts.net) C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe
() C:\Program Files (x86)\Genius\DeathTaker\trayicon.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-27] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [LogMeIn GUI] => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Manticore] => C:\Program Files (x86)\Manticore\MThid.exe [293376 2013-02-01] (KYE)
HKLM-x32\...\Run: [DeathTaker] => C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe [303616 2013-04-03] ()
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2014-03-11] (Power Software Ltd)
HKLM-x32\...\Run: [Smart File Advisor] => C:\Program Files (x86)\Smart File Advisor\sfa.exe [283248 2014-10-10] (Filefacts.net)
HKLM-x32\...\Run: [SFAUpdater] => C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe [655472 2014-10-10] (Filefacts.net)
HKLM-x32\...\Run: [msqicqSrv] => C:\Windows\SysWOW64\msqicq.vbe [649 2014-07-06] ()
HKLM-x32\...\Run: [MSStp] => C:\Windows\inf\msstp.vbe
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{7411487A-FF21-481E-AB53-BF27FF30E042}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-3133602536-102226362-2941794219-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {0D260770-E6F9-423F-8ABF-BC0A10C2CC56} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {20FCDCFE-F4B1-4FDD-B82A-58F76992265B} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {24FE2CFC-8C15-477B-8E29-8F5C7A8C77EE} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {4A216A52-C0D3-4D86-8570-178823E0238D} URL = http://www.mapy.cz/?query={searchTerms} ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {961CA2F3-9139-4F44-94F4-359CEEA9E064} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {B461C106-836A-4F19-9249-28402DAEB27A} URL = http://www.novinky.cz/hledej?w={searchT ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {B90FF399-4517-4634-9E1F-B331D6C96EE2} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {E2837E77-2E07-4413-AD67-38FA914A4B8F} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-3133602536-102226362-2941794219-1000 -> {EB188080-C56D-4159-AB86-5FC3201C404D} URL = http://encyklopedie.seznam.cz/search?q= ... arch_16194
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-22] (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> D:\Hry\ARC\Arc\Plugins\ArcPluginIE.dll [2014-12-18] (Perfect World Entertainment Inc)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-22] (Oracle Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\MSI\AppData\Roaming\Mozilla\Firefox\Profiles\bl1y1xf2.default
FF Homepage: user_pref("browser.startup.homepage", "about:home"about:home);
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-04-01] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-01] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-17] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> D:\Hry\ARC\Arc\Plugins\npArcPluginFF.dll [2014-12-18] (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-31] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3133602536-102226362-2941794219-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\MSI\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3133602536-102226362-2941794219-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\MSI\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-04] (Unity Technologies ApS)
FF Extension: Hotspot Shield Helper (Please allow this installation) - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.0.47\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2015-04-01]

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "hxxp://www.reerd.com/"
CHR Profile: C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-31]
CHR Extension: (Google Docs) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-31]
CHR Extension: (Google Drive) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-31]
CHR Extension: (Twisted Fate) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\behhgldcbkbflalpfcoaoaihjeekahip [2015-03-31]
CHR Extension: (YouTube) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-31]
CHR Extension: (Google Search) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-31]
CHR Extension: (Google Sheets) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-31]
CHR Extension: (New Tab Redirect) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2015-03-31]
CHR Extension: (Google Wallet) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-31]
CHR Extension: (Gmail) - C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-21]
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-24]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-21]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ArcService; D:\Hry\ARC\Arc\ArcService.exe [88400 2014-12-18] (Perfect World Entertainment Inc)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2014-10-29] (BitRaider, LLC)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-06-26] (BitRaider, LLC)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2013-11-21] (Futuremark)
U2 HiPatchService; D:\Hry\Smite\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [180200 2013-02-13] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-17] (Intel Corporation)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [29728 2013-05-28] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\N360.exe [265000 2015-03-07] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3191392 2014-05-15] (INCA Internet Co., Ltd.)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2013-12-09] (Qualcomm Atheros) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2014-11-27] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [80080 2013-11-08] (Qualcomm Atheros, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20150321.001\BHDrvx64.sys [1622744 2015-02-03] (Symantec Corporation)
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-06-27] (BitRaider)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-03] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20150331.001\IDSvia64.sys [671448 2015-03-27] (Symantec Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-02-13] ()
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150331.002\ENG64.SYS [129752 2015-03-31] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150331.002\EX64.SYS [2137304 2015-03-31] (Symantec Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-06-21] (Duplex Secure Ltd.)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-06-21] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-04-01] ()
U3 a9krzfmt; C:\Windows\System32\Drivers\a9krzfmt.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X]
S3 BlueletSCOAudio; system32\DRIVERS\BlueletSCOAudio.sys [X]
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S0 BTHidEnum; System32\Drivers\vbtenum.sys [X]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X]
S3 catchme; \??\C:\combofix\catchme.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys 9E9AE678BBA7E4B80E28F99CE23BC2D2
C:\Windows\System32\DRIVERS\atikmpag.sys 7A75C6913E3AD123C06D753B5642468E
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys 90C53BD47979FB8814F465A08B885102
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\drivers\AtihdW76.sys 37CB595C0AB20ECBFA5170D3185690DB
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bflwfx64.sys 15370F00194819D8194E655B77E24054
C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20150321.001\BHDrvx64.sys 99EE5EB9FCBAD85F1992C47C5BB68649
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\ProgramData\BitRaider\BRDriver64.sys D4F84730BE7FEB435D119792F84EA934
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bridge.sys 5C2F352A4E961D72518261257AAE204B
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys 0510396A957E9FD7205BA62D3CAE4528
C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys 0510396A957E9FD7205BA62D3CAE4528
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 27667A788130A7F7A5858DE27572E6D7
C:\Windows\system32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dtsoftbus01.sys 33F90B202E9DD9B7D489EB59310FDC34
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 47A68B3DBBB34D4FE61DE221A8536627
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys B9773081AAF65E6D553496BA0CADCBB3
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hamachi.sys 1E6438D4EA6E1174A3B3B1EDC4DE660B
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20150331.001\IDSvia64.sys 4A2CAA578E0A829A15CD76CEC66A1E41
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ikbevent.sys E18725531054FE222115873AC1CCB02B
C:\Windows\System32\DRIVERS\imsevent.sys 45060257BCA3D60204FEC29F6E6DE458
C:\Windows\System32\drivers\RTKVHD64.sys E551BB77E7D436380139977124BDFF62
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\ISCTD64.sys 4EE2423C38F43D37F8497A672FD10BDC
C:\Windows\System32\DRIVERS\iusb3hcs.sys 78D369F8A81A341109FBA1DB64B4C512
C:\Windows\System32\DRIVERS\iusb3hub.sys 5B632ABA038CE2E2D5D2D1115C6B26D1
C:\Windows\System32\DRIVERS\iusb3xhc.sys EA841584EF59528D11F20355770E427E
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\e22w7x64.sys 819433A6CFC8771F0A2B0BB8EF6125B1
C:\Windows\System32\Drivers\ksecdd.sys 56ED3EE5FED6BF2FC1305CF872042868
C:\Windows\System32\Drivers\ksecpkg.sys 8BA90F480705D7153AD0060CCA62222A
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lmimirr.sys 413ECDCFAD9A82804D3674C8D7EEC24E
C:\Windows\system32\drivers\LMIRfsDriver.sys C57D3FAA50E6F395759FFB7C709BD944
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MBfilt64.sys 8FF2D95CBA49B405C5DE27039FF0BF35
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys 2BB3EAE2EA641515D4B205CAB29E1624
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys 87BCD1034CBF33537D4D4C251D39BA26
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150331.002\ENG64.SYS 54F4B358F41C664CBDE4507D67EED1CD
C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150331.002\EX64.SYS A74D67EEEB3938FD2FA3B65B24C32C44
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ED6E75158D28D33A2E2A020AC5B2B59D
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RootMdm.sys 388D3DD1A6457280F3BADBA9F3ACD6B1
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\Drivers\SCDEmu.sys 20AE08C7072DD0263651F7E6D60D0ACD
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\sptd.sys 74D30C2EF66C2EB19F17ED5423AA8038
C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS E163E10191958FF6A2B0B48353F9E9FD
C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS 68E7B6708B9EEE021301C483825D05EA
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS 5C9EE2303CA7F267665D75237862B39C
C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS 9F31630D7FC2DD9D5DA1CE359AAD1F46
C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 97E11C50CE52277B377396EA8838E539
C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS 2C95265BE19F338E1C1090E4E91055BB
C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS 5570A74FF9B1EFBC5154DD1E2F05C517
C:\Windows\System32\DRIVERS\taphss.sys B70DF208E97536CA9F29289E609F5B16
C:\Windows\System32\DRIVERS\taphss6.sys BCF5E78E87D258088346E399E406E501
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\system32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\system32\drivers\uxpatch.sys 297EE9C666FC8BB96A232DB0DDBA1E49
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\System32\drivers\WPRO_41_2001.sys 7CA09731EB7FC99B910C7F239E57720F
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\Drivers\a9krzfmt.sys

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== Three Months Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-01 14:11 - 2015-04-01 14:11 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\MSI\Downloads\tdsskiller.exe
2015-04-01 14:06 - 2015-04-01 14:06 - 00089031 _____ () C:\Users\MSI\Desktop\Shortcut.txt
2015-03-31 22:09 - 2015-04-01 17:03 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-03-31 22:09 - 2015-03-31 22:21 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-03-31 22:08 - 2015-03-31 22:08 - 20436568 _____ () C:\Users\MSI\Downloads\RogueKillerX64.exe
2015-03-31 22:08 - 2015-03-31 22:08 - 20436568 _____ () C:\Users\MSI\Desktop\RogueKillerX64.exe
2015-03-31 22:04 - 2015-03-31 22:04 - 00000000 ____D () C:\AdwCleaner
2015-03-31 22:03 - 2015-03-31 22:03 - 02208768 _____ () C:\Users\MSI\Downloads\adwcleaner_4.200.exe
2015-03-31 21:30 - 2015-04-01 17:12 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-03-31 21:22 - 2015-03-31 21:22 - 00027914 _____ () C:\ComboFix.txt
2015-03-31 21:10 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-31 21:10 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-31 21:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-31 21:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-31 21:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-31 21:10 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-03-31 21:10 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-03-31 21:10 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-03-31 21:08 - 2015-03-31 21:22 - 00000000 ____D () C:\Qoobox
2015-03-31 21:08 - 2015-03-31 21:14 - 00000000 ____D () C:\Windows\erdnt
2015-03-31 21:01 - 2015-03-31 21:01 - 05617096 ____R (Swearware) C:\Users\MSI\Desktop\combofix.exe
2015-03-31 20:43 - 2015-03-31 20:43 - 02095616 _____ (Farbar) C:\Users\MSI\Downloads\FRST64 (1).exe
2015-03-31 20:40 - 2015-04-01 17:14 - 00043540 _____ () C:\Users\MSI\Desktop\FRST.txt
2015-03-31 20:40 - 2015-04-01 14:06 - 00039253 _____ () C:\Users\MSI\Desktop\Addition.txt
2015-03-31 20:39 - 2015-04-01 17:14 - 00000000 ____D () C:\FRST
2015-03-31 20:39 - 2015-03-31 20:39 - 02095616 _____ (Farbar) C:\Users\MSI\Downloads\FRST64.exe
2015-03-31 20:39 - 2015-03-31 20:39 - 02095616 _____ (Farbar) C:\Users\MSI\Desktop\FRST64.exe
2015-03-31 19:11 - 2015-03-31 19:11 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-31 19:11 - 2015-03-31 19:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-31 19:10 - 2015-04-01 17:13 - 00000942 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-31 19:10 - 2015-04-01 16:15 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-31 19:10 - 2015-03-31 19:10 - 00003942 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-03-31 19:10 - 2015-03-31 19:10 - 00003690 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-03-31 19:00 - 2015-03-31 19:01 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\MSI\Downloads\SpyHunter-Installer.exe
2015-03-29 19:52 - 2015-03-29 19:52 - 09242612 _____ () C:\Users\MSI\Downloads\SasukeMod.rar
2015-03-29 19:26 - 2015-03-29 19:26 - 01197921 _____ () C:\Windows\unins002.exe
2015-03-29 19:26 - 2015-03-29 19:26 - 00007159 _____ () C:\Windows\unins002.dat
2015-03-29 19:25 - 2015-03-29 19:25 - 00892635 _____ (Seemann, Deji, Alien ) C:\Users\MSI\Downloads\CLEO4_setup.exe
2015-03-29 19:06 - 2015-03-29 19:06 - 00019038 _____ () C:\Users\MSI\Downloads\gtapoweroftheninjastrelok_1328793412.torrent
2015-03-29 18:58 - 2015-03-29 19:43 - 00000000 ____D () C:\Users\MSI\Documents\GTA San Andreas User Files
2015-03-29 17:37 - 2015-03-29 18:57 - 754051051 _____ () C:\Users\MSI\Downloads\GTA-San-Andreas (2).rar
2015-03-29 14:49 - 2015-03-29 14:49 - 00529107 _____ () C:\Users\MSI\Downloads\all-r90_b115.zip
2015-03-25 08:00 - 2015-03-11 06:06 - 00943616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-25 08:00 - 2015-03-11 06:06 - 00760832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-25 08:00 - 2015-03-11 06:06 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-25 08:00 - 2015-03-11 06:06 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-25 08:00 - 2015-03-11 06:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-25 08:00 - 2015-03-11 06:05 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-25 08:00 - 2015-03-11 06:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-25 08:00 - 2015-03-11 06:02 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-24 22:14 - 2015-03-24 22:32 - 00000867 _____ () C:\Users\Public\Desktop\Mass Effect 3.lnk
2015-03-24 08:13 - 2015-03-24 08:13 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2015-03-21 21:22 - 2015-03-21 21:22 - 00000684 _____ () C:\Users\Public\Desktop\Mass Effect 2.lnk
2015-03-21 21:22 - 2015-03-21 21:22 - 00000000 ____D () C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP
2015-03-21 21:22 - 2015-03-21 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 2
2015-03-21 21:15 - 2015-03-21 21:22 - 00018137 _____ () C:\Users\MSI\Documents\Install Mass Effect 2.log
2015-03-21 20:20 - 2015-03-21 20:20 - 00792416 _____ (Shark Labs) C:\Users\MSI\Downloads\CFSetup381.exe
2015-03-21 20:20 - 2015-03-21 20:20 - 00000000 ____D () C:\Program Files (x86)\Clownfish
2015-03-21 17:47 - 2015-03-21 17:47 - 00712597 _____ (Remote Mouse ) C:\Users\MSI\Downloads\RemoteMouse (1).exe
2015-03-19 18:21 - 2015-03-19 18:22 - 03739096 _____ () C:\Users\MSI\Downloads\bandicam-2015-03-19-17-20-08-286.avi
2015-03-18 22:47 - 2015-03-18 22:47 - 00000764 _____ () C:\Users\Public\Desktop\Heroes of the Storm.lnk
2015-03-18 22:47 - 2015-03-18 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2015-03-18 22:35 - 2015-03-18 22:35 - 00000733 _____ () C:\Users\Public\Desktop\Star Wars The Force Unleashed 2.lnk
2015-03-18 22:35 - 2015-03-18 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Wars The Force Unleashed 2
2015-03-18 15:26 - 2015-03-18 15:26 - 00000671 _____ () C:\Users\Public\Desktop\Mass Effect.lnk
2015-03-18 15:26 - 2015-03-18 15:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect
2015-03-16 20:46 - 2015-03-16 20:46 - 00000790 _____ () C:\Users\MSI\Desktop\Counter-Strike 1.6.lnk
2015-03-16 20:46 - 2015-03-16 20:46 - 00000740 _____ () C:\Users\MSI\Desktop\Half-Life.lnk
2015-03-16 20:46 - 2015-03-16 20:46 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2015-03-16 20:33 - 2015-03-16 20:41 - 283749156 _____ (Valve ) C:\Users\MSI\Downloads\cs16full_v42i_cskocz.exe
2015-03-15 15:34 - 2015-03-15 15:34 - 00000996 _____ () C:\Users\MSI\Desktop\GameSpy Arcade.lnk
2015-03-15 15:34 - 2015-03-15 15:34 - 00000695 _____ () C:\Users\Public\Desktop\Halo.lnk
2015-03-15 15:34 - 2015-03-15 15:34 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2015-03-15 15:34 - 2015-03-15 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2015-03-15 15:34 - 2015-03-15 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2015-03-15 15:34 - 2015-03-15 15:34 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2015-03-15 15:34 - 2015-03-15 15:34 - 00000000 ____D () C:\Program Files (x86)\GameSpy Arcade
2015-03-15 14:45 - 2015-03-15 15:21 - 641996800 _____ () C:\Users\MSI\Downloads\Halo-Combat-Evolved.iso
2015-03-15 11:49 - 2015-03-24 22:52 - 00000000 ____D () C:\Users\MSI\Documents\BioWare
2015-03-15 01:01 - 2015-03-15 01:02 - 11422713 _____ () C:\Users\MSI\Downloads\starmann65---Synthesia-Dream-s-2k11.zip
2015-03-15 00:47 - 2015-03-15 00:48 - 11838703 _____ () C:\Users\MSI\Downloads\Synthesia.rar
2015-03-15 00:42 - 2015-03-15 01:07 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\Synthesia
2015-03-15 00:42 - 2015-03-15 01:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthesia
2015-03-15 00:42 - 2015-03-15 01:03 - 00000000 ____D () C:\Program Files (x86)\Synthesia
2015-03-15 00:42 - 2015-03-15 00:42 - 00001913 _____ () C:\Users\Public\Desktop\Synthesia.lnk
2015-03-15 00:41 - 2015-03-15 00:41 - 03772184 _____ (Synthesia LLC) C:\Users\MSI\Downloads\Synthesia-10.1-installer.exe
2015-03-15 00:25 - 2015-03-15 00:25 - 00003040 _____ () C:\Windows\System32\Tasks\{B76583C1-6545-4388-9C33-6AB05BFA5B9C}
2015-03-11 20:06 - 2015-03-11 20:06 - 00000000 _____ () C:\Users\MSI\Downloads\stažený soubor.htm
2015-03-11 08:17 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 08:17 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 08:17 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 08:17 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 08:17 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 08:17 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 08:17 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 08:17 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 08:17 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 08:17 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 08:17 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 08:17 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 08:17 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 08:17 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 08:17 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 08:17 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 08:17 - 2015-02-24 05:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 08:17 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 08:17 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 08:17 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 08:17 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 08:17 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 08:17 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 08:17 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 08:17 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 08:17 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 08:17 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 08:17 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 08:17 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 08:17 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 08:17 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 08:17 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 08:17 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 08:17 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 08:17 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 08:17 - 2015-02-20 05:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 08:17 - 2015-02-20 05:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 08:17 - 2015-02-20 04:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 08:17 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 08:17 - 2015-02-20 04:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 08:17 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 08:17 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 08:17 - 2015-02-20 04:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 08:17 - 2015-02-20 04:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 08:17 - 2015-02-20 04:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 08:17 - 2015-02-20 04:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 08:17 - 2015-02-20 04:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 08:17 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 08:17 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 08:17 - 2015-02-20 04:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 08:17 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 08:17 - 2015-02-20 04:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 08:17 - 2015-02-20 04:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 08:17 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 08:17 - 2015-02-20 04:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 08:17 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 08:17 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 08:17 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 08:17 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 08:17 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 08:17 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 08:17 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 08:17 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 08:17 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 08:17 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 08:17 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 08:17 - 2015-02-20 03:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 08:17 - 2015-02-20 03:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 08:17 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 08:17 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 08:17 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 08:17 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 08:17 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 08:17 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 08:17 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 08:17 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 08:17 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 08:17 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 08:17 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 08:17 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 08:17 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 08:17 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 08:17 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 08:17 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 08:17 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 08:17 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 08:17 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 08:17 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 08:17 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 08:17 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 08:17 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 08:17 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 08:17 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 08:17 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 08:17 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 08:17 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 08:17 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 08:17 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 08:17 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 08:17 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 08:17 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 08:17 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 08:17 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 08:17 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 08:17 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 08:17 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 08:17 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 08:17 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 08:17 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 08:17 - 2015-01-31 05:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 08:17 - 2015-01-31 05:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 08:17 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 08:17 - 2015-01-31 01:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 08:17 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 08:17 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 08:17 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 08:16 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 08:16 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-08 20:01 - 2015-03-08 20:01 - 00026156 _____ () C:\Users\MSI\Downloads\[HorribleSubs] Shinmai Maou no Testament - 09 [720p].mkv.torrent
2015-03-08 16:45 - 2015-03-08 16:45 - 00002168 _____ () C:\Users\MSI\Desktop\Dawn of War - Dark Crusade.lnk
2015-03-08 16:44 - 2015-03-08 16:44 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\THQ
2015-03-08 16:43 - 2015-03-08 16:43 - 00000000 ____D () C:\Program Files (x86)\THQ
2015-03-08 16:41 - 2015-03-08 16:41 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\InstallShield
2015-03-08 15:00 - 2015-03-08 15:00 - 00276688 _____ () C:\Windows\Minidump\030815-12760-01.dmp
2015-03-07 22:42 - 2015-03-07 22:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CUT2 Evolution
2015-03-07 22:19 - 2015-03-07 22:19 - 00003138 _____ () C:\Windows\System32\Tasks\{F4733665-5BED-4F24-998A-CB329E5641CD}
2015-03-07 22:19 - 2006-07-17 12:25 - 34950005 _____ () C:\Users\MSI\Downloads\JunkWarv110Beta.ut4mod
2015-03-07 22:18 - 2015-03-07 22:19 - 17072060 _____ () C:\Users\MSI\Downloads\JunkWarv110Beta.exe
2015-03-07 22:17 - 2015-03-07 22:18 - 08180262 _____ () C:\Users\MSI\Downloads\arkon2004_v40-1.zip
2015-03-07 22:17 - 2015-03-07 22:17 - 13323776 _____ () C:\Users\MSI\Downloads\ut2004-winpatch3369.exe
2015-03-07 22:15 - 2015-03-07 22:15 - 00000881 _____ () C:\Users\MSI\Desktop\Play UT2004.lnk
2015-03-07 22:15 - 2015-03-07 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Tournament 2004
2015-03-05 22:35 - 2015-03-05 22:35 - 00276688 _____ () C:\Windows\Minidump\030515-8814-01.dmp
2015-03-05 08:13 - 2015-03-05 08:13 - 00262144 ____N () C:\Windows\Minidump\030515-9110-01.dmp
2015-03-04 19:38 - 2015-03-04 19:38 - 00276688 _____ () C:\Windows\Minidump\030415-8689-01.dmp
2015-03-04 17:20 - 2015-03-04 17:21 - 29720272 _____ () C:\Users\MSI\Downloads\SWTOR_setup.exe
2015-03-04 16:44 - 2015-03-04 16:44 - 00000000 ____D () C:\ProgramData\Installations
2015-03-03 21:46 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-03-03 21:46 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-03-03 21:46 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-03-03 21:46 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-03-02 01:13 - 2015-03-02 01:13 - 00276688 _____ () C:\Windows\Minidump\030215-9406-01.dmp
2015-02-28 16:06 - 2015-02-28 16:06 - 00276688 _____ () C:\Windows\Minidump\022815-21309-01.dmp
2015-02-26 21:35 - 2015-02-26 21:39 - 68819569 _____ () C:\Users\MSI\Downloads\Audiosurf.rar
2015-02-25 08:26 - 2015-01-09 01:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 08:26 - 2015-01-09 01:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-23 23:17 - 2015-03-18 23:10 - 00000000 ____D () C:\Users\MSI\Documents\Heroes of the Storm
2015-02-20 13:09 - 2015-02-20 13:09 - 10347150 _____ () C:\Users\MSI\Downloads\Ice-WoW-4.3.4.zip
2015-02-19 12:38 - 2015-02-19 12:38 - 00000746 _____ () C:\Users\Public\Desktop\Half-Life 2 Episode Two.lnk
2015-02-19 12:38 - 2015-02-19 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Half-Life 2 Episode Two
2015-02-19 10:33 - 2015-02-19 10:33 - 00000000 ____D () C:\Users\MSI\AppData\Local\Steam
2015-02-18 15:52 - 2015-02-18 15:52 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\roi
2015-02-15 19:59 - 2015-02-15 19:59 - 00093039 _____ () C:\Users\MSI\Downloads\cap_fonts.zip
2015-02-11 15:16 - 2015-01-28 01:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 15:15 - 2014-12-08 05:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 15:15 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 15:15 - 2014-11-26 05:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 15:15 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-09 20:14 - 2015-02-03 23:21 - 92623171 _____ () C:\Users\MSI\Desktop\DJ SONA ETHEREAL LW.wmv
2015-02-07 14:38 - 2015-02-07 14:38 - 00000801 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk
2015-02-07 14:38 - 2015-02-07 14:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2015-02-07 14:20 - 2015-02-07 14:20 - 00495916 _____ () C:\Users\MSI\Downloads\KaraborLauncherIP.zip
2015-02-03 23:20 - 2015-02-03 23:20 - 00431456 _____ () C:\Users\MSI\Downloads\W7DSA (2).zip
2015-02-03 23:19 - 2015-02-03 23:21 - 92623171 _____ () C:\Users\MSI\Downloads\bandicam_2015-02-03_22-02-41-210.wmv
2015-02-03 22:57 - 2015-02-03 22:57 - 09495760 _____ (Bandisoft) C:\Users\MSI\Downloads\bdcamsetup.exe
2015-02-03 22:52 - 2015-02-03 22:53 - 07293075 _____ () C:\Users\MSI\Downloads\Bandicam (2).rar
2015-02-03 22:49 - 2015-02-03 22:49 - 09388100 _____ () C:\Users\MSI\Downloads\Bandicam By MexyMike.rar
2015-02-03 22:42 - 2015-02-03 22:42 - 00431456 _____ () C:\Users\MSI\Downloads\W7DSA (1).zip
2015-02-03 22:41 - 2015-02-03 22:41 - 00431456 _____ () C:\Users\MSI\Downloads\W7DSA.zip
2015-02-03 22:24 - 2015-02-03 22:26 - 94296765 _____ () C:\Users\MSI\Downloads\bandicam_2015-02-03_20-57-59-686.wmv
2015-02-03 22:10 - 2015-02-03 22:10 - 00001308 _____ () C:\Users\Public\Desktop\Free Avi TO Wmv Converter.lnk
2015-02-03 22:10 - 2015-02-03 22:10 - 00000094 _____ () C:\Users\MSI\AppData\Roaming\settings.xml
2015-02-03 22:10 - 2015-02-03 22:10 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\convertaudiofree
2015-02-03 22:10 - 2015-02-03 22:10 - 00000000 ____D () C:\Users\MSI\AppData\Local\SkinSoft
2015-02-03 22:10 - 2015-02-03 22:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Avi To Wmv Converter
2015-02-03 22:10 - 2015-02-03 22:10 - 00000000 ____D () C:\Program Files (x86)\convertaudiofree
2015-02-03 22:09 - 2015-02-03 22:09 - 16741872 _____ (convertaudiofree) C:\Users\MSI\Downloads\avitowmv_setup.exe
2015-01-31 16:08 - 2015-01-31 16:08 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\RenPy
2015-01-31 14:12 - 2015-01-31 14:12 - 00000211 _____ () C:\Users\MSI\Desktop\Without Within.url
2015-01-29 00:15 - 2015-01-29 00:15 - 00684313 _____ () C:\Windows\SysWOW64\unins000.exe
2015-01-29 00:15 - 2015-01-29 00:15 - 00001159 _____ () C:\Windows\SysWOW64\unins000.dat
2015-01-29 00:15 - 2015-01-29 00:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screensavers
2015-01-29 00:15 - 2007-06-19 11:05 - 06006512 _____ () C:\Windows\SysWOW64\WorldofWarcraft.scr
2015-01-29 00:12 - 2015-01-29 00:13 - 57622422 _____ () C:\Users\MSI\Downloads\wowthemev45.zip
2015-01-18 10:32 - 2015-01-18 10:32 - 00262144 ____N () C:\Windows\Minidump\011815-8299-01.dmp
2015-01-18 10:30 - 2015-01-18 10:30 - 00000000 _____ () C:\Users\MSI\AppData\Local\{5D3DDE03-8D9A-49D1-A2D4-BC2CBE87EBD7}
2015-01-16 21:37 - 2015-03-28 10:22 - 00000000 ____D () C:\Users\MSI\AppData\Local\Warframe
2015-01-16 17:42 - 2015-01-16 17:42 - 00000211 _____ () C:\Users\MSI\Desktop\Warframe.url
2015-01-16 00:30 - 2015-01-16 00:30 - 00003584 _____ () C:\Users\MSI\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-15 20:24 - 2015-01-16 00:52 - 00412255 _____ () C:\Users\MSI\Downloads\Já.pptx
2015-01-14 15:12 - 2014-12-19 05:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 15:12 - 2014-12-19 03:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 15:12 - 2014-12-11 19:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 15:12 - 2014-12-06 06:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 15:12 - 2014-12-06 05:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 15:12 - 2014-12-06 05:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-09 21:38 - 2015-01-09 21:38 - 00000000 ____D () C:\Crash
2015-01-09 15:04 - 2015-01-09 15:04 - 00000000 ____D () C:\Users\MSI\AppData\Local\SCE
2015-01-08 21:54 - 2004-12-30 05:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\npptNT2.sys
2015-01-08 21:54 - 2003-07-15 14:17 - 00005174 _____ () C:\Windows\SysWOW64\nppt9x.vxd
2015-01-08 21:44 - 2015-01-08 21:44 - 00000211 _____ () C:\Users\MSI\Desktop\PlanetSide 2.url
2015-01-03 00:52 - 2015-01-03 00:52 - 00002061 _____ () C:\Users\MSI\Desktop\Wow – zástupce.lnk
2015-01-01 22:34 - 2015-01-01 22:42 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\Arc
2015-01-01 22:34 - 2015-01-01 22:34 - 00000000 ____D () C:\Users\Public\Documents\Arc
2015-01-01 22:33 - 2015-01-01 22:33 - 00000575 _____ () C:\Users\Public\Desktop\PWI.lnk
2015-01-01 22:33 - 2015-01-01 22:33 - 00000547 _____ () C:\Users\Public\Desktop\Arc.lnk
2015-01-01 22:33 - 2015-01-01 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
2015-01-01 22:31 - 2015-01-01 22:32 - 10317808 _____ (Perfect World Entertainment) C:\Users\MSI\Downloads\ArcInstall_PWI_20141223.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-01 17:13 - 2014-01-25 23:37 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\Skype
2015-04-01 17:12 - 2014-01-25 21:57 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-04-01 17:12 - 2014-01-25 21:37 - 01384280 _____ () C:\Windows\PFRO.log
2015-04-01 17:12 - 2014-01-25 21:22 - 01359502 _____ () C:\Windows\WindowsUpdate.log
2015-04-01 17:12 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-01 17:12 - 2009-07-14 06:51 - 00134263 _____ () C:\Windows\setupact.log
2015-04-01 16:56 - 2014-01-26 02:06 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-01 14:30 - 2014-10-24 14:24 - 00000920 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3133602536-102226362-2941794219-1000UA.job
2015-04-01 14:30 - 2014-10-24 14:24 - 00000898 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3133602536-102226362-2941794219-1000Core.job
2015-04-01 14:10 - 2009-07-14 06:45 - 00020880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-01 14:10 - 2009-07-14 06:45 - 00020880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-01 14:09 - 2009-07-14 17:18 - 06193542 _____ () C:\Windows\system32\perfh005.dat
2015-04-01 14:09 - 2009-07-14 17:18 - 02008848 _____ () C:\Windows\system32\perfc005.dat
2015-04-01 14:09 - 2009-07-14 07:13 - 00006228 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-01 07:10 - 2014-08-26 20:52 - 00000000 ____D () C:\Users\MSI\AppData\Local\Adobe
2015-04-01 07:10 - 2014-01-26 02:06 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-01 07:10 - 2014-01-26 02:06 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-01 07:10 - 2014-01-26 02:06 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-01 01:01 - 2014-10-07 01:09 - 00000030 _____ () C:\Users\MSI\AppData\Roaming\msquiku.dat
2015-04-01 00:25 - 2014-02-21 23:14 - 00000000 ____D () C:\Users\MSI\AppData\Local\Battle.net
2015-03-31 22:30 - 2014-11-21 20:50 - 00925184 _____ () C:\Windows\expstart.exe
2015-03-31 21:31 - 2014-04-18 07:45 - 00000330 _____ () C:\Users\MSI\rgut
2015-03-31 21:22 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-03-31 21:15 - 2014-04-23 00:52 - 00000000 ____D () C:\Users\dub_cm_auto
2015-03-31 19:11 - 2014-01-25 21:34 - 00000000 ____D () C:\Users\MSI\AppData\Local\Google
2015-03-31 19:11 - 2014-01-25 21:34 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-31 19:10 - 2014-12-14 12:17 - 00000000 ____D () C:\Users\MSI\AppData\Local\Deployment
2015-03-29 19:57 - 2014-01-27 00:39 - 00000000 ____D () C:\Users\MSI\AppData\Local\CrashDumps
2015-03-29 19:06 - 2014-01-29 17:05 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\uTorrent
2015-03-29 18:58 - 2014-02-01 11:47 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-03-28 20:25 - 2014-02-06 23:12 - 00000000 ____D () C:\Users\MSI\AppData\Roaming\TS3Client
2015-03-25 16:12 - 2014-10-11 08:28 - 00000448 ____H () C:\Windows\Tasks\Norton Security Scan for MSI.job
2015-03-25 15:43 - 2014-06-22 08:20 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Identity Safe
2015-03-25 15:04 - 2014-12-11 16:32 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-25 15:04 - 2014-08-11 12:50 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-24 22:30 - 2014-02-12 22:31 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-03-24 22:14 - 2014-12-20 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2015-03-24 19:10 - 2014-01-25 23:47 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2015-03-24 15:33 - 2014-06-21 08:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe
2015-03-24 15:33 - 2014-06-21 08:29 - 00000000 ____D () C:\Windows\system32\Drivers\NSTx64
2015-03-24 08:08 - 2014-06-21 08:36 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2015-03-24 08:08 - 2014-06-21 08:36 - 00002319 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2015-03-24 08:08 - 2014-06-21 08:35 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2015-03-24 08:08 - 2014-06-21 08:35 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2015-03-21 21:22 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-21 17:51 - 2014-02-09 21:08 - 00000056 _____ () C:\Windows\wincheater.ini
2015-03-21 09:44 - 2014-08-26 23:41 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-03-18 23:08 - 2014-01-25 22:04 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-03-17 16:17 - 2014-08-16 08:55 - 00000000 ____D () C:\Games
2015-03-15 15:51 - 2014-01-26 00:52 - 00000000 ____D () C:\Users\MSI\Documents\My Games
2015-03-15 11:06 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-15 00:27 - 2014-01-26 00:51 - 00375522 _____ () C:\Windows\DirectX.log
2015-03-14 22:20 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-11 18:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-03-11 16:58 - 2009-07-14 06:45 - 00410256 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-11 16:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-11 16:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 08:30 - 2014-01-28 21:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-11 08:28 - 2014-01-27 07:39 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 08:25 - 2014-01-27 07:39 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-08 16:43 - 2014-01-25 21:32 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-08 15:00 - 2014-01-26 17:53 - 00000000 ____D () C:\Windows\Minidump
2015-03-04 08:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing

==================== Files in the root of some directories =======

2014-10-07 01:09 - 2014-10-07 01:09 - 0009197 _____ () C:\Users\MSI\AppData\Roaming\mskwdgi.dat
2014-10-07 01:09 - 2015-04-01 01:01 - 0000030 _____ () C:\Users\MSI\AppData\Roaming\msquiku.dat
2015-02-03 22:10 - 2015-02-03 22:10 - 0000094 _____ () C:\Users\MSI\AppData\Roaming\settings.xml
2015-01-16 00:30 - 2015-01-16 00:30 - 0003584 _____ () C:\Users\MSI\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-07 12:12 - 2014-09-07 12:15 - 0000000 _____ () C:\Users\MSI\AppData\Local\Driver_LOM_8161Present.flag
2014-01-25 21:32 - 2014-09-07 12:14 - 0000690 _____ () C:\Users\MSI\AppData\Local\killertool.log
2014-10-22 21:41 - 2014-10-22 21:41 - 0000000 ___SH () C:\Users\MSI\AppData\Local\LumaEmu
2015-01-18 10:30 - 2015-01-18 10:30 - 0000000 _____ () C:\Users\MSI\AppData\Local\{5D3DDE03-8D9A-49D1-A2D4-BC2CBE87EBD7}

Some content of TEMP:
====================
C:\Users\MSI\AppData\Local\Temp\dllnt_dump.dll
C:\Users\MSI\AppData\Local\Temp\Quarantine.exe
C:\Users\MSI\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Spr vce spouçtŘnˇ syst‚mu Windows
--------------------
identifik tor {bootmgr}
device partition=\Device\HarddiskVolume2
description Windows Boot Manager
locale cs-CZ
inherit {globalsettings}
default {current}
resumeobject {d720cef7-85f4-11e3-aac5-9165f208093e}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Zav dŘcˇ program pro spouçtŘnˇ syst‚mu Windows
-------------------
identifik tor {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale cs-CZ
inherit {bootloadersettings}
osdevice partition=C:
systemroot \Windows
resumeobject {d720cef7-85f4-11e3-aac5-9165f208093e}
nx OptIn

Obnovenˇ z hibernace
---------------------
identifik tor {d720cef7-85f4-11e3-aac5-9165f208093e}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale cs-CZ
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No

Testov nˇ pamŘti syst‚mu Windows
---------------------
identifik tor {memdiag}
device partition=\Device\HarddiskVolume2
path \boot\memtest.exe
description Diagnostika pamŘti syst‚mu Windows
locale cs-CZ
inherit {globalsettings}
badmemoryaccess Yes

Nastavenˇ slu§by EMS
------------
identifik tor {emssettings}
bootems Yes

Nastavenˇ ladicˇho programu
-----------------
identifik tor {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

Chyby pamŘti RAM
-----------
identifik tor {badmemory}

Glob lnˇ nastavenˇ
---------------
identifik tor {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Nastavenˇ spouçtŘcˇho zavadŘźe
--------------------
identifik tor {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Nastavenˇ hypervisoru
-------------------
identifik tor {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Nastavenˇ zavadŘźe obnovenˇ
----------------------
identifik tor {resumeloadersettings}
inherit {globalsettings}



LastRegBack: 2015-03-25 16:14

==================== End Of Log ============================