goffer.exe

[konu]

Dodavatel internetového připojení mi posílá emaily že je za mojí přípojkou virus. V mailu mi pošle i odkaz co je to zač -

http://www.virustotal.com/en/file/a064a ... /analysis/

Zkoušel jsem emsisoft, roguekiller a pár dalších. Ty mi najdou jen soubory o kterých vím že jsou jen potencionálně nebezpečné.

[konu]

RogueKiller V10.2.0.0 (x64) [Jan 19 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9200 ) 64 bits version
Spuštěno : Normální režim
Uživatel : tom [Práva správce]
Mód : Prohledat -- Datum : 04/14/2015 17:11:21

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 14 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3332171635-80688016-592393309-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3332171635-80688016-592393309-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{0CAC6FFC-C225-4715-8D53-E2A5B6B4B21B} | NameServer : 46.33.112.42,46.33.96.2 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{4B26A61A-B27D-468D-ACA8-E591CEBA2684} | DhcpNameServer : 172.20.6.1 [(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{0CAC6FFC-C225-4715-8D53-E2A5B6B4B21B} | NameServer : 46.33.112.42,46.33.96.2 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{4B26A61A-B27D-468D-ACA8-E591CEBA2684} | DhcpNameServer : 172.20.6.1 [(Private Address) (XX)] -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3332171635-80688016-592393309-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3332171635-80688016-592393309-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3332171635-80688016-592393309-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3332171635-80688016-592393309-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3332171635-80688016-592393309-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3332171635-80688016-592393309-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3332171635-80688016-592393309-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3332171635-80688016-592393309-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 player.kmpmedia.net

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ADATA SX900 +++++
--- User ---
[MBR] 9ddb2cbe5f9463b7e683add6f49e8dcc
[BSP] c33b8b792600841365a8cb06af716df6 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 122002 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WDC WD10JPVX-00JC3T0 +++++
--- User ---
[MBR] 458418546a14f847bfcb1e83841edb52
[BSP] 7672cdc8786c4380721b9c8ca30c1125 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953866 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: Kingston DataTraveler 2.0 USB Device +++++
--- User ---
[MBR] 437e9a8aaa0619f3beaab5d0aa9e1000
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0xb) [VISIBLE] Offset (sectors): 128 | Size: 3812 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Po?adavek není podporován. )


============================================
RKreport_DEL_01272015_195122.log - RKreport_DEL_01272015_195816.log - RKreport_DEL_04062015_074246.log - RKreport_SCN_01272015_193734.log
RKreport_SCN_01272015_195232.log - RKreport_SCN_01272015_195855.log - RKreport_SCN_04062015_073720.log - RKreport_SCN_04132015_182042.log













Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-04-2015
Ran by tom (administrator) on ASUS-PC on 14-04-2015 17:06:43
Running from C:\Users\tom\Desktop\Bezpečnost
Loaded Profiles: tom (Available profiles: tom)
Platform: Windows 8.1 Enterprise (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Fan Filter Checker\FanChkSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\tom\Desktop\Bezpečnost\FRST64 Farbar Recovery Scan Tool.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595336 2014-10-01] (ESET)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5138032 2012-03-30] (VIA)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5138032 2012-03-30] (VIA)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
HKU\S-1-5-21-3332171635-80688016-592393309-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-3332171635-80688016-592393309-1001\...\MountPoints2: F - "F:\SETUP.EXE"
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-3332171635-80688016-592393309-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3332171635-80688016-592393309-1001 -> {AAF95CB0-2208-4414-8A5B-63D268CF73AB} URL = http://search.seznam.cz/?q={searchTerms ... chmodule_1
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-10] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-10] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
Toolbar: HKU\S-1-5-21-3332171635-80688016-592393309-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Hosts: 127.0.0.1 player.kmpmedia.net
Tcpip\..\Interfaces\{0CAC6FFC-C225-4715-8D53-E2A5B6B4B21B}: [NameServer] 46.33.112.42,46.33.96.2

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll [2014-12-22] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll [2014-12-22] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-10] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2012-12-13] (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-01-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-01-10] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2015-01-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2015-01-22] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-14]
CHR Extension: (Google Docs) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-14]
CHR Extension: (Google Drive) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-14]
CHR Extension: (YouTube) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-14]
CHR Extension: (Google Search) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-14]
CHR Extension: (Google Sheets) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-04]
CHR Extension: (Google Wallet) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-14]
CHR Extension: (Gmail) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2014-10-01] (ESET)
R2 FanChkService; C:\Program Files (x86)\ASUS\ASUS Fan Filter Checker\FanChkSrv.exe [45696 2012-01-20] (ASUSTek Computer Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-13] (Nitro PDF Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-30] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-02-03] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-03-23] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
S2 HitmanPro37CrusaderBoot; "G:\Programy\Bezpečnost\Hitman\HitmanPro_x64.exe" /crusader:boot [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-08-14] (Qualcomm Atheros Communications, Inc.)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 DLPortIO; C:\Windows\SysWOW64\DRIVERS\DLPortIO.SYS [3584 2000-06-29] () [File not signed]
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-10-10] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241368 2014-10-10] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169280 2014-10-10] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [222280 2014-10-10] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44632 2014-10-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [63160 2014-10-10] (ESET)
S3 ESETCleanersDriver; C:\Windows\system32\Drivers\ESETCleanersDriver.sys [170280 2014-12-14] (ESET)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [37624 2015-04-13] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WinDriver6; C:\Windows\system32\drivers\windrvr6.sys [268800 2014-01-28] (Jungo Connectivity)
S3 USBCCID; system32\DRIVERS\Rts5161ccid.sys [X]
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-14 16:24 - 2015-04-14 16:24 - 01222144 _____ () C:\Users\tom\Downloads\RSITx64.exe
2015-04-14 15:28 - 2012-07-26 07:32 - 00125872 _____ (GEAR Software Inc.) C:\Windows\system32\GEARAspi64.dll
2015-04-14 15:28 - 2012-07-26 07:32 - 00106928 _____ (GEAR Software Inc.) C:\Windows\SysWOW64\GEARAspi.dll
2015-04-14 15:28 - 2012-07-26 07:32 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-04-14 15:27 - 2015-04-14 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Bootable Recovery Tool Wizard
2015-04-14 15:27 - 2015-04-14 15:27 - 00000000 ____D () C:\Windows\system32\Drivers\NBRTWizardx64
2015-04-14 15:27 - 2015-04-14 15:27 - 00000000 ____D () C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard
2015-04-14 15:26 - 2015-04-14 15:26 - 00001358 _____ () C:\Users\tom\Desktop\Norton Installation Files.lnk
2015-04-13 18:29 - 2015-04-13 18:34 - 308004864 _____ () C:\Users\tom\Desktop\Kaspersky Rescue Disk 10.iso
2015-04-12 21:54 - 2015-04-12 22:21 - 00000000 ____D () C:\Program Files (x86)\Anti-Spy.Info
2015-04-12 21:54 - 2015-04-12 22:07 - 00000000 ____D () C:\ProgramData\AntiSpyInfo
2015-04-12 21:54 - 2015-04-12 21:54 - 02553160 _____ () C:\Users\tom\Downloads\antispy17.exe
2015-04-12 21:46 - 2015-04-14 16:25 - 00000000 ____D () C:\Program Files\trend micro
2015-04-12 21:46 - 2015-04-12 21:48 - 00000000 ____D () C:\rsit
2015-04-12 21:44 - 2015-04-14 17:06 - 00000000 ____D () C:\Users\tom\Desktop\Bezpečnost
2015-04-12 21:44 - 2015-04-12 21:44 - 00029696 _____ () C:\Users\tom\AppData\Local\MSGBOX.EXE
2015-04-12 21:36 - 2015-04-14 17:06 - 00000000 ____D () C:\FRST
2015-04-12 11:32 - 2015-04-12 11:32 - 00000000 ____D () C:\NPE
2015-04-11 15:50 - 2015-04-11 15:50 - 00010284 _____ () C:\Users\tom\eaglerc.usr
2015-04-11 15:45 - 2015-04-11 15:45 - 00032112 _____ () C:\Users\tom\Desktop\untitled.s##
2015-04-09 07:41 - 2015-04-09 07:42 - 340670464 _____ () C:\Users\tom\Downloads\eset-sysrescue.1.0.9.0.enu.iso
2015-04-08 20:15 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-08 20:15 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-08 20:15 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-08 20:15 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-08 20:15 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-08 20:15 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-08 20:15 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-08 20:15 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-08 20:15 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-08 20:15 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-04-08 17:04 - 2015-04-08 17:04 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2015-04-08 13:18 - 2015-04-08 13:18 - 00000000 ____D () C:\ProgramData\Emsisoft
2015-04-08 13:08 - 2015-04-08 13:08 - 166740264 _____ (Emsisoft Ltd. ) C:\Users\tom\Downloads\EmsisoftAntiMalwareSetup_4382129.exe
2015-04-07 20:59 - 2015-04-07 20:59 - 00000000 ____D () C:\Users\tom\Desktop\RS232
2015-04-07 20:56 - 2015-04-07 20:58 - 00640736 _____ () C:\Users\tom\Desktop\COM Port.rar
2015-04-06 20:53 - 2015-04-06 20:54 - 05046784 _____ () C:\Users\tom\Downloads\reverse-schema-web.vsd
2015-04-06 17:13 - 2015-04-06 17:29 - 184364089 _____ () C:\Users\tom\Downloads\Moderni-programovani.rar
2015-04-06 17:12 - 2015-04-09 08:20 - 00000000 ____D () C:\Users\tom\Desktop\Programování mikrokontrolérů PIC16Cxx -BEN- Jiří Hrbáček
2015-04-06 17:08 - 2015-04-06 17:11 - 12989461 _____ () C:\Users\tom\Downloads\Programování-mikrokontrolérů-PIC16Cxx.zip
2015-04-06 07:44 - 2015-04-06 07:44 - 02208768 _____ () C:\Users\tom\Downloads\adwcleaner_4.200.exe
2015-04-05 08:53 - 2015-04-05 08:53 - 00000000 ____D () C:\Users\Default\Documents\Visual Studio 2010
2015-04-05 08:53 - 2015-04-05 08:53 - 00000000 ____D () C:\Users\Default User\Documents\Visual Studio 2010
2015-04-04 17:47 - 2015-04-04 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PonyProg
2015-04-04 17:47 - 2015-04-04 17:47 - 00000000 ____D () C:\Program Files (x86)\PonyProg2000
2015-04-04 17:44 - 2015-04-04 17:44 - 00003096 _____ () C:\Windows\System32\Tasks\{E14ED81C-88FC-428B-B3DC-B9E84D21AEDD}
2015-04-04 17:03 - 2015-04-05 10:37 - 00000000 ____D () C:\Users\tom\AppData\Roaming\VisualAssistAtmel
2015-04-04 17:03 - 2015-04-05 10:37 - 00000000 ____D () C:\Users\tom\AppData\Local\VisualAssistAtmel
2015-04-04 17:03 - 2015-04-04 17:03 - 00000000 ____D () C:\Users\tom\AppData\Local\IsolatedStorage
2015-04-04 17:02 - 2015-04-04 17:02 - 00002130 _____ () C:\Users\Public\Desktop\Atmel Studio 6.2.lnk
2015-04-04 16:59 - 2015-04-04 17:23 - 00000000 ____D () C:\Users\tom\Documents\Atmel Studio
2015-04-04 16:59 - 2015-04-04 16:59 - 00000000 ____D () C:\Users\tom\AppData\Roaming\Atmel
2015-04-04 16:59 - 2015-04-04 16:59 - 00000000 ____D () C:\Users\tom\AppData\Local\Atmel
2015-04-04 16:58 - 2015-04-04 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atmel
2015-04-04 16:57 - 2015-04-04 17:01 - 00000000 ____D () C:\Program Files (x86)\Atmel
2015-04-04 16:57 - 2014-02-06 09:01 - 00067680 _____ (http://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\libusb0.dll
2015-04-04 16:57 - 2014-02-06 09:01 - 00042592 _____ (http://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\Drivers\libusb0.sys
2015-04-04 16:57 - 2014-01-28 07:59 - 00151552 _____ (Jungo Connectivity) C:\Windows\SysWOW64\wdapi1150.dll
2015-04-04 16:57 - 2013-11-11 08:42 - 00147456 _____ (Jungo) C:\Windows\SysWOW64\wdapi1021.dll
2015-04-04 16:57 - 2013-11-11 08:41 - 00151552 _____ (Jungo Connectivity) C:\Windows\SysWOW64\wdapi1140.dll
2015-04-04 16:57 - 2013-11-11 08:41 - 00143360 _____ (Jungo) C:\Windows\SysWOW64\wdapi1010.dll
2015-04-04 16:57 - 2013-11-11 08:41 - 00110592 _____ (Jungo) C:\Windows\SysWOW64\wdapi1100.dll
2015-04-04 16:57 - 2013-11-11 08:41 - 00110592 _____ (Jungo) C:\Windows\SysWOW64\wdapi102.dll
2015-04-04 16:57 - 2013-11-11 08:41 - 00110592 _____ (Jungo) C:\Windows\SysWOW64\wdapi1011.dll
2015-04-04 16:51 - 2015-04-04 16:51 - 00000000 ____D () C:\Program Files\Microsoft Help Viewer
2015-04-04 16:51 - 2015-04-04 16:51 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2015-04-04 16:50 - 2015-04-09 07:44 - 00000000 ____D () C:\Users\tom\Documents\Visual Studio 2010
2015-04-04 16:50 - 2015-04-04 16:50 - 00000000 ____D () C:\Windows\SysWOW64\1033
2015-04-04 16:50 - 2015-04-04 16:50 - 00000000 ____D () C:\Windows\PCHEALTH
2015-04-04 16:50 - 2015-04-04 16:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 10.0
2015-04-04 16:50 - 2015-04-04 16:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2015-04-04 16:44 - 2015-04-04 16:46 - 587327768 _____ (Atmel) C:\Users\tom\Downloads\AStudio6_2sp2_1563.exe
2015-04-04 16:19 - 2011-05-01 14:58 - 00022902 _____ () C:\Users\tom\Desktop\atmega_fusebit_doctor_2.11_m8.hex
2015-04-04 16:19 - 2011-05-01 14:58 - 00008136 _____ () C:\Users\tom\Desktop\atmega_fusebit_doctor_2.11_m8.bin
2015-04-04 16:09 - 2015-04-05 16:23 - 00002382 _____ () C:\Users\tom\gdbtk.ini
2015-04-04 16:07 - 2015-04-04 16:07 - 00000000 ____D () C:\WinAVR-20100110
2015-04-04 16:07 - 2015-04-04 16:07 - 00000000 ____D () C:\Users\tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinAVR-20100110
2015-04-04 16:03 - 2015-04-04 16:03 - 28840282 _____ () C:\Users\tom\Desktop\WinAVR-20100110-install.exe
2015-04-03 21:52 - 2015-04-03 21:52 - 00003024 _____ () C:\Windows\System32\Tasks\brbrw_1280
2015-04-03 21:47 - 2015-04-03 21:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webTinstMKTN_01009.Wdf
2015-04-03 21:46 - 2015-04-04 10:43 - 00000000 ____D () C:\Program Files (x86)\c8e441a9-abd4-4721-b704-cb9cbd0d2ddb
2015-04-03 21:46 - 2015-04-04 10:43 - 00000000 ____D () C:\Program Files (x86)\c5c1e8b7-9d03-40f6-9ecf-a015924a15c0
2015-04-03 21:46 - 2015-04-04 10:43 - 00000000 ____D () C:\Program Files (x86)\5a1f3589-0adb-4951-8a7b-a30922551845
2015-04-03 21:46 - 2015-04-03 21:46 - 00004224 _____ () C:\Windows\System32\Tasks\SPBIW_UpdateTask_Time_333733343637343037312d3734555b414a507857374a55
2015-04-03 21:46 - 2015-04-03 21:46 - 00000000 ____D () C:\Users\tom\AppData\Local\CrashRpt
2015-04-03 21:46 - 2015-04-03 21:46 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2015-04-03 20:52 - 2015-04-03 20:52 - 04210464 _____ () C:\Users\tom\Desktop\SIM_editor_Smart.zip
2015-03-31 18:54 - 2015-03-31 18:55 - 11038926 _____ () C:\Users\tom\Desktop\The-XX---Intro.flac
2015-03-30 14:40 - 2015-03-30 14:40 - 545172481 _____ () C:\Windows\MEMORY.DMP
2015-03-30 14:40 - 2015-03-30 14:40 - 00336024 _____ () C:\Windows\Minidump\033015-5390-01.dmp
2015-03-28 16:20 - 2015-03-28 16:20 - 00000210 _____ () C:\Windows\ODBCINST.INI
2015-03-28 16:20 - 2015-03-28 16:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Návrh transformátorů
2015-03-28 16:20 - 2015-03-28 16:20 - 00000000 ____D () C:\Program Files (x86)\Transformer
2015-03-28 13:38 - 2015-03-28 13:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Výpočet transformátoru
2015-03-28 13:37 - 2015-03-28 13:37 - 00477278 _____ () C:\Users\tom\Downloads\trafo.zip
2015-03-28 13:00 - 2015-03-28 13:00 - 07803328 _____ () C:\Users\tom\Desktop\transformátor.exe
2015-03-28 00:13 - 2015-04-14 16:25 - 00000000 ____D () C:\Users\tom\AppData\Roaming\Nitro PDF
2015-03-28 00:12 - 2015-04-10 08:40 - 00006142 _____ () C:\Windows\PFRO.log
2015-03-27 17:15 - 2015-03-27 17:15 - 00002547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 8.lnk
2015-03-27 17:15 - 2015-03-27 17:15 - 00000000 ____D () C:\Users\tom\AppData\Roaming\Nitro
2015-03-27 17:15 - 2015-03-27 17:15 - 00000000 ____D () C:\ProgramData\Nitro
2015-03-27 17:15 - 2015-03-27 17:15 - 00000000 ____D () C:\Program Files\Common Files\Nitro
2015-03-27 17:15 - 2015-03-27 17:15 - 00000000 ____D () C:\Program Files (x86)\Nitro
2015-03-27 17:15 - 2012-12-13 12:47 - 00029704 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalmon2.dll
2015-03-27 17:15 - 2012-12-13 12:47 - 00017928 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalui2.dll
2015-03-27 17:14 - 2015-03-27 17:14 - 00000000 ____D () C:\Users\tom\AppData\Roaming\Downloaded Installations
2015-03-26 19:26 - 2015-04-11 12:04 - 00394006 _____ () C:\Users\tom\Desktop\zdroj 60v 40a.sch
2015-03-20 23:47 - 2015-03-20 23:47 - 00048208 _____ () C:\Users\tom\Downloads\vchdiy-board-files.zip
2015-03-20 22:11 - 2015-03-20 22:11 - 00348240 _____ () C:\Users\tom\Downloads\keykeriki-v2-devdbg-hardware.zip
2015-03-20 17:15 - 2015-03-20 17:15 - 00019513 _____ () C:\Users\tom\Downloads\[GET] Adobe Acrobat XI Pro 11.0.7 Multilanguage.rar
2015-03-19 19:12 - 2015-03-19 19:12 - 10190296 _____ (PortableApps.com) C:\Users\tom\Downloads\SQLiteDatabaseBrowserPortable_3.5.1_English.paf.exe
2015-03-19 19:12 - 2015-03-19 19:12 - 00000000 ____D () C:\Users\tom\Downloads\SQLiteDatabaseBrowserPortable
2015-03-17 20:54 - 2015-03-17 20:54 - 00348240 _____ () C:\Users\tom\Desktop\keykeriki-v2-devdbg-hardware sniffer.zip
2015-03-16 19:11 - 2015-03-16 19:11 - 08078095 _____ (ARTALABS ) C:\Users\tom\Downloads\ArtaSetup183.exe
2015-03-15 10:27 - 2015-03-15 10:27 - 00001057 _____ () C:\Users\Public\Desktop\KiCad.lnk
2015-03-15 10:27 - 2015-03-15 10:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KiCad
2015-03-15 10:26 - 2015-03-15 10:27 - 00000000 ____D () C:\Program Files (x86)\KiCad

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-14 17:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-14 16:34 - 2015-03-12 15:30 - 01279222 _____ () C:\Windows\WindowsUpdate.log
2015-04-14 15:53 - 2014-12-13 18:15 - 00739924 _____ () C:\Windows\system32\perfh005.dat
2015-04-14 15:53 - 2014-12-13 18:15 - 00151610 _____ () C:\Windows\system32\perfc005.dat
2015-04-14 15:53 - 2014-12-13 11:48 - 01745984 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-14 15:51 - 2015-01-15 16:51 - 00003592 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3332171635-80688016-592393309-1001
2015-04-14 15:46 - 2015-03-12 15:30 - 00052678 _____ () C:\Windows\setupact.log
2015-04-14 15:46 - 2014-12-15 15:52 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-14 15:46 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-14 15:28 - 2015-01-15 16:40 - 00000000 ____D () C:\ProgramData\Norton
2015-04-14 15:26 - 2015-01-15 17:30 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2015-04-14 15:19 - 2014-12-13 11:50 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{6C40A664-6612-43B9-B571-28453941D32F}
2015-04-14 15:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-04-13 18:19 - 2015-02-22 16:42 - 00000000 ____D () C:\AdwCleaner
2015-04-13 18:19 - 2015-01-27 20:34 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-04-12 19:58 - 2015-03-14 20:49 - 00000000 ____D () C:\Users\tom\Desktop\RFID Emulator
2015-04-12 11:37 - 2015-01-15 16:40 - 00000000 ____D () C:\Users\tom\AppData\Local\NPE
2015-04-11 15:50 - 2014-12-13 11:50 - 00000000 ____D () C:\Users\tom
2015-04-11 13:58 - 2015-01-19 20:06 - 00000000 ____D () C:\KMPlayer
2015-04-10 08:56 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppCompat
2015-04-09 15:09 - 2015-01-16 14:01 - 00000000 ____D () C:\Users\tom\AppData\Local\CrashDumps
2015-04-09 07:49 - 2014-12-13 14:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2015-04-08 21:18 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-04-08 20:16 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-08 20:15 - 2014-12-14 11:58 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-08 20:15 - 2014-12-14 11:58 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-08 17:04 - 2015-01-16 17:09 - 00003850 _____ () C:\Windows\system32\.crusader
2015-04-08 17:04 - 2015-01-16 16:49 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-04-06 12:26 - 2014-12-13 12:58 - 00000000 ____D () C:\Users\tom\AppData\Roaming\uTorrent
2015-04-06 09:48 - 2012-03-22 10:51 - 00000000 ____D () C:\Users\tom\Desktop\RFID Reader
2015-04-06 07:45 - 2015-01-22 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-06 07:45 - 2014-12-13 11:50 - 00000977 _____ () C:\Users\tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-06 07:33 - 2015-02-22 18:41 - 00000000 ____D () C:\Users\tom\Desktop\Proramátor
2015-04-04 17:46 - 2015-02-15 12:57 - 00000000 ____D () C:\Users\tom\Desktop\SIM clone -Klonování sim
2015-04-04 16:58 - 2014-12-14 10:16 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-04 16:57 - 2015-02-03 16:24 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-04 10:43 - 2015-02-22 15:00 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-04-04 10:43 - 2015-01-20 19:10 - 00000000 ____D () C:\Program Files (x86)\AC3Filter
2015-04-03 21:46 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-04-01 15:13 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-30 14:40 - 2014-12-13 21:25 - 00000000 ____D () C:\Windows\Minidump
2015-03-28 16:21 - 2015-01-14 21:27 - 00000000 ____D () C:\Users\tom\AppData\Local\VirtualStore
2015-03-28 00:12 - 2013-08-22 16:44 - 00473040 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-27 17:05 - 2015-02-22 15:00 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-24 16:11 - 2015-02-23 14:28 - 00000000 ____D () C:\Users\tom\Desktop\Kyocera

==================== Files in the root of some directories =======

2015-01-14 14:49 - 2015-01-14 14:49 - 0000001 _____ () C:\Users\tom\AppData\Local\llftool.4.25.agreement
2015-04-12 21:44 - 2015-04-12 21:44 - 0029696 _____ () C:\Users\tom\AppData\Local\MSGBOX.EXE
2014-12-17 13:51 - 2014-12-27 20:22 - 0007605 _____ () C:\Users\tom\AppData\Local\Resmon.ResmonCfg

Some content of TEMP:
====================
C:\Users\tom\AppData\Local\Temp\C9119530-1A6E-1FB6-0016-AE174B0111CE.dll
C:\Users\tom\AppData\Local\Temp\dllnt_dump.dll
C:\Users\tom\AppData\Local\Temp\KMPAddedCode_KMP_adpageopen_Step1.exe
C:\Users\tom\AppData\Local\Temp\KMP_3.9.1.134.exe
C:\Users\tom\AppData\Local\Temp\Quarantine.exe
C:\Users\tom\AppData\Local\Temp\sqlite3.dll
C:\Users\tom\AppData\Local\Temp\_is9618.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-08 16:58

==================== End Of Log ============================

[konu]

Píše v mailu -

Vážený zákazníku

bezpečností systém společnosti Infos ART s.r.o. zjistil, že na Vaší přípojce za IP adresou (xxxxxxx) se nachází zavirovaný počítač. Virus byl detekovaný dne: 13.04 v 12:35:16 hodin.

Podrobnější informace o tomto viru a název potřebného antiviru naleznete v odkaze:
http://www.virustotal.com/en/file/a064a ... /analysis/
(tuto virovou nákazu odstraníte použitím kteréhokoliv antiviru, který má v prostředním sloupci výpisu červený text)
Pokud máte v domácnosti / kanceláři více počítačů, je nutné prověření všech zařízení uvedeným antivirovým programem. Systém ochrany nedokáže detekovat konkrétní PC ve Vaší vnitřní síti.

Buďte obezřetní a zajistěte odstranění této nákazy!
Chráníte tím především Vaše soukromé údaje, data, bankovní účty a jiné….

------Místo xxxx mi napíše moji ip adresu. Mám optickou sít - utp kabel rovnou do pc.---------

[konu]

Mám 1 pc

[konu]

OTL logfile created on: 14. 4. 2015 18:11:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\tom\Desktop\Bezpečnost
64bit- Enterprise Edition (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17690)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

11,95 Gb Total Physical Memory | 9,13 Gb Available Physical Memory | 76,36% Memory free
23,95 Gb Paging File | 21,75 Gb Available in Paging File | 90,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,14 Gb Total Space | 60,19 Gb Free Space | 50,52% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 68,31 Gb Free Space | 7,33% Space Free | Partition Type: NTFS

Computer Name: ASUS-PC | User Name: tom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2015/04/14 18:09:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\tom\Desktop\Bezpečnost\OTL-OTL OldTimer's List-It.exe
PRC - [2015/02/03 16:26:15 | 000,076,152 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2015/01/16 08:42:47 | 002,585,928 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2015/01/16 08:42:37 | 001,706,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2015/01/10 00:27:57 | 000,410,768 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014/10/01 15:40:28 | 001,349,576 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2012/11/26 11:36:04 | 000,184,704 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2012/11/14 15:42:46 | 000,106,880 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2012/10/17 20:08:40 | 000,205,184 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2012/09/14 14:14:16 | 000,328,064 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2012/01/20 10:35:26 | 000,045,696 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Fan Filter Checker\FanChkSrv.exe
PRC - [2011/11/21 15:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe


========== Modules (All) ==========

MOD - [2015/04/14 18:09:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\tom\Desktop\Bezpečnost\OTL-OTL OldTimer's List-It.exe
MOD - [2015/04/14 12:08:52 | 001,402,296 | ---- | M] (NVIDIA Corporation) -- C:\Users\tom\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\Ontology.dll
MOD - [2015/03/14 10:13:50 | 001,124,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2015/03/10 19:18:08 | 000,460,712 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
MOD - [2015/03/10 19:18:07 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Java\jre1.8.0_40\bin\msvcr100.dll
MOD - [2015/03/10 19:18:07 | 000,172,968 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
MOD - [2015/03/06 04:33:12 | 000,358,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2015/03/04 23:24:42 | 018,634,720 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\Flash.ocx
MOD - [2015/02/25 18:30:48 | 000,617,736 | ---- | M] (Eyeo GmbH) -- C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
MOD - [2015/02/21 02:41:09 | 012,827,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2015/02/21 02:25:15 | 019,720,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
MOD - [2015/02/20 04:03:08 | 002,278,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2015/02/20 03:30:39 | 004,300,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll
MOD - [2015/02/20 03:01:25 | 001,888,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2015/02/20 02:59:54 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\IEShims.dll
MOD - [2015/02/20 02:57:51 | 001,311,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2015/02/20 02:55:38 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieapfltr.dll
MOD - [2015/02/20 02:52:46 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MOD - [2015/02/12 19:34:06 | 019,731,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2015/02/10 23:26:34 | 000,335,232 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MOD - [2015/01/29 20:34:45 | 001,488,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2015/01/28 17:41:15 | 001,498,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2015/01/23 07:02:33 | 000,560,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SHCore.dll
MOD - [2015/01/16 08:42:47 | 002,585,928 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
MOD - [2015/01/16 08:41:34 | 001,278,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvspcap.dll
MOD - [2015/01/10 10:07:47 | 016,009,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvwgf2um.dll
MOD - [2014/12/19 10:25:28 | 000,602,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2014/11/15 21:05:17 | 000,801,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfplat.dll
MOD - [2014/11/14 07:03:24 | 000,885,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MFMediaEngine.dll
MOD - [2014/11/10 03:09:42 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2014/11/07 05:20:58 | 000,786,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfmp4srcsnk.dll
MOD - [2014/11/05 03:20:42 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2014/10/31 12:32:44 | 000,815,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
MOD - [2014/10/31 05:13:35 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieui.dll
MOD - [2014/10/31 04:53:21 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msrating.dll
MOD - [2014/10/31 04:26:38 | 001,042,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\actxprxy.dll
MOD - [2014/10/31 04:24:42 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imgutil.dll
MOD - [2014/10/31 01:38:56 | 001,612,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2014/10/29 05:18:49 | 000,320,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll
MOD - [2014/10/29 05:18:47 | 001,782,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2014/10/29 05:18:47 | 000,241,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2014/10/29 05:18:46 | 000,029,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel.appcore.dll
MOD - [2014/10/29 05:18:44 | 000,255,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2014/10/29 05:18:42 | 000,016,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2014/10/29 05:18:41 | 000,127,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2014/10/29 05:15:39 | 000,035,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2014/10/29 05:15:37 | 000,245,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2014/10/29 05:15:37 | 000,165,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntasn1.dll
MOD - [2014/10/29 05:15:37 | 000,098,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2014/10/29 05:15:37 | 000,074,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptdll.dll
MOD - [2014/10/29 05:15:37 | 000,068,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll
MOD - [2014/10/29 05:15:36 | 000,340,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2014/10/29 05:15:36 | 000,192,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2014/10/29 05:15:36 | 000,154,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2014/10/29 05:15:36 | 000,119,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2014/10/29 05:15:36 | 000,110,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2014/10/29 05:15:36 | 000,089,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncryptsslp.dll
MOD - [2014/10/29 05:15:36 | 000,021,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsrole.dll
MOD - [2014/10/29 05:15:32 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2014/10/29 05:15:32 | 000,051,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2014/10/29 05:15:31 | 000,115,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2014/10/29 05:15:31 | 000,096,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2014/10/29 05:15:01 | 000,340,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msv1_0.dll
MOD - [2014/10/29 05:13:19 | 001,901,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll
MOD - [2014/10/29 05:13:18 | 000,185,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2014/10/29 05:12:03 | 001,946,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d11.dll
MOD - [2014/10/29 05:12:03 | 000,430,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2014/10/29 05:12:03 | 000,102,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2014/10/29 05:11:33 | 001,024,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MSAudDecMFT.dll
MOD - [2014/10/29 05:11:33 | 000,184,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\COLORCNV.DLL
MOD - [2014/10/29 05:11:32 | 000,229,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RESAMPLEDMO.DLL
MOD - [2014/10/29 05:11:32 | 000,191,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.Media.MediaControl.dll
MOD - [2014/10/29 05:11:32 | 000,099,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MP3DMOD.DLL
MOD - [2014/10/29 05:11:32 | 000,031,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2014/10/29 05:10:54 | 001,287,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2014/10/29 05:10:54 | 000,492,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\twinapi.appcore.dll
MOD - [2014/10/29 05:10:54 | 000,278,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2014/10/29 05:10:54 | 000,026,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2014/10/29 05:10:01 | 001,564,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\combase.dll
MOD - [2014/10/29 05:10:01 | 001,209,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2014/10/29 05:10:01 | 000,569,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2014/10/29 05:10:01 | 000,547,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WinTypes.dll
MOD - [2014/10/29 05:07:09 | 000,370,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2014/10/29 05:07:02 | 001,115,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfnetsrc.dll
MOD - [2014/10/29 05:07:02 | 000,857,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfsrcsnk.dll
MOD - [2014/10/29 05:07:02 | 000,399,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfsvr.dll
MOD - [2014/10/29 05:07:02 | 000,336,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvproc.dll
MOD - [2014/10/29 05:07:02 | 000,039,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
MOD - [2014/10/29 05:07:01 | 002,324,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfcore.dll
MOD - [2014/10/29 05:07:01 | 000,700,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfnetcore.dll
MOD - [2014/10/29 05:07:01 | 000,551,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mf.dll
MOD - [2014/10/29 05:07:01 | 000,331,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2014/10/29 05:07:01 | 000,136,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2014/10/29 05:07:01 | 000,134,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmmbase.dll
MOD - [2014/10/29 05:07:01 | 000,019,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2014/10/29 05:06:59 | 000,111,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RTWorkQ.dll
MOD - [2014/10/29 05:06:28 | 000,800,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2014/10/29 05:06:28 | 000,080,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcd.dll
MOD - [2014/10/29 05:06:28 | 000,074,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2014/10/29 05:06:13 | 000,507,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2014/10/29 05:05:15 | 000,321,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2014/10/29 05:05:15 | 000,257,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2014/10/29 05:05:15 | 000,052,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2014/10/29 05:05:14 | 000,120,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2014/10/29 05:05:14 | 000,030,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2014/10/29 05:05:14 | 000,026,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2014/10/29 05:05:14 | 000,020,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2014/10/29 04:03:15 | 000,862,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2014/10/29 04:03:01 | 002,105,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1\comctl32.dll
MOD - [2014/10/29 04:01:03 | 000,549,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17415_none_7c5769eaaa0aa358\comctl32.dll
MOD - [2014/10/29 04:00:15 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2014/10/29 04:00:13 | 000,642,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2014/10/29 03:59:49 | 000,141,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2014/10/29 03:59:49 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2014/10/29 03:58:23 | 001,040,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2014/10/29 03:58:19 | 000,113,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\t2embed.dll
MOD - [2014/10/29 03:58:10 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2014/10/29 03:57:14 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2014/10/29 03:56:40 | 000,499,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2014/10/29 03:55:53 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dinput8.dll
MOD - [2014/10/29 03:51:01 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2014/10/29 03:50:50 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2014/10/29 03:47:53 | 000,517,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2014/10/29 03:45:29 | 000,672,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll
MOD - [2014/10/29 03:43:02 | 000,230,912 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
MOD - [2014/10/29 03:40:34 | 000,224,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2014/10/29 03:32:29 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2014/10/29 03:14:54 | 000,609,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2014/10/29 03:10:40 | 002,469,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll
MOD - [2014/10/29 03:10:18 | 001,096,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2014/10/29 03:08:45 | 001,560,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2014/10/29 03:08:36 | 002,174,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10warp.dll
MOD - [2014/10/29 03:07:54 | 000,747,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2014/10/29 03:06:25 | 000,325,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2014/10/29 03:06:20 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dpapi.dll
MOD - [2014/10/29 03:06:19 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2014/10/29 03:06:17 | 000,286,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2014/10/29 03:06:04 | 000,104,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2014/10/29 03:06:03 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2014/10/29 03:05:52 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdigest.dll
MOD - [2014/10/29 03:05:51 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2014/10/29 03:05:50 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2014/10/29 03:05:46 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2014/10/29 03:05:41 | 000,137,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2014/10/29 03:05:33 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2014/10/29 03:05:32 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2014/10/29 03:05:25 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2014/10/29 03:05:02 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\OnDemandConnRouteHelper.dll
MOD - [2014/10/29 03:04:37 | 000,868,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.Globalization.dll
MOD - [2014/10/29 03:04:35 | 001,376,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2014/10/29 03:04:22 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2014/10/29 03:04:10 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\BCP47Langs.dll
MOD - [2014/10/29 03:03:42 | 004,067,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2014/10/29 03:03:37 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll
MOD - [2014/10/29 03:01:56 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2014/10/29 03:00:32 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wshbth.dll
MOD - [2014/10/29 03:00:03 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\globinputhost.dll
MOD - [2014/10/29 03:00:02 | 000,251,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dcomp.dll
MOD - [2014/10/29 02:59:46 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2014/10/29 02:59:40 | 001,021,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\UIAutomationCore.dll
MOD - [2014/10/29 02:59:34 | 001,490,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.9600.17415_none_dad8722c5bcc2d8f\GdiPlus.dll
MOD - [2014/10/29 02:59:32 | 000,210,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll
MOD - [2014/10/29 02:58:41 | 000,246,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecsExt.dll
MOD - [2014/10/29 02:58:34 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll
MOD - [2014/10/29 02:58:05 | 000,306,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2014/10/29 02:57:46 | 000,254,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\UIAnimation.dll
MOD - [2014/10/29 02:57:42 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2014/10/29 02:56:21 | 000,631,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2014/10/29 02:55:27 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ninput.dll
MOD - [2014/10/29 02:55:11 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2014/10/29 02:51:54 | 000,244,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.Graphics.dll
MOD - [2014/10/29 02:50:53 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
MOD - [2014/10/29 02:48:28 | 000,949,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2014/10/29 02:45:16 | 000,397,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2014/10/21 02:31:37 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2014/10/21 02:20:01 | 001,142,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2014/10/07 05:44:26 | 002,890,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msmpeg2vdec.dll
MOD - [2014/02/22 13:06:51 | 000,148,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2014/02/22 13:05:19 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sppc.dll
MOD - [2012/12/13 12:47:40 | 001,496,584 | ---- | M] (Nitro PDF) -- C:\Program Files (x86)\Nitro\Pro 8\NitroPDFActiveX.ocx
MOD - [2012/12/13 12:47:34 | 001,825,288 | ---- | M] (Nitro Pdf Software) -- C:\Program Files (x86)\Nitro\Pro 8\js32.dll
MOD - [2012/12/13 12:47:18 | 007,095,816 | ---- | M] (BCGSoft Ltd) -- C:\Program Files (x86)\Nitro\Pro 8\BCGCBPRO1710u100.dll
MOD - [2012/12/13 12:47:02 | 000,183,816 | ---- | M] (Nitro PDF) -- C:\Program Files (x86)\Nitro\Pro 8\npnitroie.dll
MOD - [2012/10/17 20:08:40 | 000,205,184 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
MOD - [2012/09/14 14:14:16 | 000,328,064 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
MOD - [2012/09/07 20:07:24 | 000,688,512 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\PureThemeRes.dll
MOD - [2012/05/07 11:02:24 | 000,065,664 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\MetroInfo.dll
MOD - [2011/06/11 02:58:52 | 004,422,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc100u.dll
MOD - [2011/06/11 02:58:52 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp100.dll
MOD - [2011/06/11 02:58:52 | 000,055,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc100enu.dll


========== Services (SafeList) ==========

SRV:64bit: - [2015/02/21 01:49:18 | 000,780,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2015/02/04 01:58:28 | 000,366,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2015/02/04 01:58:28 | 000,023,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2015/01/16 08:42:37 | 001,148,744 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2015/01/16 08:42:33 | 021,833,544 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014/12/06 03:35:00 | 000,229,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/10/31 06:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/10/29 06:09:06 | 000,092,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\KeyboardFilterSvc.dll -- (MsKeyboardFilter)
SRV:64bit: - [2014/10/29 05:59:51 | 003,460,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/10/29 04:42:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2014/10/29 04:42:03 | 000,041,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2014/10/29 04:34:51 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2014/10/29 04:33:55 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2014/10/29 04:30:35 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2014/10/29 04:29:22 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2014/10/29 03:57:05 | 000,324,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:64bit: - [2014/10/29 03:48:20 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2014/10/29 03:27:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2014/10/29 03:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/10/29 03:26:02 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/10/29 03:24:37 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2014/10/29 03:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2014/10/29 03:20:03 | 000,262,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2014/10/29 03:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2014/10/29 03:16:17 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2014/10/29 03:13:24 | 000,374,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/10/29 03:13:02 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2014/10/29 03:12:36 | 000,407,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/10/29 03:12:22 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/10/29 03:11:10 | 001,639,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/10/29 03:09:48 | 000,521,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/10/29 03:05:09 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2014/10/29 02:57:18 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2014/10/29 02:48:52 | 000,562,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2014/10/29 02:46:48 | 001,348,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/10/29 02:35:51 | 001,668,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/10/01 15:40:28 | 001,349,576 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2014/08/16 05:29:40 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/12/13 12:47:42 | 000,230,408 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe -- (NitroDriverReadSpool8)
SRV:64bit: - [2012/03/23 16:07:48 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV - [2015/02/03 16:26:15 | 000,076,152 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2015/01/30 18:18:21 | 001,910,128 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2015/01/16 08:42:37 | 001,706,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2015/01/10 00:27:57 | 000,410,768 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014/10/29 03:51:55 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2014/10/29 03:04:45 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2014/10/29 02:53:11 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/08/16 05:29:40 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/11/14 15:42:46 | 000,106,880 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2012/01/20 10:35:26 | 000,045,696 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ASUS Fan Filter Checker\FanChkSrv.exe -- (FanChkService)
SRV - [2011/11/21 15:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2015/02/04 01:58:33 | 000,264,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2015/02/04 01:58:33 | 000,114,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2015/02/04 01:58:04 | 000,044,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2015/01/16 08:42:32 | 000,019,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2015/01/13 06:15:56 | 000,452,424 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2015/01/13 06:15:56 | 000,195,728 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2014/12/14 09:30:38 | 000,170,280 | ---- | M] (ESET) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ESETCleanersDriver.sys -- (ESETCleanersDriver)
DRV:64bit: - [2014/12/12 02:51:20 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2014/11/22 12:46:30 | 000,038,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2014/11/10 20:06:59 | 000,136,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/11/04 21:33:40 | 000,058,176 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2014/10/29 05:59:47 | 000,415,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/10/29 05:57:42 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/10/29 05:56:04 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/10/29 04:46:43 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2014/10/29 04:46:41 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2014/10/29 04:46:09 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2014/10/29 04:45:54 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/10/29 04:45:39 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2014/10/29 04:45:16 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2014/10/21 18:27:36 | 000,079,872 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2014/10/17 06:56:24 | 000,238,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/10/17 06:56:23 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/10/17 05:35:04 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/10/15 10:32:36 | 000,921,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/10/10 09:59:12 | 000,243,440 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2014/10/10 09:59:12 | 000,241,368 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\edevmon.sys -- (edevmon)
DRV:64bit: - [2014/10/10 09:59:12 | 000,222,280 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2014/10/10 09:59:12 | 000,169,280 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2014/10/10 09:59:12 | 000,063,160 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2014/10/10 09:59:12 | 000,044,632 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2014/10/08 15:13:10 | 000,127,760 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2014/10/08 11:24:09 | 000,467,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/10/07 08:54:45 | 000,324,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/10/07 08:54:45 | 000,189,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/10/07 08:44:39 | 000,069,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2014/08/15 02:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/03/20 05:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/13 14:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/02/22 17:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/22 14:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/01/31 16:22:16 | 000,094,704 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2014/01/28 16:32:18 | 000,593,000 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2014/01/28 07:59:42 | 000,268,800 | ---- | M] (Jungo Connectivity) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\windrvr6.sys -- (WinDriver6)
DRV:64bit: - [2013/12/04 20:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013/11/04 04:32:06 | 000,020,280 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsHIDSwitch64.sys -- (HIDSwitch)
DRV:64bit: - [2013/10/26 03:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/10/05 17:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/09/14 16:06:57 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/08/23 00:35:16 | 000,022,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbldfltr.sys -- (kbldfltr)
DRV:64bit: - [2013/08/23 00:35:06 | 000,220,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:64bit: - [2013/08/23 00:35:06 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbusr.sys -- (vmbusr)
DRV:64bit: - [2013/08/23 00:35:06 | 000,111,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2013/08/23 00:35:06 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsp.sys -- (storvsp)
DRV:64bit: - [2013/08/23 00:35:06 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcivsp.sys -- (vpcivsp)
DRV:64bit: - [2013/08/23 00:35:06 | 000,056,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2013/08/23 00:35:06 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/22 15:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 15:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 14:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 14:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 14:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 14:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 14:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 14:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 14:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 14:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 14:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 14:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 14:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 14:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 14:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 14:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 14:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 14:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 14:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 14:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 14:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 14:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 14:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 14:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 14:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 14:40:24 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2013/08/22 14:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 14:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 13:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 13:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 13:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 13:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 13:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 13:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 13:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 13:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 13:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 13:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 13:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 13:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 13:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 13:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 13:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 10:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/14 04:42:44 | 003,837,440 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athwbx.sys -- (athr)
DRV:64bit: - [2013/08/13 01:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 02:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 20:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 21:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/18 16:44:59 | 000,129,224 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C63x64.sys -- (L1C)
DRV:64bit: - [2012/07/26 07:32:22 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/17 19:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/07/15 17:48:16 | 000,030,720 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tapoas.sys -- (tapoas)
DRV:64bit: - [2012/03/23 16:07:42 | 002,193,008 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009/12/30 12:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2008/01/19 01:10:30 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011/09/07 10:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/02 18:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2000/06/29 15:24:14 | 000,003,584 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DLPORTIO.SYS -- (DLPortIO)


========== Standard Registry (SafeList) ==========

[konu]

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-3332171635-80688016-592393309-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-3332171635-80688016-592393309-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-3332171635-80688016-592393309-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3332171635-80688016-592393309-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3332171635-80688016-592393309-1001\..\SearchScopes\{AAF95CB0-2208-4414-8A5B-63D268CF73AB}: "URL" = http://search.seznam.cz/?q={searchTerms ... chmodule_1
IE - HKU\S-1-5-21-3332171635-80688016-592393309-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.6.2: C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.6.2: C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.40.2: C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2: C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)



========== Chrome ==========

CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_1\
CHR - Extension: No name found = C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\
CHR - Extension: No name found = C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\
CHR - Extension: No name found = C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\
CHR - Extension: No name found = C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\

O1 HOSTS File: ([2015/02/02 19:15:32 | 000,000,853 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 player.kmpmedia.net
O2:64bit: - BHO: (Adblock Plus for IE Browser Helper Object) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Eyeo GmbH)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Adblock Plus for IE Browser Helper Object) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Eyeo GmbH)
O3 - HKU\S-1-5-21-3332171635-80688016-592393309-1001\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKU\S-1-5-21-3332171635-80688016-592393309-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8:64bit: - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
O8:64bit: - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8:64bit: - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0CAC6FFC-C225-4715-8D53-E2A5B6B4B21B}: NameServer = 46.33.112.42,46.33.96.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B26A61A-B27D-468D-ACA8-E591CEBA2684}: DhcpNameServer = 172.20.6.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015/01/15 15:59:36 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - Unable to obtain root file information for disk D:\
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = "F:\SETUP.EXE"
O33 - MountPoints2\F\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\F\Shell\install\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
NetSvcs:64bit: MsKeyboardFilter - C:\Windows\SysNative\KeyboardFilterSvc.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)

SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: BasicDisplay.sys - C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootMin:64bit: BasicRender.sys - C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: BrokerInfrastructure - C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SafeBootMin:64bit: EFS - C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: hitmanpro37 - Reg Error: Value error.
SafeBootMin:64bit: hitmanpro37.sys - Reg Error: Value error.
SafeBootMin:64bit: HitmanPro37Crusader - Reg Error: Value error.
SafeBootMin:64bit: KeyIso - C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootMin:64bit: LSM - C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SafeBootMin:64bit: Netlogon - C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SafeBootMin:64bit: TBS - Service
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin:64bit: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: hitmanpro37 - Reg Error: Value error.
SafeBootMin: hitmanpro37.sys - Reg Error: Value error.
SafeBootMin: HitmanPro37Crusader - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: TBS - Service
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: BasicDisplay.sys - C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootNet:64bit: BasicRender.sys - C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: BrokerInfrastructure - C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SafeBootNet:64bit: EFS - C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: hitmanpro37 - Reg Error: Value error.
SafeBootNet:64bit: hitmanpro37.sys - Reg Error: Value error.
SafeBootNet:64bit: HitmanPro37Crusader - Reg Error: Value error.
SafeBootNet:64bit: KeyIso - C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootNet:64bit: LSM - C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Netlogon - C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootNet:64bit: netprofm - C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdpencdd.sys - Driver
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: SmartcardSimulator - Driver
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SafeBootNet:64bit: TBS - Service
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: VaultSvc - C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: VirtualSmartcardReader - Driver
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: Wcmsvc - C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet:64bit: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: hitmanpro37 - Reg Error: Value error.
SafeBootNet: hitmanpro37.sys - Reg Error: Value error.
SafeBootNet: HitmanPro37Crusader - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdpencdd.sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SmartcardSimulator - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TBS - Service
SafeBootNet: TDI - Driver Group
SafeBootNet: VirtualSmartcardReader - Driver
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2015/04/14 15:28:06 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2015/04/14 15:28:04 | 000,125,872 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2015/04/14 15:28:04 | 000,106,928 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2015/04/14 15:27:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NBRTWizardx64
[2015/04/14 15:27:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NBRTWizardx64\0700000.012
[2015/04/14 15:27:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Bootable Recovery Tool Wizard
[2015/04/14 15:27:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard
[2015/04/14 15:27:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2015/04/12 21:54:41 | 000,000,000 | ---D | C] -- C:\ProgramData\AntiSpyInfo
[2015/04/12 21:54:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anti-Spy.Info
[2015/04/12 21:46:55 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2015/04/12 21:46:55 | 000,000,000 | ---D | C] -- C:\rsit
[2015/04/12 21:44:59 | 000,000,000 | ---D | C] -- C:\Users\tom\Desktop\Bezpečnost
[2015/04/12 21:36:57 | 000,000,000 | ---D | C] -- C:\FRST
[2015/04/12 11:32:26 | 000,000,000 | ---D | C] -- C:\NPE
[2015/04/08 20:15:02 | 001,385,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
[2015/04/08 20:15:02 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015/04/08 20:15:02 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015/04/08 20:15:02 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsm.dll
[2015/04/08 20:15:02 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015/04/08 20:15:02 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015/04/08 20:15:02 | 000,419,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015/04/08 20:15:02 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015/04/08 20:15:02 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015/04/08 17:04:46 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2015/04/08 13:18:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Emsisoft
[2015/04/07 20:59:19 | 000,000,000 | ---D | C] -- C:\Users\tom\Desktop\RS232

========== Files - Modified Within 7 Days ==========

[2015/04/14 18:12:03 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/04/14 17:08:58 | 000,037,624 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2015/04/14 17:03:05 | 000,101,655 | ---- | M] () -- C:\Users\tom\Desktop\el_mereni výkonu.PDF
[2015/04/14 16:39:48 | 000,031,514 | ---- | M] () -- C:\Users\tom\Desktop\log.rtf
[2015/04/14 15:53:25 | 001,745,984 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/04/14 15:53:25 | 000,739,924 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2015/04/14 15:53:25 | 000,722,476 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/04/14 15:53:25 | 000,151,610 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2015/04/14 15:53:25 | 000,135,592 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/04/14 15:48:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/04/14 15:46:08 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2015/04/14 15:26:12 | 000,001,358 | ---- | M] () -- C:\Users\tom\Desktop\Norton Installation Files.lnk
[2015/04/13 18:34:19 | 308,004,864 | ---- | M] () -- C:\Users\tom\Desktop\Kaspersky Rescue Disk 10.iso
[2015/04/12 21:44:40 | 000,029,696 | ---- | M] () -- C:\Users\tom\AppData\Local\MSGBOX.EXE
[2015/04/11 20:12:40 | 000,680,934 | ---- | M] () -- C:\Users\tom\Desktop\IGBT tranzistor.PDF
[2015/04/11 20:04:23 | 000,791,731 | ---- | M] () -- C:\Users\tom\Desktop\T1.5-Tranzistor.pdf
[2015/04/11 15:50:54 | 000,010,284 | ---- | M] () -- C:\Users\tom\eaglerc.usr
[2015/04/11 15:45:57 | 000,032,112 | ---- | M] () -- C:\Users\tom\Desktop\untitled.s##
[2015/04/11 12:04:16 | 000,394,006 | ---- | M] () -- C:\Users\tom\Desktop\zdroj 60v 40a.sch
[2015/04/10 12:01:43 | 000,048,483 | ---- | M] () -- C:\Users\tom\Desktop\slože marek ingr.PDF
[2015/04/08 17:04:46 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2015/04/08 17:04:46 | 000,003,850 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2015/04/08 15:21:58 | 000,151,190 | ---- | M] () -- C:\Users\tom\Desktop\css_jdm_programator.pdf
[2015/04/07 20:58:43 | 000,640,736 | ---- | M] () -- C:\Users\tom\Desktop\COM Port.rar

========== Files Created - No Company Name ==========

[2015/04/14 18:12:03 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015/04/14 17:03:34 | 000,101,655 | ---- | C] () -- C:\Users\tom\Desktop\el_mereni výkonu.PDF
[2015/04/14 16:39:36 | 000,031,514 | ---- | C] () -- C:\Users\tom\Desktop\log.rtf
[2015/04/14 15:27:47 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NBRTWizardx64\0700000.012\isolate.ini
[2015/04/14 15:26:11 | 000,001,358 | ---- | C] () -- C:\Users\tom\Desktop\Norton Installation Files.lnk
[2015/04/13 18:29:22 | 308,004,864 | ---- | C] () -- C:\Users\tom\Desktop\Kaspersky Rescue Disk 10.iso
[2015/04/12 21:44:18 | 000,029,696 | ---- | C] () -- C:\Users\tom\AppData\Local\MSGBOX.EXE
[2015/04/11 20:13:36 | 000,680,934 | ---- | C] () -- C:\Users\tom\Desktop\IGBT tranzistor.PDF
[2015/04/11 20:05:20 | 000,791,731 | ---- | C] () -- C:\Users\tom\Desktop\T1.5-Tranzistor.pdf
[2015/04/11 15:50:54 | 000,010,284 | ---- | C] () -- C:\Users\tom\eaglerc.usr
[2015/04/11 15:45:57 | 000,032,112 | ---- | C] () -- C:\Users\tom\Desktop\untitled.s##
[2015/04/10 12:02:17 | 000,048,483 | ---- | C] () -- C:\Users\tom\Desktop\slože marek ingr.PDF
[2015/04/08 15:22:21 | 000,151,190 | ---- | C] () -- C:\Users\tom\Desktop\css_jdm_programator.pdf
[2015/04/07 20:56:58 | 000,640,736 | ---- | C] () -- C:\Users\tom\Desktop\COM Port.rar
[2015/04/04 16:09:56 | 000,002,382 | ---- | C] () -- C:\Users\tom\gdbtk.ini
[2015/03/28 16:20:50 | 000,000,210 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2015/02/22 16:01:27 | 000,026,190 | ---- | C] () -- C:\Users\tom\Si prog DSP 4.pdf
[2015/02/03 16:24:45 | 000,226,680 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2015/02/03 16:24:44 | 000,076,152 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2015/01/25 12:19:19 | 000,000,261 | ---- | C] () -- C:\Users\tom\.octave_hist
[2015/01/24 21:31:56 | 000,000,412 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2015/01/17 20:57:14 | 001,772,950 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015/01/14 14:49:10 | 000,000,001 | ---- | C] () -- C:\Users\tom\AppData\Local\llftool.4.25.agreement
[2014/12/18 19:40:19 | 000,107,008 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2014/12/18 19:40:15 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2014/12/17 13:51:28 | 000,007,605 | ---- | C] () -- C:\Users\tom\AppData\Local\Resmon.ResmonCfg
[2014/12/14 09:52:02 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2013/08/22 17:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013/08/22 17:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013/08/22 16:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013/08/22 09:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013/08/22 01:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/08/22 01:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== ZeroAccess Check ==========

[2015/01/14 17:26:08 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/12 19:40:58 | 022,291,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/12 19:34:06 | 019,731,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/10/29 03:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/10/29 02:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/10/29 03:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2015/02/12 19:00:34 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\AC3Filter
[2015/04/04 16:59:30 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Atmel
[2015/03/27 17:14:56 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Downloaded Installations
[2014/12/14 14:26:15 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\ESET
[2015/01/20 16:06:38 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\LockAP
[2015/03/27 17:15:37 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Nitro
[2015/04/14 17:15:43 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Nitro PDF
[2015/01/16 14:05:52 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Opera Software
[2015/02/03 15:46:25 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Origin
[2015/01/15 16:45:53 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\PhrozenSoft
[2015/01/06 16:47:55 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Prodiance
[2015/01/25 12:12:22 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\ProfiCAD
[2015/04/06 12:26:31 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\uTorrent
[2015/04/05 10:37:55 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\VisualAssistAtmel
[2014/12/22 17:27:13 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\VS Revo Group

========== Purity Check ==========



========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ADATA SX900
Partitions: 2
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD10JPVX-00JC3T0
Partitions: 1
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100,00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 119,00GB
Starting Offset: 105906176
Hidden sectors: 0


DeviceID: Disk #1, Partition #0
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 932,00GB
Starting Offset: 1048576
Hidden sectors: 0

[2015/01/22 19:52:39 | 000,000,000 | RH-D | M] -- C:\ESD
[2015/04/12 21:54:41 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2015/04/04 16:58:40 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2015/02/03 16:25:01 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\EAInstaller
[2015/02/03 16:25:01 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\EAInstaller\BFH Beta 2
[2015/03/14 19:44:37 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsApps
[2013/08/22 17:36:30 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc
[2015/02/22 23:05:24 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2013/08/23 00:35:25 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2013/08/22 17:36:30 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\Profiles
[2013/08/23 00:34:48 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2013/08/22 17:36:30 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc
[2015/02/22 23:05:24 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2013/08/23 00:35:25 | 000,000,000 | RH-D | M] -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2013/08/22 17:36:30 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\Profiles
[2013/08/22 17:36:30 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2015/04/11 10:06:53 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2013/08/22 17:36:32 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2014/12/23 11:07:32 | 000,000,000 | -H-D | M] -- C:\Users\tom\AppData
[2015/01/27 21:19:12 | 000,000,000 | -H-D | M] -- C:\Users\tom\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2014/12/13 16:42:48 | 000,000,000 | -H-D | M] -- C:\Users\tom\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
[2014/12/15 19:07:17 | 000,000,000 | -H-D | M] -- C:\Users\tom\AppData\Local\Microsoft\Media Player\Mezipaměť grafiky
[2014/12/13 11:50:04 | 000,000,000 | -H-D | M] -- C:\Users\tom\AppData\Local\Microsoft\Windows\PrivacIE
[2014/12/13 14:50:43 | 000,000,000 | RH-D | M] -- C:\Users\tom\AppData\Local\Microsoft\Windows\Burn\Burn
[2015/04/09 07:42:49 | 000,000,000 | RH-D | M] -- C:\Users\tom\AppData\Local\Microsoft\Windows\Burn\Burn1
[2015/04/13 18:40:47 | 000,000,000 | RH-D | M] -- C:\Users\tom\AppData\Local\Microsoft\Windows\Burn\Burn2
[2015/01/10 17:38:07 | 000,000,000 | -H-D | M] -- C:\Users\tom\AppData\Local\Microsoft\Windows\INetCache\Content.MSO
[2015/01/24 19:32:03 | 000,000,000 | -H-D | M] -- C:\Users\tom\AppData\Local\Microsoft\Windows\INetCache\Content.Word
[2015/01/01 13:26:51 | 000,000,000 | -H-D | M] -- C:\Users\tom\AppData\Local\Microsoft\Windows\INetCache\Virtualized
[2015/01/01 13:26:51 | 000,000,000 | -H-D | M] -- C:\Users\tom\AppData\Local\Microsoft\Windows\INetCache\Virtualized\C\ProgramData
[2014/12/13 11:50:04 | 000,000,000 | -H-D | M] -- C:\Users\tom\AppData\Local\Microsoft\Windows\PrivacIE\Low
[2014/12/15 15:59:05 | 000,000,000 | -H-D | M] -- C:\Users\tom\AppData\Local\NVIDIA Corporation\Shield Apps\StreamingAssets
[2014/12/13 11:50:06 | 000,000,000 | -H-D | M] -- C:\Users\tom\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/08/22 17:36:31 | 000,000,000 | -H-D | M] -- C:\Windows\ELAMBKUP
[2014/12/13 12:48:36 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData
[2014/12/13 13:02:02 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData
[2015/01/27 21:08:11 | 000,000,000 | -H-D | M] -- C:\Windows\SysNative\GroupPolicy

========== Base Services ==========
SRV:64bit: - [2014/10/29 04:42:20 | 000,214,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2014/10/29 04:44:33 | 000,110,080 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2014/10/29 03:21:02 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2014/10/29 03:43:34 | 000,933,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2014/11/10 03:37:02 | 000,845,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2014/10/29 03:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV - [2014/10/29 03:01:27 | 000,046,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV:64bit: - [2014/10/29 03:12:28 | 000,516,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2014/10/29 02:55:10 | 000,367,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2014/10/29 03:26:50 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2014/10/29 03:27:24 | 000,131,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2014/10/29 03:19:29 | 000,817,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2014/10/29 03:29:06 | 000,365,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2014/10/29 03:05:58 | 000,292,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2014/11/05 03:43:48 | 000,252,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2014/10/29 03:14:35 | 000,110,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (Eaphost)
SRV:64bit: - [2014/10/29 04:44:23 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2014/10/29 03:59:46 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2014/10/29 03:07:58 | 000,452,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2014/10/29 03:08:58 | 000,397,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2014/10/29 03:01:45 | 000,706,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2014/10/29 03:22:44 | 000,071,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2014/10/29 02:51:03 | 000,266,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2014/10/29 03:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2014/12/06 03:41:58 | 000,391,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2014/10/29 03:29:16 | 000,028,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2014/10/29 04:45:24 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2014/11/04 07:01:49 | 000,827,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV:64bit: - [2014/10/29 04:34:42 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2014/10/29 02:59:21 | 000,542,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2014/10/29 03:19:29 | 000,817,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2014/10/29 04:42:25 | 000,031,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2014/10/29 05:51:48 | 000,047,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2014/10/29 02:56:06 | 000,146,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2014/10/29 03:18:49 | 000,329,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2014/10/29 03:04:06 | 000,640,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2014/10/29 02:49:09 | 000,576,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2014/10/29 02:52:52 | 001,265,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2014/10/29 04:12:14 | 000,313,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2014/10/29 03:34:59 | 000,254,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2014/10/29 03:26:29 | 000,059,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2014/12/09 03:50:34 | 000,225,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2014/10/21 02:30:29 | 001,454,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2014/10/29 03:02:48 | 000,911,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:64bit: - [2014/12/06 03:35:00 | 000,229,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
No service found with a name of SDRSVC
SRV:64bit: - [2015/02/04 01:58:28 | 000,023,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/10/29 03:16:27 | 001,696,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:64bit: - [2014/10/29 03:02:44 | 000,880,640 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2014/10/29 03:59:24 | 000,670,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2014/10/29 04:35:14 | 000,064,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2014/10/29 03:52:53 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2014/10/29 03:18:13 | 000,230,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2014/11/14 09:10:55 | 003,558,400 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2014/10/29 03:53:17 | 000,262,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2014/10/29 03:03:56 | 001,547,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:64bit: - [2014/10/29 03:24:29 | 000,289,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[konu]

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-3332171635-80688016-592393309-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-3332171635-80688016-592393309-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-3332171635-80688016-592393309-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3332171635-80688016-592393309-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3332171635-80688016-592393309-1001\..\SearchScopes\{AAF95CB0-2208-4414-8A5B-63D268CF73AB}: "URL" = http://search.seznam.cz/?q={searchTerms ... chmodule_1
IE - HKU\S-1-5-21-3332171635-80688016-592393309-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.6.2: C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.6.2: C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.40.2: C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2: C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)



========== Chrome ==========

CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_1\
CHR - Extension: No name found = C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\
CHR - Extension: No name found = C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\
CHR - Extension: No name found = C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\
CHR - Extension: No name found = C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\

O1 HOSTS File: ([2015/02/02 19:15:32 | 000,000,853 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 player.kmpmedia.net
O2:64bit: - BHO: (Adblock Plus for IE Browser Helper Object) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Eyeo GmbH)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Adblock Plus for IE Browser Helper Object) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Eyeo GmbH)
O3 - HKU\S-1-5-21-3332171635-80688016-592393309-1001\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKU\S-1-5-21-3332171635-80688016-592393309-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8:64bit: - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
O8:64bit: - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8:64bit: - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0CAC6FFC-C225-4715-8D53-E2A5B6B4B21B}: NameServer = 46.33.112.42,46.33.96.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B26A61A-B27D-468D-ACA8-E591CEBA2684}: DhcpNameServer = 172.20.6.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015/01/15 15:59:36 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - Unable to obtain root file information for disk D:\
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = "F:\SETUP.EXE"
O33 - MountPoints2\F\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\F\Shell\install\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
NetSvcs:64bit: MsKeyboardFilter - C:\Windows\SysNative\KeyboardFilterSvc.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)

SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: BasicDisplay.sys - C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootMin:64bit: BasicRender.sys - C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: BrokerInfrastructure - C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SafeBootMin:64bit: EFS - C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: hitmanpro37 - Reg Error: Value error.
SafeBootMin:64bit: hitmanpro37.sys - Reg Error: Value error.
SafeBootMin:64bit: HitmanPro37Crusader - Reg Error: Value error.
SafeBootMin:64bit: KeyIso - C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootMin:64bit: LSM - C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SafeBootMin:64bit: Netlogon - C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SafeBootMin:64bit: TBS - Service
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin:64bit: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: hitmanpro37 - Reg Error: Value error.
SafeBootMin: hitmanpro37.sys - Reg Error: Value error.
SafeBootMin: HitmanPro37Crusader - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: TBS - Service
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: BasicDisplay.sys - C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootNet:64bit: BasicRender.sys - C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: BrokerInfrastructure - C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SafeBootNet:64bit: EFS - C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: hitmanpro37 - Reg Error: Value error.
SafeBootNet:64bit: hitmanpro37.sys - Reg Error: Value error.
SafeBootNet:64bit: HitmanPro37Crusader - Reg Error: Value error.
SafeBootNet:64bit: KeyIso - C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootNet:64bit: LSM - C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Netlogon - C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootNet:64bit: netprofm - C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdpencdd.sys - Driver
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: SmartcardSimulator - Driver
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SafeBootNet:64bit: TBS - Service
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: VaultSvc - C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: VirtualSmartcardReader - Driver
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: Wcmsvc - C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet:64bit: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: hitmanpro37 - Reg Error: Value error.
SafeBootNet: hitmanpro37.sys - Reg Error: Value error.
SafeBootNet: HitmanPro37Crusader - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdpencdd.sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SmartcardSimulator - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TBS - Service
SafeBootNet: TDI - Driver Group
SafeBootNet: VirtualSmartcardReader - Driver
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2015/04/14 15:28:06 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2015/04/14 15:28:04 | 000,125,872 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2015/04/14 15:28:04 | 000,106,928 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2015/04/14 15:27:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NBRTWizardx64
[2015/04/14 15:27:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NBRTWizardx64\0700000.012
[2015/04/14 15:27:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Bootable Recovery Tool Wizard
[2015/04/14 15:27:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard
[2015/04/14 15:27:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2015/04/12 21:54:41 | 000,000,000 | ---D | C] -- C:\ProgramData\AntiSpyInfo
[2015/04/12 21:54:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anti-Spy.Info
[2015/04/12 21:46:55 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2015/04/12 21:46:55 | 000,000,000 | ---D | C] -- C:\rsit
[2015/04/12 21:44:59 | 000,000,000 | ---D | C] -- C:\Users\tom\Desktop\Bezpečnost
[2015/04/12 21:36:57 | 000,000,000 | ---D | C] -- C:\FRST
[2015/04/12 11:32:26 | 000,000,000 | ---D | C] -- C:\NPE
[2015/04/08 20:15:02 | 001,385,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
[2015/04/08 20:15:02 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015/04/08 20:15:02 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015/04/08 20:15:02 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsm.dll
[2015/04/08 20:15:02 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015/04/08 20:15:02 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015/04/08 20:15:02 | 000,419,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015/04/08 20:15:02 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015/04/08 20:15:02 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015/04/08 17:04:46 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2015/04/08 13:18:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Emsisoft
[2015/04/07 20:59:19 | 000,000,000 | ---D | C] -- C:\Users\tom\Desktop\RS232

========== Files - Modified Within 7 Days ==========

[2015/04/14 18:12:03 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/04/14 17:08:58 | 000,037,624 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2015/04/14 17:03:05 | 000,101,655 | ---- | M] () -- C:\Users\tom\Desktop\el_mereni výkonu.PDF
[2015/04/14 16:39:48 | 000,031,514 | ---- | M] () -- C:\Users\tom\Desktop\log.rtf
[2015/04/14 15:53:25 | 001,745,984 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/04/14 15:53:25 | 000,739,924 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2015/04/14 15:53:25 | 000,722,476 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/04/14 15:53:25 | 000,151,610 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2015/04/14 15:53:25 | 000,135,592 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/04/14 15:48:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/04/14 15:46:08 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2015/04/14 15:26:12 | 000,001,358 | ---- | M] () -- C:\Users\tom\Desktop\Norton Installation Files.lnk
[2015/04/13 18:34:19 | 308,004,864 | ---- | M] () -- C:\Users\tom\Desktop\Kaspersky Rescue Disk 10.iso
[2015/04/12 21:44:40 | 000,029,696 | ---- | M] () -- C:\Users\tom\AppData\Local\MSGBOX.EXE
[2015/04/11 20:12:40 | 000,680,934 | ---- | M] () -- C:\Users\tom\Desktop\IGBT tranzistor.PDF
[2015/04/11 20:04:23 | 000,791,731 | ---- | M] () -- C:\Users\tom\Desktop\T1.5-Tranzistor.pdf
[2015/04/11 15:50:54 | 000,010,284 | ---- | M] () -- C:\Users\tom\eaglerc.usr
[2015/04/11 15:45:57 | 000,032,112 | ---- | M] () -- C:\Users\tom\Desktop\untitled.s##
[2015/04/11 12:04:16 | 000,394,006 | ---- | M] () -- C:\Users\tom\Desktop\zdroj 60v 40a.sch
[2015/04/10 12:01:43 | 000,048,483 | ---- | M] () -- C:\Users\tom\Desktop\slože marek ingr.PDF
[2015/04/08 17:04:46 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2015/04/08 17:04:46 | 000,003,850 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2015/04/08 15:21:58 | 000,151,190 | ---- | M] () -- C:\Users\tom\Desktop\css_jdm_programator.pdf
[2015/04/07 20:58:43 | 000,640,736 | ---- | M] () -- C:\Users\tom\Desktop\COM Port.rar

========== Files Created - No Company Name ==========

[2015/04/14 18:12:03 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015/04/14 17:03:34 | 000,101,655 | ---- | C] () -- C:\Users\tom\Desktop\el_mereni výkonu.PDF
[2015/04/14 16:39:36 | 000,031,514 | ---- | C] () -- C:\Users\tom\Desktop\log.rtf
[2015/04/14 15:27:47 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NBRTWizardx64\0700000.012\isolate.ini
[2015/04/14 15:26:11 | 000,001,358 | ---- | C] () -- C:\Users\tom\Desktop\Norton Installation Files.lnk
[2015/04/13 18:29:22 | 308,004,864 | ---- | C] () -- C:\Users\tom\Desktop\Kaspersky Rescue Disk 10.iso
[2015/04/12 21:44:18 | 000,029,696 | ---- | C] () -- C:\Users\tom\AppData\Local\MSGBOX.EXE
[2015/04/11 20:13:36 | 000,680,934 | ---- | C] () -- C:\Users\tom\Desktop\IGBT tranzistor.PDF
[2015/04/11 20:05:20 | 000,791,731 | ---- | C] () -- C:\Users\tom\Desktop\T1.5-Tranzistor.pdf
[2015/04/11 15:50:54 | 000,010,284 | ---- | C] () -- C:\Users\tom\eaglerc.usr
[2015/04/11 15:45:57 | 000,032,112 | ---- | C] () -- C:\Users\tom\Desktop\untitled.s##
[2015/04/10 12:02:17 | 000,048,483 | ---- | C] () -- C:\Users\tom\Desktop\slože marek ingr.PDF
[2015/04/08 15:22:21 | 000,151,190 | ---- | C] () -- C:\Users\tom\Desktop\css_jdm_programator.pdf
[2015/04/07 20:56:58 | 000,640,736 | ---- | C] () -- C:\Users\tom\Desktop\COM Port.rar
[2015/04/04 16:09:56 | 000,002,382 | ---- | C] () -- C:\Users\tom\gdbtk.ini
[2015/03/28 16:20:50 | 000,000,210 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2015/02/22 16:01:27 | 000,026,190 | ---- | C] () -- C:\Users\tom\Si prog DSP 4.pdf
[2015/02/03 16:24:45 | 000,226,680 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2015/02/03 16:24:44 | 000,076,152 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2015/01/25 12:19:19 | 000,000,261 | ---- | C] () -- C:\Users\tom\.octave_hist
[2015/01/24 21:31:56 | 000,000,412 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2015/01/17 20:57:14 | 001,772,950 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015/01/14 14:49:10 | 000,000,001 | ---- | C] () -- C:\Users\tom\AppData\Local\llftool.4.25.agreement
[2014/12/18 19:40:19 | 000,107,008 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2014/12/18 19:40:15 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2014/12/17 13:51:28 | 000,007,605 | ---- | C] () -- C:\Users\tom\AppData\Local\Resmon.ResmonCfg
[2014/12/14 09:52:02 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2013/08/22 17:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013/08/22 17:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013/08/22 16:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013/08/22 09:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013/08/22 01:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/08/22 01:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== ZeroAccess Check ==========

[2015/01/14 17:26:08 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/12 19:40:58 | 022,291,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/12 19:34:06 | 019,731,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/10/29 03:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/10/29 02:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/10/29 03:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2015/02/12 19:00:34 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\AC3Filter
[2015/04/04 16:59:30 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Atmel
[2015/03/27 17:14:56 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Downloaded Installations
[2014/12/14 14:26:15 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\ESET
[2015/01/20 16:06:38 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\LockAP
[2015/03/27 17:15:37 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Nitro
[2015/04/14 17:15:43 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Nitro PDF
[2015/01/16 14:05:52 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Opera Software
[2015/02/03 15:46:25 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Origin
[2015/01/15 16:45:53 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\PhrozenSoft
[2015/01/06 16:47:55 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Prodiance
[2015/01/25 12:12:22 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\ProfiCAD
[2015/04/06 12:26:31 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\uTorrent
[2015/04/05 10:37:55 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\VisualAssistAtmel
[2014/12/22 17:27:13 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\VS Revo Group

========== Purity Check ==========



========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ADATA SX900
Partitions: 2
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD10JPVX-00JC3T0
Partitions: 1
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100,00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 119,00GB
Starting Offset: 105906176
Hidden sectors: 0


DeviceID: Disk #1, Partition #0
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 932,00GB
Starting Offset: 1048576
Hidden sectors: 0

[2015/01/22 19:52:39 | 000,000,000 | RH-D | M] -- C:\ESD
[2015/04/12 21:54:41 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2015/04/04 16:58:40 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2015/02/03 16:25:01 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\EAInstaller
[2015/02/03 16:25:01 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\EAInstaller\BFH Beta 2
[2015/03/14 19:44:37 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsApps
[2013/08/22 17:36:30 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc
[2015/02/22 23:05:24 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2013/08/23 00:35:25 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2013/08/22 17:36:30 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\Profiles
[2013/08/23 00:34:48 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2013/08/22 17:36:30 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc
[2015/02/22 23:05:24 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2013/08/23 00:35:25 | 000,000,000 | RH-D | M] -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2013/08/22 17:36:30 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\Profiles
[2013/08/22 17:36:30 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2015/04/11 10:06:53 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2013/08/22 17:36:32 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2014/12/23 11:07:32 | 000,000,000 | -H-D | M] -- C:\Users\tom\AppData
[2015/01/27 21:19:12 | 000,000,000 | -H-D | M] -- C:\Users\tom\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2014/12/13 16:42:48 | 000,000,000 | -H-D | M] -- C:\Users\tom\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
[2014/12/15 19:07:17 | 000,000,000 | -H-D | M] -- C:\Users\tom\AppData\Local\Microsoft\Media Player\Mezipaměť grafiky
[2014/12/13 11:50:04 | 000,000,000 | -H-D | M] -- C:\Users\tom\AppData\Local\Microsoft\Windows\PrivacIE
[2014/12/13 14:50:43 | 000,000,000 | RH-D | M] -- C:\Users\tom\AppData\Local\Microsoft\Windows\Burn\Burn
[2015/04/09 07:42:49 | 000,000,000 | RH-D | M] -- C:\Users\tom\AppData\Local\Microsoft\Windows\Burn\Burn1
[2015/04/13 18:40:47 | 000,000,000 | RH-D | M] -- C:\Users\tom\AppData\Local\Microsoft\Windows\Burn\Burn2
[2015/01/10 17:38:07 | 000,000,000 | -H-D | M] -- C:\Users\tom\AppData\Local\Microsoft\Windows\INetCache\Content.MSO
[2015/01/24 19:32:03 | 000,000,000 | -H-D | M] -- C:\Users\tom\AppData\Local\Microsoft\Windows\INetCache\Content.Word
[2015/01/01 13:26:51 | 000,000,000 | -H-D | M] -- C:\Users\tom\AppData\Local\Microsoft\Windows\INetCache\Virtualized
[2015/01/01 13:26:51 | 000,000,000 | -H-D | M] -- C:\Users\tom\AppData\Local\Microsoft\Windows\INetCache\Virtualized\C\ProgramData
[2014/12/13 11:50:04 | 000,000,000 | -H-D | M] -- C:\Users\tom\AppData\Local\Microsoft\Windows\PrivacIE\Low
[2014/12/15 15:59:05 | 000,000,000 | -H-D | M] -- C:\Users\tom\AppData\Local\NVIDIA Corporation\Shield Apps\StreamingAssets
[2014/12/13 11:50:06 | 000,000,000 | -H-D | M] -- C:\Users\tom\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/08/22 17:36:31 | 000,000,000 | -H-D | M] -- C:\Windows\ELAMBKUP
[2014/12/13 12:48:36 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData
[2014/12/13 13:02:02 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData
[2015/01/27 21:08:11 | 000,000,000 | -H-D | M] -- C:\Windows\SysNative\GroupPolicy

========== Base Services ==========
SRV:64bit: - [2014/10/29 04:42:20 | 000,214,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2014/10/29 04:44:33 | 000,110,080 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2014/10/29 03:21:02 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2014/10/29 03:43:34 | 000,933,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2014/11/10 03:37:02 | 000,845,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2014/10/29 03:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV - [2014/10/29 03:01:27 | 000,046,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV:64bit: - [2014/10/29 03:12:28 | 000,516,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2014/10/29 02:55:10 | 000,367,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2014/10/29 03:26:50 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2014/10/29 03:27:24 | 000,131,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2014/10/29 03:19:29 | 000,817,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2014/10/29 03:29:06 | 000,365,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2014/10/29 03:05:58 | 000,292,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2014/11/05 03:43:48 | 000,252,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2014/10/29 03:14:35 | 000,110,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (Eaphost)
SRV:64bit: - [2014/10/29 04:44:23 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2014/10/29 03:59:46 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2014/10/29 03:07:58 | 000,452,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2014/10/29 03:08:58 | 000,397,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2014/10/29 03:01:45 | 000,706,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2014/10/29 03:22:44 | 000,071,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2014/10/29 02:51:03 | 000,266,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2014/10/29 03:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2014/12/06 03:41:58 | 000,391,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2014/10/29 03:29:16 | 000,028,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2014/10/29 04:45:24 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2014/11/04 07:01:49 | 000,827,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV:64bit: - [2014/10/29 04:34:42 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2014/10/29 02:59:21 | 000,542,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2014/10/29 03:19:29 | 000,817,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2014/10/29 04:42:25 | 000,031,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2014/10/29 05:51:48 | 000,047,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2014/10/29 02:56:06 | 000,146,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2014/10/29 03:18:49 | 000,329,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2014/10/29 03:04:06 | 000,640,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2014/10/29 02:49:09 | 000,576,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2014/10/29 02:52:52 | 001,265,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2014/10/29 04:12:14 | 000,313,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2014/10/29 03:34:59 | 000,254,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2014/10/29 03:26:29 | 000,059,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2014/12/09 03:50:34 | 000,225,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2014/10/21 02:30:29 | 001,454,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2014/10/29 03:02:48 | 000,911,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:64bit: - [2014/12/06 03:35:00 | 000,229,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
No service found with a name of SDRSVC
SRV:64bit: - [2015/02/04 01:58:28 | 000,023,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/10/29 03:16:27 | 001,696,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:64bit: - [2014/10/29 03:02:44 | 000,880,640 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2014/10/29 03:59:24 | 000,670,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2014/10/29 04:35:14 | 000,064,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2014/10/29 03:52:53 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2014/10/29 03:18:13 | 000,230,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2014/11/14 09:10:55 | 003,558,400 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2014/10/29 03:53:17 | 000,262,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2014/10/29 03:03:56 | 001,547,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:64bit: - [2014/10/29 03:24:29 | 000,289,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[konu]

< >
[2013/08/22 16:45:54 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2015/01/22 17:03:46 | 000,000,958 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2015/01/22 17:03:46 | 000,000,958 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d036549eefc1d8.job

< MD5 for: ACPI.SYS >
[2014/12/20 11:43:29 | 000,119,547 | ---- | M] () MD5=12D3342A2ABFD35BC1299D2B1339129E -- C:\Windows\WinSxS\amd64_acpi.inf_31bf3856ad364e35_6.3.9600.17031_none_137a1652a1d9202e\acpi.sys
[2014/12/20 11:43:28 | 000,095,490 | ---- | M] () MD5=37A66CC2FB21338058A67610D9C54A6E -- C:\Windows\WinSxS\amd64_acpi.inf_31bf3856ad364e35_6.3.9600.16423_none_13870532a1cf11e6\acpi.sys
[2014/12/20 11:43:28 | 000,094,989 | ---- | M] () MD5=C7525F9D13990683F0EE74A074982E98 -- C:\Windows\WinSxS\amd64_acpi.inf_31bf3856ad364e35_6.3.9600.16384_none_1347240ea1fed5bc\acpi.sys
[2014/10/07 08:44:53 | 000,533,824 | ---- | M] (Microsoft Corporation) MD5=E796AE43DDD1844281DB4D57294D17C0 -- C:\Windows\SysNative\drivers\acpi.sys
[2014/10/07 08:44:53 | 000,533,824 | ---- | M] (Microsoft Corporation) MD5=E796AE43DDD1844281DB4D57294D17C0 -- C:\Windows\SysNative\DriverStore\FileRepository\acpi.inf_amd64_b82068c7a43a101f\acpi.sys
[2014/10/07 08:44:53 | 000,533,824 | ---- | M] (Microsoft Corporation) MD5=E796AE43DDD1844281DB4D57294D17C0 -- C:\Windows\WinSxS\amd64_acpi.inf_31bf3856ad364e35_6.3.9600.17393_none_133b3d10a207f1f7\acpi.sys

< MD5 for: AFD.SYS >
[2014/05/30 05:03:03 | 000,563,200 | ---- | M] (Microsoft Corporation) MD5=374E27295F0A9DCAA8FC96370F9BEEA5 -- C:\Windows\SysNative\drivers\afd.sys
[2014/05/30 05:03:03 | 000,563,200 | ---- | M] (Microsoft Corporation) MD5=374E27295F0A9DCAA8FC96370F9BEEA5 -- C:\Windows\WinSxS\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.3.9600.17194_none_c89bb81d326c6108\afd.sys
[2014/12/20 20:14:15 | 000,074,280 | ---- | M] () MD5=A7231B8CBF6240E540D7171A74BF6B39 -- C:\Windows\WinSxS\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.3.9600.16384_none_c8a6a29d326425c4\afd.sys
[2014/12/20 20:14:16 | 000,000,907 | ---- | M] () MD5=BF19CE0FBC4A4BA6B3281936AC71F31F -- C:\Windows\WinSxS\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.3.9600.17088_none_c8aa874b3260ad4c\afd.sys

< MD5 for: AGP440.SYS >
[2013/08/22 14:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\Windows\SysNative\drivers\AGP440.sys
[2013/08/22 14:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_36be84f8fc597ea3\AGP440.sys
[2013/08/22 14:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17238_none_ab0b455c927bd60f\AGP440.sys
[2014/12/20 11:45:12 | 000,000,012 | ---- | M] () MD5=AC26F500DB64617F336315BB5A0FDBE1 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\AGP440.sys
[2014/12/20 11:45:13 | 000,000,012 | ---- | M] () MD5=AC26F500DB64617F336315BB5A0FDBE1 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\AGP440.sys

< MD5 for: ATAPI.SYS >
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\SysNative\drivers\atapi.sys
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_64aa4354da84c2df\atapi.sys
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.3.9600.16384_none_cdf68824f580d510\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2014/12/20 18:10:08 | 000,028,249 | ---- | M] () MD5=0CBDE27FB26761852F7B22AFB8C51ACB -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_d2b24d5495b82963\autochk.exe
[2014/02/22 13:24:36 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\SysWOW64\autochk.exe
[2014/02/22 13:24:36 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_76c6a414dd35029f\autochk.exe
[2014/02/22 14:17:06 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\Windows\SysNative\autochk.exe
[2014/02/22 14:17:06 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_d2e53f98959273d5\autochk.exe
[2014/12/22 14:43:49 | 000,023,596 | ---- | M] () MD5=83A4C9BE342BC296EC09492FF7594F13 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_7693b1d0dd5ab82d\autochk.exe

< MD5 for: CDROM.SYS >
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\SysNative\drivers\cdrom.sys
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_42e9c29f0affc440\cdrom.sys
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.3.9600.16384_none_5067bbed77be70be\cdrom.sys

< MD5 for: CMD.EXE >
[2014/12/20 18:18:19 | 000,057,589 | ---- | M] () MD5=089EDF7CAB7415FCF3D40E35C2530CFF -- C:\Windows\WinSxS\amd64_microsoft-windows-commandprompt_31bf3856ad364e35_6.3.9600.16384_none_7bcb26c7ee538fe3\cmd.exe
[2014/10/29 03:05:25 | 000,315,392 | ---- | M] (Microsoft Corporation) MD5=622D21C40A25F9834A03BFD5FF4710C1 -- C:\Windows\SysWOW64\cmd.exe
[2014/10/29 03:05:25 | 000,315,392 | ---- | M] (Microsoft Corporation) MD5=622D21C40A25F9834A03BFD5FF4710C1 -- C:\Windows\WinSxS\wow64_microsoft-windows-commandprompt_31bf3856ad364e35_6.3.9600.17415_none_866c6bf6227abe66\cmd.exe
[2014/12/20 20:44:34 | 000,047,195 | ---- | M] () MD5=77C9818180EB1AF14A2E019B31EADBAC -- C:\Windows\WinSxS\wow64_microsoft-windows-commandprompt_31bf3856ad364e35_6.3.9600.16384_none_861fd11a22b451de\cmd.exe
[2014/10/29 03:28:18 | 000,357,376 | ---- | M] (Microsoft Corporation) MD5=F5AE03DE0AD60F5B17B82F2CD68402FE -- C:\Windows\SysNative\cmd.exe
[2014/10/29 03:28:18 | 000,357,376 | ---- | M] (Microsoft Corporation) MD5=F5AE03DE0AD60F5B17B82F2CD68402FE -- C:\Windows\WinSxS\amd64_microsoft-windows-commandprompt_31bf3856ad364e35_6.3.9600.17415_none_7c17c1a3ee19fc6b\cmd.exe

< MD5 for: CRYPTSVC.DLL >
[2014/12/20 18:18:50 | 000,018,016 | ---- | M] () MD5=14E1348B6D5DD39C23C2F8FE569B52E0 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.3.9600.16384_none_66bdf96f6ec6545d\cryptsvc.dll
[2014/10/29 03:27:24 | 000,131,584 | ---- | M] (Microsoft Corporation) MD5=6324F0D18FB52833BA64BC828E29054C -- C:\Windows\SysNative\cryptsvc.dll
[2014/10/29 03:27:24 | 000,131,584 | ---- | M] (Microsoft Corporation) MD5=6324F0D18FB52833BA64BC828E29054C -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.3.9600.17415_none_670a944b6e8cc0e5\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2013/08/22 15:25:40 | 000,017,120 | ---- | M] (Microsoft Corporation) MD5=B2D3F07F5E8A13AF988A8B3C0A800880 -- C:\Windows\SysNative\csrss.exe
[2013/08/22 15:25:40 | 000,017,120 | ---- | M] (Microsoft Corporation) MD5=B2D3F07F5E8A13AF988A8B3C0A800880 -- C:\Windows\WinSxS\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.3.9600.16384_none_49a243e2b80cb4c0\csrss.exe

< MD5 for: EXPLORER.EXE >
[2015/03/12 17:03:08 | 000,087,190 | ---- | M] () MD5=1BF154F7BFAE2B9E0545FB09946C1817 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17415_none_42bfa1f94d79e1bb\explorer.exe
[2014/12/20 18:32:55 | 000,395,976 | ---- | M] () MD5=45DD8FAA7B53ABD29BCB9BACABFFC818 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4272ee6f4db391ad\explorer.exe
[2015/03/12 18:25:32 | 000,107,122 | ---- | M] () MD5=52063502D4A2E28FEBEA781D0EE5C453 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17415_none_4d144c4b81daa3b6\explorer.exe
[2014/12/20 18:32:43 | 000,403,708 | ---- | M] () MD5=522DDC0696B8EB4686DE43FA99C10B53 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_429b47d54d95b691\explorer.exe
[2014/12/20 20:52:06 | 000,346,147 | ---- | M] () MD5=55391B845E5D22B584AEA0DE35966F98 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_4d2233dd81cfba29\explorer.exe
[2014/12/20 18:32:45 | 000,406,681 | ---- | M] () MD5=62238257A6B69315C3787E6C4486870A -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_42a5f9614d8dbfa5\explorer.exe
[2014/12/20 20:52:20 | 000,351,441 | ---- | M] () MD5=6A6935B33EE18E13EDFEF98404654FA5 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_4d01a98581e82d4f\explorer.exe
[2014/12/20 20:52:13 | 000,345,550 | ---- | M] () MD5=76D95D618ADDE0293388ACBB89EC4094 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_4cfaa3b381ee81a0\explorer.exe
[2015/01/28 01:41:17 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=91E24273FCA076EA9E65DAFA98901225 -- C:\Windows\SysWOW64\explorer.exe
[2015/01/28 01:41:17 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=91E24273FCA076EA9E65DAFA98901225 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17667_none_4ce0410f82015c67\explorer.exe
[2014/12/20 20:52:28 | 000,338,811 | ---- | M] () MD5=9E110FC1BA4AB7CB5F2F9D27DB534223 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4cc798c1821453a8\explorer.exe
[2014/12/20 20:52:02 | 000,353,687 | ---- | M] () MD5=A51DB575199B084A81EAE9F0BD7FB518 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16384_none_4cc7b16f8214372e\explorer.exe
[2014/12/20 20:52:17 | 000,345,429 | ---- | M] () MD5=AC04D9498581D3AC2A73F6F2A13D1A93 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_4d02a60381e74c58\explorer.exe
[2015/01/28 01:47:12 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=C10A66189DC8C090E7C84873EDCEBC88 -- C:\Windows\explorer.exe
[2015/01/28 01:47:12 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=C10A66189DC8C090E7C84873EDCEBC88 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17667_none_428b96bd4da09a6c\explorer.exe
[2014/12/20 18:32:50 | 000,406,199 | ---- | M] () MD5=C976EC89ECC3E8F0A96CF0FB4B2D4524 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_42acff334d876b54\explorer.exe
[2014/12/20 18:32:48 | 000,406,201 | ---- | M] () MD5=D30BB9A38A9420AD4E4C8BEABAA1EC91 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_42adfbb14d868a5d\explorer.exe
[2014/12/20 18:32:38 | 000,416,857 | ---- | M] () MD5=D5B8E1D6C494AA96DA9D28EFC7ED8393 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16384_none_4273071d4db37533\explorer.exe
[2014/12/20 20:52:09 | 000,346,156 | ---- | M] () MD5=D9069754FA93AD21A7F7A3FD90C5FA3E -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_4ceff22781f6788c\explorer.exe
[2014/12/20 18:32:40 | 000,402,986 | ---- | M] () MD5=F3A87D5CBF5BF5DF75AD23DC8E1289D8 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_42cd898b4d6ef82e\explorer.exe

< MD5 for: FASTFAT.SYS >
[2013/08/22 14:49:30 | 000,217,952 | ---- | M] (Microsoft Corporation) MD5=7C4E0D5900B2A1D11EDD626D6DDB937B -- C:\Windows\SysNative\drivers\fastfat.sys
[2013/08/22 14:49:30 | 000,217,952 | ---- | M] (Microsoft Corporation) MD5=7C4E0D5900B2A1D11EDD626D6DDB937B -- C:\Windows\WinSxS\amd64_microsoft-windows-fat_31bf3856ad364e35_6.3.9600.16384_none_9f718b8b2b5b2f53\fastfat.sys

< MD5 for: HAL.DLL >
[2014/06/02 04:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\Windows\SysNative\hal.dll
[2014/06/02 04:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17196_none_9bde68c32da7abbb\hal.dll
[2014/12/20 18:37:07 | 000,024,467 | ---- | M] () MD5=2635F50EAF3E1B4A8D32B21E1203E130 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17031_none_9c1a44f32d7b883b\hal.dll
[2014/12/20 18:37:06 | 000,067,471 | ---- | M] () MD5=53F3F6C24F3E39723B9482ACCF289CBC -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16408_none_9c41d51d2d5cc0c4\hal.dll
[2014/12/20 18:37:07 | 000,067,142 | ---- | M] () MD5=761F6058154E7D086BA165F8A2FD33B5 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16500_none_9c39d4b32d63f333\hal.dll
[2014/12/20 18:37:06 | 000,068,501 | ---- | M] () MD5=94F68ACBC0E52C0197D391A9822D7FB3 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16384_none_9be752af2da13dc9\hal.dll

< MD5 for: I8042PRT.SYS >
[2014/11/04 08:54:54 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=49EE0AE9E5B64FFBBD06D55C4984B598 -- C:\Windows\SysNative\drivers\i8042prt.sys
[2014/11/04 08:54:54 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=49EE0AE9E5B64FFBBD06D55C4984B598 -- C:\Windows\SysNative\DriverStore\FileRepository\keyboard.inf_amd64_f91a411a03ef6ad5\i8042prt.sys
[2014/11/04 08:54:54 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=49EE0AE9E5B64FFBBD06D55C4984B598 -- C:\Windows\SysNative\DriverStore\FileRepository\msmouse.inf_amd64_413ad494dbd1242a\i8042prt.sys
[2014/11/04 08:54:54 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=49EE0AE9E5B64FFBBD06D55C4984B598 -- C:\Windows\WinSxS\amd64_keyboard.inf_31bf3856ad364e35_6.3.9600.17480_none_8808b7d9acf3a45e\i8042prt.sys
[2014/11/04 08:54:54 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=49EE0AE9E5B64FFBBD06D55C4984B598 -- C:\Windows\WinSxS\amd64_msmouse.inf_31bf3856ad364e35_6.3.9600.17480_none_3eee557da655eb32\i8042prt.sys
[2014/12/20 11:45:11 | 000,009,861 | ---- | M] () MD5=9D45B0EBB00B4B5889FA14BEF52E7EDC -- C:\Windows\WinSxS\amd64_keyboard.inf_31bf3856ad364e35_6.3.9600.17393_none_8800e6e5acf90f2d\i8042prt.sys
[2014/12/20 20:17:39 | 000,009,861 | ---- | M] () MD5=9D45B0EBB00B4B5889FA14BEF52E7EDC -- C:\Windows\WinSxS\amd64_msmouse.inf_31bf3856ad364e35_6.3.9600.17393_none_3ee68489a65b5601\i8042prt.sys
[2014/12/20 11:45:10 | 000,009,995 | ---- | M] () MD5=F9184D888C55B23DE5C78CC7B5C3B8F5 -- C:\Windows\WinSxS\amd64_keyboard.inf_31bf3856ad364e35_6.3.9600.16384_none_880ccde3aceff2f2\i8042prt.sys
[2014/12/20 20:17:38 | 000,009,995 | ---- | M] () MD5=F9184D888C55B23DE5C78CC7B5C3B8F5 -- C:\Windows\WinSxS\amd64_msmouse.inf_31bf3856ad364e35_6.3.9600.16384_none_3ef26b87a65239c6\i8042prt.sys

< MD5 for: IASTORV.SYS >
[2013/08/22 14:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2013/08/22 14:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_5069105fb236ae4b\iaStorV.sys
[2013/08/22 14:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_6.3.9600.16384_none_9fcfb2835bbf0103\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2013/08/22 14:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\Windows\SysNative\drivers\isapnp.sys
[2013/08/22 14:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_36be84f8fc597ea3\isapnp.sys
[2013/08/22 14:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17238_none_ab0b455c927bd60f\isapnp.sys
[2014/12/20 11:45:13 | 000,000,012 | ---- | M] () MD5=AC26F500DB64617F336315BB5A0FDBE1 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\isapnp.sys
[2014/12/20 11:45:13 | 000,000,012 | ---- | M] () MD5=AC26F500DB64617F336315BB5A0FDBE1 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\isapnp.sys

< MD5 for: KBDCLASS.SYS >
[2014/12/20 11:45:11 | 000,011,017 | ---- | M] () MD5=2380510ED6DAE5518BBA6A3787574D18 -- C:\Windows\WinSxS\amd64_keyboard.inf_31bf3856ad364e35_6.3.9600.16384_none_880ccde3aceff2f2\kbdclass.sys
[2014/11/04 21:25:09 | 000,059,712 | ---- | M] (Microsoft Corporation) MD5=5917AFE4A3F695A54B99C1849C8207FE -- C:\Windows\SysNative\drivers\kbdclass.sys
[2014/11/04 21:25:09 | 000,059,712 | ---- | M] (Microsoft Corporation) MD5=5917AFE4A3F695A54B99C1849C8207FE -- C:\Windows\SysNative\DriverStore\FileRepository\keyboard.inf_amd64_f91a411a03ef6ad5\kbdclass.sys
[2014/11/04 21:25:09 | 000,059,712 | ---- | M] (Microsoft Corporation) MD5=5917AFE4A3F695A54B99C1849C8207FE -- C:\Windows\WinSxS\amd64_keyboard.inf_31bf3856ad364e35_6.3.9600.17480_none_8808b7d9acf3a45e\kbdclass.sys
[2014/12/20 11:45:11 | 000,002,163 | ---- | M] () MD5=B20BA4BE9BADF3A6A1D0F0DD20686EBD -- C:\Windows\WinSxS\amd64_keyboard.inf_31bf3856ad364e35_6.3.9600.17393_none_8800e6e5acf90f2d\kbdclass.sys

< MD5 for: LSASS.EXE >
[2014/10/29 05:51:48 | 000,047,024 | ---- | M] (Microsoft Corporation) MD5=382100E75B6F4668AEAEF228C6CEFFAD -- C:\Windows\SysNative\lsass.exe
[2014/10/29 05:51:48 | 000,047,024 | ---- | M] (Microsoft Corporation) MD5=382100E75B6F4668AEAEF228C6CEFFAD -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.17415_none_2e769c84660bda1b\lsass.exe
[2014/12/20 18:54:27 | 000,008,089 | ---- | M] () MD5=3FFB8CD649DEDA6497FD97550BE82357 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.16384_none_2e2a01a866456d93\lsass.exe
[2014/12/20 18:54:28 | 000,008,089 | ---- | M] () MD5=3FFB8CD649DEDA6497FD97550BE82357 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.16408_none_2e8484166600f08e\lsass.exe

< MD5 for: NDIS.SYS >
[2014/12/20 19:05:43 | 000,162,722 | ---- | M] () MD5=1620BE5FEABD34A51CC2B0EB0C27A161 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17031_none_4a46d083fbdd5ca3\ndis.sys
[2014/12/20 19:05:41 | 000,160,676 | ---- | M] () MD5=40BCCFA17D212CA611844FA7176FC051 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16475_none_4a1fb05bfbfa0cbe\ndis.sys
[2015/02/05 22:24:44 | 001,113,920 | ---- | M] (Microsoft Corporation) MD5=6D3A2565E01B3E4B0F1BEDB0D4B00B3F -- C:\Windows\SysNative\drivers\ndis.sys
[2015/02/05 22:24:44 | 001,113,920 | ---- | M] (Microsoft Corporation) MD5=6D3A2565E01B3E4B0F1BEDB0D4B00B3F -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17673_none_4a1d9ccbfbfbedff\ndis.sys
[2014/12/20 19:05:39 | 000,162,158 | ---- | M] () MD5=6F360B477B1341E6D46FA91A2827ABB5 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16405_none_4a6b5fcffbc14927\ndis.sys
[2014/12/20 19:05:38 | 000,162,206 | ---- | M] () MD5=7FD39CA8CB53AFD488F16B5E2C12FF7E -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16384_none_4a13de3ffc031231\ndis.sys
[2014/12/20 19:05:40 | 000,160,308 | ---- | M] () MD5=8BDD8A54C58DFF3BD2004E31671CDD88 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16408_none_4a6e60adfbbe952c\ndis.sys
[2015/03/12 17:04:42 | 000,080,695 | ---- | M] () MD5=9C48968B0344AD63559D0D080DA66103 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17399_none_4a0df8fdfc06c676\ndis.sys
[2014/12/20 19:05:44 | 000,162,319 | ---- | M] () MD5=A627B5D38300791075615FF3C8BB3991 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17199_none_4a0df531fc06cc28\ndis.sys

< MD5 for: NETLOGON.DLL >
[2014/10/29 03:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) MD5=02D117FC638B768BD1A15F8000B83EAE -- C:\Windows\SysNative\netlogon.dll
[2014/10/29 03:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) MD5=02D117FC638B768BD1A15F8000B83EAE -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17415_none_eec2b22a0bb75b53\netlogon.dll
[2014/12/20 19:43:24 | 000,125,384 | ---- | M] () MD5=45C2C2EA335BD7FF360C7F006B915766 -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_ee9e39a60bd3552e\netlogon.dll
[2014/12/21 15:42:36 | 000,104,557 | ---- | M] () MD5=8203890854F74B5ACB9E8920EE24C826 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_f8cac1a04051b0c6\netlogon.dll
[2014/12/21 15:42:37 | 000,105,907 | ---- | M] () MD5=B25E2DE4078511EB1747FA0BDB6E4FC5 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_f8f2e3f840341729\netlogon.dll
[2014/12/20 19:43:23 | 000,123,829 | ---- | M] () MD5=C5EFDD0CD180E1CEB92294BF4B7F07A1 -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_ee76174e0bf0eecb\netlogon.dll
[2014/10/29 03:02:34 | 000,695,296 | ---- | M] (Microsoft Corporation) MD5=CCEC6CB98A00ECE7F5AFB9C0FC9427B3 -- C:\Windows\SysWOW64\netlogon.dll
[2014/10/29 03:02:34 | 000,695,296 | ---- | M] (Microsoft Corporation) MD5=CCEC6CB98A00ECE7F5AFB9C0FC9427B3 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17415_none_f9175c7c40181d4e\netlogon.dll

< MD5 for: NTFS.SYS >
[2014/12/20 19:06:58 | 000,382,689 | ---- | M] () MD5=402764F636D6B865AB5FB9A3A9F416C2 -- C:\Windows\WinSxS\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.3.9600.17056_none_9751dda5f0c8a10e\ntfs.sys
[2014/12/20 19:06:55 | 000,383,353 | ---- | M] () MD5=440E7C57F354FA3F42EEDDD00065D2A4 -- C:\Windows\WinSxS\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.3.9600.17031_none_97627c0bf0bcea79\ntfs.sys
[2014/10/15 10:32:37 | 002,025,792 | ---- | M] (Microsoft Corporation) MD5=7F68063A5A0461E02BC860CE0E6BFDDC -- C:\Windows\SysNative\drivers\ntfs.sys
[2014/10/15 10:32:37 | 002,025,792 | ---- | M] (Microsoft Corporation) MD5=7F68063A5A0461E02BC860CE0E6BFDDC -- C:\Windows\WinSxS\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.3.9600.17401_none_9782f367f0a48b42\ntfs.sys
[2014/12/20 19:06:50 | 000,388,551 | ---- | M] () MD5=B59E4532C8312DDB93FDEF5CF88CF323 -- C:\Windows\WinSxS\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.3.9600.16384_none_972f89c7f0e2a007\ntfs.sys
[2014/12/20 19:07:00 | 000,378,139 | ---- | M] () MD5=E5D1987CD7FBB2169440CD9B8E2AB87E -- C:\Windows\WinSxS\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.3.9600.17238_none_976981ddf0b69628\ntfs.sys

< MD5 for: NTOSKRNL.EXE >
[2014/12/20 19:07:47 | 001,327,083 | ---- | M] () MD5=25AC1B6EC0D3FB6D3925D2C9E5800DEE -- C:\Windows\WinSxS\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.3.9600.16404_none_5d4542f187d9367b\ntoskrnl.exe
[2014/12/20 19:08:06 | 001,326,978 | ---- | M] () MD5=2DD68EBE56E6C2DCE709E2480BFE7E18 -- C:\Windows\WinSxS\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.3.9600.16452_none_5d0d32c188038f82\ntoskrnl.exe
[2014/12/20 19:09:03 | 000,404,300 | ---- | M] () MD5=4C8C0A5A5B14AEBAF92A1B34958684F3 -- C:\Windows\WinSxS\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.3.9600.17415_none_5d3b5c8787e08564\ntoskrnl.exe
[2014/12/20 19:08:45 | 001,264,163 | ---- | M] () MD5=5CACD5899A86CF1AA97ADDA1C789EBAF -- C:\Windows\WinSxS\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.3.9600.17238_none_5d28b9c187ee0efd\ntoskrnl.exe
[2014/12/20 19:08:54 | 001,061,394 | ---- | M] () MD5=646BEA02CE4B41805BC0AE821995D993 -- C:\Windows\WinSxS\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.3.9600.17328_none_5d338b9387e5f033\ntoskrnl.exe
[2014/12/20 19:08:25 | 001,267,614 | ---- | M] () MD5=6F059B0AF6929A02DEF851C445D58029 -- C:\Windows\WinSxS\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.3.9600.17041_none_5d16e40387fc7f3f\ntoskrnl.exe
[2014/12/20 19:08:35 | 001,267,298 | ---- | M] () MD5=71B7E921D4C31896925001E5A542EFFE -- C:\Windows\WinSxS\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.3.9600.17085_none_5cefa57b8819545f\ntoskrnl.exe
[2015/01/28 17:41:22 | 007,472,960 | ---- | M] (Microsoft Corporation) MD5=9F2265288BCA4EF9B34FAD2D0078070E -- C:\Windows\SysNative\ntoskrnl.exe
[2015/01/28 17:41:22 | 007,472,960 | ---- | M] (Microsoft Corporation) MD5=9F2265288BCA4EF9B34FAD2D0078070E -- C:\Windows\WinSxS\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.3.9600.17668_none_5d0851958806576c\ntoskrnl.exe
[2014/12/20 19:08:16 | 001,267,483 | ---- | M] () MD5=9FE3B37665DFE803BD919DE9627EBDE1 -- C:\Windows\WinSxS\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.3.9600.17031_none_5d21b3ef87f4634e\ntoskrnl.exe
[2014/12/20 19:07:56 | 001,325,876 | ---- | M] () MD5=B148E0B332D14A01801DCDA8817F4A43 -- C:\Windows\WinSxS\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.3.9600.16422_none_5d2da28587eb3baf\ntoskrnl.exe
[2015/02/15 20:01:02 | 000,538,621 | ---- | M] () MD5=E1B6AAF3D131EDD09F3C195D0529EB89 -- C:\Windows\WinSxS\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.3.9600.17476_none_5cfb7d4988104661\ntoskrnl.exe
[2015/03/12 17:04:52 | 000,147,715 | ---- | M] () MD5=E212F9B94B93249383FEEFA79DD4E312 -- C:\Windows\WinSxS\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.3.9600.17630_none_5d20bf0987f538e1\ntoskrnl.exe
[2014/12/20 19:07:37 | 001,333,173 | ---- | M] () MD5=E6826B00080CAD3EDB8EE5BEE54607A7 -- C:\Windows\WinSxS\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.3.9600.16384_none_5ceec1ab881a18dc\ntoskrnl.exe

< MD5 for: NVRAID.SYS >
[2013/08/22 14:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\Windows\SysNative\drivers\nvraid.sys
[2013/08/22 14:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvraid.sys
[2013/08/22 14:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2013/08/22 14:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\Windows\SysNative\drivers\nvstor.sys
[2013/08/22 14:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvstor.sys
[2013/08/22 14:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvstor.sys

< MD5 for: REGEDIT.EXE >
[2014/10/29 04:12:30 | 000,154,624 | ---- | M] (Microsoft Corporation) MD5=2F3FED31AC2846D8AD5DBC396A7E3DF1 -- C:\Windows\regedit.exe
[2014/10/29 03:34:53 | 000,134,144 | ---- | M] (Microsoft Corporation) MD5=2F3FED31AC2846D8AD5DBC396A7E3DF1 -- C:\Windows\SysWOW64\regedit.exe
[2014/10/29 03:34:53 | 000,134,144 | ---- | M] (Microsoft Corporation) MD5=2F3FED31AC2846D8AD5DBC396A7E3DF1 -- C:\Windows\WinSxS\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.3.9600.17415_none_ef8e5a9de3f6db8e\regedit.exe
[2014/12/21 15:40:32 | 000,023,818 | ---- | M] () MD5=80A78D879EE46A658C52E08B99A48871 -- C:\Windows\WinSxS\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.3.9600.16384_none_ef41bfc1e4306f06\regedit.exe
[2014/10/29 04:12:30 | 000,154,624 | ---- | M] (Microsoft Corporation) MD5=B67DB709F5FDAA89CA6C2CB6C1E39B3B -- C:\Windows\WinSxS\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.3.9600.17415_none_e539b04baf961993\regedit.exe
[2014/12/20 19:38:36 | 000,019,857 | ---- | M] () MD5=C3E5389FB614612FD4226EE577666D21 -- C:\Windows\WinSxS\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.3.9600.16384_none_e4ed156fafcfad0b\regedit.exe

< MD5 for: SCECLI.DLL >
[2014/12/21 15:41:01 | 000,042,572 | ---- | M] () MD5=22CDB04B964A8D34C42BB7ED150784F8 -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_3320ecb8e1733781\scecli.dll
[2014/12/20 19:41:38 | 000,045,911 | ---- | M] () MD5=878EBE290BED3EE6AC21BF4EE1458F67 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_28cc4266ad127586\scecli.dll
[2014/10/29 03:23:16 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=9A475B8F19A15BFDE8DF84E40ECAE8AA -- C:\Windows\SysNative\scecli.dll
[2014/10/29 03:23:16 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=9A475B8F19A15BFDE8DF84E40ECAE8AA -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.17415_none_2918dd42acd8e20e\scecli.dll
[2014/10/29 03:01:41 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=FB740FE549197E7B08021EF30327921D -- C:\Windows\SysWOW64\scecli.dll
[2014/10/29 03:01:41 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=FB740FE549197E7B08021EF30327921D -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.17415_none_336d8794e139a409\scecli.dll

< MD5 for: SERVICES.EXE >
[2014/10/29 05:53:12 | 000,411,128 | ---- | M] (Microsoft Corporation) MD5=5BF02EBEFEDC706318C96E2E60EDCB91 -- C:\Windows\SysNative\services.exe
[2014/10/29 05:53:12 | 000,411,128 | ---- | M] (Microsoft Corporation) MD5=5BF02EBEFEDC706318C96E2E60EDCB91 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.17415_none_3023c055d060b271\services.exe
[2014/12/20 19:39:18 | 000,099,046 | ---- | M] () MD5=6B5BDEEB170D0DA2C56753F0347809DD -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.17084_none_2fd708ffd09a6815\services.exe
[2014/12/20 19:39:17 | 000,100,650 | ---- | M] () MD5=819B58D92200C0F55292891FD509BEA0 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.16384_none_2fd72579d09a45e9\services.exe

< MD5 for: SMSS.EXE >
[2014/12/20 19:53:58 | 000,019,120 | ---- | M] () MD5=5FBA1F5F9AA1E09595F015118AE83A36 -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.16384_none_6f1f364dbcc273d3\smss.exe
[2014/02/22 17:43:03 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\Windows\SysNative\smss.exe
[2014/02/22 17:43:03 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.17031_none_6f522891bc9cbe45\smss.exe

< MD5 for: SPOOLSV.EXE >
[2014/11/04 07:01:49 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=2E3976C857D7230EC8D2B2276E688255 -- C:\Windows\SysNative\spoolsv.exe
[2014/11/04 07:01:49 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=2E3976C857D7230EC8D2B2276E688255 -- C:\Windows\WinSxS\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.3.9600.17480_none_c705ed2295837cf6\spoolsv.exe
[2014/12/20 19:36:15 | 000,142,390 | ---- | M] () MD5=8329B249CD0E65007C43072986769E94 -- C:\Windows\WinSxS\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.3.9600.16384_none_c70a032c957fcb8a\spoolsv.exe
[2014/12/20 19:36:16 | 000,144,453 | ---- | M] () MD5=A41B2FA6FD2268726CAEEE91615738DE -- C:\Windows\WinSxS\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.3.9600.17238_none_c743fb429553c1ab\spoolsv.exe
[2014/12/20 19:36:16 | 000,053,976 | ---- | M] () MD5=C5C37EF1B320011C4077FBBA43D2188D -- C:\Windows\WinSxS\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.3.9600.17415_none_c7569e0895463812\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2014/12/26 10:00:43 | 000,007,517 | ---- | M] () MD5=73AA583D4FB0F05C313B38C091D94804 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_4a5b1e2820e75323\svchost.exe
[2014/12/20 19:43:55 | 000,007,559 | ---- | M] () MD5=CFE97816CBBEF783FD8634109F1877D2 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459\svchost.exe
[2014/10/29 05:17:51 | 000,033,088 | ---- | M] (Microsoft Corporation) MD5=D0ABC231C0B3E88C6B612B28ABBF734D -- C:\Windows\SysWOW64\svchost.exe
[2014/10/29 05:17:51 | 000,033,088 | ---- | M] (Microsoft Corporation) MD5=D0ABC231C0B3E88C6B612B28ABBF734D -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.17415_none_4aa7b90420adbfab\svchost.exe
[2014/10/29 06:11:20 | 000,038,792 | ---- | M] (Microsoft Corporation) MD5=E3A2AD05E24105B35E986CF9CB38EC47 -- C:\Windows\SysNative\svchost.exe
[2014/10/29 06:11:20 | 000,038,792 | ---- | M] (Microsoft Corporation) MD5=E3A2AD05E24105B35E986CF9CB38EC47 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.17415_none_a6c65487d90b30e1\svchost.exe

< MD5 for: TCPIP.SYS >
[2014/12/20 20:01:40 | 000,473,620 | ---- | M] () MD5=023C43D4603AE03279ED314D2D1DF38B -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17039_none_a41766f13a305c94\tcpip.sys
[2014/12/20 20:01:34 | 000,521,520 | ---- | M] () MD5=0C80604F89EDA58336AC156F036228FB -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16456_none_a3fee49b3a43236c\tcpip.sys
[2014/12/20 20:01:56 | 000,408,374 | ---- | M] () MD5=2FAE65E0883EB4E6C7B45B91C9B8C4EE -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17278_none_a3eb2ac33a51ad4f\tcpip.sys
[2014/12/20 20:01:52 | 000,472,136 | ---- | M] () MD5=379FAEF6EB530B0B39779D425FD78C68 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17238_none_a4166a733a313d8b\tcpip.sys
[2014/11/10 20:06:59 | 002,485,056 | ---- | M] (Microsoft Corporation) MD5=3C2DF97A21A9BBE6355B0A51F288EFFF -- C:\Windows\SysNative\drivers\tcpip.sys
[2014/11/10 20:06:59 | 002,485,056 | ---- | M] (Microsoft Corporation) MD5=3C2DF97A21A9BBE6355B0A51F288EFFF -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17485_none_a3dd5dc53a5c7789\tcpip.sys
[2014/12/20 20:01:43 | 000,473,864 | ---- | M] () MD5=4D2E352AC307BD9E7A1AE258AE6C69AC -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17085_none_a3dd562d3a5c82ed\tcpip.sys
[2014/12/20 20:01:24 | 000,513,566 | ---- | M] () MD5=4D76DE7A631BE7A46DD839F4EDD077EB -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16384_none_a3dc725d3a5d476a\tcpip.sys
[2014/12/20 20:01:37 | 000,517,461 | ---- | M] () MD5=6604BF988D592823B932E1FFC7CCC577 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16521_none_a41a54d33a2f4e0d\tcpip.sys
[2014/12/20 20:01:27 | 000,522,218 | ---- | M] () MD5=720E5AFFE053E30352610D4095A693D0 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16408_none_a436f4cb3a18ca65\tcpip.sys
[2014/12/20 20:02:01 | 000,001,784 | ---- | M] () MD5=7F247B320FA5BA3826A8AFDD3E00CD91 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17415_none_a4290d393a23b3f2\tcpip.sys
[2014/12/20 20:01:49 | 000,473,685 | ---- | M] () MD5=9E037F4E2AF564FBA0B92FB24528E097 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17136_none_a41467f93a330db6\tcpip.sys
[2014/12/20 20:01:59 | 000,410,320 | ---- | M] () MD5=BD3B9D4C36C9327A69998B147FF55ECB -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17336_none_a4146bc53a330804\tcpip.sys
[2014/12/20 20:01:31 | 000,521,924 | ---- | M] () MD5=E014A5AB5B78884325E263D7241DAB86 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16423_none_a41c53813a2d8394\tcpip.sys

< MD5 for: TDX.SYS >
[2013/08/22 15:25:35 | 000,107,520 | ---- | M] (Microsoft Corporation) MD5=FFF28F9F6823EB1756C60F1649560BBF -- C:\Windows\SysNative\drivers\tdx.sys
[2013/08/22 15:25:35 | 000,107,520 | ---- | M] (Microsoft Corporation) MD5=FFF28F9F6823EB1756C60F1649560BBF -- C:\Windows\WinSxS\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.3.9600.16384_none_dafc2856b00caf2b\tdx.sys

< MD5 for: USER32.DLL >
[2014/10/29 06:00:24 | 001,540,696 | ---- | M] (Microsoft Corporation) MD5=25026E350BC3BE37631634EC72B10BD5 -- C:\Windows\SysNative\user32.dll
[2014/10/29 06:00:24 | 001,540,696 | ---- | M] (Microsoft Corporation) MD5=25026E350BC3BE37631634EC72B10BD5 -- C:\Windows\WinSxS\amd64_microsoft-windows-user32_31bf3856ad364e35_6.3.9600.17415_none_be4367284119f22e\user32.dll
[2014/12/20 20:08:34 | 000,158,638 | ---- | M] () MD5=2FC37A278624F99B2C455E00838F0473 -- C:\Windows\WinSxS\amd64_microsoft-windows-user32_31bf3856ad364e35_6.3.9600.17238_none_be30c46241277bc7\user32.dll
[2014/12/22 14:38:28 | 000,132,587 | ---- | M] () MD5=30EFFFA26AA15D5C73612E3038DF17CB -- C:\Windows\WinSxS\wow64_microsoft-windows-user32_31bf3856ad364e35_6.3.9600.16441_none_c873b756759688ff\user32.dll
[2014/12/22 14:38:29 | 000,129,646 | ---- | M] () MD5=3D0746CECC8C9DA5C87B70A539694452 -- C:\Windows\WinSxS\wow64_microsoft-windows-user32_31bf3856ad364e35_6.3.9600.17031_none_c87e68e2758e9213\user32.dll
[2014/12/20 20:08:35 | 000,149,061 | ---- | M] () MD5=41D3E5CA0DEC359CC564CD4B427A9084 -- C:\Windows\WinSxS\amd64_microsoft-windows-user32_31bf3856ad364e35_6.3.9600.17347_none_be24f61241307b88\user32.dll
[2014/12/22 14:38:33 | 000,120,433 | ---- | M] () MD5=5CD17A3616D17FC7C43BFE53FEF10B6B -- C:\Windows\WinSxS\wow64_microsoft-windows-user32_31bf3856ad364e35_6.3.9600.17347_none_c879a06475913d83\user32.dll
[2014/10/29 03:04:35 | 001,376,256 | ---- | M] (Microsoft Corporation) MD5=76C5CF09F53A3B089B5581B9938F8CAE -- C:\Windows\SysWOW64\user32.dll
[2014/10/29 03:04:35 | 001,376,256 | ---- | M] (Microsoft Corporation) MD5=76C5CF09F53A3B089B5581B9938F8CAE -- C:\Windows\WinSxS\wow64_microsoft-windows-user32_31bf3856ad364e35_6.3.9600.17415_none_c898117a757ab429\user32.dll
[2014/12/20 20:08:32 | 000,159,084 | ---- | M] () MD5=9E3CD9612663EE3BDA97965A5C56EA02 -- C:\Windows\WinSxS\amd64_microsoft-windows-user32_31bf3856ad364e35_6.3.9600.17031_none_be29be90412dd018\user32.dll
[2014/12/22 14:38:31 | 000,129,569 | ---- | M] () MD5=A8C97E6255C95A7D680DF70ED0577183 -- C:\Windows\WinSxS\wow64_microsoft-windows-user32_31bf3856ad364e35_6.3.9600.17238_none_c8856eb475883dc2\user32.dll
[2014/12/22 14:38:26 | 000,132,077 | ---- | M] () MD5=CEC9FF28FA64AE606265B28325268E30 -- C:\Windows\WinSxS\wow64_microsoft-windows-user32_31bf3856ad364e35_6.3.9600.16384_none_c84b769e75b447a1\user32.dll
[2014/12/20 20:08:30 | 000,160,793 | ---- | M] () MD5=E5BF934D79286464E7D60B29DFBACC9D -- C:\Windows\WinSxS\amd64_microsoft-windows-user32_31bf3856ad364e35_6.3.9600.16384_none_bdf6cc4c415385a6\user32.dll
[2014/12/20 20:08:31 | 000,160,793 | ---- | M] () MD5=E5BF934D79286464E7D60B29DFBACC9D -- C:\Windows\WinSxS\amd64_microsoft-windows-user32_31bf3856ad364e35_6.3.9600.16441_none_be1f0d044135c704\user32.dll

< MD5 for: USERINIT.EXE >
[2014/12/20 20:08:41 | 000,002,671 | ---- | M] () MD5=061AC3BD7ADC5DCBA6AC0F23895266F8 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_cce71a20a5a6fe7f\userinit.exe
[2014/12/26 10:07:57 | 000,004,269 | ---- | M] () MD5=1AE98168631581DE1343C3A87A6CBCA9 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_70c87e9ced498d49\userinit.exe
[2014/10/29 03:28:08 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=5C131534A3EA4A461A793FB507A8004F -- C:\Windows\SysNative\userinit.exe
[2014/10/29 03:28:08 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=5C131534A3EA4A461A793FB507A8004F -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.17415_none_cd33b4fca56d6b07\userinit.exe
[2014/10/29 03:05:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=D10643FC0095434C819316CA6CD748C0 -- C:\Windows\SysWOW64\userinit.exe
[2014/10/29 03:05:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=D10643FC0095434C819316CA6CD748C0 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.17415_none_71151978ed0ff9d1\userinit.exe

< MD5 for: WDF01000.SYS >
[2013/08/22 15:25:41 | 000,839,488 | ---- | M] (Microsoft Corporation) MD5=CB6C63FF8342B467E2EF76E98D5B934D -- C:\Windows\SysNative\drivers\Wdf01000.sys
[2013/08/22 15:25:41 | 000,839,488 | ---- | M] (Microsoft Corporation) MD5=CB6C63FF8342B467E2EF76E98D5B934D -- C:\Windows\WinSxS\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.3.9600.16384_none_67117844f1e31f5e\Wdf01000.sys

< MD5 for: WIN32K.SYS >
[2014/12/20 20:12:10 | 000,774,529 | ---- | M] () MD5=016FB9A208C74D7AB426E3F8FF4C208A -- C:\Windows\WinSxS\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.3.9600.16384_none_a9b1d9c56e7dd034\win32k.sys
[2014/12/20 20:13:14 | 000,486,627 | ---- | M] () MD5=13D664EF9BCBD742E08187339CDBB575 -- C:\Windows\WinSxS\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.3.9600.17238_none_a9ebd1db6e51c655\win32k.sys
[2014/12/20 20:12:32 | 000,771,250 | ---- | M] () MD5=14087487D580E54BBB83CDF6A622A366 -- C:\Windows\WinSxS\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.3.9600.16476_none_a9beac2b6e73e418\win32k.sys
[2014/12/20 20:12:58 | 000,708,431 | ---- | M] () MD5=1A820342EF54F06C5731A8673E4DE90D -- C:\Windows\WinSxS\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.3.9600.17114_none_a9fd6ea56e452bf0\win32k.sys
[2014/12/20 20:12:21 | 000,773,516 | ---- | M] () MD5=1EC0446F1CA114AC6A7156AF32A5C949 -- C:\Windows\WinSxS\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.3.9600.16438_none_a9ebec6f6e51a702\win32k.sys
[2014/12/20 20:12:16 | 000,774,138 | ---- | M] () MD5=2575C1F573006BCBC91FAA7BEF778A24 -- C:\Windows\WinSxS\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.3.9600.16408_none_aa0c5c336e39532f\win32k.sys
[2014/12/20 20:13:04 | 000,709,402 | ---- | M] () MD5=2A8E2E711FA09CB73393EC3510FDE15D -- C:\Windows\WinSxS\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.3.9600.17193_none_a9a5eefb6e86f221\win32k.sys
[2015/02/26 01:26:52 | 004,178,944 | ---- | M] (Microsoft Corporation) MD5=35A579220C411DED00E0DA5AFB755178 -- C:\Windows\SysNative\win32k.sys
[2015/02/26 01:26:52 | 004,178,944 | ---- | M] (Microsoft Corporation) MD5=35A579220C411DED00E0DA5AFB755178 -- C:\Windows\WinSxS\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.3.9600.17694_none_a9a6f8c36e85fd3b\win32k.sys
[2014/12/20 20:12:53 | 000,710,397 | ---- | M] () MD5=4CB66D58F53F6C1FB74AFFFCEFA64708 -- C:\Windows\WinSxS\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.3.9600.17090_none_a9a2ec376e89a8f5\win32k.sys
[2014/12/20 20:13:24 | 000,479,792 | ---- | M] () MD5=A4AD0886D71D86715A312E6EF8F1FAB5 -- C:\Windows\WinSxS\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.3.9600.17278_none_a9c0922b6e723619\win32k.sys
[2014/12/20 20:12:48 | 000,720,057 | ---- | M] () MD5=AFFC9BAD67F0871100BEE283EBD9F9C1 -- C:\Windows\WinSxS\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.3.9600.17031_none_a9e4cc096e581aa6\win32k.sys
[2015/03/12 18:24:11 | 000,417,254 | ---- | M] () MD5=DA0B43783F18B3E2583CE39110C85472 -- C:\Windows\WinSxS\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.3.9600.17630_none_a9e3d7236e58f039\win32k.sys
[2014/12/20 20:12:26 | 000,772,615 | ---- | M] () MD5=E0FC9610C953B904E2931779E9CAC151 -- C:\Windows\WinSxS\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.3.9600.16456_none_a9d44c036e63ac36\win32k.sys
[2015/02/15 20:01:25 | 000,467,188 | ---- | M] () MD5=F81B0F2026AF1C78C999CC92B86D19AA -- C:\Windows\WinSxS\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.3.9600.17393_none_a9a5f2c76e86ec6f\win32k.sys
[2014/12/20 20:12:37 | 000,770,052 | ---- | M] () MD5=FF3B8C2B8DCB992954E4943847E28BB5 -- C:\Windows\WinSxS\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.3.9600.16483_none_a9b0db616e7eb404\win32k.sys

< MD5 for: WINLOGON.EXE >
[2014/12/20 20:13:57 | 000,100,951 | ---- | M] () MD5=A176623494AF009927242266EF51DCFB -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17031_none_60b45365a8c2ccdb\winlogon.exe
[2014/12/20 20:13:57 | 000,101,964 | ---- | M] () MD5=E83463DC1465FF73660AD78CDFF51F15 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe
[2014/10/29 03:22:52 | 000,572,416 | ---- | M] (Microsoft Corporation) MD5=EC498BAE1F0D3E0E401C963F8D76C437 -- C:\Windows\SysNative\winlogon.exe
[2014/10/29 03:22:52 | 000,572,416 | ---- | M] (Microsoft Corporation) MD5=EC498BAE1F0D3E0E401C963F8D76C437 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17415_none_60cdfbfda8aeeef1\winlogon.exe

< MD5 for: WINSRV.DLL >
[2014/12/20 20:14:17 | 000,019,657 | ---- | M] () MD5=040F0842D301E47474B9E08AFA1E0FA1 -- C:\Windows\WinSxS\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.3.9600.17031_none_a76fe8f170268691\winsrv.dll
[2014/10/29 03:22:32 | 000,194,560 | ---- | M] (Microsoft Corporation) MD5=EAB311B0A7A8EA0346F14F08D4BC8F46 -- C:\Windows\SysNative\winsrv.dll
[2014/10/29 03:22:32 | 000,194,560 | ---- | M] (Microsoft Corporation) MD5=EAB311B0A7A8EA0346F14F08D4BC8F46 -- C:\Windows\WinSxS\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.3.9600.17415_none_a78991897012a8a7\winsrv.dll
[2014/12/20 20:14:17 | 000,019,370 | ---- | M] () MD5=F988E9CC0B27CA9C048722C49470941D -- C:\Windows\WinSxS\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.3.9600.16384_none_a73cf6ad704c3c1f\winsrv.dll

< MD5 for: WS2_32.DLL >
[2014/10/29 05:05:15 | 000,321,248 | ---- | M] (Microsoft Corporation) MD5=34E71A52A1BFA68411CAECCFB6D72F8C -- C:\Windows\SysWOW64\ws2_32.dll
[2014/10/29 05:05:15 | 000,321,248 | ---- | M] (Microsoft Corporation) MD5=34E71A52A1BFA68411CAECCFB6D72F8C -- C:\Windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.17415_none_87a41025e9b6078a\ws2_32.dll
[2014/10/29 05:51:53 | 000,363,080 | ---- | M] (Microsoft Corporation) MD5=3A0B3B44C263DB1823360FF3E5C223CE -- C:\Windows\SysNative\ws2_32.dll
[2014/10/29 05:51:53 | 000,363,080 | ---- | M] (Microsoft Corporation) MD5=3A0B3B44C263DB1823360FF3E5C223CE -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.17415_none_e3c2aba9a21378c0\ws2_32.dll
[2014/12/26 10:08:24 | 000,062,052 | ---- | M] () MD5=58D09EFD883813FC9709A9D98A7209DF -- C:\Windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_87577549e9ef9b02\ws2_32.dll
[2014/12/20 20:10:00 | 000,065,749 | ---- | M] () MD5=F77C96590EA4741EB62B0FBC7A9FFFE8 -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_e37610cda24d0c38\ws2_32.dll

< MD5 for: WSCRIPT.EXE >
[2014/12/20 19:42:43 | 000,023,235 | ---- | M] () MD5=1F3662109E393F4FB9CFB839E26C26E7 -- C:\Windows\WinSxS\amd64_microsoft-windows-scripting_31bf3856ad364e35_6.3.9600.16384_none_3926b320d450f7ef\wscript.exe
[2014/12/20 19:42:45 | 000,023,235 | ---- | M] () MD5=1F3662109E393F4FB9CFB839E26C26E7 -- C:\Windows\WinSxS\amd64_microsoft-windows-scripting_31bf3856ad364e35_6.3.9600.17031_none_3959a564d42b4261\wscript.exe
[2014/12/21 15:42:24 | 000,025,469 | ---- | M] () MD5=3E18D8595BC82F391CB01CFA14DE43D5 -- C:\Windows\WinSxS\wow64_microsoft-windows-scripting_31bf3856ad364e35_6.3.9600.16384_none_437b5d7308b1b9ea\wscript.exe
[2014/12/21 15:42:27 | 000,025,469 | ---- | M] () MD5=3E18D8595BC82F391CB01CFA14DE43D5 -- C:\Windows\WinSxS\wow64_microsoft-windows-scripting_31bf3856ad364e35_6.3.9600.17031_none_43ae4fb7088c045c\wscript.exe
[2014/10/29 04:17:34 | 000,172,032 | ---- | M] (Microsoft Corporation) MD5=BEAFD6DD127E7798928FA8C4835EED3E -- C:\Windows\SysNative\wscript.exe
[2014/10/29 04:17:34 | 000,172,032 | ---- | M] (Microsoft Corporation) MD5=BEAFD6DD127E7798928FA8C4835EED3E -- C:\Windows\WinSxS\amd64_microsoft-windows-scripting_31bf3856ad364e35_6.3.9600.17415_none_39734dfcd4176477\wscript.exe
[2014/10/29 03:38:46 | 000,148,992 | ---- | M] (Microsoft Corporation) MD5=D536CCCE2A7992688DB76941506EA970 -- C:\Windows\SysWOW64\wscript.exe
[2014/10/29 03:38:46 | 000,148,992 | ---- | M] (Microsoft Corporation) MD5=D536CCCE2A7992688DB76941506EA970 -- C:\Windows\WinSxS\wow64_microsoft-windows-scripting_31bf3856ad364e35_6.3.9600.17415_none_43c7f84f08782672\wscript.exe

< >

< %systemroot%\system32\logevent.dll /md5 >

< %systemroot%\system32\sceclt.dll /md5 >

< %systemroot%\system32\ntelogon.dll /md5 >

< %systemroot%\system32\consrv.dll /md5 >

< >

< %systemroot%\system32\logevent.dll /md5 /64 >

< %systemroot%\system32\sceclt.dll /md5 /64 >

< %systemroot%\system32\ntelogon.dll /md5 /64 >

< %systemroot%\system32\consrv.dll /md5 /64 >

< >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015/04/14 18:12:03 | 000,000,512 | ---- | M] () MD5=9DDB2CBE5F9463B7E683ADD6F49E8DCC -- C:\PhysicalMBR.bin

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2014/10/31 12:32:44 | 000,815,248 | ---- | M] (Microsoft Corporation) MD5=5F1B1148C830C0F149A476A58CE0D09D -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2015/01/09 02:35:57 | 000,856,904 | ---- | M] (Google Inc.) MD5=2CA0461A5730F6FC3F90FA3833C645C9 -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %systemroot%\system32\Spool\prtprocs\*.* /s >
[2014/10/29 04:45:03 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\x64\jnwppr.dll
[2014/10/29 03:24:30 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\x64\winprint.dll

< %systemroot%\system32\drivers\*.sys /10 >

< %systemroot%\system32\drivers\*.sys /X >
[2013/06/18 14:17:45 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2013/06/18 14:17:45 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /10 >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\*.* /lockedfiles >

< %systemroot%\system32\config\*.sav >

< >

< c:\$Recycle.Bin|L,N,U,@;true;true;true /FN >

< c:\Windows\Installer|L,N,U,@;true;true;true /FN >

< >

< %systemroot%\Tasks\*.job >
[2015/01/22 17:03:46 | 000,000,958 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2015/01/22 17:03:46 | 000,000,958 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d036549eefc1d8.job

< %systemroot%\*.* /U /s >
[1 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[4 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[11 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %systemroot%\*. /rp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Nabídka Start\*.lnk /x >

< %ALLUSERSPROFILE%\Data Aplikácií\*.* >

< %ALLUSERSPROFILE%\Data Aplikácií\*.exe /s >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %APPDATA%\*. >
[2015/02/12 19:00:34 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\AC3Filter
[2015/02/26 09:00:10 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Adobe
[2015/04/04 16:59:30 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Atmel
[2015/03/27 17:14:56 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Downloaded Installations
[2014/12/14 14:26:15 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\ESET
[2014/12/19 12:27:48 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Identities
[2015/01/20 16:06:38 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\LockAP
[2014/12/13 12:44:11 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Macromedia
[2015/04/04 16:59:29 | 000,000,000 | --SD | M] -- C:\Users\tom\AppData\Roaming\Microsoft
[2015/03/27 17:15:37 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Nitro
[2015/04/14 17:15:43 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Nitro PDF
[2015/01/16 14:05:52 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Opera Software
[2015/02/03 15:46:25 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Origin
[2015/01/15 16:45:53 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\PhrozenSoft
[2015/01/06 16:47:55 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Prodiance
[2015/01/25 12:12:22 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\ProfiCAD
[2015/04/06 12:26:31 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\uTorrent
[2015/04/05 10:37:55 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\VisualAssistAtmel
[2015/01/30 19:03:09 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\VMware
[2014/12/22 17:27:13 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\VS Revo Group
[2014/12/13 14:30:56 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\WinRAR

< %APPDATA%\*.* >

< %APPDATA%\*.exe /s >
[2013/10/01 15:51:20 | 002,418,688 | ---- | M] () -- C:\Users\tom\AppData\Roaming\LockAP\flashlockv235_oct_1_2013.exe
[2013/10/01 15:32:24 | 002,270,720 | ---- | M] () -- C:\Users\tom\AppData\Roaming\LockAP\MemorexLockv2.34_oct_01_2013.exe
[2015/02/22 14:59:58 | 000,054,432 | ---- | M] (Adobe Systems Inc.) -- C:\Users\tom\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2014/04/14 01:00:00 | 000,042,496 | ---- | M] () -- C:\Users\tom\AppData\Roaming\uTorrent\uninstall.exe
[2014/04/14 01:00:00 | 000,398,760 | ---- | M] (BitTorrent, Inc.) -- C:\Users\tom\AppData\Roaming\uTorrent\utorrent.exe

< %SYSTEMDRIVE%\*.exe >

< %SYSTEMDRIVE%\*.* >
[2015/01/15 15:59:36 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2013/08/22 07:31:45 | 000,427,680 | RHS- | M] () -- C:\bootmgr
[2013/06/18 14:18:29 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT
[2015/04/14 15:46:08 | 4294,967,293 | -HS- | M] () -- C:\pagefile.sys
[2015/04/14 18:12:03 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/04/15 17:17:58 | 000,001,457 | ---- | M] () -- C:\SNMPCo.pnf
[2015/04/14 15:46:08 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys

< >

< %systemroot%\system32|bak;true;false;false /fp >

< %PROGRAMFILES%|bak;true;false;false /fp >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR -- [2015/01/20 23:02:00 | 007,404,312 | ---- | M] (Piriform Ltd)

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\ -> Junction
[C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\ -> Junction

========== Alternate Data Streams ==========

@Alternate Data Stream - 220 bytes -> C:\Users\tom\OneDrive:ms-properties

< End of report >

[konu]

Při prohledávání OLT mě eset upozornil na pár programů které vyléčil- googleupdate.exe, crashundler.exe..... Na ty mě upozorňuje skoro pořád.

[konu]

Ahá až teď jsem si všimnul toho combofixu.
Ale bohužel nejde spustit. píše o kompatibilitě po w8 , 8.1 asi ještě není podporován. Zkoušel jsem položku - odstranit potíže s kompatibilitou- ale nepomohla. A spouštel jsem ho jako správce.

[konu]

Jasně zítra je taky den. Dík

[konu]

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3332171635-80688016-592393309-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\S-1-5-21-3332171635-80688016-592393309-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.
========== FILES ==========
Unable to delete ADS C:\Users\tom\OneDrive:ms-properties .
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d036549eefc1d8.job moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57311 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: tom
->Temp folder emptied: 496685296 bytes
->Temporary Internet Files folder emptied: 262618868 bytes
->Java cache emptied: 564320 bytes
->Google Chrome cache emptied: 383975621 bytes
->Flash cache emptied: 57857 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 383140025 bytes
RecycleBin emptied: 970308618 bytes

Total Files Cleaned = 2 382,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: tom
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: tom
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 04152015_134629

Files\Folders moved on Reboot...
C:\Users\tom\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[konu]

OTL logfile created on: 15. 4. 2015 14:07:41 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\tom\Desktop\Bezpečnost\OTL
64bit- Enterprise Edition (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

11,95 Gb Total Physical Memory | 10,25 Gb Available Physical Memory | 85,77% Memory free
23,95 Gb Paging File | 22,28 Gb Available in Paging File | 93,01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,14 Gb Total Space | 67,36 Gb Free Space | 56,54% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 69,27 Gb Free Space | 7,44% Space Free | Partition Type: NTFS

Computer Name: ASUS-PC | User Name: tom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015/04/14 18:09:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\tom\Desktop\Bezpečnost\OTL\OTL-OTL OldTimer's List-It.exe
PRC - [2015/04/07 09:13:06 | 000,484,472 | ---- | M] () -- C:\Program Files (x86)\Opera\28.0.1750.51\opera_crashreporter.exe
PRC - [2015/04/07 09:13:05 | 051,807,864 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\28.0.1750.51\opera.exe
PRC - [2015/02/03 16:26:15 | 000,076,152 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2015/01/16 08:42:47 | 002,585,928 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2015/01/16 08:42:37 | 001,706,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2015/01/10 00:27:57 | 000,410,768 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014/10/01 15:40:28 | 001,349,576 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2012/11/26 11:36:04 | 000,184,704 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2012/11/14 15:42:46 | 000,106,880 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2012/10/17 20:08:40 | 000,205,184 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2012/09/14 14:14:16 | 000,328,064 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2012/01/20 10:35:26 | 000,045,696 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Fan Filter Checker\FanChkSrv.exe
PRC - [2011/11/21 15:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe


========== Modules (No Company Name) ==========

MOD - [2015/04/07 09:13:15 | 009,625,720 | ---- | M] () -- C:\Program Files (x86)\Opera\28.0.1750.51\pdf.dll
MOD - [2015/04/07 09:13:11 | 000,157,304 | ---- | M] () -- C:\Program Files (x86)\Opera\28.0.1750.51\message_center_win8.dll
MOD - [2015/04/07 09:13:10 | 001,488,504 | ---- | M] () -- C:\Program Files (x86)\Opera\28.0.1750.51\libGLESv2.dll
MOD - [2015/04/07 09:13:10 | 000,079,992 | ---- | M] () -- C:\Program Files (x86)\Opera\28.0.1750.51\libEGL.dll
MOD - [2015/04/07 09:13:06 | 000,484,472 | ---- | M] () -- C:\Program Files (x86)\Opera\28.0.1750.51\opera_crashreporter.exe


========== Services (SafeList) ==========

SRV:64bit: - [2015/02/21 01:49:18 | 000,780,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2015/02/04 01:58:28 | 000,366,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2015/02/04 01:58:28 | 000,023,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2015/01/16 08:42:37 | 001,148,744 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2015/01/16 08:42:33 | 021,833,544 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014/12/06 03:35:00 | 000,229,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/10/31 06:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/10/29 06:09:06 | 000,092,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\KeyboardFilterSvc.dll -- (MsKeyboardFilter)
SRV:64bit: - [2014/10/29 05:59:51 | 003,460,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/10/29 04:42:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2014/10/29 04:42:03 | 000,041,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2014/10/29 04:34:51 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2014/10/29 04:33:55 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2014/10/29 04:30:35 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2014/10/29 04:29:22 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2014/10/29 03:57:05 | 000,324,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:64bit: - [2014/10/29 03:48:20 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2014/10/29 03:27:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2014/10/29 03:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/10/29 03:26:02 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/10/29 03:24:37 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2014/10/29 03:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2014/10/29 03:20:03 | 000,262,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2014/10/29 03:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2014/10/29 03:16:17 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2014/10/29 03:13:24 | 000,374,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/10/29 03:13:02 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2014/10/29 03:12:36 | 000,407,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/10/29 03:12:22 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/10/29 03:11:10 | 001,639,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/10/29 03:09:48 | 000,521,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/10/29 03:05:09 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2014/10/29 02:57:18 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2014/10/29 02:48:52 | 000,562,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2014/10/29 02:46:48 | 001,348,096 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/10/29 02:35:51 | 001,668,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/10/01 15:40:28 | 001,349,576 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2014/08/16 05:29:40 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/12/13 12:47:42 | 000,230,408 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe -- (NitroDriverReadSpool8)
SRV:64bit: - [2012/03/23 16:07:48 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV - [2015/02/03 16:26:15 | 000,076,152 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2015/01/30 18:18:21 | 001,910,128 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2015/01/16 08:42:37 | 001,706,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2015/01/10 00:27:57 | 000,410,768 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014/10/29 03:51:55 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2014/10/29 03:04:45 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2014/10/29 02:53:11 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/08/16 05:29:40 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/11/14 15:42:46 | 000,106,880 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2012/01/20 10:35:26 | 000,045,696 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ASUS Fan Filter Checker\FanChkSrv.exe -- (FanChkService)
SRV - [2011/11/21 15:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2015/03/04 12:25:11 | 000,377,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2015/02/04 01:58:33 | 000,264,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2015/02/04 01:58:33 | 000,114,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2015/02/04 01:58:04 | 000,044,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2015/01/16 08:42:32 | 000,019,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2015/01/13 06:15:56 | 000,452,424 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2015/01/13 06:15:56 | 000,195,728 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2014/12/14 09:30:38 | 000,170,280 | ---- | M] (ESET) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ESETCleanersDriver.sys -- (ESETCleanersDriver)
DRV:64bit: - [2014/12/12 02:51:20 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2014/11/22 12:46:30 | 000,038,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2014/11/10 20:06:59 | 000,136,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/11/04 21:33:40 | 000,058,176 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2014/10/29 05:59:47 | 000,415,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/10/29 05:57:42 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/10/29 05:56:04 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/10/29 04:46:43 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2014/10/29 04:46:41 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2014/10/29 04:46:09 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2014/10/29 04:45:54 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/10/29 04:45:39 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2014/10/29 04:45:16 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2014/10/21 18:27:36 | 000,079,872 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2014/10/17 06:56:24 | 000,238,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/10/17 06:56:23 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/10/17 05:35:04 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/10/15 10:32:36 | 000,921,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/10/10 09:59:12 | 000,243,440 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2014/10/10 09:59:12 | 000,241,368 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\edevmon.sys -- (edevmon)
DRV:64bit: - [2014/10/10 09:59:12 | 000,222,280 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2014/10/10 09:59:12 | 000,169,280 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2014/10/10 09:59:12 | 000,063,160 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2014/10/10 09:59:12 | 000,044,632 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2014/10/08 15:13:10 | 000,127,760 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2014/10/08 11:24:09 | 000,467,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/10/07 08:54:45 | 000,324,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/10/07 08:54:45 | 000,189,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/10/07 08:44:39 | 000,069,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2014/08/15 02:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/03/13 14:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/02/22 17:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/22 14:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/01/31 16:22:16 | 000,094,704 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2014/01/28 16:32:18 | 000,593,000 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2014/01/28 07:59:42 | 000,268,800 | ---- | M] (Jungo Connectivity) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\windrvr6.sys -- (WinDriver6)
DRV:64bit: - [2013/12/04 20:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013/11/04 04:32:06 | 000,020,280 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsHIDSwitch64.sys -- (HIDSwitch)
DRV:64bit: - [2013/10/26 03:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/10/05 17:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/09/14 16:06:57 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/08/23 00:35:16 | 000,022,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbldfltr.sys -- (kbldfltr)
DRV:64bit: - [2013/08/23 00:35:06 | 000,220,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:64bit: - [2013/08/23 00:35:06 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbusr.sys -- (vmbusr)
DRV:64bit: - [2013/08/23 00:35:06 | 000,111,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2013/08/23 00:35:06 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsp.sys -- (storvsp)
DRV:64bit: - [2013/08/23 00:35:06 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcivsp.sys -- (vpcivsp)
DRV:64bit: - [2013/08/23 00:35:06 | 000,056,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2013/08/23 00:35:06 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/22 15:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 15:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 14:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 14:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 14:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 14:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 14:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 14:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 14:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 14:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 14:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 14:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 14:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 14:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 14:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 14:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 14:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 14:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 14:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 14:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 14:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 14:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 14:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 14:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 14:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 14:40:24 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2013/08/22 14:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 14:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 13:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 13:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 13:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 13:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 13:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 13:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 13:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 13:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 13:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 13:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 13:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 13:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 13:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 13:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 13:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 10:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/14 04:42:44 | 003,837,440 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athwbx.sys -- (athr)
DRV:64bit: - [2013/08/13 01:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 02:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 20:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 21:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/18 16:44:59 | 000,129,224 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C63x64.sys -- (L1C)
DRV:64bit: - [2012/07/26 07:32:22 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/17 19:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/07/15 17:48:16 | 000,030,720 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tapoas.sys -- (tapoas)
DRV:64bit: - [2012/03/23 16:07:42 | 002,193,008 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009/12/30 12:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2008/01/19 01:10:30 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011/09/07 10:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/02 18:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2000/06/29 15:24:14 | 000,003,584 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DLPORTIO.SYS -- (DLPortIO)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\..\SearchScopes,DefaultScope = {AAF95CB0-2208-4414-8A5B-63D268CF73AB}
IE - HKCU\..\SearchScopes\{AAF95CB0-2208-4414-8A5B-63D268CF73AB}: "URL" = http://search.seznam.cz/?q={searchTerms ... chmodule_1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[konu]

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.6.2: C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.6.2: C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.40.2: C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2: C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)



O1 HOSTS File: ([2015/02/02 19:15:32 | 000,000,853 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 player.kmpmedia.net
O2:64bit: - BHO: (Adblock Plus for IE Browser Helper Object) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Eyeo GmbH)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Adblock Plus for IE Browser Helper Object) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Eyeo GmbH)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8:64bit: - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
O8:64bit: - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8:64bit: - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0CAC6FFC-C225-4715-8D53-E2A5B6B4B21B}: NameServer = 46.33.112.42,46.33.96.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B26A61A-B27D-468D-ACA8-E591CEBA2684}: DhcpNameServer = 172.20.6.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015/01/15 15:59:36 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - Unable to obtain root file information for disk D:\
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = "F:\SETUP.EXE"
O33 - MountPoints2\F\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\F\Shell\install\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2015/04/15 13:52:09 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Local\Opera Software
[2015/04/15 13:51:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2015/04/15 13:46:29 | 000,000,000 | ---D | C] -- C:\_OTL
[2015/04/15 13:21:48 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Local\MigWiz
[2015/04/15 13:10:02 | 007,476,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015/04/15 13:10:01 | 001,733,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2015/04/15 13:10:01 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2015/04/15 13:10:01 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2015/04/15 13:10:01 | 000,360,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sechost.dll
[2015/04/15 13:10:01 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2015/04/15 13:10:01 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\microsoft-windows-system-events.dll
[2015/04/15 13:10:00 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tracerpt.exe
[2015/04/15 13:10:00 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tracerpt.exe
[2015/04/15 13:10:00 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2015/04/15 13:09:47 | 006,025,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015/04/15 13:09:46 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015/04/15 13:09:45 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2015/04/15 13:09:45 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015/04/15 13:09:45 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2015/04/15 13:09:45 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015/04/15 13:09:45 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015/04/15 13:09:44 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015/04/15 13:09:44 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015/04/15 13:09:01 | 000,377,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\clfs.sys
[2015/04/15 13:09:01 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clfsw32.dll
[2015/04/15 13:09:01 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clfsw32.dll
[2015/04/14 20:45:12 | 002,373,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015/04/14 20:45:12 | 000,891,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015/04/14 20:45:12 | 000,721,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015/04/14 20:45:12 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2015/04/14 20:45:12 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015/04/14 20:45:12 | 000,133,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015/04/14 20:45:11 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll
[2015/04/14 20:45:11 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015/04/14 20:45:11 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015/04/14 20:45:11 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015/04/14 20:45:11 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015/04/14 20:45:11 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015/04/14 20:45:11 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015/04/14 20:45:11 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015/04/14 20:45:11 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015/04/14 20:45:11 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015/04/14 20:45:11 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015/04/14 15:28:06 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2015/04/14 15:28:04 | 000,125,872 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2015/04/14 15:28:04 | 000,106,928 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2015/04/14 15:27:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NBRTWizardx64
[2015/04/14 15:27:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NBRTWizardx64\0700000.012
[2015/04/14 15:27:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Bootable Recovery Tool Wizard
[2015/04/14 15:27:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard
[2015/04/14 15:27:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2015/04/12 21:54:41 | 000,000,000 | ---D | C] -- C:\ProgramData\AntiSpyInfo
[2015/04/12 21:54:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anti-Spy.Info
[2015/04/12 21:46:55 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2015/04/12 21:46:55 | 000,000,000 | ---D | C] -- C:\rsit
[2015/04/12 21:44:59 | 000,000,000 | ---D | C] -- C:\Users\tom\Desktop\Bezpečnost
[2015/04/12 21:36:57 | 000,000,000 | ---D | C] -- C:\FRST
[2015/04/12 11:32:26 | 000,000,000 | ---D | C] -- C:\NPE
[2015/04/08 20:15:02 | 001,385,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
[2015/04/08 20:15:02 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015/04/08 20:15:02 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015/04/08 20:15:02 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsm.dll
[2015/04/08 20:15:02 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015/04/08 20:15:02 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015/04/08 20:15:02 | 000,419,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015/04/08 20:15:02 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015/04/08 20:15:02 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015/04/08 17:04:46 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2015/04/08 13:18:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Emsisoft
[2015/04/07 20:59:19 | 000,000,000 | ---D | C] -- C:\Users\tom\Desktop\RS232
[2015/04/06 17:12:22 | 000,000,000 | ---D | C] -- C:\Users\tom\Desktop\Programování mikrokontrolérů PIC16Cxx -BEN- Jiří Hrbáček
[2015/04/04 17:47:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PonyProg2000
[2015/04/04 17:47:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PonyProg
[2015/04/04 17:03:07 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Local\IsolatedStorage
[2015/04/04 17:03:05 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Roaming\VisualAssistAtmel
[2015/04/04 17:03:04 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Local\VisualAssistAtmel
[2015/04/04 16:59:30 | 000,000,000 | ---D | C] -- C:\Users\tom\Documents\Atmel Studio
[2015/04/04 16:59:30 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Roaming\Atmel
[2015/04/04 16:59:29 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Local\Atmel
[2015/04/04 16:58:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atmel
[2015/04/04 16:57:48 | 000,067,680 | ---- | C] (http://libusb-win32.sourceforge.net) -- C:\Windows\SysWow64\libusb0.dll
[2015/04/04 16:57:48 | 000,042,592 | ---- | C] (http://libusb-win32.sourceforge.net) -- C:\Windows\SysWow64\drivers\libusb0.sys
[2015/04/04 16:57:34 | 000,151,552 | ---- | C] (Jungo Connectivity) -- C:\Windows\SysWow64\wdapi1150.dll
[2015/04/04 16:57:34 | 000,151,552 | ---- | C] (Jungo Connectivity) -- C:\Windows\SysWow64\wdapi1140.dll
[2015/04/04 16:57:34 | 000,147,456 | ---- | C] (Jungo) -- C:\Windows\SysWow64\wdapi1021.dll
[2015/04/04 16:57:34 | 000,143,360 | ---- | C] (Jungo) -- C:\Windows\SysWow64\wdapi1010.dll
[2015/04/04 16:57:34 | 000,110,592 | ---- | C] (Jungo) -- C:\Windows\SysWow64\wdapi1100.dll
[2015/04/04 16:57:34 | 000,110,592 | ---- | C] (Jungo) -- C:\Windows\SysWow64\wdapi102.dll
[2015/04/04 16:57:34 | 000,110,592 | ---- | C] (Jungo) -- C:\Windows\SysWow64\wdapi1011.dll
[2015/04/04 16:57:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atmel
[2015/04/04 16:51:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Help Viewer
[2015/04/04 16:51:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2015/04/04 16:50:55 | 000,000,000 | ---D | C] -- C:\Users\tom\Documents\Visual Studio 2010
[2015/04/04 16:50:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Designer
[2015/04/04 16:50:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\1033
[2015/04/04 16:50:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs
[2015/04/04 16:50:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 10.0
[2015/04/04 16:50:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Merge Modules
[2015/04/04 16:50:06 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2015/04/04 16:07:41 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinAVR-20100110
[2015/04/04 16:07:26 | 000,000,000 | ---D | C] -- C:\WinAVR-20100110
[2015/04/03 21:46:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\c5c1e8b7-9d03-40f6-9ecf-a015924a15c0
[2015/04/03 21:46:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\5a1f3589-0adb-4951-8a7b-a30922551845
[2015/04/03 21:46:30 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\ShopperPro
[2015/04/03 21:46:24 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Local\CrashRpt
[2015/04/03 21:46:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\c8e441a9-abd4-4721-b704-cb9cbd0d2ddb
[2015/03/28 16:20:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Transformer Database
[2015/03/28 16:20:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Transformer
[2015/03/28 16:20:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Návrh transformátorů
[2015/03/28 16:20:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Borland Shared
[2015/03/28 13:38:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Výpočet transformátoru
[2015/03/28 00:13:32 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Roaming\Nitro PDF
[2015/03/27 17:15:37 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Roaming\Nitro
[2015/03/27 17:15:25 | 000,029,704 | ---- | C] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalmon2.dll
[2015/03/27 17:15:25 | 000,017,928 | ---- | C] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalui2.dll
[2015/03/27 17:15:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro
[2015/03/27 17:15:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Nitro
[2015/03/27 17:15:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro
[2015/03/27 17:15:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nitro
[2015/03/27 17:14:56 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Roaming\Downloaded Installations

========== Files - Modified Within 30 Days ==========

[2015/04/15 14:06:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/04/15 14:04:12 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2015/04/15 13:54:47 | 001,745,984 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/04/15 13:54:47 | 000,739,924 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2015/04/15 13:54:47 | 000,722,476 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/04/15 13:54:47 | 000,151,610 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2015/04/15 13:54:47 | 000,135,592 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/04/15 13:52:02 | 000,001,143 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2015/04/14 18:36:07 | 001,363,030 | ---- | M] () -- C:\Users\tom\Desktop\me_vyb_kap_all_2r.pdf
[2015/04/14 18:12:03 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/04/14 17:08:58 | 000,037,624 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2015/04/14 17:03:05 | 000,101,655 | ---- | M] () -- C:\Users\tom\Desktop\el_mereni výkonu.PDF
[2015/04/14 16:39:48 | 000,031,514 | ---- | M] () -- C:\Users\tom\Desktop\log rsit.rtf
[2015/04/14 15:26:12 | 000,001,358 | ---- | M] () -- C:\Users\tom\Desktop\Norton Installation Files.lnk
[2015/04/13 18:34:19 | 308,004,864 | ---- | M] () -- C:\Users\tom\Desktop\Kaspersky Rescue Disk 10.iso
[2015/04/12 21:44:40 | 000,029,696 | ---- | M] () -- C:\Users\tom\AppData\Local\MSGBOX.EXE
[2015/04/11 20:12:40 | 000,680,934 | ---- | M] () -- C:\Users\tom\Desktop\IGBT tranzistor.PDF
[2015/04/11 20:04:23 | 000,791,731 | ---- | M] () -- C:\Users\tom\Desktop\T1.5-Tranzistor.pdf
[2015/04/11 15:50:54 | 000,010,284 | ---- | M] () -- C:\Users\tom\eaglerc.usr
[2015/04/11 15:45:57 | 000,032,112 | ---- | M] () -- C:\Users\tom\Desktop\untitled.s##
[2015/04/11 12:04:16 | 000,394,006 | ---- | M] () -- C:\Users\tom\Desktop\zdroj 60v 40a.sch
[2015/04/10 12:01:43 | 000,048,483 | ---- | M] () -- C:\Users\tom\Desktop\slože marek ingr.PDF
[2015/04/08 17:04:46 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2015/04/08 17:04:46 | 000,003,850 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2015/04/08 15:21:58 | 000,151,190 | ---- | M] () -- C:\Users\tom\Desktop\css_jdm_programator.pdf
[2015/04/07 20:58:43 | 000,640,736 | ---- | M] () -- C:\Users\tom\Desktop\COM Port.rar
[2015/04/05 16:23:09 | 000,002,382 | ---- | M] () -- C:\Users\tom\gdbtk.ini
[2015/04/04 17:02:52 | 000,002,130 | ---- | M] () -- C:\Users\Public\Desktop\Atmel Studio 6.2.lnk
[2015/04/04 16:03:14 | 028,840,282 | ---- | M] () -- C:\Users\tom\Desktop\WinAVR-20100110-install.exe
[2015/04/03 21:47:01 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_webTinstMKTN_01009.Wdf
[2015/04/03 20:52:27 | 004,210,464 | ---- | M] () -- C:\Users\tom\Desktop\SIM_editor_Smart.zip
[2015/04/03 20:03:41 | 000,181,430 | ---- | M] () -- C:\Users\tom\Desktop\mereni_a_formovani_elektrolytickych_kondenzatoru.pdf
[2015/04/02 20:00:34 | 000,386,006 | ---- | M] () -- C:\Users\tom\Desktop\Ard MEGA2560 2x bot top.pdf
[2015/04/02 20:00:05 | 004,089,945 | ---- | M] () -- C:\Users\tom\Desktop\Arduino_MEGA2560_ref bottom.pdf
[2015/04/02 19:03:01 | 000,115,590 | ---- | M] () -- C:\Users\tom\Desktop\Ard mega top bot.pdf
[2015/04/02 18:57:59 | 000,115,580 | ---- | M] () -- C:\Users\tom\Desktop\Arduino_MEGA2560_ref.pdf
[2015/03/31 18:55:01 | 011,038,926 | ---- | M] () -- C:\Users\tom\Desktop\The-XX---Intro.flac
[2015/03/30 18:47:50 | 000,105,470 | ---- | M] () -- C:\Users\tom\Desktop\druhy_siti_nn.pdf
[2015/03/30 18:04:46 | 051,207,312 | ---- | M] () -- C:\Users\tom\Documents\BEN Elektrotechnická schémata a zapojení 1.pdf
[2015/03/30 14:40:28 | 545,172,481 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2015/03/29 10:30:41 | 000,094,157 | ---- | M] () -- C:\Users\tom\Desktop\elektrické teplo.PDF
[2015/03/28 16:20:50 | 000,000,210 | ---- | M] () -- C:\Windows\ODBCINST.INI
[2015/03/28 13:05:48 | 000,278,579 | ---- | M] () -- C:\Users\tom\Desktop\T1.5-Proudový-chránič+batový rozvaděč.PDF
[2015/03/28 13:00:15 | 007,803,328 | ---- | M] () -- C:\Users\tom\Desktop\transformátor.exe
[2015/03/28 00:12:08 | 000,473,040 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/03/26 21:10:39 | 002,208,377 | ---- | M] () -- C:\Users\tom\Desktop\Mala-vetrna-elektrarna.pdf
[2015/03/26 16:33:50 | 005,365,887 | ---- | M] () -- C:\Users\tom\Desktop\Yeah-Yeah-Yeahs---Heads-Will-Roll-(A-Trak-remix)-[www.4music.lt].mp3
[2015/03/26 15:36:47 | 004,047,109 | ---- | M] () -- C:\Users\tom\Desktop\Justice---Civilization.mp3
[2015/03/26 15:30:38 | 008,395,899 | ---- | M] () -- C:\Users\tom\Desktop\The-Bloody-Beetroots-feat.-Paul-McCartney-&-Youth---Out-Of-Sight.mp3
[2015/03/23 23:59:25 | 001,733,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2015/03/23 23:59:25 | 000,360,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sechost.dll
[2015/03/23 23:59:00 | 007,476,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015/03/23 00:45:41 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015/03/23 00:09:23 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015/03/23 00:09:22 | 001,111,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015/03/23 00:09:22 | 000,957,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015/03/23 00:09:22 | 000,769,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015/03/23 00:09:22 | 000,419,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015/03/23 00:09:22 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015/03/22 11:08:01 | 000,108,757 | ---- | M] () -- C:\Users\tom\Documents\vyroba_a_rozvod el. energie.pdf
[2015/03/22 11:07:28 | 000,212,237 | ---- | M] () -- C:\Users\tom\Documents\Uzemneni , měření zemního R.pdf
[2015/03/22 11:07:06 | 000,057,796 | ---- | M] () -- C:\Users\tom\Documents\synchronni_stroje.pdf
[2015/03/22 11:06:50 | 000,176,109 | ---- | M] () -- C:\Users\tom\Documents\el.přístroje oblouk jistící spojovací.pdf
[2015/03/22 11:06:01 | 000,103,076 | ---- | M] () -- C:\Users\tom\Documents\Vysokofrekvencni_ruseni.pdf
[2015/03/22 11:05:49 | 000,557,978 | ---- | M] () -- C:\Users\tom\Documents\satelitní komunikace.pdf
[2015/03/22 11:05:30 | 000,189,720 | ---- | M] () -- C:\Users\tom\Documents\el_pristroje.pdf
[2015/03/22 11:05:10 | 000,210,169 | ---- | M] () -- C:\Users\tom\Documents\mereni_funkce_proudovych_chranicu_.pdf
[2015/03/22 11:04:39 | 001,279,986 | ---- | M] () -- C:\Users\tom\Documents\Transformatory 2.pdf
[2015/03/22 11:04:08 | 000,064,456 | ---- | M] () -- C:\Users\tom\Documents\Predpisy pro pohyblive privody POHYBYBLIVÉ PRÍVODY, ŠNUROVÁ VEDENÍ,.pdf
[2015/03/22 11:03:31 | 000,079,517 | ---- | M] () -- C:\Users\tom\Documents\ochranné kryty el. zař a předmětů.pdf
[2015/03/22 11:02:25 | 000,149,724 | ---- | M] () -- C:\Users\tom\Documents\hromosvody a uzemění.pdf
[2015/03/22 11:02:10 | 000,105,167 | ---- | M] () -- C:\Users\tom\Documents\1_mereni_impedance_poruchove_smycky.pdf
[2015/03/22 11:01:55 | 000,145,256 | ---- | M] () -- C:\Users\tom\Documents\mereni_a_regulace.pdf
[2015/03/22 11:01:44 | 000,156,806 | ---- | M] () -- C:\Users\tom\Documents\rozvadece a rozvodnice.pdf
[2015/03/22 11:01:28 | 000,475,599 | ---- | M] () -- C:\Users\tom\Documents\el_stroje.pdf
[2015/03/22 11:01:11 | 000,920,852 | ---- | M] () -- C:\Users\tom\Documents\Tabulka dimenzování a jištění vedení , ochranné pospojování.pdf
[2015/03/22 11:00:09 | 000,077,350 | ---- | M] () -- C:\Users\tom\Documents\mag pole.pdf
[2015/03/22 10:59:52 | 000,190,531 | ---- | M] () -- C:\Users\tom\Documents\OCHRANA PRED ÚRAZEM el. proudem.pdf
[2015/03/22 10:59:27 | 000,582,919 | ---- | M] () -- C:\Users\tom\Documents\odporové delice U.pdf
[2015/03/22 10:58:51 | 000,035,563 | ---- | M] () -- C:\Users\tom\Documents\Elektricka zarizeni na horlavych latkach a v nich.pdf
[2015/03/22 10:58:33 | 000,332,901 | ---- | M] () -- C:\Users\tom\Documents\Polovodičové Usměrnovače.pdf
[2015/03/22 10:58:00 | 000,768,989 | ---- | M] () -- C:\Users\tom\Documents\Ucinky el. proudu na lidský organismus.pdf
[2015/03/22 10:57:41 | 000,374,342 | ---- | M] () -- C:\Users\tom\Documents\transformátory.pdf
[2015/03/22 10:57:21 | 000,152,430 | ---- | M] () -- C:\Users\tom\Documents\svetlo a osvetlovani.pdf
[2015/03/22 10:57:01 | 000,116,137 | ---- | M] () -- C:\Users\tom\Documents\dimenzování a jištění el. vedení.pdf
[2015/03/22 10:56:11 | 000,359,397 | ---- | M] () -- C:\Users\tom\Documents\Elektrická zařízení a jejich bezpečný provoz.pdf
[2015/03/22 10:55:31 | 000,043,905 | ---- | M] () -- C:\Users\tom\Documents\ELEKTRICKÁ INSTALACE V koupelnách i sprchách.pdf
[2015/03/22 10:55:00 | 000,297,228 | ---- | M] () -- C:\Users\tom\Documents\šíčení vln na 1 i 2 vodičovém vedení.pdf
[2015/03/22 10:54:12 | 000,155,658 | ---- | M] () -- C:\Users\tom\Documents\Merení unikajících a dotykových proudu u spotrebicu.pdf
[2015/03/22 10:53:44 | 000,560,089 | ---- | M] () -- C:\Users\tom\Documents\šíření elektromagnetických vln Sch...pdf
[2015/03/22 10:45:32 | 002,099,205 | ---- | M] () -- C:\Users\tom\Desktop\Ochrana pred bleskem-CSN.pdf
[2015/03/22 10:20:13 | 000,218,523 | ---- | M] () -- C:\Users\tom\Documents\druhy rozvodných sítí.pdf
[2015/03/22 10:19:24 | 000,689,334 | ---- | M] () -- C:\Users\tom\Documents\systemova technika budov a bytů.pdf
[2015/03/22 10:18:40 | 000,137,050 | ---- | M] () -- C:\Users\tom\Documents\kladeni _vedeni.pdf
[2015/03/21 10:27:18 | 000,022,731 | ---- | M] () -- C:\Users\tom\Desktop\RFID_Reader_Writer_Schematic proxclone.pdf
[2015/03/20 22:58:17 | 000,021,004 | ---- | M] () -- C:\Users\tom\Desktop\vogelgrippe_lpc17xx_v1.pdf
[2015/03/20 21:59:03 | 002,909,220 | ---- | M] () -- C:\Users\tom\Desktop\keykeriki_v2_cansec_v1.1.pdf
[2015/03/20 06:12:42 | 000,246,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\microsoft-windows-system-events.dll
[2015/03/20 06:10:52 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2015/03/20 06:10:50 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2015/03/20 05:17:18 | 000,411,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tracerpt.exe
[2015/03/20 04:41:28 | 000,369,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tracerpt.exe
[2015/03/20 04:40:00 | 000,950,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2015/03/20 04:16:45 | 000,749,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2015/03/19 21:36:19 | 000,118,225 | ---- | M] () -- C:\Users\tom\Desktop\PT002B_dps.jpg
[2015/03/18 16:26:53 | 000,063,332 | ---- | M] () -- C:\Users\tom\Desktop\Rozpiska OpenPICC_Bm117_3_BOM.pdf
[2015/03/17 20:54:56 | 000,348,240 | ---- | M] () -- C:\Users\tom\Desktop\keykeriki-v2-devdbg-hardware sniffer.zip
[2015/03/17 19:03:01 | 002,406,690 | ---- | M] () -- C:\Users\tom\Desktop\RFID Emulator ,vyh ,ftdi,lpt.pdf
[2015/03/17 18:31:13 | 008,556,897 | ---- | M] () -- C:\Users\tom\Desktop\výhybka.pdf

========== Files Created - No Company Name ==========

[2015/04/15 13:52:03 | 000,001,143 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2015/04/15 13:52:03 | 000,001,143 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2015/04/15 13:09:44 | 000,016,303 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2015/04/15 13:09:44 | 000,016,303 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2015/04/14 18:37:02 | 001,363,030 | ---- | C] () -- C:\Users\tom\Desktop\me_vyb_kap_all_2r.pdf
[2015/04/14 18:12:03 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015/04/14 17:03:34 | 000,101,655 | ---- | C] () -- C:\Users\tom\Desktop\el_mereni výkonu.PDF
[2015/04/14 16:39:36 | 000,031,514 | ---- | C] () -- C:\Users\tom\Desktop\log rsit.rtf
[2015/04/14 15:27:47 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NBRTWizardx64\0700000.012\isolate.ini
[2015/04/14 15:26:11 | 000,001,358 | ---- | C] () -- C:\Users\tom\Desktop\Norton Installation Files.lnk
[2015/04/13 18:29:22 | 308,004,864 | ---- | C] () -- C:\Users\tom\Desktop\Kaspersky Rescue Disk 10.iso
[2015/04/12 21:44:18 | 000,029,696 | ---- | C] () -- C:\Users\tom\AppData\Local\MSGBOX.EXE
[2015/04/11 20:13:36 | 000,680,934 | ---- | C] () -- C:\Users\tom\Desktop\IGBT tranzistor.PDF
[2015/04/11 20:05:20 | 000,791,731 | ---- | C] () -- C:\Users\tom\Desktop\T1.5-Tranzistor.pdf
[2015/04/11 15:50:54 | 000,010,284 | ---- | C] () -- C:\Users\tom\eaglerc.usr
[2015/04/11 15:45:57 | 000,032,112 | ---- | C] () -- C:\Users\tom\Desktop\untitled.s##
[2015/04/10 12:02:17 | 000,048,483 | ---- | C] () -- C:\Users\tom\Desktop\slože marek ingr.PDF
[2015/04/08 15:22:21 | 000,151,190 | ---- | C] () -- C:\Users\tom\Desktop\css_jdm_programator.pdf
[2015/04/07 20:56:58 | 000,640,736 | ---- | C] () -- C:\Users\tom\Desktop\COM Port.rar
[2015/04/07 06:53:07 | 004,979,389 | ---- | C] () -- C:\Users\tom\Desktop\_KE02_2004.pdf
[2015/04/07 06:51:08 | 001,142,402 | ---- | C] () -- C:\Users\tom\Desktop\_KE04_2004.pdf
[2015/04/04 17:02:52 | 000,002,130 | ---- | C] () -- C:\Users\Public\Desktop\Atmel Studio 6.2.lnk
[2015/04/04 16:19:32 | 000,022,902 | ---- | C] () -- C:\Users\tom\Desktop\atmega_fusebit_doctor_2.11_m8.hex
[2015/04/04 16:19:32 | 000,008,136 | ---- | C] () -- C:\Users\tom\Desktop\atmega_fusebit_doctor_2.11_m8.bin
[2015/04/04 16:09:56 | 000,002,382 | ---- | C] () -- C:\Users\tom\gdbtk.ini
[2015/04/04 16:03:01 | 028,840,282 | ---- | C] () -- C:\Users\tom\Desktop\WinAVR-20100110-install.exe
[2015/04/03 21:47:01 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_webTinstMKTN_01009.Wdf
[2015/04/03 20:52:18 | 004,210,464 | ---- | C] () -- C:\Users\tom\Desktop\SIM_editor_Smart.zip
[2015/04/03 20:03:49 | 000,181,430 | ---- | C] () -- C:\Users\tom\Desktop\mereni_a_formovani_elektrolytickych_kondenzatoru.pdf
[2015/04/02 20:00:34 | 000,386,006 | ---- | C] () -- C:\Users\tom\Desktop\Ard MEGA2560 2x bot top.pdf
[2015/04/02 19:03:01 | 000,115,590 | ---- | C] () -- C:\Users\tom\Desktop\Ard mega top bot.pdf
[2015/04/02 19:00:59 | 004,089,945 | ---- | C] () -- C:\Users\tom\Desktop\Arduino_MEGA2560_ref bottom.pdf
[2015/04/02 18:57:59 | 000,115,580 | ---- | C] () -- C:\Users\tom\Desktop\Arduino_MEGA2560_ref.pdf
[2015/03/31 18:54:30 | 011,038,926 | ---- | C] () -- C:\Users\tom\Desktop\The-XX---Intro.flac
[2015/03/30 18:48:11 | 000,105,470 | ---- | C] () -- C:\Users\tom\Desktop\druhy_siti_nn.pdf
[2015/03/30 14:40:28 | 545,172,481 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2015/03/29 10:32:26 | 000,094,157 | ---- | C] () -- C:\Users\tom\Desktop\elektrické teplo.PDF
[2015/03/28 16:20:50 | 000,000,210 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2015/03/28 13:07:21 | 000,278,579 | ---- | C] () -- C:\Users\tom\Desktop\T1.5-Proudový-chránič+batový rozvaděč.PDF
[2015/03/28 13:00:15 | 007,803,328 | ---- | C] () -- C:\Users\tom\Desktop\transformátor.exe
[2015/03/27 17:15:25 | 000,002,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 8.lnk
[2015/03/26 21:10:39 | 002,208,377 | ---- | C] () -- C:\Users\tom\Desktop\Mala-vetrna-elektrarna.pdf
[2015/03/26 19:26:14 | 000,394,006 | ---- | C] () -- C:\Users\tom\Desktop\zdroj 60v 40a.sch
[2015/03/26 16:33:35 | 005,365,887 | ---- | C] () -- C:\Users\tom\Desktop\Yeah-Yeah-Yeahs---Heads-Will-Roll-(A-Trak-remix)-[www.4music.lt].mp3
[2015/03/26 15:36:36 | 004,047,109 | ---- | C] () -- C:\Users\tom\Desktop\Justice---Civilization.mp3
[2015/03/26 15:30:12 | 008,395,899 | ---- | C] () -- C:\Users\tom\Desktop\The-Bloody-Beetroots-feat.-Paul-McCartney-&-Youth---Out-Of-Sight.mp3
[2015/03/22 11:08:01 | 000,108,757 | ---- | C] () -- C:\Users\tom\Documents\vyroba_a_rozvod el. energie.pdf
[2015/03/22 11:07:28 | 000,212,237 | ---- | C] () -- C:\Users\tom\Documents\Uzemneni , měření zemního R.pdf
[2015/03/22 11:07:06 | 000,057,796 | ---- | C] () -- C:\Users\tom\Documents\synchronni_stroje.pdf
[2015/03/22 11:06:50 | 000,176,109 | ---- | C] () -- C:\Users\tom\Documents\el.přístroje oblouk jistící spojovací.pdf
[2015/03/22 11:06:00 | 000,103,076 | ---- | C] () -- C:\Users\tom\Documents\Vysokofrekvencni_ruseni.pdf
[2015/03/22 11:05:49 | 000,557,978 | ---- | C] () -- C:\Users\tom\Documents\satelitní komunikace.pdf
[2015/03/22 11:05:30 | 000,189,720 | ---- | C] () -- C:\Users\tom\Documents\el_pristroje.pdf
[2015/03/22 11:05:10 | 000,210,169 | ---- | C] () -- C:\Users\tom\Documents\mereni_funkce_proudovych_chranicu_.pdf
[2015/03/22 11:04:39 | 001,279,986 | ---- | C] () -- C:\Users\tom\Documents\Transformatory 2.pdf
[2015/03/22 11:04:07 | 000,064,456 | ---- | C] () -- C:\Users\tom\Documents\Predpisy pro pohyblive privody POHYBYBLIVÉ PRÍVODY, ŠNUROVÁ VEDENÍ,.pdf
[2015/03/22 11:03:31 | 000,079,517 | ---- | C] () -- C:\Users\tom\Documents\ochranné kryty el. zař a předmětů.pdf
[2015/03/22 11:02:25 | 000,149,724 | ---- | C] () -- C:\Users\tom\Documents\hromosvody a uzemění.pdf
[2015/03/22 11:02:10 | 000,105,167 | ---- | C] () -- C:\Users\tom\Documents\1_mereni_impedance_poruchove_smycky.pdf
[2015/03/22 11:01:55 | 000,145,256 | ---- | C] () -- C:\Users\tom\Documents\mereni_a_regulace.pdf
[2015/03/22 11:01:44 | 000,156,806 | ---- | C] () -- C:\Users\tom\Documents\rozvadece a rozvodnice.pdf
[2015/03/22 11:01:28 | 000,475,599 | ---- | C] () -- C:\Users\tom\Documents\el_stroje.pdf
[2015/03/22 11:01:11 | 000,920,852 | ---- | C] () -- C:\Users\tom\Documents\Tabulka dimenzování a jištění vedení , ochranné pospojování.pdf
[2015/03/22 11:00:09 | 000,077,350 | ---- | C] () -- C:\Users\tom\Documents\mag pole.pdf
[2015/03/22 10:59:52 | 000,190,531 | ---- | C] () -- C:\Users\tom\Documents\OCHRANA PRED ÚRAZEM el. proudem.pdf
[2015/03/22 10:59:27 | 000,582,919 | ---- | C] () -- C:\Users\tom\Documents\odporové delice U.pdf
[2015/03/22 10:58:51 | 000,035,563 | ---- | C] () -- C:\Users\tom\Documents\Elektricka zarizeni na horlavych latkach a v nich.pdf
[2015/03/22 10:58:33 | 000,332,901 | ---- | C] () -- C:\Users\tom\Documents\Polovodičové Usměrnovače.pdf
[2015/03/22 10:58:00 | 000,768,989 | ---- | C] () -- C:\Users\tom\Documents\Ucinky el. proudu na lidský organismus.pdf
[2015/03/22 10:57:41 | 000,374,342 | ---- | C] () -- C:\Users\tom\Documents\transformátory.pdf
[2015/03/22 10:57:21 | 000,152,430 | ---- | C] () -- C:\Users\tom\Documents\svetlo a osvetlovani.pdf
[2015/03/22 10:57:01 | 000,116,137 | ---- | C] () -- C:\Users\tom\Documents\dimenzování a jištění el. vedení.pdf
[2015/03/22 10:56:11 | 000,359,397 | ---- | C] () -- C:\Users\tom\Documents\Elektrická zařízení a jejich bezpečný provoz.pdf
[2015/03/22 10:55:31 | 000,043,905 | ---- | C] () -- C:\Users\tom\Documents\ELEKTRICKÁ INSTALACE V koupelnách i sprchách.pdf
[2015/03/22 10:55:00 | 000,297,228 | ---- | C] () -- C:\Users\tom\Documents\šíčení vln na 1 i 2 vodičovém vedení.pdf
[2015/03/22 10:54:12 | 000,155,658 | ---- | C] () -- C:\Users\tom\Documents\Merení unikajících a dotykových proudu u spotrebicu.pdf
[2015/03/22 10:53:44 | 000,560,089 | ---- | C] () -- C:\Users\tom\Documents\šíření elektromagnetických vln Sch...pdf
[2015/03/22 10:45:32 | 002,099,205 | ---- | C] () -- C:\Users\tom\Desktop\Ochrana pred bleskem-CSN.pdf
[2015/03/22 10:20:13 | 000,218,523 | ---- | C] () -- C:\Users\tom\Documents\druhy rozvodných sítí.pdf
[2015/03/22 10:19:24 | 000,689,334 | ---- | C] () -- C:\Users\tom\Documents\systemova technika budov a bytů.pdf
[2015/03/22 10:18:40 | 000,137,050 | ---- | C] () -- C:\Users\tom\Documents\kladeni _vedeni.pdf
[2015/03/21 10:27:17 | 000,022,731 | ---- | C] () -- C:\Users\tom\Desktop\RFID_Reader_Writer_Schematic proxclone.pdf
[2015/03/20 22:57:32 | 000,021,004 | ---- | C] () -- C:\Users\tom\Desktop\vogelgrippe_lpc17xx_v1.pdf
[2015/03/20 21:59:03 | 002,909,220 | ---- | C] () -- C:\Users\tom\Desktop\keykeriki_v2_cansec_v1.1.pdf
[2015/03/20 16:38:32 | 051,207,312 | ---- | C] () -- C:\Users\tom\Documents\BEN Elektrotechnická schémata a zapojení 1.pdf
[2015/03/19 21:36:38 | 000,118,225 | ---- | C] () -- C:\Users\tom\Desktop\PT002B_dps.jpg
[2015/03/18 16:26:52 | 000,063,332 | ---- | C] () -- C:\Users\tom\Desktop\Rozpiska OpenPICC_Bm117_3_BOM.pdf
[2015/03/17 20:54:55 | 000,348,240 | ---- | C] () -- C:\Users\tom\Desktop\keykeriki-v2-devdbg-hardware sniffer.zip
[2015/03/17 19:03:01 | 002,406,690 | ---- | C] () -- C:\Users\tom\Desktop\RFID Emulator ,vyh ,ftdi,lpt.pdf
[2015/03/17 18:31:11 | 008,556,897 | ---- | C] () -- C:\Users\tom\Desktop\výhybka.pdf
[2015/02/22 16:01:27 | 000,026,190 | ---- | C] () -- C:\Users\tom\Si prog DSP 4.pdf
[2015/02/03 16:24:45 | 000,226,680 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2015/02/03 16:24:44 | 000,076,152 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2015/01/25 12:19:19 | 000,000,261 | ---- | C] () -- C:\Users\tom\.octave_hist
[2015/01/24 21:31:56 | 000,000,412 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2015/01/17 20:57:14 | 001,772,950 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015/01/14 14:49:10 | 000,000,001 | ---- | C] () -- C:\Users\tom\AppData\Local\llftool.4.25.agreement
[2014/12/18 19:40:19 | 000,107,008 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2014/12/18 19:40:15 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2014/12/17 13:51:28 | 000,007,605 | ---- | C] () -- C:\Users\tom\AppData\Local\Resmon.ResmonCfg
[2014/12/14 09:52:02 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2013/08/22 17:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013/08/22 17:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013/08/22 16:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013/08/22 09:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013/08/22 01:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/08/22 01:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== ZeroAccess Check ==========

[2015/01/14 17:26:08 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/12 19:40:58 | 022,291,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/12 19:34:06 | 019,731,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/10/29 03:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/10/29 02:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/10/29 03:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 220 bytes -> C:\Users\tom\OneDrive:ms-properties

< End of report >

[konu]

Snad jsem to udělal správně. google kompletně ostraněn , s IE to bylo složitější je nějak integrován do systému takže jsem odškrtnul celou položku IE v ovládacích panelech( v revo uninstaller se vůbec neukazoval). ESET už při prohledávání OTL nic nehlásil. IP adresa je stejná smlouva/mail.