Stránka 2 z 5
Re: Pomalí PC
Napsal: 16 úno 2013 21:22
od Márty84
Toto je ciste.
Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)
Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!
Stahnete ComboFix
http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na
Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci
Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde
C:\ComboFix.txt
Jeho obsah sem zkopirujte
Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni programu bude hlasena chyba, staci restartovat pc a bude to v poradku
Re: Pomalí PC
Napsal: 16 úno 2013 21:46
od PavelP
ComboFix 13-02-15.01 - Zdena 16.02.2013 21:28:10.1.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.2038.1137 [GMT 1:00]
Spuštěný z: c:\users\Zdena\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: COMODO Firewall *Disabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\System32\Desktop_.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-16 do 2013-02-16 )))))))))))))))))))))))))))))))
.
.
2013-02-16 20:37 . 2013-02-16 20:37 -------- d-----w- c:\users\Zdena\AppData\Local\temp
2013-02-16 20:37 . 2013-02-16 20:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-15 22:20 . 2013-02-15 22:20 -------- d-----w- c:\program files\Defraggler
2013-02-14 04:05 . 2013-01-04 01:38 2048512 ----a-w- c:\windows\system32\win32k.sys
2013-02-14 04:05 . 2012-11-08 03:48 1314816 ----a-w- c:\windows\system32\quartz.dll
2013-02-14 04:05 . 2013-01-04 11:28 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-14 04:05 . 2013-01-05 05:26 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-14 04:05 . 2013-01-05 05:26 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-10 22:01 . 2012-04-09 05:01 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-10 22:01 . 2012-01-07 21:25 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-16 13:12 . 2012-12-24 11:00 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 10:50 . 2012-12-24 11:00 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-12-14 15:49 . 2012-04-08 22:52 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-20 04:22 . 2013-01-09 15:49 204288 ----a-w- c:\windows\system32\ncrypt.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-11-07 6756048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - TrueSight
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1804194615-106423829-2612554759-1000Core.job
- c:\users\Zdena\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-16 08:57]
.
2013-02-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1804194615-106423829-2612554759-1000UA.job
- c:\users\Zdena\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-16 08:57]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://
www.seznam.cz/
TCP: DhcpNameServer = 62.129.50.20 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2013-02-16 21:37
Windows 6.0.6002 Service Pack 2 NTFS
.
detected NTDLL code modification:
ZwClose
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(716)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'lsass.exe'(668)
c:\windows\system32\guard32.dll
.
Celkový čas: 2013-02-16 21:40:03
ComboFix-quarantined-files.txt 2013-02-16 20:40
.
Před spuštěním: Volných bajtů: 106 472 251 392
Po spuštění: Volných bajtů: 106 434 236 416
.
- - End Of File - - FE1A65E666D1F4ED3838F979F46D27FD
Re: Pomalí PC
Napsal: 16 úno 2013 21:56
od Márty84
Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód: Vybrat vše
KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1804194615-106423829-2612554759-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1804194615-106423829-2612554759-1000UA.job
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
Driver::
!SASCORE
Reboot::
Vlevo nahore kliknete na napis
Soubor
Kliknete na napis
Ulozit jako...
Napiste spravne ten cerveny nazev
CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.
Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni programu bude hlasena chyba, staci restartovat pc a bude to v poradku
Postupujte podle navodu kolegy
vyosek píše:
Stahnete si TDSSKiller
http://support.kaspersky.com/downloads/ ... killer.exe
- Kliknete na volbu Change parametrs
- V okne Additional Option zakliknete vsechny moznosti
- Kliknete na OK
- Utilite prikazte, at skenuje - klik na Start Scan
- Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
- Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
- Pokud mate vsude Skip, kliknete na Continue
- Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte
Re: Pomalí PC
Napsal: 16 úno 2013 22:27
od PavelP
ComboFix 13-02-15.01 - Zdena 16.02.2013 22:05:29.2.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.2038.1148 [GMT 1:00]
Spuštěný z: c:\users\Zdena\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Zdena\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: COMODO Firewall *Disabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1804194615-106423829-2612554759-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1804194615-106423829-2612554759-1000UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_!SASCORE
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-16 do 2013-02-16 )))))))))))))))))))))))))))))))
.
.
2013-02-16 21:13 . 2013-02-16 21:16 -------- d-----w- c:\users\Zdena\AppData\Local\temp
2013-02-15 22:20 . 2013-02-15 22:20 -------- d-----w- c:\program files\Defraggler
2013-02-14 04:05 . 2013-01-04 01:38 2048512 ----a-w- c:\windows\system32\win32k.sys
2013-02-14 04:05 . 2012-11-08 03:48 1314816 ----a-w- c:\windows\system32\quartz.dll
2013-02-14 04:05 . 2013-01-04 11:28 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-14 04:05 . 2013-01-05 05:26 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-14 04:05 . 2013-01-05 05:26 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-10 22:01 . 2012-04-09 05:01 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-10 22:01 . 2012-01-07 21:25 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-16 13:12 . 2012-12-24 11:00 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 10:50 . 2012-12-24 11:00 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-12-14 15:49 . 2012-04-08 22:52 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-20 04:22 . 2013-01-09 15:49 204288 ----a-w- c:\windows\system32\ncrypt.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-11-07 6756048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1804194615-106423829-2612554759-1000Core.job
- c:\users\Zdena\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-16 08:57]
.
2013-02-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1804194615-106423829-2612554759-1000UA.job
- c:\users\Zdena\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-16 08:57]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://
www.seznam.cz/
TCP: DhcpNameServer = 62.129.50.20 192.168.0.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2013-02-16 22:16
Windows 6.0.6002 Service Pack 2 NTFS
.
detected NTDLL code modification:
ZwClose
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(716)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'Explorer.exe'(3748)
c:\windows\system32\guard32.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\windows\system32\conime.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Celkový čas: 2013-02-16 22:21:12 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-02-16 21:21
ComboFix2.txt 2013-02-16 20:40
.
Před spuštěním: Volných bajtů: 106 244 866 048
Po spuštění: Volných bajtů: 105 821 671 424
.
- - End Of File - - 11E006C85DE55EF9F1A4184ABAEE38BE
Re: Pomalí PC
Napsal: 16 úno 2013 22:33
od PavelP
•Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
•Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
Nic takovího se mě neoběvilo tak nevím co stím mám dělat.
Re: Pomalí PC
Napsal: 16 úno 2013 22:35
od PavelP
Ale na C jsem našel toto.
22:27:54.0434 2732 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:27:54.0668 2732 ============================================================
22:27:54.0668 2732 Current date / time: 2013/02/16 22:27:54.0668
22:27:54.0668 2732 SystemInfo:
22:27:54.0668 2732
22:27:54.0668 2732 OS Version: 6.0.6002 ServicePack: 2.0
22:27:54.0668 2732 Product type: Workstation
22:27:54.0668 2732 ComputerName: ZDENA-PC
22:27:54.0668 2732 UserName: Zdena
22:27:54.0668 2732 Windows directory: C:\Windows
22:27:54.0668 2732 System windows directory: C:\Windows
22:27:54.0668 2732 Processor architecture: Intel x86
22:27:54.0668 2732 Number of processors: 2
22:27:54.0668 2732 Page size: 0x1000
22:27:54.0668 2732 Boot type: Normal boot
22:27:54.0668 2732 ============================================================
22:27:56.0087 2732 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:27:56.0103 2732 ============================================================
22:27:56.0103 2732 \Device\Harddisk0\DR0:
22:27:56.0103 2732 MBR partitions:
22:27:56.0103 2732 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A18800
22:27:56.0103 2732 ============================================================
22:27:56.0118 2732 C: <-> \Device\Harddisk0\DR0\Partition1
22:27:56.0118 2732 ============================================================
22:27:56.0118 2732 Initialize success
22:27:56.0118 2732 ============================================================
22:28:55.0576 3416 ============================================================
22:28:55.0576 3416 Scan started
22:28:55.0576 3416 Mode: Manual; SigCheck; TDLFS;
22:28:55.0576 3416 ============================================================
22:28:56.0154 3416 ================ Scan system memory ========================
22:28:56.0154 3416 System memory - ok
22:28:56.0154 3416 ================ Scan services =============================
22:28:56.0388 3416 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
22:28:56.0637 3416 ACPI - ok
22:28:56.0700 3416 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:28:56.0746 3416 adp94xx - ok
22:28:56.0778 3416 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:28:56.0809 3416 adpahci - ok
22:28:56.0824 3416 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
22:28:56.0856 3416 adpu160m - ok
22:28:56.0918 3416 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:28:56.0965 3416 adpu320 - ok
22:28:57.0027 3416 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:28:57.0090 3416 AeLookupSvc - ok
22:28:57.0168 3416 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
22:28:57.0230 3416 AFD - ok
22:28:57.0292 3416 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:28:57.0308 3416 agp440 - ok
22:28:57.0324 3416 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
22:28:57.0355 3416 aic78xx - ok
22:28:57.0402 3416 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
22:28:57.0464 3416 ALG - ok
22:28:57.0480 3416 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
22:28:57.0511 3416 aliide - ok
22:28:57.0526 3416 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
22:28:57.0542 3416 amdagp - ok
22:28:57.0573 3416 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
22:28:57.0589 3416 amdide - ok
22:28:57.0651 3416 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
22:28:57.0745 3416 AmdK7 - ok
22:28:57.0776 3416 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:28:57.0870 3416 AmdK8 - ok
22:28:57.0948 3416 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
22:28:57.0979 3416 Appinfo - ok
22:28:58.0041 3416 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
22:28:58.0057 3416 arc - ok
22:28:58.0104 3416 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:28:58.0135 3416 arcsas - ok
22:28:58.0182 3416 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
22:28:58.0244 3416 aswFsBlk - ok
22:28:58.0322 3416 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
22:28:58.0353 3416 aswMonFlt - ok
22:28:58.0369 3416 [ 7C9F0A2AB17D52261A9252A2EB320884 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
22:28:58.0400 3416 aswRdr - ok
22:28:58.0572 3416 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
22:28:58.0681 3416 aswSnx - ok
22:28:58.0759 3416 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
22:28:58.0806 3416 aswSP - ok
22:28:58.0837 3416 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
22:28:58.0884 3416 aswTdi - ok
22:28:58.0930 3416 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:28:58.0977 3416 AsyncMac - ok
22:28:59.0040 3416 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
22:28:59.0071 3416 atapi - ok
22:28:59.0164 3416 [ 42A781B795B36A7182DED8B55C245153 ] athr C:\Windows\system32\DRIVERS\athr.sys
22:28:59.0289 3416 athr - ok
22:28:59.0352 3416 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:28:59.0414 3416 AudioEndpointBuilder - ok
22:28:59.0430 3416 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:28:59.0476 3416 Audiosrv - ok
22:28:59.0648 3416 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:28:59.0679 3416 avast! Antivirus - ok
22:28:59.0742 3416 [ AA6B367CA7DA571DFC3374EC137D87A5 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
22:28:59.0788 3416 b57nd60x - ok
22:28:59.0866 3416 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
22:28:59.0929 3416 Beep - ok
22:28:59.0991 3416 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
22:29:00.0069 3416 BFE - ok
22:29:00.0178 3416 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
22:29:00.0350 3416 BITS - ok
22:29:00.0366 3416 blbdrive - ok
22:29:00.0412 3416 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:29:00.0475 3416 bowser - ok
22:29:00.0537 3416 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
22:29:00.0600 3416 BrFiltLo - ok
22:29:00.0615 3416 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
22:29:00.0678 3416 BrFiltUp - ok
22:29:00.0724 3416 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
22:29:00.0787 3416 Browser - ok
22:29:00.0849 3416 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
22:29:00.0927 3416 Brserid - ok
22:29:00.0958 3416 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
22:29:01.0036 3416 BrSerWdm - ok
22:29:01.0052 3416 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
22:29:01.0130 3416 BrUsbMdm - ok
22:29:01.0192 3416 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
22:29:01.0270 3416 BrUsbSer - ok
22:29:01.0333 3416 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
22:29:01.0364 3416 BthEnum - ok
22:29:01.0411 3416 [ 9A966A8E86D1771911AE34A20D11BFF3 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:29:01.0458 3416 BTHMODEM - ok
22:29:01.0504 3416 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:29:01.0567 3416 BthPan - ok
22:29:01.0676 3416 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
22:29:01.0754 3416 BTHPORT - ok
22:29:01.0816 3416 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
22:29:01.0863 3416 BthServ - ok
22:29:01.0894 3416 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
22:29:01.0941 3416 BTHUSB - ok
22:29:01.0972 3416 catchme - ok
22:29:02.0019 3416 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:29:02.0082 3416 cdfs - ok
22:29:02.0128 3416 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:29:02.0191 3416 cdrom - ok
22:29:02.0269 3416 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
22:29:02.0316 3416 CertPropSvc - ok
22:29:02.0347 3416 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
22:29:02.0425 3416 circlass - ok
22:29:02.0487 3416 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
22:29:02.0518 3416 CLFS - ok
22:29:02.0612 3416 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:29:02.0643 3416 clr_optimization_v2.0.50727_32 - ok
22:29:02.0752 3416 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:29:02.0784 3416 clr_optimization_v4.0.30319_32 - ok
22:29:02.0846 3416 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:29:02.0908 3416 CmBatt - ok
22:29:03.0033 3416 [ 2A2D72271844C52F004901A60312B96A ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
22:29:03.0298 3416 cmdAgent - ok
22:29:03.0361 3416 [ 623C7421D76860837CE0643950A117E7 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
22:29:03.0423 3416 cmdGuard - ok
22:29:03.0454 3416 [ 5A6ED5F670CD80EC338A94A8A08EC7F1 ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
22:29:03.0486 3416 cmdHlp - ok
22:29:03.0517 3416 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:29:03.0548 3416 cmdide - ok
22:29:03.0579 3416 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:29:03.0610 3416 Compbatt - ok
22:29:03.0610 3416 COMSysApp - ok
22:29:03.0642 3416 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:29:03.0673 3416 crcdisk - ok
22:29:03.0688 3416 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
22:29:03.0766 3416 Crusoe - ok
22:29:03.0844 3416 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:29:03.0876 3416 CryptSvc - ok
22:29:03.0969 3416 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:29:04.0032 3416 DcomLaunch - ok
22:29:04.0078 3416 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:29:04.0125 3416 DfsC - ok
22:29:04.0234 3416 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
22:29:04.0375 3416 DFSR - ok
22:29:04.0531 3416 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
22:29:04.0578 3416 Dhcp - ok
22:29:04.0656 3416 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
22:29:04.0671 3416 disk - ok
22:29:04.0734 3416 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:29:04.0780 3416 Dnscache - ok
22:29:04.0843 3416 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:29:04.0905 3416 dot3svc - ok
22:29:04.0952 3416 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
22:29:05.0030 3416 DPS - ok
22:29:05.0092 3416 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:29:05.0124 3416 drmkaud - ok
22:29:05.0170 3416 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:29:05.0248 3416 DXGKrnl - ok
22:29:05.0311 3416 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
22:29:05.0404 3416 E1G60 - ok
22:29:05.0436 3416 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
22:29:05.0498 3416 EapHost - ok
22:29:05.0560 3416 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
22:29:05.0592 3416 Ecache - ok
22:29:05.0654 3416 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:29:05.0701 3416 elxstor - ok
22:29:05.0748 3416 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
22:29:05.0841 3416 EMDMgmt - ok
22:29:05.0919 3416 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
22:29:05.0966 3416 EventSystem - ok
22:29:06.0044 3416 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
22:29:06.0106 3416 exfat - ok
22:29:06.0169 3416 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:29:06.0231 3416 fastfat - ok
22:29:06.0262 3416 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:29:06.0340 3416 fdc - ok
22:29:06.0387 3416 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
22:29:06.0434 3416 fdPHost - ok
22:29:06.0465 3416 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
22:29:06.0543 3416 FDResPub - ok
22:29:06.0590 3416 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:29:06.0606 3416 FileInfo - ok
22:29:06.0652 3416 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:29:06.0730 3416 Filetrace - ok
22:29:06.0762 3416 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:29:06.0824 3416 flpydisk - ok
22:29:06.0871 3416 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:29:06.0918 3416 FltMgr - ok
22:29:07.0042 3416 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
22:29:07.0183 3416 FontCache - ok
22:29:07.0339 3416 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:29:07.0370 3416 FontCache3.0.0.0 - ok
22:29:07.0401 3416 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:29:07.0448 3416 Fs_Rec - ok
22:29:07.0479 3416 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:29:07.0510 3416 gagp30kx - ok
22:29:07.0682 3416 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
22:29:07.0807 3416 gpsvc - ok
22:29:07.0916 3416 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:29:07.0963 3416 HdAudAddService - ok
22:29:07.0994 3416 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:29:08.0119 3416 HDAudBus - ok
22:29:08.0181 3416 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:29:08.0259 3416 HidBth - ok
22:29:08.0275 3416 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
22:29:08.0353 3416 HidIr - ok
22:29:08.0384 3416 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
22:29:08.0431 3416 hidserv - ok
22:29:08.0462 3416 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:29:08.0524 3416 HidUsb - ok
22:29:08.0540 3416 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:29:08.0602 3416 hkmsvc - ok
22:29:08.0634 3416 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
22:29:08.0665 3416 HpCISSs - ok
22:29:08.0712 3416 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
22:29:08.0774 3416 HSFHWAZL - ok
22:29:08.0836 3416 [ 7BC42C65B5C6281777C1A7605B253BA8 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
22:29:08.0914 3416 HSF_DPV - ok
22:29:08.0977 3416 [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
22:29:09.0024 3416 HSXHWAZL - ok
22:29:09.0180 3416 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:29:09.0258 3416 HTTP - ok
22:29:09.0289 3416 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
22:29:09.0320 3416 i2omp - ok
22:29:09.0382 3416 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:29:09.0429 3416 i8042prt - ok
22:29:09.0460 3416 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
22:29:09.0492 3416 iaStorV - ok
22:29:09.0554 3416 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:29:09.0632 3416 idsvc - ok
22:29:09.0726 3416 [ 9378D57E2B96C0A185D844770AD49948 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
22:29:09.0944 3416 igfx - ok
22:29:09.0975 3416 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:29:09.0991 3416 iirsp - ok
22:29:10.0038 3416 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
22:29:10.0100 3416 IKEEXT - ok
22:29:10.0147 3416 [ CE3034F551E06F7A290DA4D8DF29246E ] inspect C:\Windows\system32\DRIVERS\inspect.sys
22:29:10.0162 3416 inspect - ok
22:29:10.0194 3416 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
22:29:10.0225 3416 intelide - ok
22:29:10.0240 3416 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:29:10.0303 3416 intelppm - ok
22:29:10.0334 3416 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:29:10.0428 3416 IPBusEnum - ok
22:29:10.0459 3416 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:29:10.0506 3416 IpFilterDriver - ok
22:29:10.0552 3416 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:29:10.0599 3416 iphlpsvc - ok
22:29:10.0615 3416 IpInIp - ok
22:29:10.0646 3416 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
22:29:10.0724 3416 IPMIDRV - ok
22:29:10.0755 3416 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
22:29:10.0802 3416 IPNAT - ok
22:29:10.0880 3416 [ E50A95179211B12946F7E035D60AF560 ] irda C:\Windows\system32\DRIVERS\irda.sys
22:29:10.0942 3416 irda - ok
22:29:10.0989 3416 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:29:11.0036 3416 IRENUM - ok
22:29:11.0098 3416 [ CBB0D940221A281BCFEAEA695BD1CDA5 ] Irmon C:\Windows\System32\irmon.dll
22:29:11.0176 3416 Irmon - ok
22:29:11.0208 3416 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:29:11.0239 3416 isapnp - ok
22:29:11.0301 3416 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
22:29:11.0317 3416 iScsiPrt - ok
22:29:11.0348 3416 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
22:29:11.0364 3416 iteatapi - ok
22:29:11.0379 3416 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
22:29:11.0410 3416 iteraid - ok
22:29:11.0442 3416 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:29:11.0457 3416 kbdclass - ok
22:29:11.0504 3416 [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
22:29:11.0566 3416 kbdhid - ok
22:29:11.0598 3416 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
22:29:11.0644 3416 KeyIso - ok
22:29:11.0691 3416 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:29:11.0738 3416 KSecDD - ok
22:29:11.0785 3416 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
22:29:11.0863 3416 KtmRm - ok
22:29:11.0925 3416 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
22:29:11.0988 3416 LanmanServer - ok
22:29:12.0050 3416 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:29:12.0081 3416 LanmanWorkstation - ok
22:29:12.0144 3416 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:29:12.0237 3416 lltdio - ok
22:29:12.0268 3416 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:29:12.0346 3416 lltdsvc - ok
22:29:12.0378 3416 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:29:12.0456 3416 lmhosts - ok
22:29:12.0502 3416 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:29:12.0549 3416 LSI_FC - ok
22:29:12.0565 3416 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:29:12.0580 3416 LSI_SAS - ok
22:29:12.0596 3416 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:29:12.0627 3416 LSI_SCSI - ok
22:29:12.0658 3416 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
22:29:12.0721 3416 luafv - ok
22:29:12.0752 3416 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
22:29:12.0814 3416 mdmxsdk - ok
22:29:12.0846 3416 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
22:29:12.0861 3416 megasas - ok
22:29:12.0908 3416 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
22:29:12.0986 3416 MMCSS - ok
22:29:13.0017 3416 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
22:29:13.0064 3416 Modem - ok
22:29:13.0126 3416 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:29:13.0189 3416 monitor - ok
22:29:13.0220 3416 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:29:13.0251 3416 mouclass - ok
22:29:13.0282 3416 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:29:13.0329 3416 mouhid - ok
22:29:13.0360 3416 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
22:29:13.0376 3416 MountMgr - ok
22:29:13.0423 3416 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
22:29:13.0438 3416 mpio - ok
22:29:13.0470 3416 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:29:13.0532 3416 mpsdrv - ok
22:29:13.0594 3416 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
22:29:13.0672 3416 MpsSvc - ok
22:29:13.0719 3416 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
22:29:13.0735 3416 Mraid35x - ok
22:29:13.0782 3416 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:29:13.0813 3416 MRxDAV - ok
22:29:13.0860 3416 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:29:13.0906 3416 mrxsmb - ok
22:29:13.0969 3416 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:29:14.0031 3416 mrxsmb10 - ok
22:29:14.0062 3416 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:29:14.0109 3416 mrxsmb20 - ok
22:29:14.0156 3416 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
22:29:14.0172 3416 msahci - ok
22:29:14.0203 3416 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:29:14.0218 3416 msdsm - ok
22:29:14.0250 3416 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
22:29:14.0328 3416 MSDTC - ok
22:29:14.0359 3416 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:29:14.0406 3416 Msfs - ok
22:29:14.0468 3416 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:29:14.0499 3416 msisadrv - ok
22:29:14.0530 3416 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:29:14.0577 3416 MSiSCSI - ok
22:29:14.0593 3416 msiserver - ok
22:29:14.0624 3416 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:29:14.0686 3416 MSKSSRV - ok
22:29:14.0733 3416 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:29:14.0780 3416 MSPCLOCK - ok
22:29:14.0827 3416 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:29:14.0905 3416 MSPQM - ok
22:29:14.0936 3416 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:29:14.0967 3416 MsRPC - ok
22:29:14.0998 3416 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:29:15.0014 3416 mssmbios - ok
22:29:15.0061 3416 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:29:15.0139 3416 MSTEE - ok
22:29:15.0170 3416 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
22:29:15.0186 3416 Mup - ok
22:29:15.0248 3416 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
22:29:15.0326 3416 napagent - ok
22:29:15.0357 3416 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:29:15.0404 3416 NativeWifiP - ok
22:29:15.0466 3416 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:29:15.0513 3416 NDIS - ok
22:29:15.0560 3416 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:29:15.0622 3416 NdisTapi - ok
22:29:15.0638 3416 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:29:15.0716 3416 Ndisuio - ok
22:29:15.0747 3416 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:29:15.0810 3416 NdisWan - ok
22:29:15.0825 3416 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:29:15.0888 3416 NDProxy - ok
22:29:15.0919 3416 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:29:15.0966 3416 NetBIOS - ok
22:29:16.0012 3416 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
22:29:16.0059 3416 netbt - ok
22:29:16.0075 3416 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
22:29:16.0106 3416 Netlogon - ok
22:29:16.0184 3416 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
22:29:16.0262 3416 Netman - ok
22:29:16.0309 3416 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
22:29:16.0371 3416 netprofm - ok
22:29:16.0402 3416 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:29:16.0449 3416 NetTcpPortSharing - ok
22:29:16.0496 3416 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:29:16.0512 3416 nfrd960 - ok
22:29:16.0558 3416 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:29:16.0605 3416 NlaSvc - ok
22:29:16.0636 3416 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:29:16.0699 3416 Npfs - ok
22:29:16.0714 3416 [ 6D8D2E5652FC2442C810C5D8BE784148 ] NSCIRDA C:\Windows\system32\DRIVERS\nscirda.sys
22:29:16.0761 3416 NSCIRDA - ok
22:29:16.0808 3416 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
22:29:16.0870 3416 nsi - ok
22:29:16.0902 3416 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:29:16.0948 3416 nsiproxy - ok
22:29:17.0058 3416 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:29:17.0182 3416 Ntfs - ok
22:29:17.0245 3416 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
22:29:17.0338 3416 ntrigdigi - ok
22:29:17.0370 3416 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
22:29:17.0416 3416 Null - ok
22:29:17.0432 3416 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:29:17.0448 3416 nvraid - ok
22:29:17.0463 3416 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:29:17.0494 3416 nvstor - ok
22:29:17.0526 3416 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:29:17.0541 3416 nv_agp - ok
22:29:17.0557 3416 NwlnkFlt - ok
22:29:17.0557 3416 NwlnkFwd - ok
22:29:17.0619 3416 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
22:29:17.0666 3416 ohci1394 - ok
22:29:17.0713 3416 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
22:29:17.0775 3416 p2pimsvc - ok
22:29:17.0791 3416 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
22:29:17.0884 3416 p2psvc - ok
22:29:17.0931 3416 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
22:29:18.0009 3416 Parport - ok
22:29:18.0072 3416 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:29:18.0103 3416 partmgr - ok
22:29:18.0118 3416 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
22:29:18.0212 3416 Parvdm - ok
22:29:18.0243 3416 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
22:29:18.0290 3416 PcaSvc - ok
22:29:18.0337 3416 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
22:29:18.0368 3416 pci - ok
22:29:18.0415 3416 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
22:29:18.0446 3416 pciide - ok
22:29:18.0477 3416 [ 3BB2244F343B610C29C98035504C9B75 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
22:29:18.0508 3416 pcmcia - ok
22:29:18.0586 3416 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:29:18.0696 3416 PEAUTH - ok
22:29:18.0836 3416 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
22:29:18.0976 3416 pla - ok
22:29:19.0023 3416 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:29:19.0101 3416 PlugPlay - ok
22:29:19.0195 3416 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
22:29:19.0242 3416 PNRPAutoReg - ok
22:29:19.0288 3416 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
22:29:19.0351 3416 PNRPsvc - ok
22:29:19.0460 3416 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:29:19.0538 3416 PolicyAgent - ok
22:29:19.0569 3416 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:29:19.0647 3416 PptpMiniport - ok
22:29:19.0678 3416 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
22:29:19.0772 3416 Processor - ok
22:29:19.0850 3416 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
22:29:19.0897 3416 ProfSvc - ok
22:29:19.0912 3416 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
22:29:19.0944 3416 ProtectedStorage - ok
22:29:19.0975 3416 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
22:29:20.0037 3416 PSched - ok
22:29:20.0100 3416 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:29:20.0162 3416 ql2300 - ok
22:29:20.0209 3416 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:29:20.0256 3416 ql40xx - ok
22:29:20.0302 3416 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
22:29:20.0365 3416 QWAVE - ok
22:29:20.0396 3416 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:29:20.0443 3416 QWAVEdrv - ok
22:29:20.0474 3416 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:29:20.0521 3416 RasAcd - ok
22:29:20.0568 3416 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
22:29:20.0630 3416 RasAuto - ok
22:29:20.0692 3416 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:29:20.0755 3416 Rasl2tp - ok
22:29:20.0786 3416 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
22:29:20.0864 3416 RasMan - ok
22:29:20.0895 3416 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:29:20.0942 3416 RasPppoe - ok
22:29:20.0958 3416 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:29:21.0004 3416 RasSstp - ok
22:29:21.0051 3416 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:29:21.0098 3416 rdbss - ok
22:29:21.0145 3416 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:29:21.0207 3416 RDPCDD - ok
22:29:21.0285 3416 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
22:29:21.0379 3416 rdpdr - ok
22:29:21.0441 3416 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:29:21.0488 3416 RDPENCDD - ok
22:29:21.0535 3416 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:29:21.0597 3416 RDPWD - ok
22:29:21.0660 3416 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:29:21.0738 3416 RemoteAccess - ok
22:29:21.0769 3416 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:29:21.0816 3416 RemoteRegistry - ok
22:29:21.0831 3416 [ B9BB8E2093C1615AD6EA55AD96214354 ] Revoflt C:\Windows\system32\DRIVERS\revoflt.sys
22:29:21.0862 3416 Revoflt - ok
22:29:21.0909 3416 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
22:29:21.0956 3416 RFCOMM - ok
22:29:22.0003 3416 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
22:29:22.0050 3416 RpcLocator - ok
22:29:22.0081 3416 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
22:29:22.0143 3416 RpcSs - ok
22:29:22.0190 3416 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:29:22.0237 3416 rspndr - ok
22:29:22.0252 3416 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
22:29:22.0284 3416 SamSs - ok
22:29:22.0346 3416 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
22:29:22.0377 3416 SASDIFSV - ok
22:29:22.0393 3416 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
22:29:22.0408 3416 SASKUTIL - ok
22:29:22.0440 3416 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:29:22.0471 3416 sbp2port - ok
22:29:22.0533 3416 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:29:22.0596 3416 SCardSvr - ok
22:29:22.0720 3416 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
22:29:22.0798 3416 Schedule - ok
22:29:22.0830 3416 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:29:22.0861 3416 SCPolicySvc - ok
22:29:22.0923 3416 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
22:29:22.0954 3416 sdbus - ok
22:29:23.0001 3416 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:29:23.0048 3416 SDRSVC - ok
22:29:23.0079 3416 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:29:23.0142 3416 secdrv - ok
22:29:23.0173 3416 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
22:29:23.0220 3416 seclogon - ok
22:29:23.0235 3416 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
22:29:23.0282 3416 SENS - ok
22:29:23.0329 3416 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
22:29:23.0407 3416 Serenum - ok
22:29:23.0438 3416 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
22:29:23.0516 3416 Serial - ok
22:29:23.0578 3416 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:29:23.0610 3416 sermouse - ok
22:29:23.0672 3416 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
22:29:23.0719 3416 SessionEnv - ok
22:29:23.0734 3416 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:29:23.0812 3416 sffdisk - ok
22:29:23.0828 3416 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:29:23.0890 3416 sffp_mmc - ok
22:29:23.0906 3416 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:29:23.0984 3416 sffp_sd - ok
22:29:23.0984 3416 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:29:24.0078 3416 sfloppy - ok
22:29:24.0093 3416 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:29:24.0156 3416 SharedAccess - ok
22:29:24.0202 3416 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:29:24.0249 3416 ShellHWDetection - ok
22:29:24.0280 3416 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
22:29:24.0312 3416 sisagp - ok
22:29:24.0327 3416 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
22:29:24.0343 3416 SiSRaid2 - ok
22:29:24.0358 3416 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:29:24.0390 3416 SiSRaid4 - ok
22:29:24.0514 3416 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
22:29:24.0670 3416 slsvc - ok
22:29:24.0702 3416 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
22:29:24.0764 3416 SLUINotify - ok
22:29:24.0795 3416 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:29:24.0842 3416 Smb - ok
22:29:24.0873 3416 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:29:24.0904 3416 SNMPTRAP - ok
22:29:24.0951 3416 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
22:29:24.0967 3416 spldr - ok
22:29:24.0998 3416 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
22:29:25.0045 3416 Spooler - ok
22:29:25.0092 3416 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:29:25.0123 3416 srv - ok
22:29:25.0138 3416 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:29:25.0201 3416 srv2 - ok
22:29:25.0216 3416 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:29:25.0263 3416 srvnet - ok
22:29:25.0294 3416 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:29:25.0341 3416 SSDPSRV - ok
22:29:25.0388 3416 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:29:25.0450 3416 SstpSvc - ok
22:29:25.0482 3416 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
22:29:25.0544 3416 stisvc - ok
22:29:25.0591 3416 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:29:25.0606 3416 swenum - ok
22:29:25.0653 3416 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
22:29:25.0716 3416 swprv - ok
22:29:25.0747 3416 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
22:29:25.0762 3416 Symc8xx - ok
22:29:25.0778 3416 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
22:29:25.0809 3416 Sym_hi - ok
22:29:25.0825 3416 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
22:29:25.0840 3416 Sym_u3 - ok
22:29:25.0903 3416 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
22:29:25.0965 3416 SysMain - ok
22:29:26.0012 3416 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:29:26.0059 3416 TabletInputService - ok
22:29:26.0106 3416 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:29:26.0152 3416 TapiSrv - ok
22:29:26.0184 3416 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
22:29:26.0246 3416 TBS - ok
22:29:26.0308 3416 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:29:26.0371 3416 Tcpip - ok
22:29:26.0402 3416 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
22:29:26.0605 3416 Tcpip6 - ok
22:29:26.0667 3416 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:29:26.0745 3416 tcpipreg - ok
22:29:26.0776 3416 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:29:26.0823 3416 TDPIPE - ok
22:29:26.0839 3416 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:29:26.0901 3416 TDTCP - ok
22:29:26.0932 3416 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:29:26.0979 3416 tdx - ok
22:29:27.0010 3416 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:29:27.0042 3416 TermDD - ok
22:29:27.0088 3416 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
22:29:27.0135 3416 TermService - ok
22:29:27.0166 3416 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
22:29:27.0213 3416 Themes - ok
22:29:27.0229 3416 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
22:29:27.0276 3416 THREADORDER - ok
22:29:27.0322 3416 [ 78213F01CE781F93180BEF5EB5B3AD81 ] tifm21 C:\Windows\system32\drivers\tifm21.sys
22:29:27.0354 3416 tifm21 - ok
22:29:27.0385 3416 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
22:29:27.0447 3416 TrkWks - ok
22:29:27.0494 3416 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:29:27.0541 3416 TrustedInstaller - ok
22:29:27.0588 3416 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:29:27.0650 3416 tssecsrv - ok
22:29:27.0681 3416 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
22:29:27.0728 3416 tunmp - ok
22:29:27.0759 3416 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:29:27.0790 3416 tunnel - ok
22:29:27.0822 3416 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:29:27.0837 3416 uagp35 - ok
22:29:27.0868 3416 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:29:27.0931 3416 udfs - ok
22:29:27.0946 3416 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:29:28.0009 3416 UI0Detect - ok
22:29:28.0040 3416 UIUSys - ok
22:29:28.0071 3416 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:29:28.0102 3416 uliagpkx - ok
22:29:28.0118 3416 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
22:29:28.0149 3416 uliahci - ok
22:29:28.0180 3416 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
22:29:28.0212 3416 UlSata - ok
22:29:28.0227 3416 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
22:29:28.0258 3416 ulsata2 - ok
22:29:28.0290 3416 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:29:28.0336 3416 umbus - ok
22:29:28.0383 3416 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
22:29:28.0430 3416 upnphost - ok
22:29:28.0492 3416 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:29:28.0555 3416 usbccgp - ok
22:29:28.0586 3416 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:29:28.0648 3416 usbcir - ok
22:29:28.0726 3416 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:29:28.0758 3416 usbehci - ok
22:29:28.0773 3416 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:29:28.0836 3416 usbhub - ok
22:29:28.0851 3416 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:29:28.0914 3416 usbohci - ok
22:29:28.0945 3416 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
22:29:29.0007 3416 usbprint - ok
22:29:29.0023 3416 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:29:29.0085 3416 USBSTOR - ok
22:29:29.0116 3416 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:29:29.0163 3416 usbuhci - ok
22:29:29.0241 3416 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
22:29:29.0304 3416 usbvideo - ok
22:29:29.0350 3416 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
22:29:29.0413 3416 UxSms - ok
22:29:29.0460 3416 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
22:29:29.0522 3416 vds - ok
22:29:29.0584 3416 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:29:29.0662 3416 vga - ok
22:29:29.0709 3416 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
22:29:29.0756 3416 VgaSave - ok
22:29:29.0787 3416 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
22:29:29.0803 3416 viaagp - ok
22:29:29.0818 3416 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
22:29:29.0881 3416 ViaC7 - ok
22:29:29.0912 3416 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
22:29:29.0928 3416 viaide - ok
22:29:29.0974 3416 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:29:30.0006 3416 volmgr - ok
22:29:30.0052 3416 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:29:30.0084 3416 volmgrx - ok
22:29:30.0130 3416 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:29:30.0162 3416 volsnap - ok
22:29:30.0208 3416 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:29:30.0240 3416 vsmraid - ok
22:29:30.0286 3416 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
22:29:30.0380 3416 VSS - ok
22:29:30.0427 3416 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
22:29:30.0489 3416 W32Time - ok
22:29:30.0520 3416 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:29:30.0583 3416 WacomPen - ok
22:29:30.0630 3416 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
22:29:30.0661 3416 Wanarp - ok
22:29:30.0676 3416 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:29:30.0708 3416 Wanarpv6 - ok
22:29:30.0754 3416 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:29:30.0832 3416 wcncsvc - ok
22:29:30.0864 3416 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:29:30.0910 3416 WcsPlugInService - ok
22:29:30.0942 3416 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
22:29:30.0957 3416 Wd - ok
22:29:31.0004 3416 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:29:31.0051 3416 Wdf01000 - ok
22:29:31.0098 3416 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:29:31.0176 3416 WdiServiceHost - ok
22:29:31.0191 3416 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:29:31.0238 3416 WdiSystemHost - ok
22:29:31.0285 3416 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
22:29:31.0316 3416 WebClient - ok
22:29:31.0347 3416 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:29:31.0394 3416 Wecsvc - ok
22:29:31.0425 3416 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:29:31.0472 3416 wercplsupport - ok
22:29:31.0503 3416 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
22:29:31.0550 3416 WerSvc - ok
22:29:31.0581 3416 [ 5A77AC34A0FFB70CE8B35B524FEDE9BA ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
22:29:31.0659 3416 winachsf - ok
22:29:31.0737 3416 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
22:29:31.0768 3416 WinDefend - ok
22:29:31.0784 3416 WinHttpAutoProxySvc - ok
22:29:31.0846 3416 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:29:31.0893 3416 Winmgmt - ok
22:29:31.0971 3416 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
22:29:32.0080 3416 WinRM - ok
22:29:32.0174 3416 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:29:32.0236 3416 Wlansvc - ok
22:29:32.0268 3416 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
22:29:32.0314 3416 WmiAcpi - ok
22:29:32.0361 3416 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:29:32.0408 3416 wmiApSrv - ok
22:29:32.0502 3416 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
22:29:32.0548 3416 WMPNetworkSvc - ok
22:29:32.0611 3416 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:29:32.0658 3416 WPCSvc - ok
22:29:32.0689 3416 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:29:32.0736 3416 WPDBusEnum - ok
22:29:32.0845 3416 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:29:32.0892 3416 WPFFontCache_v0400 - ok
22:29:32.0923 3416 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:29:32.0985 3416 ws2ifsl - ok
22:29:33.0032 3416 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
22:29:33.0079 3416 wscsvc - ok
22:29:33.0094 3416 WSearch - ok
22:29:33.0235 3416 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
22:29:33.0531 3416 wuauserv - ok
22:29:33.0594 3416 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:29:33.0625 3416 WudfPf - ok
22:29:33.0672 3416 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:29:33.0703 3416 WUDFRd - ok
22:29:33.0734 3416 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:29:33.0765 3416 wudfsvc - ok
22:29:33.0781 3416 [ 88AF537264F2B818DA15479CEEAF5D7C ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
22:29:33.0828 3416 XAudio - ok
22:29:33.0859 3416 [ 15A317674A08DF26BE65164D959E9203 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
22:29:33.0890 3416 XAudioService - ok
22:29:33.0921 3416 ================ Scan global ===============================
22:29:33.0952 3416 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
22:29:33.0984 3416 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
22:29:34.0015 3416 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
22:29:34.0062 3416 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
22:29:34.0077 3416 [Global] - ok
22:29:34.0077 3416 ================ Scan MBR ==================================
22:29:34.0093 3416 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
22:29:34.0732 3416 \Device\Harddisk0\DR0 - ok
22:29:34.0732 3416 ================ Scan VBR ==================================
22:29:34.0732 3416 [ 319C3C0D3031F315729904F2A4465F26 ] \Device\Harddisk0\DR0\Partition1
22:29:34.0732 3416 \Device\Harddisk0\DR0\Partition1 - ok
22:29:34.0732 3416 ============================================================
22:29:34.0732 3416 Scan finished
22:29:34.0732 3416 ============================================================
22:29:34.0764 2752 Detected object count: 0
22:29:34.0764 2752 Actual detected object count: 0
Re: Pomalí PC
Napsal: 16 úno 2013 22:40
od Márty84
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost
Otevrit normalne
Stahnete OTL
http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na
Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka)
Pro všechny uživatele,
Kontrola na havěť "LOP" a
Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na
Prohledat
Po skenu se vytvori dva logy (
OTL.Txt a
Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Re: Pomalí PC
Napsal: 16 úno 2013 23:57
od PavelP
OTL Extras logfile created on: 16.2.2013 22:46:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Zdena\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,99 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 62,77% Memory free
4,21 Gb Paging File | 3,37 Gb Available in Paging File | 80,04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 98,58 Gb Free Space | 66,14% Space Free | Partition Type: NTFS
Computer Name: ZDENA-PC | User Name: Zdena | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{F58F2D4B-7C38-4F30-BEB0-AA955864FF45}" = dir=in | app=c:\program files\skype\phone\skype.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros for Acer Driver v7.2.0.215_Foxconn Installation Program
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.4.1
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{88410D8F-8529-492B-B556-2394A29B811B}" = Broadcom Driver v4.170.25.19_Foxconn Installation Program
"{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap
"{9e9fdde6-2c26-492a-85a0-05646b3f2795}" = NeroLiveGadget
"{9ef24ce6-b4b6-4180-a1c5-e6afeb3dca45}" = Nero 9
"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Czech
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = TIPCI
"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}" = COMODO Internet Security
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{f1861f30-3419-44db-b2a1-c274825698b3}" = Nero Disc Copy Gadget
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FC57FC53-104C-415C-98D7-B05E659461A9}" = Broadcom Gigabit Integrated Controller
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"Defraggler" = Defraggler
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.01
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.70.0.1100
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"WinRAR archiver" = WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1804194615-106423829-2612554759-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 14.2.2013 14:06:37 | Computer Name = Zdena-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 14.2.2013 14:06:37 | Computer Name = Zdena-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 14.2.2013 14:06:37 | Computer Name = Zdena-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 14.2.2013 14:06:37 | Computer Name = Zdena-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 16.2.2013 15:52:48 | Computer Name = Zdena-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 16.2.2013 15:52:48 | Computer Name = Zdena-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 16.2.2013 15:52:49 | Computer Name = Zdena-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 16.2.2013 15:52:49 | Computer Name = Zdena-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 16.2.2013 15:52:49 | Computer Name = Zdena-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 16.2.2013 15:52:49 | Computer Name = Zdena-PC | Source = Windows Search Service | ID = 3013
Description =
[ System Events ]
Error - 16.2.2013 17:05:03 | Computer Name = Zdena-PC | Source = Service Control Manager | ID = 7031
Description =
Error - 16.2.2013 17:05:03 | Computer Name = Zdena-PC | Source = Service Control Manager | ID = 7031
Description =
Error - 16.2.2013 17:05:03 | Computer Name = Zdena-PC | Source = Service Control Manager | ID = 7031
Description =
Error - 16.2.2013 17:09:12 | Computer Name = Zdena-PC | Source = Service Control Manager | ID = 7030
Description =
Error - 16.2.2013 17:13:29 | Computer Name = Zdena-PC | Source = Service Control Manager | ID = 7030
Description =
Error - 16.2.2013 17:13:43 | Computer Name = Zdena-PC | Source = Service Control Manager | ID = 7030
Description =
Error - 16.2.2013 17:15:43 | Computer Name = Zdena-PC | Source = LSM | ID = 1048
Description =
Error - 16.2.2013 17:16:37 | Computer Name = Zdena-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 16.2.2013 17:24:09 | Computer Name = Zdena-PC | Source = LSM | ID = 1048
Description =
Error - 16.2.2013 17:24:15 | Computer Name = Zdena-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
Re: Pomalí PC
Napsal: 16 úno 2013 23:58
od PavelP
OTL logfile created on: 16.2.2013 22:46:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Zdena\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,99 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 62,77% Memory free
4,21 Gb Paging File | 3,37 Gb Available in Paging File | 80,04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 98,58 Gb Free Space | 66,14% Space Free | Partition Type: NTFS
Computer Name: ZDENA-PC | User Name: Zdena | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.02.16 22:44:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Zdena\Desktop\OTL.exe
PRC - [2012.11.08 00:37:37 | 001,990,464 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2012.11.08 00:37:11 | 006,756,048 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2010.03.15 11:28:24 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
========== Services (SafeList) ==========
SRV - [2012.11.08 00:37:37 | 001,990,464 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2008.01.19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012.11.08 00:37:45 | 000,082,952 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2012.11.08 00:37:44 | 000,042,264 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2012.11.08 00:37:43 | 000,494,416 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.10.30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012.10.30 23:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.07.22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009.12.30 12:21:16 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2007.05.02 03:52:00 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2007.04.27 17:56:00 | 000,705,024 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2006.11.28 16:44:52 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1804194615-106423829-2612554759-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.seznam.cz/
IE - HKU\S-1-5-21-1804194615-106423829-2612554759-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1804194615-106423829-2612554759-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1804194615-106423829-2612554759-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1804194615-106423829-2612554759-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Zdena\AppData\Local\Google\Update\1.3.21.129\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Zdena\AppData\Local\Google\Update\1.3.21.129\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2006.01.10 04:28:43 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - homepage:
http://www.seznam.cz/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
http://www.seznam.cz/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Zdena\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Zdena\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Zdena\AppData\Local\Google\Chrome\Application\24.0.1312.57\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Zdena\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Zdena\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Zdena\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: avast! WebRep = C:\Users\Zdena\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Gmail = C:\Users\Zdena\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2013.02.16 22:16:10 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1804194615-106423829-2612554759-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1804194615-106423829-2612554759-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.129.50.20 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FA8A014E-E347-403E-9FB3-BB6D21F10BBF}: DhcpNameServer = 62.129.50.20 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\Windows\System32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Humpback Whale.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Humpback Whale.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Re: Pomalí PC
Napsal: 16 úno 2013 23:59
od PavelP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2013.02.16 22:44:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Zdena\Desktop\OTL.exe
[2013.02.16 22:27:16 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Zdena\Desktop\tdsskiller.exe
[2013.02.16 22:21:16 | 000,000,000 | ---D | C] -- C:\Users\Zdena\AppData\Local\temp
[2013.02.16 22:16:20 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013.02.16 22:13:24 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.02.16 21:25:59 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.02.16 21:25:59 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.02.16 21:25:59 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.02.16 21:25:44 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.02.16 21:25:00 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.02.16 21:23:10 | 005,033,715 | R--- | C] (Swearware) -- C:\Users\Zdena\Desktop\ComboFix.exe
[2013.02.16 21:17:12 | 000,000,000 | ---D | C] -- C:\Users\Zdena\Desktop\RK_Quarantine
[2013.02.15 23:20:38 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2013.02.14 09:31:38 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.02.14 09:31:36 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.02.14 09:31:36 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.02.14 09:31:36 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.02.14 09:31:36 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.02.14 09:31:33 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.02.14 09:31:33 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.02.14 09:31:30 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.02.14 05:05:35 | 002,048,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.02.14 05:05:33 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2013.02.14 05:05:26 | 003,550,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.02.14 05:05:25 | 003,602,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
========== Files - Modified Within 30 Days ==========
[2013.02.16 22:49:02 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.02.16 22:44:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Zdena\Desktop\OTL.exe
[2013.02.16 22:27:23 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Zdena\Desktop\tdsskiller.exe
[2013.02.16 22:23:43 | 000,004,768 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.16 22:23:42 | 000,004,768 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.16 22:23:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.16 22:23:31 | 2137,448,448 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.16 22:22:49 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013.02.16 22:16:10 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.02.16 22:03:01 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1804194615-106423829-2612554759-1000UA.job
[2013.02.16 21:23:37 | 005,033,715 | R--- | M] (Swearware) -- C:\Users\Zdena\Desktop\ComboFix.exe
[2013.02.16 21:16:10 | 000,798,208 | ---- | M] () -- C:\Users\Zdena\Desktop\RogueKiller.exe
[2013.02.16 10:03:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1804194615-106423829-2612554759-1000Core.job
[2013.02.15 12:49:22 | 000,228,504 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.02.14 09:28:17 | 000,607,470 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.02.14 09:28:17 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.02.14 09:28:17 | 000,118,118 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.02.14 09:28:17 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.02.14 09:21:51 | 000,004,608 | ---- | M] () -- C:\Users\Zdena\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.02.10 23:01:35 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.02.10 23:01:35 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.01.29 19:25:29 | 000,057,088 | ---- | M] () -- C:\Users\Zdena\Documents\1308489.jpg
[2013.01.28 21:43:21 | 000,010,877 | -HS- | M] () -- C:\Users\Zdena\Documents\Folder.jpg
[2013.01.28 21:43:21 | 000,010,877 | -HS- | M] () -- C:\Users\Zdena\Documents\AlbumArt_{7C0DE328-0FCE-49B9-8620-ABA1EE5A35EA}_Large.jpg
[2013.01.28 21:43:21 | 000,002,036 | -HS- | M] () -- C:\Users\Zdena\Documents\AlbumArtSmall.jpg
[2013.01.28 21:43:21 | 000,002,036 | -HS- | M] () -- C:\Users\Zdena\Documents\AlbumArt_{7C0DE328-0FCE-49B9-8620-ABA1EE5A35EA}_Small.jpg
[2013.01.28 21:39:38 | 008,354,712 | ---- | M] () -- C:\Users\Zdena\Documents\04-nightwish-ever_dream.mp3
========== Files Created - No Company Name ==========
[2013.02.16 22:49:02 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.02.16 21:25:59 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.02.16 21:25:59 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.02.16 21:25:59 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.02.16 21:25:59 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.02.16 21:25:59 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.02.16 21:16:06 | 000,798,208 | ---- | C] () -- C:\Users\Zdena\Desktop\RogueKiller.exe
[2013.02.16 09:58:03 | 000,000,962 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1804194615-106423829-2612554759-1000UA.job
[2013.02.16 09:58:01 | 000,000,910 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1804194615-106423829-2612554759-1000Core.job
[2013.02.14 11:31:46 | 2137,448,448 | -HS- | C] () -- C:\hiberfil.sys
[2013.02.14 09:21:49 | 000,004,608 | ---- | C] () -- C:\Users\Zdena\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.01.29 19:25:22 | 000,057,088 | ---- | C] () -- C:\Users\Zdena\Documents\1308489.jpg
[2013.01.28 21:43:21 | 000,010,877 | -HS- | C] () -- C:\Users\Zdena\Documents\AlbumArt_{7C0DE328-0FCE-49B9-8620-ABA1EE5A35EA}_Large.jpg
[2013.01.28 21:43:21 | 000,002,036 | -HS- | C] () -- C:\Users\Zdena\Documents\AlbumArt_{7C0DE328-0FCE-49B9-8620-ABA1EE5A35EA}_Small.jpg
[2013.01.28 21:41:37 | 000,010,877 | -HS- | C] () -- C:\Users\Zdena\Documents\Folder.jpg
[2013.01.28 21:41:37 | 000,002,036 | -HS- | C] () -- C:\Users\Zdena\Documents\AlbumArtSmall.jpg
[2013.01.28 21:34:24 | 008,354,712 | ---- | C] () -- C:\Users\Zdena\Documents\04-nightwish-ever_dream.mp3
[2012.04.29 20:27:34 | 000,004,082 | ---- | C] () -- C:\Windows\SETUP.INI
[2012.04.29 20:27:08 | 000,000,033 | ---- | C] () -- C:\Windows\WTRDCTM.INI
[2012.04.29 20:22:49 | 000,000,490 | ---- | C] () -- C:\Windows\TRNCOM.INI
[2012.04.29 20:22:33 | 000,000,666 | ---- | C] () -- C:\Windows\WEBTRAN4.INI
[2012.04.29 20:22:25 | 000,002,900 | ---- | C] () -- C:\Windows\WTRAN32.INI
[2012.04.29 20:22:25 | 000,001,038 | ---- | C] () -- C:\Windows\WDICT32.INI
[2012.03.15 10:38:45 | 000,000,061 | ---- | C] () -- C:\Windows\Wininit.ini
[2012.01.19 17:33:02 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012.01.19 17:33:01 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012.01.15 10:40:47 | 000,031,007 | ---- | C] () -- C:\Users\Zdena\AppData\Roaming\UserTile.png
[2012.01.13 22:39:33 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012.01.12 11:30:50 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2012.01.10 10:01:01 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2012.01.07 21:32:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\PressCancel.exe
[2012.01.07 20:47:51 | 000,000,680 | ---- | C] () -- C:\Users\Zdena\AppData\Local\d3d9caps.dat
========== ZeroAccess Check ==========
[2006.11.02 13:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.03.15 10:38:44 | 000,000,000 | ---D | M] -- C:\Users\Zdena\AppData\Roaming\ConMet
[2012.02.14 21:08:14 | 000,000,000 | ---D | M] -- C:\Users\Zdena\AppData\Roaming\TeamViewer
========== Purity Check ==========
========== Custom Scans ==========
< >
[2006.11.02 13:58:10 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006.11.02 13:58:10 | 000,032,562 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.02.16 09:58:01 | 000,000,910 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1804194615-106423829-2612554759-1000Core.job
[2013.02.16 09:58:03 | 000,000,962 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1804194615-106423829-2612554759-1000UA.job
< >
< MD5 for: AGP440.SYS >
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\erdnt\cache\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\erdnt\cache\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2012.01.12 12:04:36 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2012.01.12 12:04:36 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2012.01.12 12:04:36 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.19 08:33:01 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2006.11.02 10:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe
< MD5 for: CDROM.SYS >
[2008.01.19 06:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.19 06:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\erdnt\cache\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2006.11.02 10:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
[2008.01.19 08:34:00 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2012.04.23 17:00:53 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=75C6A297E364014840B48ECCD7525E30 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_77e34ec697f67015\cryptsvc.dll
[2012.04.23 15:48:06 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=C979AEA8C4D8F875CD25507D08980006 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_78447b63b1339621\cryptsvc.dll
[2012.06.02 12:09:26 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=DD9CCF40ED80DD0D62F1B607A1EA4449 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_7837de25b13bb212\cryptsvc.dll
[2012.06.02 01:02:32 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=F1E8C34892336D33EDDCDFE44E474F64 -- C:\Windows\erdnt\cache\cryptsvc.dll
[2012.06.02 01:02:32 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=F1E8C34892336D33EDDCDFE44E474F64 -- C:\Windows\System32\cryptsvc.dll
[2012.06.02 01:02:32 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=F1E8C34892336D33EDDCDFE44E474F64 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_77bddd9098134535\cryptsvc.dll
[2009.04.11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2012.01.12 12:03:54 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2012.01.12 12:03:52 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2012.01.12 12:03:52 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2012.01.12 12:24:58 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2012.01.12 12:24:57 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\erdnt\cache\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2012.01.12 12:03:53 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: HAL.DLL >
[2009.04.11 07:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll
< MD5 for: IASTORV.SYS >
[2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2006.11.02 10:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\drivers\isapnp.sys
[2006.11.02 10:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.19 08:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008.01.19 08:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.19 08:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.19 08:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys
< MD5 for: LSASS.EXE >
[2012.01.11 12:49:35 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2012.01.12 12:21:41 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2012.01.11 12:49:35 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2012.01.11 12:42:36 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2012.06.01 23:37:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=613DEB66A91820F0A41915B40BB8833F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22869_none_a882cf8373379c5f\lsass.exe
[2006.11.02 10:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6A0E382E74280E4CC0DF17FE2661D003 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
[2012.01.11 12:49:34 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2011.11.16 15:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\erdnt\cache\lsass.exe
[2011.11.16 15:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\System32\lsass.exe
[2011.11.16 15:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_a806cc745a10ffad\lsass.exe
[2011.11.16 15:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_a808ceee5a0f2f82\lsass.exe
[2012.01.11 12:49:34 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2012.01.11 12:42:36 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2012.01.11 12:49:36 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2012.01.11 12:49:36 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2012.01.12 12:21:40 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2012.01.12 12:21:42 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2012.01.11 12:42:34 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2012.01.11 12:42:34 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2012.01.11 12:42:34 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2011.11.16 14:57:04 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=EBFAEB786C46B407930811F94F08877D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_a8916b6f732db5f5\lsass.exe
[2012.01.11 12:42:34 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe
< MD5 for: NDIS.SYS >
[2009.04.11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\erdnt\cache\ndis.sys
[2009.04.11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009.04.11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2006.11.02 10:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2008.01.19 08:43:31 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
< MD5 for: NETLOGON.DLL >
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\erdnt\cache\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVRAID.SYS >
[2008.01.19 08:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.19 08:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\drivers\nvraid.sys
[2006.11.02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\erdnt\cache\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: SMSS.EXE >
[2008.01.19 08:33:31 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe
[2009.04.11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
[2006.11.02 10:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_aa03e6011c468ee6\smss.exe
< MD5 for: SVCHOST.EXE >
[2006.11.02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2012.12.14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008.01.19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\erdnt\cache\svchost.exe
[2008.01.19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.26 09:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009.04.11 07:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011.09.20 22:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2012.01.12 12:26:18 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2012.01.12 12:26:12 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2012.03.30 13:39:11 | 000,905,600 | ---- | M] (Microsoft Corporation) MD5=27D470DABC77BC60D0A3B0E4DEB6CB91 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_b50896786388e1d5\tcpip.sys
[2012.01.11 12:44:48 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2012.01.11 12:44:47 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2012.01.12 12:26:18 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2013.01.04 12:28:19 | 000,914,792 | ---- | M] (Microsoft Corporation) MD5=3535CD93F944C00F098E73E12EE7FEB6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23013_none_b5863efb7cafb1c9\tcpip.sys
[2012.01.11 12:44:47 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2012.01.11 12:44:48 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2012.01.11 12:49:04 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2012.01.11 12:49:05 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2010.06.16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2012.01.12 12:26:15 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2010.06.16 17:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2013.01.04 12:28:18 | 000,905,576 | ---- | M] (Microsoft Corporation) MD5=74E2D020C47BB2B2FCCBA29A518A7EB4 -- C:\Windows\erdnt\cache\tcpip.sys
[2013.01.04 12:28:18 | 000,905,576 | ---- | M] (Microsoft Corporation) MD5=74E2D020C47BB2B2FCCBA29A518A7EB4 -- C:\Windows\System32\drivers\tcpip.sys
[2013.01.04 12:28:18 | 000,905,576 | ---- | M] (Microsoft Corporation) MD5=74E2D020C47BB2B2FCCBA29A518A7EB4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18764_none_b4c7b8d663b986a2\tcpip.sys
[2010.06.16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011.09.20 22:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2008.04.26 09:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2012.01.12 12:26:12 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2012.01.11 12:44:47 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2006.11.02 09:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2012.01.11 12:44:47 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2012.03.30 13:39:11 | 000,914,304 | ---- | M] (Microsoft Corporation) MD5=EE7E10BED85C312C1D5D30C435BDDA9F -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22828_none_b58096797cb31c04\tcpip.sys
[2008.01.19 08:43:39 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2012.01.12 12:26:15 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\erdnt\cache\userinit.exe
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WINLOGON.EXE >
[2012.12.14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\erdnt\cache\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.01.19 08:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\erdnt\cache\ws2_32.dll
[2006.11.02 10:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
[2008.01.19 08:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
[2008.01.19 08:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
< >
Re: Pomalí PC
Napsal: 17 úno 2013 00:00
od PavelP
color=#A23BEC]< %systemroot%*.* /U /s >[/color]
[6 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Installer\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}\*.tmp files -> C:\Windows\Installer\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.01.11 11:07:10 | 000,000,000 | ---D | M] -- C:\Users\Zdena\AppData\Roaming\Adobe
[2012.03.15 10:38:44 | 000,000,000 | ---D | M] -- C:\Users\Zdena\AppData\Roaming\ConMet
[2012.01.07 20:47:58 | 000,000,000 | ---D | M] -- C:\Users\Zdena\AppData\Roaming\Identities
[2012.01.07 21:31:52 | 000,000,000 | ---D | M] -- C:\Users\Zdena\AppData\Roaming\InstallShield
[2012.01.07 22:25:34 | 000,000,000 | ---D | M] -- C:\Users\Zdena\AppData\Roaming\Macromedia
[2012.04.08 23:52:53 | 000,000,000 | ---D | M] -- C:\Users\Zdena\AppData\Roaming\Malwarebytes
[2012.05.06 20:26:21 | 000,000,000 | --SD | M] -- C:\Users\Zdena\AppData\Roaming\Microsoft
[2013.02.16 10:02:45 | 000,000,000 | ---D | M] -- C:\Users\Zdena\AppData\Roaming\Mozilla
[2012.06.27 20:17:07 | 000,000,000 | ---D | M] -- C:\Users\Zdena\AppData\Roaming\Nero
[2013.02.16 19:55:48 | 000,000,000 | ---D | M] -- C:\Users\Zdena\AppData\Roaming\Skype
[2012.01.10 12:53:13 | 000,000,000 | ---D | M] -- C:\Users\Zdena\AppData\Roaming\SUPERAntiSpyware.com
[2012.02.14 21:08:14 | 000,000,000 | ---D | M] -- C:\Users\Zdena\AppData\Roaming\TeamViewer
[2012.01.07 21:19:35 | 000,000,000 | ---D | M] -- C:\Users\Zdena\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013.02.16 22:23:42 | 000,004,768 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.16 22:23:43 | 000,004,768 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.15 12:49:22 | 000,228,504 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT
[2013.02.14 09:34:06 | 067,823,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mrt.exe
[2013.02.14 09:28:17 | 000,118,118 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2013.02.14 09:28:17 | 000,104,070 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2013.02.14 09:28:17 | 000,607,470 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2013.02.14 09:28:17 | 000,595,996 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2013.02.14 09:28:17 | 001,440,146 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.04.11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.02.16 22:49:02 | 000,000,512 | ---- | M] () MD5=72D4F60FB65F51F08E4469EF218C9674 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
< *loader* /s >
[2010.03.15 11:28:24 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2009.05.15 07:36:22 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2009.05.15 07:36:22 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.02.16 10:19:59 | 000,084,144 | ---- | M] () -- \Users\Zdena\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1P3TUQ3B\preloader.99454[1].swf
[2013.02.16 10:20:09 | 000,062,150 | ---- | M] () -- \Users\Zdena\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1P3TUQ3B\preloader_asset.99454[1].swf
[2013.02.16 10:20:03 | 000,030,437 | ---- | M] () -- \Users\Zdena\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S2WNBYV8\PaymentsLoader.min[1].js
[2013.02.16 10:20:03 | 000,006,071 | ---- | M] () -- \Users\Zdena\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S2WNBYV8\zChannelsLoader[1].js
[2013.02.16 10:20:08 | 000,003,712 | ---- | M] () -- \Users\Zdena\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TF0X1AXF\loader[1].js
[2013.02.16 10:22:38 | 000,001,737 | ---- | M] () -- \Users\Zdena\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TLZX86A5\loader[1].gif
[2009.11.21 00:16:58 | 002,341,242 | R--- | M] () -- \Windows\Setup\SCRIPTS\WINDOWS7LOADER.exe
[2008.01.19 08:34:04 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.01.13 09:21:28 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2012.01.13 09:21:28 | 000,027,648 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winload.exe.mui_3bc5b827
[2012.01.13 09:21:28 | 000,019,968 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winresume.exe.mui_ff8b5358
[2012.02.01 22:30:13 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2012.02.01 22:30:13 | 000,986,600 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winload.exe_75835076
[2012.02.01 22:30:13 | 000,926,184 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winresume.exe_85cd1215
[2012.01.13 09:20:28 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2012.01.13 09:20:28 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2012.01.11 11:24:51 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2012.01.11 11:24:29 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2012.01.11 11:25:07 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2012.01.11 11:24:30 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2012.01.11 11:25:45 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2012.01.11 11:25:53 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2012.01.11 11:26:17 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2012.01.11 11:24:51 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2012.01.11 11:24:28 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2012.01.11 11:25:06 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2012.01.11 11:24:29 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2012.01.11 11:25:45 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2012.01.11 11:25:52 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2012.01.11 11:26:16 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008.01.19 04:14:52 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2012.01.11 11:24:19 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2012.01.11 11:24:18 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008.01.19 00:00:00 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2012.01.11 11:24:01 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2012.01.11 11:24:00 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2009.04.11 00:12:44 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2006.11.02 11:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008.01.19 00:05:22 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2006.11.02 13:33:49 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6000.16386_none_43bd59f592b7be86\dmloader.dll
[2008.01.19 08:34:04 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008.01.19 08:34:04 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2012.10.08 12:01:03 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.02.19 02:11:23 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.03.31 19:04:50 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.30 05:42:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.02.19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.08 12:01:03 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.01.13 22:01:54 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\385aa099c26f145e4ebebdebe26b155e\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.13 22:01:16 | 002,346,496 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\895899bb8c1772f2043de17305d7eb35\System.Runtime.Serialization.ni.dll
[2013.01.10 22:30:18 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\77abf1693d291d374b58ffbbfe36d4dd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.10 22:30:08 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\910fe53ec2122cf3a2ad11c2b2f5cbfd\System.Runtime.Serialization.ni.dll
[2013.01.10 22:33:44 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\058c3947c450591cb81643529cfd5ca7\System.Xml.Serialization.ni.dll
[2012.01.17 18:43:38 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.02.14 09:29:07 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.01.17 18:43:37 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.02.14 09:29:03 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.02.14 09:29:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.03.30 05:42:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.03.31 19:04:50 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.08 12:01:09 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2008.01.19 08:36:21 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2007.01.08 22:05:34 | 000,005,632 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2006.11.02 09:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2007.01.08 22:05:41 | 000,004,096 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\grserial.sys.mui
[2007.01.08 22:05:42 | 000,010,240 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2008.01.19 06:49:35 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_33048ac2\serial.sys
[2006.11.02 09:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_9d4661e2\serial.sys
[2006.11.02 08:41:49 | 001,010,560 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_91bbdacd\smserial.sys
[2008.01.19 06:49:35 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_44880ea7\serial.sys
[2006.11.02 09:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_ac874de4\serial.sys
[2006.11.02 09:51:28 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_a24cc104\grserial.sys
[2008.01.19 06:49:33 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_bec36faa\grserial.sys
[2012.02.01 22:30:20 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61.manifest
[2012.02.01 22:30:20 | 000,017,384 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61_kdcom.dll_db5e7744
[2012.01.13 09:20:34 | 000,005,632 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_4e6ae191e3aac47c_serialui.dll.mui_7d29d2a3
[2012.02.01 22:30:48 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805_serialui.dll_bea29328
[2006.11.02 13:33:16 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3.manifest
[2012.01.12 10:25:28 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16708_none_d2461403b7e6edc1.manifest
[2012.01.12 10:25:28 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.20864_none_bb7eca1fd1887f4d.manifest
[2008.01.19 00:05:26 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf.manifest
[2012.01.12 10:22:10 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18096_none_d22b4019b82faa94.manifest
[2010.04.12 19:45:00 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18457_none_d2272799b833601d.manifest
[2012.01.12 10:22:09 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22208_none_bb54690bd1df5a1e.manifest
[2010.04.12 19:51:10 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22668_none_bb5a6a37d1d9f36c.manifest
[2009.04.11 00:16:00 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18005_none_d1fe4b6bb888c0d3.manifest
[2010.04.12 19:29:50 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18239_none_d200f0e1b88673fe.manifest
[2012.10.08 17:24:13 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18707_none_d1fe1cdfb888f64c.manifest
[2010.04.12 20:40:05 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22380_none_bb39189bd2286c0e.manifest
[2012.10.08 16:03:48 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22945_none_bb34a4b3d22c88bd.manifest
[2007.01.08 22:01:51 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_cs-cz_5ff98b2cc72ba40d.manifest
[2006.11.02 13:37:38 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_en-us_bb16054302d6ef1f.manifest
[2012.01.12 10:22:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16708_en-us_bb0dd4d302de58ed.manifest
[2012.01.11 12:15:26 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_cs-cz_5ff511dac72f8cd8.manifest
[2012.01.12 10:22:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20864_en-us_a4468aef1c7fea79.manifest
[2012.01.11 12:15:25 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_cs-cz_492cfaeee0d2050d.manifest
[2008.01.19 04:14:26 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18000_cs-cz_5fce0ce8c7834cd9.manifest
[2012.01.12 10:19:16 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18096_en-us_baf300e9032715c0.manifest
[2012.01.11 12:14:47 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_cs-cz_5fcff690c7819979.manifest
[2010.04.12 18:23:06 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18457_en-us_baeee869032acb49.manifest
[2012.01.12 10:19:16 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22208_en-us_a41c29db1cd6c54a.manifest
[2012.01.11 12:14:46 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_cs-cz_490422d4e1275f6f.manifest
[2010.04.12 18:31:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22668_en-us_a4222b071cd15e98.manifest
[2009.04.11 11:04:50 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18005_cs-cz_5fa99224c7d4e0ed.manifest
[2010.04.12 23:15:50 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_cs-cz_5fac379ac7d29418.manifest
[2010.04.12 18:44:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_en-us_bac8b1b1037ddf2a.manifest
[2012.10.08 20:37:20 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18707_cs-cz_5fa96398c7d51666.manifest
[2012.10.08 17:20:22 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18707_en-us_bac5ddaf03806178.manifest
[2010.04.12 23:51:48 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_cs-cz_48e45f54e1748c28.manifest
[2010.04.12 19:41:31 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_en-us_a400d96b1d1fd73a.manifest
[2012.10.08 17:22:39 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22945_cs-cz_48dfeb6ce178a8d7.manifest
[2012.10.08 16:00:20 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22945_en-us_a3fc65831d23f3e9.manifest
[2006.11.02 13:33:16 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526.manifest
[2012.01.12 10:25:28 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16708_none_0289499ddf8deef4.manifest
[2012.01.12 10:25:27 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.20864_none_ebc1ffb9f92f8080.manifest
[2008.01.19 00:04:20 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2.manifest
[2012.01.12 10:22:08 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18096_none_026e75b3dfd6abc7.manifest
[2010.04.12 19:44:39 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18457_none_026a5d33dfda6150.manifest
[2012.01.12 10:22:08 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22208_none_eb979ea5f9865b51.manifest
[2010.04.12 19:50:49 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22668_none_eb9d9fd1f980f49f.manifest
[2009.04.11 00:15:32 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18005_none_02418105e02fc206.manifest
[2010.04.12 19:29:29 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18239_none_0244267be02d7531.manifest
[2012.10.08 17:23:59 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18707_none_02415279e02ff77f.manifest
[2010.04.12 20:39:45 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22380_none_eb7c4e35f9cf6d41.manifest
[2012.10.08 16:03:34 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22945_none_eb77da4df9d389f0.manifest
[2006.11.02 11:18:20 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6000.16386_none_0f7ecb22afbfde41.manifest
[2008.01.19 00:01:04 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6001.18000_none_11b58d1eacaaef15.manifest
[2009.04.11 00:13:32 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61.manifest
[2006.11.02 11:02:09 | 000,001,406 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.0.6000.16386_none_2a8610ec098ae6c4.manifest
[2006.11.02 13:33:16 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68.manifest
[2012.01.12 10:24:20 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16708_none_0763f56b20648936.manifest
[2012.01.12 10:24:19 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.20864_none_f09cab873a061ac2.manifest
[2008.01.19 00:13:44 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834.manifest
[2012.01.12 10:21:18 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18096_none_0749218120ad4609.manifest
[2010.04.12 19:47:49 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18457_none_0745090120b0fb92.manifest
[2012.01.12 10:21:18 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22208_none_f0724a733a5cf593.manifest
[2010.04.12 19:53:39 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22668_none_f0784b9f3a578ee1.manifest
[2009.04.11 00:18:56 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18005_none_071c2cd321065c48.manifest
[2010.04.12 19:32:33 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18239_none_071ed24921040f73.manifest
[2012.10.08 17:26:11 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18707_none_071bfe47210691c1.manifest
[2010.04.12 20:42:39 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22380_none_f056fa033aa60783.manifest
[2012.10.08 16:05:32 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22945_none_f052861b3aaa2432.manifest
[2006.10.20 02:14:53 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.16386_none_483e6ea12378b3a8\System.Runtime.Serialization.Formatters.Soap.dll
[2012.01.12 10:03:28 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.16720_none_4838f505237d831c\System.Runtime.Serialization.Formatters.Soap.dll
[2012.01.12 10:03:28 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.20883_none_31710ba93d1fc80f\System.Runtime.Serialization.Formatters.Soap.dll
[2008.01.05 12:26:58 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.18000_none_4812f05d23d05c74\System.Runtime.Serialization.Formatters.Soap.dll
[2012.01.12 10:02:50 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.18111_none_4813d9bb23cf8fbd\System.Runtime.Serialization.Formatters.Soap.dll
[2012.01.12 10:02:49 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.22230_none_31484a573d7508d0\System.Runtime.Serialization.Formatters.Soap.dll
[2009.03.30 05:42:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6002.18005_none_47ee75992421f088\System.Runtime.Serialization.Formatters.Soap.dll
[2007.01.08 22:03:37 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6000.16386_cs-cz_0167850d1d10bca1\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.01.12 10:33:08 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6000.16754_cs-cz_0164b12f1d133e9e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.01.12 10:33:08 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6000.20921_cs-cz_ea944dc536bd060d\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.01.05 12:27:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6001.18000_cs-cz_013c06c91d68656d\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.01.12 10:32:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6001.18145_cs-cz_013f95e51d654b3f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.01.12 10:32:15 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6001.22269_cs-cz_ea739499370b4477\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 19:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6002.18005_cs-cz_01178c051db9f981\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2006.11.02 13:34:59 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3\System.Runtime.Serialization.dll
[2012.01.12 10:27:23 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16708_none_d2461403b7e6edc1\System.Runtime.Serialization.dll
[2012.01.12 10:27:23 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.20864_none_bb7eca1fd1887f4d\System.Runtime.Serialization.dll
[2008.01.05 12:21:39 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf\System.Runtime.Serialization.dll
[2012.01.12 10:27:08 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18096_none_d22b4019b82faa94\System.Runtime.Serialization.dll
[2010.04.12 13:20:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18457_none_d2272799b833601d\System.Runtime.Serialization.dll
[2012.01.12 10:27:08 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22208_none_bb54690bd1df5a1e\System.Runtime.Serialization.dll
[2010.04.12 13:22:02 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22668_none_bb5a6a37d1d9f36c\System.Runtime.Serialization.dll
[2009.02.18 19:38:43 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18005_none_d1fe4b6bb888c0d3\System.Runtime.Serialization.dll
[2010.04.12 13:21:15 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18239_none_d200f0e1b88673fe\System.Runtime.Serialization.dll
[2012.10.08 12:01:09 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18707_none_d1fe1cdfb888f64c\System.Runtime.Serialization.dll
[2010.04.12 13:22:02 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22380_none_bb39189bd2286c0e\System.Runtime.Serialization.dll
[2012.10.08 11:59:43 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22945_none_bb34a4b3d22c88bd\System.Runtime.Serialization.dll
[2007.01.08 22:06:16 | 000,081,920 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_cs-cz_5ff98b2cc72ba40d\System.RunTime.Serialization.Resources.dll
[2012.01.12 10:35:08 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_cs-cz_5ff511dac72f8cd8\System.RunTime.Serialization.Resources.dll
[2012.01.12 10:35:07 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_cs-cz_492cfaeee0d2050d\System.RunTime.Serialization.Resources.dll
[2008.01.05 12:27:23 | 000,086,016 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18000_cs-cz_5fce0ce8c7834cd9\System.RunTime.Serialization.Resources.dll
[2012.01.12 10:34:57 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_cs-cz_5fcff690c7819979\System.RunTime.Serialization.Resources.dll
[2012.01.12 10:34:57 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_cs-cz_490422d4e1275f6f\System.RunTime.Serialization.Resources.dll
[2009.02.19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18005_cs-cz_5fa99224c7d4e0ed\System.RunTime.Serialization.Resources.dll
[2009.02.19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_cs-cz_5fac379ac7d29418\System.RunTime.Serialization.Resources.dll
[2009.02.19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18707_cs-cz_5fa96398c7d51666\System.RunTime.Serialization.Resources.dll
[2009.02.19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_cs-cz_48e45f54e1748c28\System.RunTime.Serialization.Resources.dll
[2009.02.19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22945_cs-cz_48dfeb6ce178a8d7\System.RunTime.Serialization.Resources.dll
[2006.11.02 13:34:59 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526\System.Runtime.Serialization.dll
[2012.01.12 10:27:23 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16708_none_0289499ddf8deef4\System.Runtime.Serialization.dll
[2012.01.12 10:27:23 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.20864_none_ebc1ffb9f92f8080\System.Runtime.Serialization.dll
[2008.01.05 12:21:38 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2\System.Runtime.Serialization.dll
[2012.01.12 10:27:08 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18096_none_026e75b3dfd6abc7\System.Runtime.Serialization.dll
[2010.04.12 13:19:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18457_none_026a5d33dfda6150\System.Runtime.Serialization.dll
[2012.01.12 10:27:08 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22208_none_eb979ea5f9865b51\System.Runtime.Serialization.dll
[2010.04.12 13:21:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22668_none_eb9d9fd1f980f49f\System.Runtime.Serialization.dll
[2009.02.18 19:38:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18005_none_02418105e02fc206\System.Runtime.Serialization.dll
[2010.04.12 13:21:01 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18239_none_0244267be02d7531\System.Runtime.Serialization.dll
[2012.10.08 12:01:03 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18707_none_02415279e02ff77f\System.Runtime.Serialization.dll
[2010.04.12 13:21:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22380_none_eb7c4e35f9cf6d41\System.Runtime.Serialization.dll
[2012.10.08 11:59:29 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22945_none_eb77da4df9d389f0\System.Runtime.Serialization.dll
[2007.01.08 22:05:42 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_f15fa7f9f28d5343\serial.sys.mui
[2008.01.19 06:49:35 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf_31bf3856ad364e35_6.0.6001.18000_none_955c449145dbf667\serial.sys
[2007.01.08 22:05:00 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_bdf5a8f7ae6b024a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.01.12 10:32:55 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6000.16754_cs-cz_be141fbfae547065\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.01.12 10:32:26 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6000.20921_cs-cz_bebb2d56c75c6d7e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.01.05 12:27:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_c02c6af3ab56131e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.01.12 10:32:04 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.18145_cs-cz_c0062e9bab71febc\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.01.12 10:31:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.22269_cs-cz_c07e2cb6c49c3bc4\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 19:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6002.18005_cs-cz_c217e3ffa877de6a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2007.01.08 22:05:34 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_4c341f95e6bfb3a8\serialui.dll.mui
[2007.01.08 22:05:34 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_4e6ae191e3aac47c\serialui.dll.mui
[2006.11.02 10:46:12 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6000.16386_none_f2cadf9221bfabe5\serialui.dll
[2008.01.19 08:36:21 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6001.18000_none_f501a18e1eaabcb9\serialui.dll
[2008.01.19 08:36:21 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805\serialui.dll
[2007.01.08 22:06:12 | 000,081,920 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_5b3d50955593c887\System.RunTime.Serialization.Resources.dll
[2012.01.12 10:35:03 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.16730_cs-cz_5b6d660d55709964\System.RunTime.Serialization.Resources.dll
[2012.01.12 10:35:01 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.20895_cs-cz_5bbb24c26eba5f87\System.RunTime.Serialization.Resources.dll
[2008.01.05 12:27:23 | 000,086,016 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_5d741291527ed95b\System.RunTime.Serialization.Resources.dll
[2012.01.12 10:34:52 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.18121_cs-cz_5d5f74e9528e27bb\System.RunTime.Serialization.Resources.dll
[2012.01.12 10:34:51 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.22243_cs-cz_5dd572706bba3215\System.RunTime.Serialization.Resources.dll
[2009.02.19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6002.18005_cs-cz_5f5f8b9d4fa0a4a7\System.RunTime.Serialization.Resources.dll
[2007.01.08 22:03:55 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_c27f608a4f515351\serial.sys.mui
[2008.01.19 06:49:35 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.0.6001.18000_none_f897b0b1b85e4433\serial.sys
[2007.01.08 22:05:41 | 000,004,096 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_b4070b50f198e261\grserial.sys.mui
[2008.01.19 06:49:33 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.0.6001.18000_none_72a9e15f343dcd03\grserial.sys
[2006.11.02 13:34:58 | 000,888,832 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68\System.Runtime.Serialization.dll
[2012.01.12 10:27:18 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16708_none_0763f56b20648936\System.Runtime.Serialization.dll
[2012.01.12 10:27:18 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.20864_none_f09cab873a061ac2\System.Runtime.Serialization.dll
[2008.01.05 12:21:38 | 000,929,792 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834\System.Runtime.Serialization.dll
[2012.01.12 10:27:04 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18096_none_0749218120ad4609\System.Runtime.Serialization.dll
[2010.04.12 13:19:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18457_none_0745090120b0fb92\System.Runtime.Serialization.dll
[2012.01.12 10:27:04 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22208_none_f0724a733a5cf593\System.Runtime.Serialization.dll
[2010.04.12 13:21:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22668_none_f0784b9f3a578ee1\System.Runtime.Serialization.dll
[2009.02.18 19:38:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18005_none_071c2cd321065c48\System.Runtime.Serialization.dll
[2010.04.12 13:21:01 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18239_none_071ed24921040f73\System.Runtime.Serialization.dll
[2012.10.08 12:01:03 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18707_none_071bfe47210691c1\System.Runtime.Serialization.dll
[2010.04.12 13:21:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22380_none_f056fa033aa60783\System.Runtime.Serialization.dll
[2012.10.08 11:59:29 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22945_none_f052861b3aaa2432\System.Runtime.Serialization.dll
< *w7lxe* /s >
< End of report >
Re: Pomalí PC
Napsal: 17 úno 2013 00:01
od PavelP
Snad jsem to udělal dobře a dal jsem tam vše.
Re: Pomalí PC
Napsal: 17 úno 2013 00:06
od Márty84
Proc tam mate crack na windows7?
Prohlednu to zitra, dnes uz jdu na kute.
Re: Pomalí PC
Napsal: 17 úno 2013 00:36
od PavelP
To teda nevím proč tam mám crack na windows7 to nechápu je to vše legální.
Re: Pomalí PC
Napsal: 17 úno 2013 08:41
od Márty84
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)
Kód: Vybrat vše
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1804194615-106423829-2612554759-1000Core.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1804194615-106423829-2612554759-1000UA.job
:otl
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1804194615-106423829-2612554759-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1804194615-106423829-2612554759-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
[6 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Installer\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}\*.tmp files -> C:\Windows\Installer\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}\*.tmp -> ]
Kliknete na
Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.