VIRY.CZ

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.10.06.01

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16688
Marie :: FILOU [administrátor]

Ochrana: Povolena

6. 10. 2013 10:09:05
MBAM-log-2013-10-06 (10-58-10).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 444997
Uplynulý čas: 46 minut, 38 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 9
HKCR\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} (PUP.Optional.BrowseFox.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DBB6CE-3148-4FEC-B481-103CB3290427} (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0} (PUP.Optional.ZuluGames) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FreeHDSport TV (PUP.Optional.FreeHDSport.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Google\Chrome\Extensions\gflandjopdloblmlcoiidmncpinmmacn (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Google\Chrome\Extensions\nbdbmopeebalgaeghmjoegpkngglikgn (PUP.Optional.FreeHDSport.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 1
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {5A2686EC-D33C-11E2-BE78-94DE8016FF88} -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 3
C:\Program Files (x86)\FreeHDSport TV (PUP.Optional.FreeHDSport.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\FreeHDSport.TV (PUP.Optional.FreeHDSport.A) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Roaming\zulagames (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 93
C:\AdwCleaner\Quarantine\C\Program Files (x86)\FilesFrog Update Checker\update_checker.exe.vir (PUP.Optional.FilesFrog.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\ContentPackagesActivationHandler.exe.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgArchive.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgcommon.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgconfig.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgFlashPlayer.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mghooking.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgICQAuto.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgICQMessengerAdapter.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mglogger.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgMediaPlayer.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgMsnAuto.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgYahooAuto.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgYahooMessengerAdapter.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\SweetIM.exe.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\ClearHist.exe.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgcommon.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgconfig.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mghooking.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mglogger.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll.vir (PUP.Optional.SweetPacks) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\ProgramData\DSearchLink\DSearchLink.exe.vir (PUP.Optional.Delta.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Users\Marie\AppData\Roaming\file scout\filescout.exe.vir (PUP.Optional.FileScout.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir (PUP.Optional.PCPerformer.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\FreeHDSport TV\FreeHDSport TV-bg.exe (PUP.Optional.FreeHDSportTV.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\FreeHDSport TV\FreeHDSport TV-buttonutil.exe (PUP.Optional.FreeHDSportTV.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\FreeHDSport TV\FreeHDSport TV-buttonutil64.exe (PUP.Optional.FreeHDSportTV.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\FreeHDSport TV\FreeHDSport TV-codedownloader.exe (PUP.Optional.FreeHDSportTV.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\FreeHDSport TV\FreeHDSport TV-enabler.exe (PUP.Optional.FreeHDSportTV.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\FreeHDSport TV\FreeHDSport TV-updater.exe (PUP.Optional.FreeHDSportTV.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\FreeHDSport TV\utils.exe (PUP.Optional.FreeHDSport.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\FreeHDSport.TV\freehdsporttvIE.exe (Adware.Packed.Ranver) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\FreeHDSport.TV\LSextsetup.exe (Adware.Packed.Ranver) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Application Data\Bundled software uninstaller\biclient.exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\73LUQYI0\codec_pack_ie.exe (PUP.Optional.OneClickDownloader.A) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\73LUQYI0\pack[1].7z (PUP.Optional.PerformerSoft.A) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CKCZBNGJ\minibar-core[1].exe (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CKCZBNGJ\rcpsetupst_RC1_ZZ_S_1.exe (PUP.Optional.RegCleanerPro) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W28F9BUI\4shared_Desktop_4.0.3.1.exe (PUP.Optional.4Squared) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W28F9BUI\FLVPlayerUpdate_downloader_by_FLVPlayerUpdate[1].exe (PUP.Optional.Somoto) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W28F9BUI\StreamhuntAppsSetup(18_3f)3_ie.exe (PUP.Optional.OneClickDownloader.A) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W28F9BUI\VideoDownloadConvert.exe (PUP.Optional.FunWebProducts.A) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Temp\4CB6.tmp (PUP.Optional.PerformerSoft.A) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Temp\appshat-distribution.exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Temp\bundlesweetimsetup.exe (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Temp\FLVPlayerUpdate_downloader_by_FLVPlayerUpdate.exe (PUP.Optional.Somoto) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Temp\mgsqlite3.7z (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Temp\mgsqlite3.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Temp\run.exe (PUP.Optional.Somoto) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Temp\UpdateCheckerSetup.exe (PUP.Optional.FilesFrog.A) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Temp\81AA17BD-BAB0-7891-8330-9A47D38716BD\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Temp\81AA17BD-BAB0-7891-8330-9A47D38716BD\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Temp\81AA17BD-BAB0-7891-8330-9A47D38716BD\Latest\ccp.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Temp\81AA17BD-BAB0-7891-8330-9A47D38716BD\Latest\DSearchLink.exe (PUP.Optional.Delta.A) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Temp\81AA17BD-BAB0-7891-8330-9A47D38716BD\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Temp\CABFCA79-BAB0-7891-BD14-AF5004A68B9C\Setup.exe (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Temp\CABFCA79-BAB0-7891-BD14-AF5004A68B9C\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Temp\ED79A5B0-BAB0-7891-8B89-8A84B90B5260\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Temp\ED79A5B0-BAB0-7891-8B89-8A84B90B5260\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Temp\ED79A5B0-BAB0-7891-8B89-8A84B90B5260\Latest\ccp.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Temp\ED79A5B0-BAB0-7891-8B89-8A84B90B5260\Latest\DSearchLink.exe (PUP.Optional.Delta.A) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Local\Temp\ED79A5B0-BAB0-7891-8B89-8A84B90B5260\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Windows\Installer\1313b7d2.msi (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Windows\Installer\1313b7d6.msi (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\FreeHDSport TV\background.html (PUP.Optional.FreeHDSport.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\FreeHDSport TV\FreeHDSport TV-bho.dll (PUP.Optional.FreeHDSport.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\FreeHDSport TV\FreeHDSport TV-buttonutil.dll (PUP.Optional.FreeHDSport.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\FreeHDSport TV\FreeHDSport TV-buttonutil64.dll (PUP.Optional.FreeHDSport.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\FreeHDSport TV\FreeHDSport TV-helper.exe (PUP.Optional.FreeHDSport.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\FreeHDSport TV\FreeHDSport TV.ico (PUP.Optional.FreeHDSport.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\FreeHDSport TV\Installer.log (PUP.Optional.FreeHDSport.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\FreeHDSport TV\Uninstall.exe (PUP.Optional.FreeHDSport.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\FreeHDSport.TV\freehdsporttv10.crx (PUP.Optional.FreeHDSport.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\FreeHDSport.TV\freehdsporttvIE.exe (PUP.Optional.FreeHDSport.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\FreeHDSport.TV\LSextsetup.exe (PUP.Optional.FreeHDSport.A) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\FreeHDSport TV-codedownloader.job (PUP.Optional.FreeHDSport.A) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\FreeHDSport TV-enabler.job (PUP.Optional.FreeHDSport.A) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\FreeHDSport TV-updater.job (PUP.Optional.FreeHDSport.A) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Roaming\zulagames\zulagames.crx (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Users\Marie\AppData\Roaming\zulagames\icon.ico (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.

(konec)

Vsechny nalezy nechte odstranit.

Po restartu pc test zopakujte, at vime, jestli se to nevraci. Napiste zda neco nasel a podle toho budeme pokracovat

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.10.06.01

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16688
Marie :: FILOU [administrátor]

Ochrana: Povolena

6. 10. 2013 12:45:44
mbam-log-2013-10-06 (12-45-44).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 443553
Uplynulý čas: 43 minut, 27 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

MBAM odinstalujte.

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

RogueKiller V8.7.1 [Oct 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 8 (6.2.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Marie [Práva správce]
Mód : Kontrola -- Datum : 10/06/2013 14:11:15
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[SUSP PATH] szndesktop.exe -- C:\Users\Marie\AppData\Roaming\Seznam.cz\bin\szndesktop.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] listicka-x64.exe -- C:\Users\Marie\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe [7] -> SMAZÁNO [TermThr]

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Marie\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Marie\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-965781781-1502645150-263859304-1004\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Marie\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-965781781-1502645150-263859304-1004\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Marie\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - WDC WD5000AAKX-00ERMA0 ATA Device +++++
--- User ---
[MBR] 3f89206fb0163e04777b6bdea1e91e45
[BSP] 9023acb6c78a98412b7171ec79e37c78 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 351 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 722925 | Size: 476587 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_10062013_141115.txt >>

Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

RogueKiller V8.7.1 [Oct 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 8 (6.2.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Marie [Práva správce]
Mód : Odebrat -- Datum : 10/06/2013 15:23:53
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[SUSP PATH] szndesktop.exe -- C:\Users\Marie\AppData\Roaming\Seznam.cz\bin\szndesktop.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] listicka-x64.exe -- C:\Users\Marie\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe [7] -> SMAZÁNO [TermThr]

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - WDC WD5000AAKX-00ERMA0 ATA Device +++++
--- User ---
[MBR] 3f89206fb0163e04777b6bdea1e91e45
[BSP] 9023acb6c78a98412b7171ec79e37c78 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 351 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 722925 | Size: 476587 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_10062013_152353.txt >>
RKreport[0]_D_10062013_152142.txt;RKreport[0]_S_10062013_141115.txt;RKreport[0]_S_10062013_152335.txt

RogueKiller V8.7.1 [Oct 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 8 (6.2.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Marie [Práva správce]
Mód : Oprava HOSTS -- Datum : 10/06/2013 15:26:24
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[SUSP PATH] szndesktop.exe -- C:\Users\Marie\AppData\Roaming\Seznam.cz\bin\szndesktop.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] listicka-x64.exe -- C:\Users\Marie\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe [7] -> SMAZÁNO [TermThr]

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost


Dokončeno : << RKreport[0]_H_10062013_152624.txt >>
RKreport[0]_D_10062013_152142.txt;RKreport[0]_D_10062013_152353.txt;RKreport[0]_S_10062013_141115.txt
RKreport[0]_S_10062013_152335.txt

Dejte novy log z RSIT

+

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Logfile of random's system information tool 1.09 (written by random/random)
Run by Marie at 2013-10-06 16:19:04
Microsoft Windows 8
System drive C: has 427 GB (90%) free of 477 GB
Total RAM: 6108 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:19:05, on 6. 10. 2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16688)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\syswow64\wwahost.exe
C:\Program Files\trend micro\Marie.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://localoem.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKCU\..\Run: [Google Update] "C:\Users\Marie\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net ... plugin.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll c:\progra~2\nvidia~1\3dvisi~1\nvstinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update qualitink - qualitink - C:\Program Files (x86)\qualitink\updatequalitink.exe
O23 - Service: Util qualitink - qualitink - C:\Program Files (x86)\qualitink\bin\utilqualitink.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @oem4.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7477 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
"dwm.exe"
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\qualitink\updatequalitink.exe"
"C:\Program Files (x86)\qualitink\bin\utilqualitink.exe"
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files\Windows Defender\MsMpEng.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
taskhostex.exe
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Explorer.EXE
dashost.exe {e20b6aeb-142e-4856-90e69a97ddffa946}
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" -quickstart
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" "-quickstart" "-env:OOO_CWD=2C:\\Program Files (x86)\\OpenOffice.org 3\\program"
"C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" /logon
C:\Windows\splwow64.exe 8192
"C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE"
"C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe" /MainProcess 2628 /PrinterName "Canon MP230 series Printer" /ScannerName "Canon MP230 series" /Language cs-CZ /Startup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe" -Embedding
"C:\Users\Marie\Desktop\RogueKiller.exe"
"C:\Program Files\Internet Explorer\iexplore.exe" -pinnedSite -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x44df565e -pinnedTimeHigh 0x01ce3539 -securityFlags 0x00000000 -url 0x00000015 http://www.seznam.cz/
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2080 CREDAT:267521 /prefetch:2
"C:\Windows\syswow64\wwahost.exe" -ServerName:App.wwa
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Marie\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-965781781-1502645150-263859304-1004Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-965781781-1502645150-263859304-1004UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Marie\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-03 116648]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2012-06-08 5123216]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2012-04-03 1273448]

C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.3.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-07-05 439296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmartcardSimulator]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VirtualSmartcardReader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wcmsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"EnableUIADesktopToggle"=0
"EnableCursorSuppression"=1
"ConsentPromptBehaviorUser"=3
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktopChanges"=1
"NoActiveDesktop"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-10-06 09:41:38 ----D---- C:\Users\Marie\AppData\Roaming\Malwarebytes
2013-10-06 09:41:23 ----D---- C:\ProgramData\Malwarebytes
2013-10-06 09:41:21 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-06 09:41:21 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-10-06 09:05:40 ----D---- C:\AdwCleaner
2013-10-06 06:42:35 ----D---- C:\rsit
2013-10-06 06:42:35 ----D---- C:\Program Files\trend micro
2013-10-04 12:43:14 ----D---- C:\temp
2013-10-04 12:42:42 ----D---- C:\ProgramData\M-Photo
2013-10-04 12:41:53 ----A---- C:\Windows\SYSWOW64\Akrem studio_Akrem studio_uninstaller.exe
2013-09-28 17:57:44 ----D---- C:\Program Files\Microsoft Silverlight
2013-09-28 17:57:44 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-09-28 08:21:44 ----D---- C:\Program Files (x86)\qualitink
2013-09-28 08:21:26 ----D---- C:\Program Files (x86)\LSHunter.TV
2013-09-28 06:29:30 ----D---- C:\Windows\SYSWOW64\searchplugins
2013-09-28 06:29:30 ----D---- C:\Windows\SYSWOW64\Extensions
2013-09-28 06:29:20 ----D---- C:\Users\Marie\AppData\Roaming\Mozilla
2013-09-21 07:59:06 ----D---- C:\Users\Marie\AppData\Roaming\RocketPDF
2013-09-20 22:48:08 ----A---- C:\Windows\system32\FNTCACHE.DAT
2013-09-17 17:57:01 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-09-16 20:25:39 ----A---- C:\Windows\system32\tssdisai.dll
2013-09-15 20:41:07 ----A---- C:\Windows\system32\sppsvc.exe
2013-09-15 20:41:06 ----A---- C:\Windows\system32\wuaueng.dll
2013-09-15 20:41:06 ----A---- C:\Windows\system32\WSService.dll
2013-09-15 20:41:06 ----A---- C:\Windows\system32\sppobjs.dll
2013-09-15 20:41:06 ----A---- C:\Windows\system32\NotificationUI.exe
2013-09-15 20:41:05 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2013-09-15 20:41:05 ----A---- C:\Windows\SYSWOW64\WSSync.dll
2013-09-15 20:41:05 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2013-09-15 20:41:05 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.dll
2013-09-15 20:41:05 ----A---- C:\Windows\SYSWOW64\sppc.dll
2013-09-15 20:41:05 ----A---- C:\Windows\system32\wups.dll
2013-09-15 20:41:05 ----A---- C:\Windows\system32\wucltux.dll
2013-09-15 20:41:05 ----A---- C:\Windows\system32\wuapi.dll
2013-09-15 20:41:05 ----A---- C:\Windows\system32\WSSync.dll
2013-09-15 20:41:05 ----A---- C:\Windows\system32\WSShared.dll
2013-09-15 20:41:05 ----A---- C:\Windows\system32\WinSetupUI.dll
2013-09-15 20:41:05 ----A---- C:\Windows\system32\sppwinob.dll
2013-09-15 20:41:05 ----A---- C:\Windows\system32\sppc.dll
2013-09-15 20:41:03 ----A---- C:\Windows\SYSWOW64\wups.dll
2013-09-15 20:41:03 ----A---- C:\Windows\SYSWOW64\WSClient.dll
2013-09-15 20:41:03 ----A---- C:\Windows\system32\wuwebv.dll
2013-09-15 20:41:03 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2013-09-15 20:41:03 ----A---- C:\Windows\system32\wups2.dll
2013-09-15 20:41:03 ----A---- C:\Windows\system32\wudriver.dll
2013-09-15 20:41:03 ----A---- C:\Windows\system32\wuauclt.exe
2013-09-15 20:41:03 ----A---- C:\Windows\system32\WSClient.dll
2013-09-15 20:41:03 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2013-09-15 20:41:03 ----A---- C:\Windows\system32\storewuauth.dll
2013-09-15 20:41:03 ----A---- C:\Windows\system32\drivers\dam.sys
2013-09-15 20:41:02 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2013-09-15 20:41:02 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2013-09-15 20:41:02 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2013-09-15 20:41:02 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-15 20:41:02 ----A---- C:\Windows\SYSWOW64\setupcln.dll
2013-09-15 20:41:02 ----A---- C:\Windows\SYSWOW64\OEMLicense.dll
2013-09-15 20:41:02 ----A---- C:\Windows\system32\wuapp.exe
2013-09-15 20:41:02 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-15 20:41:02 ----A---- C:\Windows\system32\setupcln.dll
2013-09-15 20:40:47 ----A---- C:\Windows\system32\mshtml.dll
2013-09-15 20:40:44 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-09-15 20:40:42 ----A---- C:\Windows\system32\jscript9.dll
2013-09-15 20:40:42 ----A---- C:\Windows\system32\ieframe.dll
2013-09-15 20:40:41 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-09-15 20:40:41 ----A---- C:\Windows\system32\iertutil.dll
2013-09-15 20:40:40 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-09-15 20:40:40 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-09-15 20:40:40 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-09-15 20:40:40 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-09-15 20:40:40 ----A---- C:\Windows\system32\wininet.dll
2013-09-15 20:40:40 ----A---- C:\Windows\system32\uxtheme.dll
2013-09-15 20:40:40 ----A---- C:\Windows\system32\urlmon.dll
2013-09-15 20:40:39 ----A---- C:\Windows\SYSWOW64\UXInit.dll
2013-09-15 20:40:39 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-09-15 20:40:39 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-09-15 20:40:39 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-09-15 20:40:39 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-09-15 20:40:39 ----A---- C:\Windows\system32\UXInit.dll
2013-09-15 20:40:39 ----A---- C:\Windows\system32\msfeeds.dll
2013-09-15 20:40:39 ----A---- C:\Windows\system32\jscript.dll
2013-09-15 20:40:39 ----A---- C:\Windows\system32\iesysprep.dll
2013-09-15 20:40:39 ----A---- C:\Windows\system32\iernonce.dll
2013-09-15 20:40:39 ----A---- C:\Windows\system32\ie4uinit.exe
2013-09-15 20:40:38 ----A---- C:\Windows\SYSWOW64\uxtheme.dll
2013-09-15 20:40:38 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-09-15 20:40:38 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-09-15 20:40:38 ----A---- C:\Windows\system32\jsproxy.dll
2013-09-15 20:40:38 ----A---- C:\Windows\system32\iesetup.dll
2013-09-15 20:40:33 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2013-09-15 20:40:33 ----A---- C:\Windows\system32\msftedit.dll
2013-09-15 20:40:33 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-09-15 20:40:32 ----A---- C:\Windows\SYSWOW64\winmmbase.dll
2013-09-15 20:40:32 ----A---- C:\Windows\SYSWOW64\winmm.dll
2013-09-15 20:40:32 ----A---- C:\Windows\SYSWOW64\WerFault.exe
2013-09-15 20:40:32 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2013-09-15 20:40:32 ----A---- C:\Windows\system32\wwansvc.dll
2013-09-15 20:40:32 ----A---- C:\Windows\system32\wwanconn.dll
2013-09-15 20:40:32 ----A---- C:\Windows\system32\WinSCard.dll
2013-09-15 20:40:32 ----A---- C:\Windows\system32\winmmbase.dll
2013-09-15 20:40:32 ----A---- C:\Windows\system32\winmm.dll
2013-09-15 20:40:32 ----A---- C:\Windows\system32\WerFault.exe
2013-09-15 20:40:32 ----A---- C:\Windows\system32\wcmsvc.dll
2013-09-15 20:40:32 ----A---- C:\Windows\system32\oleaut32.dll
2013-09-15 20:40:32 ----A---- C:\Windows\system32\localspl.dll
2013-09-15 20:40:32 ----A---- C:\Windows\system32\gdi32.dll
2013-09-15 20:40:32 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-09-15 20:40:32 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2013-09-15 20:40:32 ----A---- C:\Windows\system32\BFE.DLL
2013-09-15 20:40:31 ----A---- C:\Windows\SYSWOW64\Windows.Networking.BackgroundTransfer.dll
2013-09-15 20:40:31 ----A---- C:\Windows\SYSWOW64\openfiles.exe
2013-09-15 20:40:31 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2013-09-15 20:40:31 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2013-09-15 20:40:31 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2013-09-15 20:40:31 ----A---- C:\Windows\system32\wwanmm.dll
2013-09-15 20:40:31 ----A---- C:\Windows\system32\Wwanadvui.dll
2013-09-15 20:40:31 ----A---- C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-09-15 20:40:31 ----A---- C:\Windows\system32\wcmcsp.dll
2013-09-15 20:40:31 ----A---- C:\Windows\system32\openfiles.exe
2013-09-15 20:40:31 ----A---- C:\Windows\system32\nshwfp.dll
2013-09-15 20:40:31 ----A---- C:\Windows\system32\drivers\wfplwfs.sys
2013-09-15 20:40:31 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2013-09-15 20:40:31 ----A---- C:\Windows\system32\drivers\udfs.sys
2013-09-15 20:40:31 ----A---- C:\Windows\system32\drivers\sdbus.sys
2013-09-15 20:40:31 ----A---- C:\Windows\system32\drivers\msgpioclx.sys
2013-09-15 20:40:31 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2013-09-15 20:40:31 ----A---- C:\Windows\system32\drivers\dumpsd.sys
2013-09-15 20:40:30 ----A---- C:\Windows\SYSWOW64\WinSCard.dll
2013-09-15 20:40:30 ----A---- C:\Windows\SYSWOW64\LocationApi.dll
2013-09-15 20:40:30 ----A---- C:\Windows\system32\LocationApi.dll
2013-09-15 20:40:29 ----A---- C:\Windows\system32\win32k.sys

======List of files/folders modified in the last 1 month======

2013-10-06 15:23:33 ----D---- C:\Windows\system32\Drivers
2013-10-06 15:00:00 ----D---- C:\Windows\system32\sru
2013-10-06 14:46:56 ----D---- C:\Windows\Prefetch
2013-10-06 14:08:21 ----D---- C:\Windows\Temp
2013-10-06 12:48:22 ----D---- C:\Users\Marie\AppData\Roaming\Seznam.cz
2013-10-06 12:42:30 ----D---- C:\ProgramData\NVIDIA
2013-10-06 12:41:02 ----SHD---- C:\Windows\Installer
2013-10-06 12:41:02 ----RD---- C:\Program Files (x86)
2013-10-06 12:41:02 ----D---- C:\Windows\Tasks
2013-10-06 09:41:23 ----HD---- C:\ProgramData
2013-10-06 09:20:06 ----RD---- C:\Windows\System32
2013-10-06 09:20:06 ----D---- C:\Windows\SysWOW64
2013-10-06 09:20:06 ----D---- C:\Windows\system32\Tasks
2013-10-06 07:35:10 ----D---- C:\Windows\Microsoft.NET
2013-10-06 06:42:35 ----RD---- C:\Program Files
2013-10-04 15:51:28 ----RSD---- C:\Windows\assembly
2013-10-02 05:42:01 ----HD---- C:\Program Files\WindowsApps
2013-10-02 05:42:01 ----D---- C:\Windows\AUInstallAgent
2013-10-01 15:15:21 ----D---- C:\ProgramData\CanonIJPLM
2013-10-01 05:47:05 ----SHD---- C:\System Volume Information
2013-10-01 05:42:49 ----D---- C:\Windows\Logs
2013-09-30 05:13:13 ----D---- C:\Windows\system32\config
2013-09-29 15:12:53 ----D---- C:\Windows\Inf
2013-09-28 18:04:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-09-28 17:57:49 ----SD---- C:\ProgramData\Microsoft
2013-09-25 06:07:47 ----D---- C:\Windows\CbsTemp
2013-09-25 06:07:46 ----D---- C:\Windows\WinSxS
2013-09-23 06:25:36 ----D---- C:\Windows\system32\catroot2
2013-09-18 05:01:12 ----D---- C:\Windows\SoftwareDistribution
2013-09-17 18:21:47 ----D---- C:\Windows\rescache
2013-09-17 11:15:30 ----D---- C:\Windows\WinStore
2013-09-17 11:15:30 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-09-17 11:15:29 ----D---- C:\Windows\system32\migration
2013-09-17 11:15:29 ----D---- C:\Windows\system32\cs-CZ
2013-09-17 11:15:29 ----D---- C:\Windows\PolicyDefinitions
2013-09-17 11:15:27 ----D---- C:\Program Files (x86)\Internet Explorer
2013-09-17 11:15:26 ----D---- C:\Program Files\Internet Explorer
2013-09-17 11:15:21 ----D---- C:\Windows\system32\oobe
2013-09-17 11:15:17 ----D---- C:\Windows\system32\DriverStore
2013-09-16 04:49:33 ----D---- C:\ProgramData\Microsoft Help
2013-09-16 04:48:34 ----D---- C:\Windows\system32\MRT
2013-09-16 04:47:38 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ACPI;@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver; C:\Windows\System32\drivers\ACPI.sys [2012-09-20 425192]
R0 acpiex;Microsoft ACPIEx Driver; C:\Windows\System32\Drivers\acpiex.sys [2012-07-26 77040]
R0 atapi;@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel; C:\Windows\System32\drivers\atapi.sys [2012-07-26 25840]
R0 CLFS;@%SystemRoot%\system32\drivers\clfs.sys,-100; C:\Windows\System32\drivers\CLFS.sys [2012-07-26 361200]
R0 CNG;CNG; C:\Windows\System32\Drivers\cng.sys [2012-10-11 562392]
R0 disk;@disk.inf,%disk_ServiceDesc%;Disk Driver; C:\Windows\System32\drivers\disk.sys [2012-07-26 102640]
R0 EhStorClass;@%SystemRoot%\system32\drivers\EhStorClass.sys,-100; C:\Windows\System32\drivers\EhStorClass.sys [2012-07-26 81136]
R0 FileInfo;@%SystemRoot%\system32\drivers\fileinfo.sys,-100; C:\Windows\System32\drivers\fileinfo.sys [2012-07-26 71920]
R0 FltMgr;@%SystemRoot%\system32\drivers\fltmgr.sys,-10001; C:\Windows\system32\drivers\fltmgr.sys [2012-07-26 374512]
R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\Windows\System32\DRIVERS\fvevol.sys [2012-09-20 465128]
R0 KSecDD;KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [2012-09-20 100072]
R0 KSecPkg;KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [2012-10-11 172264]
R0 mountmgr;@%SystemRoot%\system32\drivers\mountmgr.sys,-100; C:\Windows\System32\drivers\mountmgr.sys [2012-07-26 93936]
R0 msisadrv;msisadrv; C:\Windows\System32\drivers\msisadrv.sys [2012-07-26 17136]
R0 Mup;@%systemroot%\system32\drivers\mup.sys,-101; C:\Windows\System32\Drivers\mup.sys [2012-07-26 83696]
R0 NDIS;@%SystemRoot%\system32\drivers\ndis.sys,-200; C:\Windows\system32\drivers\ndis.sys [2013-06-17 997632]
R0 partmgr;@%SystemRoot%\system32\drivers\partmgr.sys,-100; C:\Windows\System32\drivers\partmgr.sys [2013-01-10 91880]
R0 pci;@machine.inf,%pci_svcdesc%;Řadič sběrnice PCI; C:\Windows\System32\drivers\pci.sys [2012-07-26 234224]
R0 pciide;pciide; C:\Windows\System32\drivers\pciide.sys [2012-07-26 14064]
R0 pcw;Performance Counters for Windows Driver; C:\Windows\System32\drivers\pcw.sys [2012-07-26 52464]
R0 pdc;@%SystemRoot%\system32\drivers\pdc.sys,-100; C:\Windows\system32\drivers\pdc.sys [2013-03-02 69864]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2012-07-26 217328]
R0 spaceport;@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver; C:\Windows\System32\drivers\spaceport.sys [2013-05-04 284416]
R0 Tcpip;@%SystemRoot%\system32\tcpipcfg.dll,-50003; C:\Windows\System32\drivers\tcpip.sys [2013-07-09 2233168]
R0 vdrvroot;@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator; C:\Windows\System32\drivers\vdrvroot.sys [2012-07-26 36080]
R0 volmgr;@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver; C:\Windows\System32\drivers\volmgr.sys [2012-07-26 83184]
R0 volmgrx;@%SystemRoot%\system32\drivers\volmgrx.sys,-100; C:\Windows\System32\drivers\volmgrx.sys [2012-07-26 378608]
R0 volsnap;@volume.inf,%VolumeClassName%;Storage volumes; C:\Windows\System32\drivers\volsnap.sys [2013-06-01 327936]
R0 Wdf01000;@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000; C:\Windows\system32\drivers\Wdf01000.sys [2013-01-10 785504]
R0 WdFilter;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330; C:\Windows\system32\drivers\WdFilter.sys [2013-07-02 247216]
R0 WFPLWFS;@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000; C:\Windows\system32\DRIVERS\wfplwfs.sys [2013-06-10 96512]
R1 AFD;@%systemroot%\system32\drivers\afd.sys,-1000; C:\Windows\system32\drivers\afd.sys [2012-11-06 560640]
R1 BasicDisplay;BasicDisplay; C:\Windows\System32\drivers\BasicDisplay.sys [2012-07-26 48640]
R1 BasicRender;BasicRender; C:\Windows\System32\drivers\BasicRender.sys [2012-07-26 29696]
R1 Beep;Beep; C:\Windows\system32\drivers\Beep.sys [2012-07-26 7680]
R1 cdrom;@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver; C:\Windows\System32\drivers\cdrom.sys [2012-07-26 174080]
R1 Dfsc;@%systemroot%\system32\wkssvc.dll,-1008; C:\Windows\System32\Drivers\dfsc.sys [2012-07-26 118784]
R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2012-07-26 50688]
R1 Msfs;Msfs; C:\Windows\system32\drivers\Msfs.sys [2012-07-26 26112]
R1 mssmbios;@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver; C:\Windows\System32\drivers\mssmbios.sys [2012-07-26 37616]
R1 NetBIOS;@netnb.inf,%NetBIOS_Desc%;NetBIOS Interface; C:\Windows\system32\DRIVERS\netbios.sys [2012-07-26 46080]
R1 NetBT;@%SystemRoot%\system32\drivers\netbt.sys,-2; C:\Windows\System32\DRIVERS\netbt.sys [2012-07-26 331776]
R1 Npfs;Npfs; C:\Windows\system32\drivers\Npfs.sys [2012-07-26 49152]
R1 npsvctrig;@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider; C:\Windows\System32\drivers\npsvctrig.sys [2012-07-26 23552]
R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\Windows\system32\drivers\nsiproxy.sys [2012-07-26 34304]
R1 Null;Null; C:\Windows\system32\drivers\Null.sys [2012-07-26 5632]
R1 Psched;@%SystemRoot%\System32\drivers\pacer.sys,-101; C:\Windows\system32\DRIVERS\pacer.sys [2012-07-26 145408]
R1 rdbss;@%systemroot%\system32\wkssvc.dll,-1000; C:\Windows\system32\DRIVERS\rdbss.sys [2013-05-04 427520]
R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\Windows\system32\DRIVERS\tdx.sys [2012-07-26 117248]
R1 Wanarpv6;@%systemroot%\system32\rascfg.dll,-32012; C:\Windows\system32\DRIVERS\wanarp.sys [2013-04-09 83456]
R2 lltdio;@%SystemRoot%\system32\lltdres.dll,-6; C:\Windows\system32\DRIVERS\lltdio.sys [2012-07-26 60416]
R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\Windows\system32\drivers\luafv.sys [2012-07-26 134144]
R2 Ndu;@%SystemRoot%\system32\drivers\Ndu.sys,-10001; C:\Windows\system32\drivers\Ndu.sys [2012-07-26 97792]
R2 PEAUTH;PEAUTH; C:\Windows\system32\drivers\peauth.sys [2013-04-09 805376]
R2 rspndr;@%SystemRoot%\system32\lltdres.dll,-5; C:\Windows\system32\DRIVERS\rspndr.sys [2012-07-26 78848]
R2 secdrv;Security Driver; C:\Windows\system32\drivers\secdrv.sys [2012-07-26 23040]
R2 tcpipreg;TCP/IP Registry Compatibility; C:\Windows\System32\drivers\tcpipreg.sys [2012-07-26 45056]
R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\Windows\system32\DRIVERS\bowser.sys [2012-07-26 101888]
R3 CompositeBus;@CompositeBus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver; C:\Windows\System32\drivers\CompositeBus.sys [2012-07-26 36352]
R3 condrv;Console Driver; C:\Windows\System32\drivers\condrv.sys [2012-07-26 33792]
R3 DXGKrnl;LDDM Graphics Subsystem; C:\Windows\System32\drivers\dxgkrnl.sys [2013-04-16 1455368]
R3 HDAudBus;@hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio; C:\Windows\System32\drivers\HDAudBus.sys [2012-09-20 71168]
R3 HidUsb;@input.inf,%HID.SvcDesc%;Microsoft HID Class Driver; C:\Windows\System32\drivers\hidusb.sys [2013-04-09 27648]
R3 HTTP;@%SystemRoot%\system32\drivers\http.sys,-1; C:\Windows\system32\drivers\HTTP.sys [2013-03-15 861184]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 intelppm;@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver; C:\Windows\System32\drivers\intelppm.sys [2012-11-06 89088]
R3 kbdclass;@keyboard.inf,%kbdclass.SvcDesc%;Keyboard Class Driver; C:\Windows\System32\drivers\kbdclass.sys [2012-07-26 48368]
R3 kbdhid;@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver; C:\Windows\System32\drivers\kbdhid.sys [2012-07-26 29184]
R3 kdnic;@kdnic.inf,%KdNic.Service.DispName%;Miniport ladění jádra společnosti Microsoft (NDIS 6.20); C:\Windows\system32\DRIVERS\kdnic.sys [2012-07-26 18432]
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys [2012-07-26 21376]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 MEIx64;@oem2.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2011-11-10 60184]
R3 monitor;@monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver Service; C:\Windows\System32\drivers\monitor.sys [2013-03-01 30720]
R3 mouclass;@msmouse.inf,%mouclass.SvcDesc%;Mouse Class Driver; C:\Windows\System32\drivers\mouclass.sys [2012-07-26 45808]
R3 mouhid;@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver; C:\Windows\System32\drivers\mouhid.sys [2013-03-02 26112]
R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\Windows\System32\drivers\mpsdrv.sys [2012-10-11 74752]
R3 mrxsmb;@%systemroot%\system32\wkssvc.dll,-1002; C:\Windows\system32\DRIVERS\mrxsmb.sys [2013-02-06 370688]
R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\Windows\system32\DRIVERS\mrxsmb10.sys [2012-07-26 279552]
R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\Windows\system32\DRIVERS\mrxsmb20.sys [2013-02-06 215552]
R3 NdisTapi;@%systemroot%\system32\rascfg.dll,-32001; C:\Windows\system32\DRIVERS\ndistapi.sys [2012-09-20 25088]
R3 NdisWan;@%systemroot%\system32\rascfg.dll,-32002; C:\Windows\system32\DRIVERS\ndiswan.sys [2012-07-26 174080]
R3 NDProxy;NDIS Proxy; C:\Windows\system32\drivers\NDProxy.sys [2013-04-09 60416]
R3 Ntfs;Ntfs; C:\Windows\system32\drivers\Ntfs.sys [2013-02-02 1933544]
R3 NVHDA;@oem3.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-07-03 189288]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-02-26 11036448]
R3 Parport;@msports.inf,%Parport.SVCDESC%;Parallel port driver; C:\Windows\System32\drivers\parport.sys [2012-07-26 105984]
R3 PptpMiniport;@%systemroot%\system32\rascfg.dll,-32006; C:\Windows\system32\DRIVERS\raspptp.sys [2012-07-26 114176]
R3 RasAgileVpn;@netavpna.inf,%Svc-Mp-AgileVpn-DispName%;Připojení WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2012-07-26 68608]
R3 Rasl2tp;@%systemroot%\system32\rascfg.dll,-32005; C:\Windows\system32\DRIVERS\rasl2tp.sys [2012-07-26 124928]
R3 RasPppoe;@%systemroot%\system32\rascfg.dll,-32007; C:\Windows\system32\DRIVERS\raspppoe.sys [2012-07-26 81920]
R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\Windows\system32\DRIVERS\rassstp.sys [2012-07-26 92672]
R3 rdpbus;@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver; C:\Windows\System32\drivers\rdpbus.sys [2012-07-26 22528]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2012-06-02 589824]
R3 Serenum;@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver; C:\Windows\System32\drivers\serenum.sys [2012-07-26 23040]
R3 Serial;@msports.inf,%Serial.SVCDESC%;Serial port driver; C:\Windows\System32\drivers\serial.sys [2012-07-26 76800]
R3 srv;@%systemroot%\system32\srvsvc.dll,-102; C:\Windows\System32\DRIVERS\srv.sys [2012-07-26 416768]
R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\Windows\System32\DRIVERS\srv2.sys [2013-04-09 623104]
R3 srvnet;srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [2013-04-09 247808]
R3 swenum;@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver; C:\Windows\System32\drivers\swenum.sys [2012-07-26 13680]
R3 TPM;@tpm.inf,%TPM%;TPM; C:\Windows\system32\drivers\tpm.sys [2013-03-02 148712]
R3 tunnel;@nettun.inf,%TUNNEL.Service.DisplayName%;Microsoft Tunnel Miniport Adapter Driver; C:\Windows\system32\DRIVERS\tunnel.sys [2012-07-26 149504]
R3 umbus;@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver; C:\Windows\System32\drivers\umbus.sys [2012-07-26 48128]
R3 usbccgp;@usb.inf,%GenericParent.SvcDesc%;Obecný nadřazený ovladač Microsoft USB; C:\Windows\System32\drivers\usbccgp.sys [2012-07-26 120832]
R3 usbehci;@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\Windows\System32\drivers\usbehci.sys [2012-09-20 79080]
R3 usbhub;@usbport.inf,%ROOTHUB.SvcDesc%;Ovladač standardního rozbočovače USB; C:\Windows\System32\drivers\usbhub.sys [2013-02-02 496872]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2012-09-20 210304]
S0 3ware;3ware; C:\Windows\System32\drivers\3ware.sys [2012-07-26 106736]
S0 adp94xx;adp94xx; C:\Windows\System32\drivers\adp94xx.sys [2012-07-26 492272]
S0 adpahci;adpahci; C:\Windows\System32\drivers\adpahci.sys [2012-07-26 340720]
S0 adpu320;adpu320; C:\Windows\System32\drivers\adpu320.sys [2012-07-26 184048]
S0 agp440;@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter; C:\Windows\System32\drivers\agp440.sys [2012-07-26 63216]
S0 amdsata;amdsata; C:\Windows\System32\drivers\amdsata.sys [2012-07-26 76016]
S0 amdsbs;amdsbs; C:\Windows\System32\drivers\amdsbs.sys [2012-07-26 258288]
S0 amdxata;amdxata; C:\Windows\System32\drivers\amdxata.sys [2012-07-26 26352]
S0 arc;arc; C:\Windows\System32\drivers\arc.sys [2012-07-26 104688]
S0 arcsas;@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Windows Inbox Miniport Driver; C:\Windows\System32\drivers\arcsas.sys [2012-07-26 108272]
S0 b06bdrv;@netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD; C:\Windows\System32\drivers\bxvbda.sys [2012-09-20 533224]
S0 ebdrv;@netevbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\System32\drivers\evbda.sys [2012-09-20 3265256]
S0 EhStorTcgDrv;@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols; C:\Windows\System32\drivers\EhStorTcgDrv.sys [2012-07-26 113904]
S0 gagp30kx;@machine.inf,%gagp30kx_svcdesc%;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\Windows\System32\drivers\gagp30kx.sys [2012-07-26 66800]
S0 HpSAMD;HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [2012-07-26 64752]
S0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; C:\Windows\System32\drivers\hwpolicy.sys [2012-07-26 24816]
S0 iaStorV;@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7; C:\Windows\System32\drivers\iaStorV.sys [2012-07-26 411888]
S0 iirsp;iirsp; C:\Windows\System32\drivers\iirsp.sys [2012-07-26 45296]
S0 intelide;intelide; C:\Windows\System32\drivers\intelide.sys [2012-07-26 18672]
S0 isapnp;isapnp; C:\Windows\System32\drivers\isapnp.sys [2012-07-26 22256]
S0 LSI_SAS;LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [2012-07-26 108784]
S0 LSI_SAS2;LSI_SAS2; C:\Windows\System32\drivers\lsi_sas2.sys [2012-07-26 92400]
S0 LSI_SCSI;LSI_SCSI; C:\Windows\System32\drivers\lsi_scsi.sys [2012-07-26 116976]
S0 LSI_SSS;LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [2012-07-26 81136]
S0 megasas;megasas; C:\Windows\System32\drivers\megasas.sys [2012-07-26 51952]
S0 MegaSR;MegaSR; C:\Windows\System32\drivers\MegaSR.sys [2012-07-26 353008]
S0 mvumis;mvumis; C:\Windows\System32\drivers\mvumis.sys [2012-07-26 64240]
S0 nfrd960;nfrd960; C:\Windows\System32\drivers\nfrd960.sys [2012-07-26 52464]
S0 nv_agp;@machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter; C:\Windows\System32\drivers\nv_agp.sys [2012-07-26 125168]
S0 nvraid;nvraid; C:\Windows\System32\drivers\nvraid.sys [2012-07-26 150256]
S0 nvstor;nvstor; C:\Windows\System32\drivers\nvstor.sys [2012-07-26 168176]
S0 pcmcia;pcmcia; C:\Windows\System32\drivers\pcmcia.sys [2012-07-26 237808]
S0 sbp2port;@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver; C:\Windows\System32\drivers\sbp2port.sys [2012-07-26 107760]
S0 SiSRaid2;SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [2012-07-26 44784]
S0 SiSRaid4;SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [2012-07-26 81648]
S0 stexstor;stexstor; C:\Windows\System32\drivers\stexstor.sys [2012-07-26 30960]
S0 storahci;@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver; C:\Windows\System32\drivers\storahci.sys [2013-03-02 77544]
S0 storflt;@%SystemRoot%\system32\vmstorfltres.dll,-1000; C:\Windows\system32\DRIVERS\vmstorfl.sys [2012-07-26 45160]
S0 storvsc;storvsc; C:\Windows\System32\drivers\storvsc.sys [2012-07-26 37992]
S0 uagp35;@machine.inf,%uagp35_svcdesc%;Filtr Microsoft AGPv3.5; C:\Windows\System32\drivers\uagp35.sys [2012-07-26 65776]
S0 uliagpkx;@machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter; C:\Windows\System32\drivers\uliagpkx.sys [2012-07-26 66800]
S0 viaide;viaide; C:\Windows\System32\drivers\viaide.sys [2012-07-26 19184]
S0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\System32\drivers\vmbus.sys [2012-07-26 137832]
S0 vsmraid;vsmraid; C:\Windows\System32\drivers\vsmraid.sys [2012-07-26 164080]
S0 VSTXRAID;@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage Controller Windows Driver; C:\Windows\System32\drivers\vstxraid.sys [2012-07-26 322800]
S0 Wd;@wd.inf,%WdServiceDisplayName%;Microsoft Watchdog Timer Driver; C:\Windows\System32\drivers\wd.sys [2012-07-26 23792]
S0 WdBoot;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390; C:\Windows\system32\drivers\WdBoot.sys [2013-07-02 36288]
S1 dam;@%SystemRoot%\system32\drivers\dam.sys,-100; C:\Windows\system32\drivers\dam.sys [2013-08-16 58200]
S3 1394ohci;@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller; C:\Windows\System32\drivers\1394ohci.sys [2012-07-26 226304]
S3 acpipagr;@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver; C:\Windows\System32\drivers\acpipagr.sys [2012-07-26 10240]
S3 AcpiPmi;@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver; C:\Windows\System32\drivers\acpipmi.sys [2012-07-26 12288]
S3 acpitime;@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver; C:\Windows\System32\drivers\acpitime.sys [2012-07-26 10752]
S3 AmdK8;@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver; C:\Windows\System32\drivers\amdk8.sys [2012-11-06 90624]
S3 AmdPPM;@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver; C:\Windows\System32\drivers\amdppm.sys [2012-11-06 88064]
S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2012-07-26 79360]
S3 AsyncMac;@%systemroot%\system32\rascfg.dll,-32000; C:\Windows\system32\DRIVERS\asyncmac.sys [2012-07-26 26624]
S3 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\Windows\System32\drivers\BthAvrcpTg.sys [2013-06-01 37632]
S3 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\Windows\System32\drivers\bthhfenum.sys [2012-07-26 51200]
S3 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\Windows\System32\drivers\BthHFHid.sys [2012-11-27 29952]
S3 BTHMODEM;@bthspp.inf,%BthSerial.DisplayName%;Bluetooth Serial Communications Driver; C:\Windows\System32\drivers\bthmodem.sys [2012-07-26 65536]
S3 circlass;@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices; C:\Windows\System32\drivers\circlass.sys [2012-07-26 45056]
S3 CmBatt;@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver; C:\Windows\System32\drivers\CmBatt.sys [2012-07-26 25600]
S3 dmvsc;dmvsc; C:\Windows\System32\drivers\dmvsc.sys [2012-07-26 33280]
S3 dot4;@oem10.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem11.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem10.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 drmkaud;@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers; C:\Windows\system32\drivers\drmkaud.sys [2012-10-11 5632]
S3 ErrDev;@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver; C:\Windows\System32\drivers\errdev.sys [2012-07-26 10240]
S3 exfat;exFAT File System Driver; C:\Windows\system32\drivers\exfat.sys [2012-07-26 194560]
S3 fastfat;FAT12/16/32 File System Driver; C:\Windows\system32\drivers\fastfat.sys [2012-07-26 210672]
S3 fdc;@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver; C:\Windows\System32\drivers\fdc.sys [2012-07-26 30720]
S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\Windows\system32\drivers\filetrace.sys [2012-07-26 34816]
S3 flpydisk;@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver; C:\Windows\System32\drivers\flpydisk.sys [2012-07-26 24576]
S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2012-07-26 57584]
S3 FxPPM;@cpu.inf,%FxPPM.SvcDesc%;Power Framework Processor Driver; C:\Windows\System32\drivers\fxppm.sys [2012-11-06 22528]
S3 gencounter;@wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V – Čítač generací; C:\Windows\System32\drivers\vmgencounter.sys [2012-07-26 12288]
S3 GPIOClx0101;Microsoft GPIO Class Extension Driver; C:\Windows\System32\Drivers\msgpioclx.sys [2013-07-09 120144]
S3 HdAudAddService;@hdaudio.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2013-06-26 341504]
S3 HidBatt;@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver; C:\Windows\System32\drivers\HidBatt.sys [2012-07-26 27136]
S3 HidBth;@hidbth.inf,%HIDBTH.SvcDesc%;Microsoft Bluetooth HID Miniport; C:\Windows\System32\drivers\hidbth.sys [2013-04-09 95744]
S3 hidi2c;@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver; C:\Windows\System32\drivers\hidi2c.sys [2012-11-20 39936]
S3 HidIr;@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver; C:\Windows\System32\drivers\hidir.sys [2012-07-26 46080]
S3 hyperkbd;hyperkbd; C:\Windows\System32\drivers\hyperkbd.sys [2012-07-26 11776]
S3 HyperVideo;HyperVideo; C:\Windows\system32\DRIVERS\HyperVideo.sys [2012-07-26 24576]
S3 i8042prt;@msmouse.inf,%i8042prt.SvcDesc%;PS/2 Keyboard and Mouse Port Driver; C:\Windows\System32\drivers\i8042prt.sys [2012-07-26 112640]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-07-05 8934976]
S3 IntcDAud;@oem3.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
S3 IpFilterDriver;@%systemroot%\system32\rascfg.dll,-32013; C:\Windows\system32\DRIVERS\ipfltdrv.sys [2012-07-26 89088]
S3 IPMIDRV;IPMIDRV; C:\Windows\System32\drivers\IPMIDrv.sys [2012-07-26 78336]
S3 IPNAT;IP Network Address Translator; C:\Windows\System32\drivers\ipnat.sys [2012-07-26 145920]
S3 IRENUM;@%SystemRoot%\system32\drivers\irenum.sys,-100; C:\Windows\system32\drivers\irenum.sys [2012-07-26 17920]
S3 iScsiPrt;@iscsi.inf,%iScsiPortName%;iScsiPort Driver; C:\Windows\System32\drivers\msiscsi.sys [2012-11-06 277736]
S3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;Ovladač miniportu NDIS pro řadič Qualcomm Atheros AR813x/AR815x PCI-E Ethernet; C:\Windows\system32\DRIVERS\L1C63x64.sys [2012-06-02 100864]
S3 Modem;Modem; C:\Windows\system32\drivers\modem.sys [2012-07-26 40448]
S3 MRxDAV;@%systemroot%\system32\webclnt.dll,-104; C:\Windows\system32\drivers\mrxdav.sys [2012-07-26 141312]
S3 MsBridge;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2012-07-26 129536]
S3 msgpiowin32;@msgpiowin32.inf,%GPIO.SvcDesc%;GPIO Buttons Driver; C:\Windows\System32\drivers\msgpiowin32.sys [2013-01-10 28904]
S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2012-07-26 8704]
S3 mshidumdf;@%SystemRoot%\system32\drivers\mshidumdf.sys,-100; C:\Windows\System32\drivers\mshidumdf.sys [2012-07-26 10752]
S3 MSKSSRV;@ksfilter.inf,%MSKSSRV.DeviceDesc%;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2012-07-26 11008]
S3 MsLldp;@C:\Windows\system32\DRIVERS\mslldp.sys,-200; C:\Windows\system32\DRIVERS\mslldp.sys [2012-07-26 68608]
S3 MSPCLOCK;@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2012-07-26 7168]
S3 MSPQM;@ksfilter.inf,%MSPQM.DeviceDesc%;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2012-07-26 6912]
S3 MsRPC;MsRPC; C:\Windows\system32\drivers\MsRPC.sys [2012-07-26 390896]
S3 MSTEE;@ksfilter.inf,%MSTEE.DeviceDesc%;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2012-07-26 8192]
S3 MTConfig;@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver; C:\Windows\System32\drivers\MTConfig.sys [2012-07-26 14848]
S3 NativeWifiP;@%SystemRoot%\System32\drivers\nwifi.sys,-101; C:\Windows\system32\DRIVERS\nwifi.sys [2012-07-26 427520]
S3 NdisCap;@%SystemRoot%\System32\drivers\ndiscap.sys,-5000; C:\Windows\system32\DRIVERS\ndiscap.sys [2012-07-26 46592]
S3 NdisImPlatform;@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [2012-07-26 126464]
S3 Ndisuio;@ndisuio.inf,%NDISUIO_Desc%;NDIS Usermode I/O Protocol; C:\Windows\system32\DRIVERS\ndisuio.sys [2012-07-26 58880]
S3 NDISWANLEGACY;@%systemroot%\system32\rascfg.dll,-32014; C:\Windows\system32\DRIVERS\ndiswan.sys [2012-07-26 174080]
S3 nmwcd;@oem13.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;@oem17.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 NvStUSB;@oem6.inf,%NvStUSB.SvcDesc%;NVIDIA Stereoscopic 3D USB driver; C:\Windows\System32\drivers\nvstusb.sys [2012-10-03 445800]
S3 Processor;@cpu.inf,%Processor.SvcDesc%;Processor Driver; C:\Windows\System32\drivers\processr.sys [2012-11-06 87552]
S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\Windows\system32\drivers\qwavedrv.sys [2012-07-26 46592]
S3 RasAcd;Remote Access Auto Connection Driver; C:\Windows\System32\DRIVERS\rasacd.sys [2012-07-26 16384]
S3 RDPDR;@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100; C:\Windows\System32\drivers\rdpdr.sys [2012-07-26 179712]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-12 27880]
S3 RDPWD;RDP Winstation Driver; C:\Windows\system32\drivers\RDPWD.sys [2012-07-26 208384]
S3 s3cap;s3cap; C:\Windows\System32\drivers\vms3cap.sys [2012-07-26 7168]
S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2012-07-26 36864]
S3 sdbus;sdbus; C:\Windows\System32\drivers\sdbus.sys [2013-06-29 195416]
S3 sdstor;@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver; C:\Windows\System32\drivers\sdstor.sys [2012-10-11 56552]
S3 SerCx;Serial UART Support Library; C:\Windows\system32\drivers\SerCx.sys [2012-07-26 62976]
S3 sermouse;@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver; C:\Windows\System32\drivers\sermouse.sys [2012-07-26 27136]
S3 sfloppy;@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive; C:\Windows\System32\drivers\sfloppy.sys [2012-07-26 16896]
S3 SpbCx;Simple Peripheral Bus Support Library; C:\Windows\system32\drivers\SpbCx.sys [2012-07-26 59392]
S3 TCPIP6;@netip6.inf,%MS_TCPIP6.TCPIP6.ServiceDescription%;Microsoft IPv6 Protocol Driver; C:\Windows\system32\DRIVERS\tcpip.sys [2013-07-09 2233168]
S3 terminpt;@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver; C:\Windows\System32\drivers\terminpt.sys [2012-07-26 36592]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-07-26 57344]
S3 TsUsbGD;@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device; C:\Windows\System32\drivers\TsUsbGD.sys [2012-07-26 30208]
S3 UASPStor;@uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver; C:\Windows\System32\drivers\uaspstor.sys [2012-07-26 97008]
S3 UCX01000;USB Controller Extension; C:\Windows\System32\drivers\ucx01000.sys [2013-06-01 213248]
S3 UmPass;@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass Driver; C:\Windows\System32\drivers\umpass.sys [2012-07-26 11776]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbcir;@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR); C:\Windows\System32\drivers\usbcir.sys [2012-07-26 99328]
S3 USBHUB3;@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub; C:\Windows\System32\drivers\UsbHub3.sys [2013-05-04 446720]
S3 usbohci;@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver; C:\Windows\System32\drivers\usbohci.sys [2012-11-20 27136]
S3 usbprint;@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class; C:\Windows\System32\drivers\usbprint.sys [2012-07-26 25600]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2012-10-11 43008]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2012-07-26 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 USBSTOR;@usbstor.inf,%USBSTOR.SvcDesc%;USB Mass Storage Driver; C:\Windows\System32\drivers\USBSTOR.SYS [2013-06-06 119040]
S3 usbuhci;@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver; C:\Windows\System32\drivers\usbuhci.sys [2012-09-20 32256]
S3 USBXHCI;@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller; C:\Windows\System32\drivers\USBXHCI.SYS [2013-06-01 337152]
S3 VerifierExt;@%SystemRoot%\system32\drivers\VerifierExt.sys,-1000; C:\Windows\system32\drivers\VerifierExt.sys [2012-07-26 106224]
S3 vhdmp;vhdmp; C:\Windows\System32\drivers\vhdmp.sys [2013-03-02 495336]
S3 VIAHdAudAddService;@oem4.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2012-05-04 2196592]
S3 VMBusHID;VMBusHID; C:\Windows\System32\drivers\VMBusHID.sys [2012-07-26 22144]
S3 vpci;@wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus; C:\Windows\System32\drivers\vpci.sys [2012-07-26 67824]
S3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; C:\Windows\System32\drivers\vwifibus.sys [2012-07-26 24064]
S3 WacomPen;@hiddigi.inf,%WacomPen.SVCDESC%;Wacom Serial Pen HID Driver; C:\Windows\System32\drivers\wacompen.sys [2012-07-26 27008]
S3 Wanarp;@%systemroot%\system32\rascfg.dll,-32011; C:\Windows\system32\DRIVERS\wanarp.sys [2013-04-09 83456]
S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2012-07-26 33520]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2012-07-26 57344]
S3 WmiAcpi;@wmiacpi.inf,%WMIMAP.SvcDesc%;Microsoft Windows Management Interface for ACPI; C:\Windows\System32\drivers\wmiacpi.sys [2012-07-26 17408]
S3 wpcfltr;Family Safety Filter Driver; C:\Windows\system32\DRIVERS\wpcfltr.sys [2012-07-26 45056]
S3 WpdUpFltr;@%systemroot%\System32\drivers\WpdUpFltr.sys,-100; C:\Windows\System32\drivers\WpdUpFltr.sys [2012-07-26 19968]
S3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 87040]
S3 WUDFRd;@hidbthle.inf,%WudfRdDisplayName%;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\Windows\System32\drivers\WUDFRd.sys [2012-07-26 198656]
S3 WUDFSensorLP;@locationprovider.inf,%WudfLocationProviderDisplayName%;Služba Reflektor UMDF pro zprostředkovatele umístění (LocationProvider); C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]
S3 WUDFWpdFs;WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]
S3 WUDFWpdMtp;WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]
S4 cdfs;CD/DVD File System Reader; C:\Windows\system32\DRIVERS\cdfs.sys [2012-07-26 108544]
S4 udfs;udfs; C:\Windows\system32\DRIVERS\udfs.sys [2013-06-26 321536]
S4 ws2ifsl;@%systemroot%\System32\drivers\ws2ifsl.sys,-1000; C:\Windows\system32\drivers\ws2ifsl.sys [2012-09-20 22528]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AudioEndpointBuilder;@%SystemRoot%\system32\AudioEndpointBuilder.dll,-204; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R2 Audiosrv;@%SystemRoot%\system32\audiosrv.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 BrokerInfrastructure;@%windir%\system32\bisrv.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 CryptSvc;@%SystemRoot%\system32\cryptsvc.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 DcomLaunch;@combase.dll,-5012; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 Dhcp;@%SystemRoot%\system32\dhcpcore.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 Dnscache;@%SystemRoot%\System32\dnsapi.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R2 EventLog;@%SystemRoot%\system32\wevtsvc.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R2 EventSystem;@comres.dll,-2450; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2012-03-28 140456]
R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R2 LanmanServer;@%systemroot%\system32\srvsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 LanmanWorkstation;@%systemroot%\system32\wkssvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R2 lmhosts;@%SystemRoot%\system32\lmhsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 LSM;@%windir%\system32\lsm.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]
R2 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 RpcSs;@combase.dll,-5010; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 SamSs;@%SystemRoot%\system32\samsrv.dll,-1; C:\Windows\system32\lsass.exe [2012-09-20 35840]
R2 SENS;@%SystemRoot%\system32\Sens.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 ShellHWDetection;@%SystemRoot%\System32\shsvcs.dll,-12288; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R2 Schedule;@%SystemRoot%\system32\schedsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 Spooler;@%systemroot%\system32\spoolsv.exe,-1; C:\Windows\System32\spoolsv.exe [2012-07-26 769024]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R2 stisvc;@%SystemRoot%\system32\wiaservc.dll,-9; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 Themes;@%SystemRoot%\System32\themeservice.dll,-8192; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R2 TrkWks;@%SystemRoot%\system32\trkwks.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R2 Update qualitink;Update qualitink; C:\Program Files (x86)\qualitink\updatequalitink.exe [2013-10-04 65312]
R2 Util qualitink;Util qualitink; C:\Program Files (x86)\qualitink\bin\utilqualitink.exe [2013-10-04 65312]
R2 VIAKaraokeService;@oem4.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2012-05-04 27760]
R2 Wcmsvc;@%SystemRoot%\System32\wcmsvc.dll,-4097; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 WinDefend;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310; C:\Program Files\Windows Defender\MsMpEng.exe [2013-07-02 16048]
R2 Winmgmt;@%Systemroot%\system32\wbem\wmisvc.dll,-205; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R2 WMPNetworkSvc;@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101; C:\Program Files\Windows Media Player\wmpnetwk.exe [2012-09-20 1314816]
R2 wscsvc;@%SystemRoot%\System32\wscsvc.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R2 WSearch;@%systemroot%\system32\SearchIndexer.exe,-103; C:\Windows\system32\SearchIndexer.exe [2013-04-09 816128]
R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R3 Browser;@%systemroot%\system32\browser.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R3 DeviceAssociationService;@%SystemRoot%\system32\das.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R3 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R3 hidserv;@%SystemRoot%\System32\hidserv.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R3 KeyIso;@keyiso.dll,-100; C:\Windows\system32\lsass.exe [2012-09-20 35840]
R3 NcdAutoSetup;@%SystemRoot%\system32\NcdAutoSetup.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R3 netprofm;@%SystemRoot%\system32\netprofmsvc.dll,-202; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R3 PlugPlay;@%SystemRoot%\system32\umpnpmgr.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R3 SSDPSRV;@%systemroot%\system32\ssdpsrv.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R3 SystemEventsBroker;@%windir%\system32\SystemEventsBrokerServer.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R3 TimeBroker;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R3 upnphost;@%systemroot%\system32\upnphost.dll,-213; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2012-09-20 35840]
R3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 29696]
R3 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
R3 wlidsvc;@%SystemRoot%\system32\wlidsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S2 gpsvc;@gpapi.dll,-112; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]
S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2013-08-16 4917760]
S3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 ALG;@%SystemRoot%\system32\Alg.exe,-112; C:\Windows\System32\alg.exe [2012-07-26 94208]
S3 AllUserInstallAgent;@%SystemRoot%\System32\AUInstallAgent.dll,-101; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 BITS;@%SystemRoot%\system32\qmgr.dll,-1000; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 COMSysApp;@comres.dll,-947; C:\Windows\system32\dllhost.exe [2012-07-26 10752]
S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 DeviceInstall;@%SystemRoot%\system32\umpnpmgr.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 dot3svc;@%systemroot%\system32\dot3svc.dll,-1102; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 DsmSvc;@%SystemRoot%\system32\DeviceSetupManager.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 Eaphost;@%systemroot%\system32\eapsvc.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2012-09-20 35840]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2012-07-26 669696]
S3 fhsvc;@%systemroot%\system32\fhsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-06 43616]
S3 hkmsvc;@%SystemRoot%\system32\kmsvc.dll,-6; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 KtmRm;@comres.dll,-2946; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MSDTC;@comres.dll,-2797; C:\Windows\System32\msdtc.exe [2012-07-26 144384]
S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 msiserver;@%SystemRoot%\system32\msimsg.dll,-27; C:\Windows\system32\msiexec.exe [2012-07-26 124416]
S3 napagent;@%SystemRoot%\system32\qagentrt.dll,-6; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 NcaSvc;@%SystemRoot%\system32\ncasvc.dll,-3009; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 Netlogon;@%SystemRoot%\System32\netlogon.dll,-102; C:\Windows\system32\lsass.exe [2012-09-20 35840]
S3 Netman;@%SystemRoot%\system32\netman.dll,-109; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2012-07-26 20992]
S3 pla;@%systemroot%\system32\pla.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 PolicyAgent;@%SystemRoot%\System32\polstore.dll,-5010; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 PrintNotify;@C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 RasAuto;@%Systemroot%\system32\rasauto.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 RasMan;@%Systemroot%\system32\rasmans.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 RpcLocator;@%systemroot%\system32\Locator.exe,-2; C:\Windows\system32\locator.exe [2012-07-26 9728]
S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 seclogon;@%SystemRoot%\system32\seclogon.dll,-7001; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\Windows\System32\snmptrap.exe [2012-07-26 14848]
S3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 svsvc;@%SystemRoot%\system32\svsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 swprv;@%SystemRoot%\System32\swprv.dll,-103; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 TapiSrv;@%SystemRoot%\system32\tapisrv.dll,-10100; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 TermService;@%SystemRoot%\System32\termsrv.dll,-268; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\Windows\servicing\TrustedInstaller.exe [2013-05-16 98304]
S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\Windows\system32\UI0Detect.exe [2012-07-26 40960]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\Windows\System32\vds.exe [2013-06-01 680960]
S3 vmickvpexchange;@%systemroot%\system32\vmicres.dll,-201; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 vmicrdv;@%systemroot%\system32\vmicres.dll,-601; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 vmicshutdown;@%systemroot%\system32\vmicres.dll,-301; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 vmictimesync;@%systemroot%\system32\vmicres.dll,-401; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 vmicvss;@%systemroot%\system32\vmicres.dll,-501; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 vmicheartbeat;@%systemroot%\system32\vmicres.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 VSS;@%systemroot%\system32\vssvc.exe,-102; C:\Windows\system32\vssvc.exe [2013-05-04 1483776]
S3 W32Time;@%SystemRoot%\system32\w32time.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2012-07-26 1616896]
S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 WebClient;@%systemroot%\system32\webclnt.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 WlanSvc;@%SystemRoot%\System32\wlansvc.dll,-257; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 wmiApSrv;@%Systemroot%\system32\wbem\wmiapsrv.exe,-110; C:\Windows\system32\wbem\WmiApSrv.exe [2012-07-26 198144]
S3 WPCSvc;@%SystemRoot%\system32\wpcsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 WPDBusEnum;@%SystemRoot%\system32\wpdbusenum.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 WSService;@%SystemRoot%\system32\WSService.dll,-103; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S3 wuauserv;@%systemroot%\system32\wuaueng.dll,-105; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 wudfsvc;@%SystemRoot%\system32\wudfsvc.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8201; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-12 139696]
S4 RemoteAccess;@%Systemroot%\system32\mprdim.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696]
S4 RemoteRegistry;@regsvc.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S4 SCardSvr;@%SystemRoot%\System32\SCardSvr.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696]
S4 SharedAccess;@%SystemRoot%\system32\ipnathlp.dll,-106; C:\Windows\System32\svchost.exe [2012-09-20 29696]

-----------------EOF-----------------

OTL logfile created on: 6. 10. 2013 16:29:12 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marie\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16688)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

5,97 Gb Total Physical Memory | 3,83 Gb Available Physical Memory | 64,20% Memory free
6,90 Gb Paging File | 4,44 Gb Available in Paging File | 64,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,42 Gb Total Space | 416,86 Gb Free Space | 89,57% Space Free | Partition Type: NTFS

Computer Name: FILOU | User Name: Marie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/10/06 16:26:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marie\Desktop\OTL.exe
PRC - [2013/10/06 14:08:10 | 000,950,272 | ---- | M] () -- C:\Users\Marie\Desktop\RogueKiller.exe
PRC - [2013/10/04 05:30:23 | 000,065,312 | ---- | M] (qualitink) -- C:\Program Files (x86)\qualitink\bin\utilqualitink.exe
PRC - [2013/10/04 05:05:13 | 000,065,312 | ---- | M] (qualitink) -- C:\Program Files (x86)\qualitink\updatequalitink.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/01/18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/09/20 07:55:29 | 000,333,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WWAHost.exe
PRC - [2012/04/03 13:33:00 | 000,940,168 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
PRC - [2012/04/03 13:27:16 | 001,087,608 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
PRC - [2012/04/03 13:26:14 | 001,273,448 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
PRC - [2012/03/28 14:49:11 | 000,140,456 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2011/01/17 16:37:42 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 16:37:42 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin


========== Modules (No Company Name) ==========

MOD - [2013/10/02 06:23:33 | 000,100,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\f5fae69a1af9272c9499044fb0d2c0dd\UIAutomationProvider.ni.dll
MOD - [2013/08/16 08:09:24 | 007,566,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\624ad6159b6e241ad6d28bf4dca9f14b\System.Xml.ni.dll
MOD - [2013/08/16 08:09:21 | 001,880,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\123cf617d7b6b31c44e39f8594f064c5\System.Xaml.ni.dll
MOD - [2013/08/16 08:09:19 | 012,698,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3143512c68ba24d18b7444b13fae2abb\System.Windows.Forms.ni.dll
MOD - [2013/08/16 08:09:00 | 000,786,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\2c3737b589c9eebb43f49009019e9b53\System.Runtime.Remoting.ni.dll
MOD - [2013/08/16 08:08:59 | 001,631,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3603744988436295da5d16e76038e484\System.Drawing.ni.dll
MOD - [2013/08/16 08:08:53 | 000,964,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\19ecec839509af76b1bc0ccbabd60acd\System.Configuration.ni.dll
MOD - [2013/08/16 06:45:21 | 000,467,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\cb65dcc8c60f33d257283ef1416a2175\PresentationFramework.Aero2.ni.dll
MOD - [2013/08/16 06:45:18 | 018,545,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\972bf4ffab06e561447d12baf3b3dfa9\PresentationFramework.ni.dll
MOD - [2013/08/16 06:45:08 | 010,926,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\5b504b7cd800dcd6c06d841d94ca099a\PresentationCore.ni.dll
MOD - [2013/08/16 06:45:03 | 003,910,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8ff5be01c9600b28d3e41db3dbafc840\WindowsBase.ni.dll
MOD - [2013/08/16 06:45:00 | 006,998,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\acf905c62ab9c1b77ca69e8b745e3fdb\System.Core.ni.dll
MOD - [2013/08/16 06:44:56 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\375a937eec7d6faa53ac11ab2973eb76\System.ni.dll
MOD - [2013/07/12 06:27:07 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\1f8e89f1344171031271d80ff21366ec\UIAutomationTypes.ni.dll
MOD - [2013/07/11 11:54:15 | 016,547,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\5e3a9f3d64adfb3c69b49d37368bf454\mscorlib.ni.dll
MOD - [2013/04/11 14:58:20 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2013/03/29 13:37:34 | 000,059,384 | ---- | M] () -- C:\Users\Marie\AppData\Roaming\Seznam.cz\bin\13126libfoxloader.dll
MOD - [2012/06/28 00:23:30 | 002,285,056 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
MOD - [2012/06/28 00:23:02 | 000,421,376 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\axvlc.dll
MOD - [2012/06/28 00:23:02 | 000,111,616 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/08/16 07:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/07/02 02:44:21 | 000,016,048 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/06/25 00:54:45 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/06/01 11:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/05/04 08:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/05/04 08:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/04/09 06:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/03/02 04:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/02 04:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/01/10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/01/10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/09/20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/07/26 05:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/07/26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/05/04 13:33:20 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV - [2013/10/04 05:30:23 | 000,065,312 | ---- | M] (qualitink) [Auto | Running] -- C:\Program Files (x86)\qualitink\bin\utilqualitink.exe -- (Util qualitink)
SRV - [2013/10/04 05:05:13 | 000,065,312 | ---- | M] (qualitink) [Auto | Running] -- C:\Program Files (x86)\qualitink\updatequalitink.exe -- (Update qualitink)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/02/26 00:32:22 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/01/18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/07/26 05:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/07/26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/03/28 14:49:11 | 000,140,456 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/08/16 07:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2013/07/09 10:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/07/02 02:44:14 | 000,036,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/07/02 00:08:49 | 000,247,216 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/06/29 08:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/06/10 23:17:46 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/06/01 13:29:35 | 000,337,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/06/01 13:29:35 | 000,213,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/06/01 05:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/05/04 09:34:17 | 000,446,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/05/04 09:34:15 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/02 12:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 12:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/03/02 12:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/01/10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/11/27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/10/12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/10/03 01:10:28 | 000,445,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2012/09/20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/09/20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/07/26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/26 04:30:00 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbser.sys -- (usbser)
DRV:64bit: - [2012/07/26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/07/05 09:04:26 | 008,934,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/07/03 17:25:18 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/06/19 16:40:52 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/06/02 16:31:56 | 000,589,824 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/06/02 16:31:31 | 000,100,864 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\L1C63x64.sys -- (L1C)
DRV:64bit: - [2012/05/04 13:33:12 | 002,196,592 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2011/11/10 01:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011/08/17 09:58:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011/08/17 09:58:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011/08/17 09:58:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011/08/17 09:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ccdcmbx64.sys -- (nmwcd)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {7F1D083F-FE91-4349-BE3A-6D69541B9366}
IE:64bit: - HKLM\..\SearchScopes\{7F1D083F-FE91-4349-BE3A-6D69541B9366}: "URL" = http://www.bing.com/search?q={searchTer ... &pc=MASBJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{7F1D083F-FE91-4349-BE3A-6D69541B9366}: "URL" = http://www.bing.com/search?q={searchTer ... &pc=MASBJS


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-965781781-1502645150-263859304-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://localoem.msn.com
IE - HKU\S-1-5-21-965781781-1502645150-263859304-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.tsbohemia.cz [binary data]
IE - HKU\S-1-5-21-965781781-1502645150-263859304-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-965781781-1502645150-263859304-1004\..\SearchScopes,DefaultScope = {1801343C-E736-4FFB-A901-16B7CB705925}
IE - HKU\S-1-5-21-965781781-1502645150-263859304-1004\..\SearchScopes\{1801343C-E736-4FFB-A901-16B7CB705925}: "URL" = http://search.seznam.cz/?q={searchTerms ... ckSearch_1
IE - HKU\S-1-5-21-965781781-1502645150-263859304-1004\..\SearchScopes\{2760DCAA-7C51-4366-AD72-966663205695}: "URL" = http://www.mapy.cz/?query={searchTerms} ... ckSearch_1
IE - HKU\S-1-5-21-965781781-1502645150-263859304-1004\..\SearchScopes\{3ADA6E96-6ABF-414C-93F1-1111C8702882}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... ckSearch_1
IE - HKU\S-1-5-21-965781781-1502645150-263859304-1004\..\SearchScopes\{5D103ED4-E096-45CB-A092-ABA80A15A5F2}: "URL" = http://www.novinky.cz/hledej?w={searchT ... ckSearch_1
IE - HKU\S-1-5-21-965781781-1502645150-263859304-1004\..\SearchScopes\{9451CC69-254F-48FA-A87D-FAF39389A987}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... ckSearch_1
IE - HKU\S-1-5-21-965781781-1502645150-263859304-1004\..\SearchScopes\{B0EC10C2-4964-4402-B8E4-232F887CA37A}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... ckSearch_1
IE - HKU\S-1-5-21-965781781-1502645150-263859304-1004\..\SearchScopes\{B88E4766-7F97-4267-8544-DAC802CD73EA}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... ckSearch_1
IE - HKU\S-1-5-21-965781781-1502645150-263859304-1004\..\SearchScopes\{C75F568D-D56B-46B1-AF8F-FE11C73DFFA6}: "URL" = http://www.firmy.cz/?q={searchTerms}&so ... ckSearch_1
IE - HKU\S-1-5-21-965781781-1502645150-263859304-1004\..\SearchScopes\{D0FD98C5-DF43-43B5-B67A-2421B1D8C5ED}: "URL" = http://encyklopedie.seznam.cz/search?q= ... ckSearch_1
IE - HKU\S-1-5-21-965781781-1502645150-263859304-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Marie\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Marie\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\zulagames@ZulaGames.com: C:\Users\Marie\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com [2013/09/28 06:29:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\zulagames@ZulaGames.com: C:\Users\Marie\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com [2013/09/28 06:29:40 | 000,000,000 | ---D | M]

[2013/09/28 06:29:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marie\AppData\Roaming\Mozilla\Extensions
[2013/09/28 06:29:20 | 000,000,000 | ---D | M] (Speed Analysis 2) -- C:\Users\Marie\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
[2013/09/28 06:29:40 | 000,000,000 | ---D | M] (Zula Games) -- C:\Users\Marie\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com
[2013/09/28 08:21:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
[2013/06/30 10:44:04 | 000,242,624 | ---- | M] () (No name found) -- C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\fhdp3@freehdsp.tv.xpi

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.searchgol.com/?babsrc=HP_ss& ... 6&tsp=5019
CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0\
CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gflandjopdloblmlcoiidmncpinmmacn\1.0.0.5\
CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdipponmnbnnclmkmnnddnbecckhbjdj\1.0.0_0\
CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbdbmopeebalgaeghmjoegpkngglikgn\3.0_0\
CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkfhcpebcfghcjahlogooeleammhjfdi\1.3_0\
CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/10/06 15:26:24 | 000,000,741 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - Startup: C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-965781781-1502645150-263859304-1004\..Trusted Domains: localhost ([]http in Internet)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net ... plugin.cab (QuickTime Plugin Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{67F9ADE7-8A9C-4260-9856-4CD1940E4107}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL) - File not found
O20 - AppInit_DLLs: (c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll) - File not found
O20 - AppInit_DLLs: (c:\progra~2\nvidia~1\3dvisi~1\nvstinit.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013/10/06 16:26:20 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Marie\Desktop\OTL.exe
[2013/10/06 14:08:52 | 000,000,000 | ---D | C] -- C:\Users\Marie\Desktop\RK_Quarantine
[2013/10/06 09:41:38 | 000,000,000 | ---D | C] -- C:\Users\Marie\AppData\Roaming\Malwarebytes
[2013/10/06 09:41:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/10/06 09:41:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/10/06 09:41:21 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/10/06 09:41:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/10/06 09:05:40 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/06 06:42:35 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013/10/06 06:42:35 | 000,000,000 | ---D | C] -- C:\rsit
[2013/10/04 12:52:25 | 000,000,000 | ---D | C] -- C:\Users\Marie\AppData\Local\M-Photo_Ltd
[2013/10/04 12:43:14 | 000,000,000 | ---D | C] -- C:\temp
[2013/10/04 12:42:42 | 000,000,000 | ---D | C] -- C:\ProgramData\M-Photo
[2013/09/28 17:57:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/09/28 17:57:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/09/28 17:57:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/09/28 08:21:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\qualitink
[2013/09/28 08:21:26 | 000,000,000 | ---D | C] -- C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LSHunter.TV
[2013/09/28 08:21:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LSHunter.TV
[2013/09/28 06:29:40 | 000,000,000 | ---D | C] -- C:\Users\Marie\AppData\Local\avgchrome
[2013/09/28 06:29:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2013/09/28 06:29:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2013/09/28 06:29:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[2013/09/28 06:29:24 | 000,000,000 | ---D | C] -- C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[2013/09/28 06:29:20 | 000,000,000 | ---D | C] -- C:\Users\Marie\AppData\Roaming\Mozilla
[2013/09/21 07:59:06 | 000,000,000 | ---D | C] -- C:\Users\Marie\AppData\Roaming\RocketPDF
[2013/09/21 07:59:06 | 000,000,000 | ---D | C] -- C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RocketPDF
[2013/09/17 17:57:01 | 000,694,232 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/09/17 17:57:01 | 000,078,296 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/09/16 20:25:39 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tssdisai.dll
[2013/09/15 20:41:06 | 002,371,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSService.dll
[2013/09/15 20:41:06 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppobjs.dll
[2013/09/15 20:41:06 | 000,209,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NotificationUI.exe
[2013/09/15 20:41:05 | 001,621,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2013/09/15 20:41:05 | 000,773,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2013/09/15 20:41:05 | 000,688,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSShared.dll
[2013/09/15 20:41:05 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2013/09/15 20:41:05 | 000,562,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSShared.dll
[2013/09/15 20:41:05 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppwinob.dll
[2013/09/15 20:41:05 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSSync.dll
[2013/09/15 20:41:05 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSSync.dll
[2013/09/15 20:41:05 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll
[2013/09/15 20:41:05 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppc.dll
[2013/09/15 20:41:05 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2013/09/15 20:41:05 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppc.dll
[2013/09/15 20:41:05 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2013/09/15 20:41:03 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2013/09/15 20:41:03 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSClient.dll
[2013/09/15 20:41:03 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.dll
[2013/09/15 20:41:03 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll
[2013/09/15 20:41:03 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSClient.dll
[2013/09/15 20:41:03 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2013/09/15 20:41:03 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2013/09/15 20:41:03 | 000,059,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2013/09/15 20:41:03 | 000,058,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dam.sys
[2013/09/15 20:41:03 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2013/09/15 20:41:03 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2013/09/15 20:41:02 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/09/15 20:41:02 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2013/09/15 20:41:02 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/09/15 20:41:02 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2013/09/15 20:41:02 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupcln.dll
[2013/09/15 20:41:02 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setupcln.dll
[2013/09/15 20:41:02 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2013/09/15 20:41:02 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2013/09/15 20:40:42 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/09/15 20:40:40 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2013/09/15 20:40:39 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/09/15 20:40:39 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/09/15 20:40:39 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/09/15 20:40:39 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/09/15 20:40:39 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/09/15 20:40:39 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2013/09/15 20:40:39 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/09/15 20:40:39 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2013/09/15 20:40:39 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/09/15 20:40:39 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/09/15 20:40:38 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/09/15 20:40:38 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/09/15 20:40:33 | 002,839,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2013/09/15 20:40:33 | 002,273,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2013/09/15 20:40:32 | 001,300,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2013/09/15 20:40:32 | 001,025,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2013/09/15 20:40:32 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2013/09/15 20:40:32 | 000,439,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFault.exe
[2013/09/15 20:40:32 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanconn.dll
[2013/09/15 20:40:32 | 000,385,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFault.exe
[2013/09/15 20:40:32 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2013/09/15 20:40:32 | 000,327,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2013/09/15 20:40:32 | 000,263,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcmsvc.dll
[2013/09/15 20:40:32 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll
[2013/09/15 20:40:32 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmmbase.dll
[2013/09/15 20:40:32 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winmmbase.dll
[2013/09/15 20:40:32 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmm.dll
[2013/09/15 20:40:31 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2013/09/15 20:40:31 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2013/09/15 20:40:31 | 000,543,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanmm.dll
[2013/09/15 20:40:31 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.BackgroundTransfer.dll
[2013/09/15 20:40:31 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wwanadvui.dll
[2013/09/15 20:40:31 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2013/09/15 20:40:31 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2013/09/15 20:40:31 | 000,195,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys
[2013/09/15 20:40:31 | 000,125,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpsd.sys
[2013/09/15 20:40:31 | 000,120,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msgpioclx.sys
[2013/09/15 20:40:31 | 000,096,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wfplwfs.sys
[2013/09/15 20:40:31 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\openfiles.exe
[2013/09/15 20:40:31 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcmcsp.dll
[2013/09/15 20:40:31 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\openfiles.exe
[2013/09/15 20:40:30 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\LocationApi.dll
[2013/09/15 20:40:30 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\LocationApi.dll
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/10/06 16:30:14 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/10/06 16:26:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marie\Desktop\OTL.exe
[2013/10/06 15:32:00 | 000,000,974 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-965781781-1502645150-263859304-1004UA.job
[2013/10/06 14:08:10 | 000,950,272 | ---- | M] () -- C:\Users\Marie\Desktop\RogueKiller.exe
[2013/10/06 13:47:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/10/06 12:42:25 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/10/06 12:42:24 | 828,927,999 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/06 12:32:11 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-965781781-1502645150-263859304-1004Core.job
[2013/10/06 09:04:20 | 001,045,226 | ---- | M] () -- C:\Users\Marie\Desktop\adwcleaner.exe
[2013/10/06 06:42:00 | 000,935,175 | ---- | M] () -- C:\Users\Marie\Desktop\RSITx64.exe
[2013/10/04 12:41:53 | 015,329,589 | ---- | M] () -- C:\Windows\SysWow64\Akrem studio_Akrem studio_uninstaller.exe
[2013/10/01 15:15:07 | 000,995,671 | ---- | M] () -- C:\Users\Marie\Desktop\Smlouva Mallorka.pdf
[2013/10/01 15:13:37 | 001,010,166 | ---- | M] () -- C:\Users\Marie\Documents\IMG_20131001_0001.pdf
[2013/09/28 18:04:09 | 001,714,430 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/09/28 18:04:09 | 000,726,246 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013/09/28 18:04:09 | 000,710,046 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/09/28 18:04:09 | 000,147,800 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013/09/28 18:04:09 | 000,132,416 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/09/28 08:21:26 | 000,000,834 | ---- | M] () -- C:\Users\Marie\Desktop\LSHunterTVApp.lnk
[2013/09/21 09:54:39 | 003,591,972 | ---- | M] () -- C:\Users\Marie\Documents\jopn.zahrada.xcf
[2013/09/21 09:54:39 | 000,012,796 | ---- | M] () -- C:\Users\Marie\AppData\Local\recently-used.xbel
[2013/09/20 22:48:08 | 000,470,784 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/09/20 08:16:12 | 007,111,460 | ---- | M] () -- C:\Users\Marie\Documents\P9080044.xcf
[2013/09/20 07:39:40 | 010,639,309 | ---- | M] () -- C:\Users\Marie\Documents\2008_vyrez_N9M6_II.xcf
[2013/09/19 01:26:35 | 000,694,232 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/09/19 01:26:35 | 000,078,296 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/10/06 16:30:14 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/10/06 14:08:10 | 000,950,272 | ---- | C] () -- C:\Users\Marie\Desktop\RogueKiller.exe
[2013/10/06 09:04:20 | 001,045,226 | ---- | C] () -- C:\Users\Marie\Desktop\adwcleaner.exe
[2013/10/06 06:41:59 | 000,935,175 | ---- | C] () -- C:\Users\Marie\Desktop\RSITx64.exe
[2013/10/04 12:41:53 | 015,329,589 | ---- | C] () -- C:\Windows\SysWow64\Akrem studio_Akrem studio_uninstaller.exe
[2013/10/01 15:15:05 | 000,995,671 | ---- | C] () -- C:\Users\Marie\Desktop\Smlouva Mallorka.pdf
[2013/10/01 15:13:36 | 001,010,166 | ---- | C] () -- C:\Users\Marie\Documents\IMG_20131001_0001.pdf
[2013/09/28 08:21:26 | 000,000,834 | ---- | C] () -- C:\Users\Marie\Desktop\LSHunterTVApp.lnk
[2013/09/21 09:54:39 | 003,591,972 | ---- | C] () -- C:\Users\Marie\Documents\jopn.zahrada.xcf
[2013/09/21 09:54:39 | 000,012,796 | ---- | C] () -- C:\Users\Marie\AppData\Local\recently-used.xbel
[2013/09/20 22:48:08 | 000,470,784 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/09/20 08:10:32 | 007,111,460 | ---- | C] () -- C:\Users\Marie\Documents\P9080044.xcf
[2013/09/20 07:39:40 | 010,639,309 | ---- | C] () -- C:\Users\Marie\Documents\2008_vyrez_N9M6_II.xcf
[2013/09/15 20:41:02 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/09/15 20:40:30 | 000,387,583 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013/04/11 15:36:12 | 000,005,632 | ---- | C] () -- C:\Users\Marie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/10/16 10:59:18 | 000,597,244 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012/10/16 10:58:45 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/10/16 10:58:41 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012/07/26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012/07/26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012/07/26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012/07/26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012/07/25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012/07/25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012/06/02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== ZeroAccess Check ==========

[2013/10/04 15:51:28 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/03/06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/03/06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/05/07 16:43:47 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Canon
[2013/04/14 17:23:43 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Jpeg Resampler
[2013/04/11 15:01:32 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\OpenOffice.org
[2013/09/21 07:59:13 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\RocketPDF
[2013/10/06 12:48:22 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Seznam.cz

========== Purity Check ==========



========== Custom Scans ==========

< >
[2012/07/26 09:22:10 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2013/06/03 12:03:18 | 000,000,922 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-965781781-1502645150-263859304-1004Core.job
[2013/06/03 12:03:19 | 000,000,974 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-965781781-1502645150-263859304-1004UA.job

< >

< MD5 for: AGP440.SYS >
[2012/07/26 07:00:49 | 000,063,216 | ---- | M] (Microsoft Corporation) MD5=01590377A5AB19E792528C628A2A68F9 -- C:\Windows\SysNative\drivers\AGP440.sys
[2012/07/26 07:00:49 | 000,063,216 | ---- | M] (Microsoft Corporation) MD5=01590377A5AB19E792528C628A2A68F9 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_81a4c6c9cc9d86a0\AGP440.sys
[2012/07/26 07:00:49 | 000,063,216 | ---- | M] (Microsoft Corporation) MD5=01590377A5AB19E792528C628A2A68F9 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.2.9200.16384_none_12dc94a048750f71\AGP440.sys

< MD5 for: ATAPI.SYS >
[2012/07/26 07:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\SysNative\drivers\atapi.sys
[2012/07/26 07:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_69660e2be041f47b\atapi.sys
[2012/07/26 07:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_b733d17ea1e7f604\atapi.sys
[2012/07/26 07:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.16384_none_3601cf7eab4e0493\atapi.sys
[2012/07/26 07:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.16548_none_36311422ab29f479\atapi.sys
[2012/07/26 07:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.20652_none_36a9df45c455182a\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2013/07/02 06:29:46 | 000,040,790 | ---- | M] () MD5=458E922BAFA63C604634A2582664D6E4 -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16384_none_3abd94ae4b8558e6\autochk.exe
[2013/07/02 06:29:47 | 000,000,596 | ---- | M] () MD5=51829F83F0D9CF4C1DC7E4F0307000E5 -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.20717_none_3b95e77d64677893\autochk.exe
[2013/05/15 04:24:10 | 000,793,088 | ---- | M] (Microsoft Corporation) MD5=61ADD65C9D1E2EAF8BB080A4D6AAB055 -- C:\Windows\SysWOW64\autochk.exe
[2013/05/15 04:24:10 | 000,793,088 | ---- | M] (Microsoft Corporation) MD5=61ADD65C9D1E2EAF8BB080A4D6AAB055 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16612_none_dee8adbc92f0e8e0\autochk.exe
[2013/07/02 19:57:20 | 000,034,714 | ---- | M] () MD5=BFC38D9CC89C17E75612DF6BE993491D -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16384_none_de9ef92a9327e7b0\autochk.exe
[2013/05/15 04:25:59 | 000,888,320 | ---- | M] (Microsoft Corporation) MD5=E47235E8DF26CA48DA189ACFD756329C -- C:\Windows\SysNative\autochk.exe
[2013/05/15 04:25:59 | 000,888,320 | ---- | M] (Microsoft Corporation) MD5=E47235E8DF26CA48DA189ACFD756329C -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16612_none_3b0749404b4e5a16\autochk.exe
[2013/07/02 19:57:21 | 000,000,619 | ---- | M] () MD5=F7FD58376D41BC13BAD0FE413C177AF1 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.20717_none_df774bf9ac0a075d\autochk.exe

< MD5 for: CDROM.SYS >
[2012/07/26 04:26:36 | 000,174,080 | ---- | M] (Microsoft Corporation) MD5=339BFF85D788268752DA8C9644B188EE -- C:\Windows\SysNative\drivers\cdrom.sys
[2012/07/26 04:26:36 | 000,174,080 | ---- | M] (Microsoft Corporation) MD5=339BFF85D788268752DA8C9644B188EE -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_cf04adb457be1724\cdrom.sys
[2012/07/26 04:26:36 | 000,174,080 | ---- | M] (Microsoft Corporation) MD5=339BFF85D788268752DA8C9644B188EE -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.2.9200.16384_none_b87303472d8ba041\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2013/08/19 08:01:14 | 000,001,071 | ---- | M] () MD5=45307FA4963CF35AC80CE5C6769A6EAA -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.16595_none_cebf74f3249ab376\cryptsvc.dll
[2013/07/13 08:16:06 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=5CE2742F063731EC10C1B2EE386A2C08 -- C:\Windows\SysNative\cryptsvc.dll
[2013/07/13 08:16:06 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=5CE2742F063731EC10C1B2EE386A2C08 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.16666_none_cee0e6e724817621\cryptsvc.dll
[2013/07/02 06:31:27 | 000,010,458 | ---- | M] () MD5=6AF10B66187CFDB418F6BDF7DEB1255D -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.20699_none_cf4d12e63db4b89c\cryptsvc.dll
[2013/07/02 06:31:26 | 000,010,692 | ---- | M] () MD5=7FD9090856B2FB16C85DE9C4B63DBBAE --

< MD5 for: AUTOCHK.EXE >
[2013/07/02 06:29:46 | 000,040,790 | ---- | M] () MD5=458E922BAFA63C604634A2582664D6E4 -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16384_none_3abd94ae4b8558e6\autochk.exe
[2013/07/02 06:29:47 | 000,000,596 | ---- | M] () MD5=51829F83F0D9CF4C1DC7E4F0307000E5 -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.20717_none_3b95e77d64677893\autochk.exe
[2013/05/15 04:24:10 | 000,793,088 | ---- | M] (Microsoft Corporation) MD5=61ADD65C9D1E2EAF8BB080A4D6AAB055 -- C:\Windows\SysWOW64\autochk.exe
[2013/05/15 04:24:10 | 000,793,088 | ---- | M] (Microsoft Corporation) MD5=61ADD65C9D1E2EAF8BB080A4D6AAB055 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16612_none_dee8adbc92f0e8e0\autochk.exe
[2013/07/02 19:57:20 | 000,034,714 | ---- | M] () MD5=BFC38D9CC89C17E75612DF6BE993491D -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16384_none_de9ef92a9327e7b0\autochk.exe
[2013/05/15 04:25:59 | 000,888,320 | ---- | M] (Microsoft Corporation) MD5=E47235E8DF26CA48DA189ACFD756329C -- C:\Windows\SysNative\autochk.exe
[2013/05/15 04:25:59 | 000,888,320 | ---- | M] (Microsoft Corporation) MD5=E47235E8DF26CA48DA189ACFD756329C -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16612_none_3b0749404b4e5a16\autochk.exe
[2013/07/02 19:57:21 | 000,000,619 | ---- | M] () MD5=F7FD58376D41BC13BAD0FE413C177AF1 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.20717_none_df774bf9ac0a075d\autochk.exe

< MD5 for: CDROM.SYS >
[2012/07/26 04:26:36 | 000,174,080 | ---- | M] (Microsoft Corporation) MD5=339BFF85D788268752DA8C9644B188EE -- C:\Windows\SysNative\drivers\cdrom.sys
[2012/07/26 04:26:36 | 000,174,080 | ---- | M] (Microsoft Corporation) MD5=339BFF85D788268752DA8C9644B188EE -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_cf04adb457be1724\cdrom.sys
[2012/07/26 04:26:36 | 000,174,080 | ---- | M] (Microsoft Corporation) MD5=339BFF85D788268752DA8C9644B188EE -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.2.9200.16384_none_b87303472d8ba041\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2013/08/19 08:01:14 | 000,001,071 | ---- | M] () MD5=45307FA4963CF35AC80CE5C6769A6EAA -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.16595_none_cebf74f3249ab376\cryptsvc.dll
[2013/07/13 08:16:06 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=5CE2742F063731EC10C1B2EE386A2C08 -- C:\Windows\SysNative\cryptsvc.dll
[2013/07/13 08:16:06 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=5CE2742F063731EC10C1B2EE386A2C08 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.16666_none_cee0e6e724817621\cryptsvc.dll
[2013/07/02 06:31:27 | 000,010,458 | ---- | M] () MD5=6AF10B66187CFDB418F6BDF7DEB1255D -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.20699_none_cf4d12e63db4b89c\cryptsvc.dll
[2013/07/02 06:31:26 | 000,010,692 | ---- | M] () MD5=7FD9090856B2FB16C85DE9C4B63DBBAE -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.16384_none_cec940c9249383e0\cryptsvc.dll
[2013/08/19 08:01:14 | 000,010,405 | ---- | M] () MD5=B82F4D09F47E4BAD135F250E17810AA5 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.20774_none_cf5db3323da8ff2e\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2013/07/29 06:12:12 | 000,217,360 | ---- | M] () MD5=024F1D67B53FFACF5F3E6772744B6B06 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20733_none_ab3d00461c7696e9\explorer.exe
[2013/07/29 06:13:28 | 000,191,911 | ---- | M] () MD5=0277E85F9B8B4D9D9C8C70C5E55022C8 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_b5080a0137b9becc\explorer.exe
[2013/06/01 13:34:21 | 002,391,280 | ---- | M] (Microsoft Corporation) MD5=0E8E6463F81C80AFBED533E0F1F8895D -- C:\Windows\explorer.exe
[2013/06/01 13:34:21 | 002,391,280 | ---- | M] (Microsoft Corporation) MD5=0E8E6463F81C80AFBED533E0F1F8895D -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16628_none_aac334d9034c59e1\explorer.exe
[2013/07/29 06:13:33 | 000,190,101 | ---- | M] () MD5=0F3466C377AA97D4CAB716CB5BEC4047 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20733_none_b591aa9850d758e4\explorer.exe
[2013/07/02 06:34:51 | 000,188,441 | ---- | M] () MD5=22D80334856C071E85E478C43186A0F2 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_aa7e4e770380a4b6\explorer.exe
[2013/07/02 07:26:28 | 000,145,657 | ---- | M] () MD5=54BB103CE8B1574C52C31C440BE7592C -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_b4d2f8c937e166b1\explorer.exe
[2013/07/02 06:34:53 | 000,003,739 | ---- | M] () MD5=9AF284D9E336E2F09D473507B68D7F35 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_ab3dfcc41c75b5f2\explorer.exe
[2013/07/02 07:26:31 | 000,004,958 | ---- | M] () MD5=9DB51ADD8537CD54195E751F6AE7CC6C -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_b592a71650d677ed\explorer.exe
[2013/07/29 06:12:09 | 000,220,310 | ---- | M] () MD5=BA168EEFC920D7E2DAB9F00A8AF348D8 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_aab35faf0358fcd1\explorer.exe
[2013/06/01 12:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC -- C:\Windows\SysWOW64\explorer.exe
[2013/06/01 12:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16628_none_b517df2b37ad1bdc\explorer.exe

< MD5 for: HAL.DLL >
[2013/07/02 06:35:24 | 000,011,988 | ---- | M] () MD5=03BF1500A3AA121EFA68751194A43D9F -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.16384_none_03f29a08e36e6d4c\hal.dll
[2013/07/02 06:35:25 | 000,001,310 | ---- | M] () MD5=4FC832586AB80C4A4F63EC8F25145108 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.20521_none_04ba1763fc5e1692\hal.dll
[2013/07/02 06:35:24 | 000,001,298 | ---- | M] () MD5=5569D8E1CF8FFCCBCE3BB6981BEF4C91 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.16420_none_042f7a4ee3415d71\hal.dll
[2012/10/24 06:54:04 | 000,396,008 | ---- | M] (Microsoft Corporation) MD5=F021625F422966AD31F95CC494F7D188 -- C:\Windows\SysNative\hal.dll
[2012/10/24 06:54:04 | 000,396,008 | ---- | M] (Microsoft Corporation) MD5=F021625F422966AD31F95CC494F7D188 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.16442_none_041bdb0ae34fc801\hal.dll
[2013/07/02 06:35:25 | 000,002,020 | ---- | M] () MD5=F2B8986B872D800AD1E4B2163E6B3351 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.20544_none_04a77869fc6b9a79\hal.dll

< MD5 for: IASTORV.SYS >
[2012/07/26 07:00:52 | 000,411,888 | ---- | M] (Intel Corporation) MD5=5E394EBD26FD68AA9300332C46BEDD62 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2012/07/26 07:00:52 | 000,411,888 | ---- | M] (Intel Corporation) MD5=5E394EBD26FD68AA9300332C46BEDD62 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_819876bbe5c3b25f\iaStorV.sys
[2012/07/26 07:00:52 | 000,411,888 | ---- | M] (Intel Corporation) MD5=5E394EBD26FD68AA9300332C46BEDD62 -- C:\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_6.2.9200.16384_none_07daf9dd118c3086\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2012/07/26 07:00:52 | 000,022,256 | ---- | M] (Microsoft Corporation) MD5=D940C5BB9DC92E588533C19ABCC3D2C2 -- C:\Windows\SysNative\drivers\isapnp.sys
[2012/07/26 07:00:52 | 000,022,256 | ---- | M] (Microsoft Corporation) MD5=D940C5BB9DC92E588533C19ABCC3D2C2 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_81a4c6c9cc9d86a0\isapnp.sys
[2012/07/26 07:00:52 | 000,022,256 | ---- | M] (Microsoft Corporation) MD5=D940C5BB9DC92E588533C19ABCC3D2C2 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.2.9200.16384_none_12dc94a048750f71\isapnp.sys

< MD5 for: LSASS.EXE >
[2013/07/02 06:47:01 | 000,000,552 | ---- | M] () MD5=40ABE0370966762BAE34AE876CCCC537 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.20521_none_96fcc65d3502465c\lsass.exe
[2013/07/02 06:47:00 | 000,002,767 | ---- | M] () MD5=9AF610F45921DA2570D6C3575D06612F -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.16384_none_963549021c129d16\lsass.exe
[2012/09/20 08:33:39 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=F702AB6181513303AB0FC8D59E52708B -- C:\Windows\SysNative\lsass.exe
[2012/09/20 08:33:39 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=F702AB6181513303AB0FC8D59E52708B -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.16420_none_967229481be58d3b\lsass.exe

< MD5 for: NDIS.SYS >
[2013/07/02 06:51:01 | 000,080,923 | ---- | M] () MD5=2614A1B1D603B57ED19B5F60D1A3A7E8 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.20521_none_b2e6a2f4cabfeafa\ndis.sys
[2013/07/29 06:12:28 | 000,123,394 | ---- | M] () MD5=2B31EBC9A49DE770304213070767D90D -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.20750_none_b2c536b2cad91fc4\ndis.sys
[2013/07/02 06:51:02 | 000,080,905 | ---- | M] () MD5=30A020EDDF628469DEE3AA6FB92DB99E -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.20534_none_b2ded3e6cac552f0\ndis.sys
[2013/07/02 06:50:57 | 000,084,368 | ---- | M] () MD5=3D4A83BBA3363C16EF27DDA784E2A611 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16384_none_b21f2599b1d041b4\ndis.sys
[2013/07/02 06:50:58 | 000,080,917 | ---- | M] () MD5=8E26605FA486F4E10B1D76EF4B56A53E -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16420_none_b25c05dfb1a331d9\ndis.sys
[2013/06/17 00:41:31 | 000,997,632 | ---- | M] (Microsoft Corporation) MD5=A10E176F3B2BF83EDE7B5C4658C93B66 -- C:\Windows\SysNative\drivers\ndis.sys
[2013/06/17 00:41:31 | 000,997,632 | ---- | M] (Microsoft Corporation) MD5=A10E176F3B2BF83EDE7B5C4658C93B66 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16643_none_b2496ab1b1b0b00e\ndis.sys
[2013/07/29 06:12:24 | 000,126,379 | ---- | M] () MD5=A2AFF70244DA58D3D97333C50AF9C50E -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16518_none_b26eda01b193ddc7\ndis.sys
[2013/07/29 06:12:25 | 000,051,156 | ---- | M] () MD5=C54F2EC344EACB75E7F1FB37A8926924 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16628_none_b2640bfbb19bf6df\ndis.sys
[2013/07/29 06:12:26 | 000,123,250 | ---- | M] () MD5=CC6DF40E2F9817B65234AC1A9AF888F6 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.20733_none_b2ddd768cac633e7\ndis.sys
[2013/07/02 06:51:03 | 000,000,956 | ---- | M] () MD5=F36A5FF817E04A6B016A1C0D9C834031 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.20623_none_b2e8a56ecabe1acf\ndis.sys
[2013/07/02 06:50:59 | 000,080,907 | ---- | M] () MD5=F9B5E2AEF26B84E9FE56BB98A3EEE11C -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16433_none_b25436d1b1a899cf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2012/07/26 05:19:22 | 000,634,368 | ---- | M] (Microsoft Corporation) MD5=EEF9DA64D7B1DD51FB8AB9EFCC560E3E -- C:\Windows\SysWOW64\netlogon.dll
[2012/07/26 05:19:22 | 000,634,368 | ---- | M] (Microsoft Corporation) MD5=EEF9DA64D7B1DD51FB8AB9EFCC560E3E -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.2.9200.16384_none_60d608f9f61ee049\netlogon.dll
[2012/07/26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) MD5=FDC70965F0FC9DFEBC919627DED5DDFF -- C:\Windows\SysNative\netlogon.dll
[2012/07/26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) MD5=FDC70965F0FC9DFEBC919627DED5DDFF -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.2.9200.16384_none_56815ea7c1be1e4e\netlogon.dll

< MD5 for: NVRAID.SYS >
[2012/07/26 07:00:55 | 000,150,256 | ---- | M] (NVIDIA Corporation) MD5=D6D34118263412D3AAA8348A9572B7F2 -- C:\Windows\SysNative\drivers\nvraid.sys
[2012/07/26 07:00:55 | 000,150,256 | ---- | M] (NVIDIA Corporation) MD5=D6D34118263412D3AAA8348A9572B7F2 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvraid.sys
[2012/07/26 07:00:55 | 000,150,256 | ---- | M] (NVIDIA Corporation) MD5=D6D34118263412D3AAA8348A9572B7F2 -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.2.9200.16384_none_92a46a8c48c2da5e\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2012/07/26 07:00:55 | 000,168,176 | ---- | M] (NVIDIA Corporation) MD5=27AFC428D1D32ABD04A86763A4EDDEA9 -- C:\Windows\SysNative\drivers\nvstor.sys
[2012/07/26 07:00:55 | 000,168,176 | ---- | M] (NVIDIA Corporation) MD5=27AFC428D1D32ABD04A86763A4EDDEA9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvstor.sys
[2012/07/26 07:00:55 | 000,168,176 | ---- | M] (NVIDIA Corporation) MD5=27AFC428D1D32ABD04A86763A4EDDEA9 -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.2.9200.16384_none_92a46a8c48c2da5e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2012/07/26 05:07:07 | 000,224,768 | ---- | M] (Microsoft Corporation) MD5=4F6E1CA672370A9BCAC049CE3AB7F666 -- C:\Windows\SysNative\scecli.dll
[2012/07/26 05:07:07 | 000,224,768 | ---- | M] (Microsoft Corporation) MD5=4F6E1CA672370A9BCAC049CE3AB7F666 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.2.9200.16384_none_90d789c062dfa509\scecli.dll
[2012/07/26 05:19:52 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B95DC83FF580DD92F487C2F4D0854B6A -- C:\Windows\SysWOW64\scecli.dll
[2012/07/26 05:19:52 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B95DC83FF580DD92F487C2F4D0854B6A -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.2.9200.16384_none_9b2c341297406704\scecli.dll

< MD5 for: SMSS.EXE >
[2012/07/26 07:26:45 | 000,132,096 | ---- | M] (Microsoft Corporation) MD5=08F850FEBDBDE7C89017B6B0CA0D1CD2 -- C:\Windows\SysNative\smss.exe
[2012/07/26 07:26:45 | 000,132,096 | ---- | M] (Microsoft Corporation) MD5=08F850FEBDBDE7C89017B6B0CA0D1CD2 -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.2.9200.16384_none_d72a7da7728fa356\smss.exe

< MD5 for: SVCHOST.EXE >
[2013/07/02 06:58:00 | 000,000,609 | ---- | M] () MD5=844F8B50687E0F7307F577AB54263628 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.20521_none_0f4c7e60a8019d22\svchost.exe
[2013/07/03 06:50:42 | 000,000,583 | ---- | M] () MD5=97B1232E05A24AAB3D2B735A2E51BAC2 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.20521_none_b32de2dcefa42bec\svchost.exe
[2012/09/20 07:55:26 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=A46DC432F81473F526E3994AA483E366 -- C:\Windows\SysWOW64\svchost.exe
[2012/09/20 07:55:26 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=A46DC432F81473F526E3994AA483E366 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16420_none_b2a345c7d68772cb\svchost.exe
[2013/07/03 06:50:42 | 000,003,208 | ---- | M] () MD5=B03DFC3C8F71EA4C68B0C646FE70E58D -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_b2666581d6b482a6\svchost.exe
[2013/07/02 06:58:00 | 000,002,873 | ---- | M] () MD5=E9676086D0E9CFEDFC395628F87F2B2D -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_0e8501058f11f3dc\svchost.exe
[2012/09/20 08:33:52 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=EDE27EACE742EE2888C5DD36400A2EC0 -- C:\Windows\SysNative\svchost.exe
[2012/09/20 08:33:52 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=EDE27EACE742EE2888C5DD36400A2EC0 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16420_none_0ec1e14b8ee4e401\svchost.exe

< MD5 for: TCPIP.SYS >
[2013/09/23 07:57:44 | 000,370,651 | ---- | M] () MD5=12177AE479A3F8FB663089B44451AD46 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16518_none_0c376e1eefee1300\tcpip.sys
[2013/07/09 08:07:17 | 002,233,168 | ---- | M] (Microsoft Corporation) MD5=1794C43A000A47D92B3304FC1E3E512A -- C:\Windows\SysNative\drivers\tcpip.sys
[2013/07/09 08:07:17 | 002,233,168 | ---- | M] (Microsoft Corporation) MD5=1794C43A000A47D92B3304FC1E3E512A -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16659_none_0c0d309ef00d9942\tcpip.sys
[2013/08/19 08:10:13 | 000,354,834 | ---- | M] () MD5=24B90BEF57AEA881DDC8EB227813D6A1 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20767_none_0c89fcea0935224f\tcpip.sys
[2013/09/23 07:57:58 | 000,369,579 | ---- | M] () MD5=4CEB3EF3CCBFB2920FC6F9F2037BE41A -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20652_none_0c8fc97e09318a84\tcpip.sys
[2013/09/23 07:57:40 | 000,372,358 | ---- | M] () MD5=54082AE42837C5D7605F5353E9C6E0A4 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16420_none_0c2499fceffd6712\tcpip.sys
[2013/09/23 07:57:46 | 000,253,079 | ---- | M] () MD5=5EA2DB3A866627242A88B4C5EC7939FA -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16548_none_0c16fe5af00666d3\tcpip.sys
[2013/09/23 07:57:55 | 000,370,651 | ---- | M] () MD5=6B4F2F4949B28FB1B1F19BEC95AE4E5B -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20623_none_0cb1398c09185008\tcpip.sys
[2013/09/23 07:57:37 | 000,370,211 | ---- | M] () MD5=7F0380A973F080D484DCFDEBB79AFD21 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16384_none_0be7b9b6f02a76ed\tcpip.sys
[2013/09/23 07:57:52 | 000,372,354 | ---- | M] () MD5=83A9B1DA7E821F337322A238AF814970 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20521_none_0caf3712091a2033\tcpip.sys
[2013/07/29 06:12:56 | 000,360,561 | ---- | M] () MD5=B0946C470985F8F567541428B82DECD7 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20733_none_0ca66b8609206920\tcpip.sys
[2013/09/23 07:57:49 | 000,225,794 | ---- | M] () MD5=BEC3306CFE80AF05FB5E28CC8C636F89 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16628_none_0c2ca018eff62c18\tcpip.sys

< MD5 for: USERINIT.EXE >
[2012/07/26 05:08:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\Windows\SysNative\userinit.exe
[2012/07/26 05:08:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_34f2617a5b742e02\userinit.exe
[2012/07/26 05:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\SysWOW64\userinit.exe
[2012/07/26 05:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_d8d3c5f6a316bccc\userinit.exe

< MD5 for: WINLOGON.EXE >
[2013/07/02 07:14:04 | 000,053,889 | ---- | M] () MD5=07CB4630B87101293A96C4F2B5E2C880 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16384_none_c88ca87b5eb5b1ec\winlogon.exe
[2013/07/02 07:14:05 | 000,053,884 | ---- | M] () MD5=18EE2B9FBA3DC3E91C1126343187F85F -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20521_none_c95425d677a55b32\winlogon.exe
[2012/10/11 07:46:58 | 000,517,120 | ---- | M] (Microsoft Corporation) MD5=BCF2036A0DD579E47C008C133550283E -- C:\Windows\SysNative\winlogon.exe
[2012/10/11 07:46:58 | 000,517,120 | ---- | M] (Microsoft Corporation) MD5=BCF2036A0DD579E47C008C133550283E -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16433_none_c8c1b9b35e8e0a07\winlogon.exe
[2013/07/02 07:14:05 | 000,001,620 | ---- | M] () MD5=BD4A91328F7DBFEDE90215DDAE35A4B4 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20534_none_c94c56c877aac328\winlogon.exe
[2013/07/02 07:14:04 | 000,053,876 | ---- | M] () MD5=CAA217678C162BB854332ADA97C85989 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16420_none_c8c988c15e88a211\winlogon.exe

< MD5 for: WS2_32.DLL >
[2012/07/26 07:26:48 | 000,345,088 | ---- | M] (Microsoft Corporation) MD5=2E5B349ACDA36C20612795754DB93312 -- C:\Windows\SysNative\ws2_32.dll
[2012/07/26 07:26:48 | 000,345,088 | ---- | M] (Microsoft Corporation) MD5=2E5B349ACDA36C20612795754DB93312 -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.2.9200.16384_none_4b815827581a3bbb\ws2_32.dll
[2012/07/26 05:20:38 | 000,310,784 | ---- | M] (Microsoft Corporation) MD5=B3CC9EDFD97F7087013A9A47089DF571 -- C:\Windows\SysWOW64\ws2_32.dll
[2012/07/26 05:20:38 | 000,310,784 | ---- | M] (Microsoft Corporation) MD5=B3CC9EDFD97F7087013A9A47089DF571 -- C:\Windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.2.9200.16384_none_ef62bca39fbcca85\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Panther\*.tmp files -> C:\Windows\Panther\*.tmp -> ]
[8 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\WinSxS\*.tmp files -> C:\Windows\WinSxS\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013/04/09 17:16:41 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Adobe
[2013/05/07 16:43:47 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Canon
[2013/04/14 17:23:43 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Jpeg Resampler
[2013/04/09 17:32:09 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Macromedia
[2013/10/06 09:41:38 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Malwarebytes
[2013/08/18 18:35:38 | 000,000,000 | --SD | M] -- C:\Users\Marie\AppData\Roaming\Microsoft
[2013/09/28 08:21:32 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Mozilla
[2013/04/11 15:01:32 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\OpenOffice.org
[2013/09/21 07:59:13 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\RocketPDF
[2013/10/06 12:48:22 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Seznam.cz
[2013/06/12 10:46:44 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\vlc

< %APPDATA%\*.exe /s >
[2013/05/16 15:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Marie\AppData\Roaming\Seznam.cz\szninstall.exe
[2013/05/16 15:26:24 | 002,589,256 | ---- | M] () -- C:\Users\Marie\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013/04/29 12:53:34 | 000,045,560 | ---- | M] () -- C:\Users\Marie\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2013/04/12 10:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Marie\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2013/04/12 10:10:22 | 000,092,664 | ---- | M] () -- C:\Users\Marie\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013/10/04 12:41:53 | 015,329,589 | ---- | M] () -- C:\Windows\system32\Akrem studio_Akrem studio_uninstaller.exe

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Google Update" = "C:\Users\Marie\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2013/06/03 12:03:16 | 000,116,648 | ---- | M] (Google Inc.)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013/10/06 16:30:14 | 000,000,512 | ---- | M] () MD5=3F89206FB0163E04777B6BDEA1E91E45 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012/05/06 00:38:42 | 000,062,238 | ---- | M] () -- \Users\Marie\Desktop\Mamka\GIMPPortable\App\gimp\share\gimp\2.0\patterns\cracked.pat

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2012/08/01 15:38:42 | 000,855,112 | ---- | M] () -- \$Recycle.Bin\S-1-5-21-965781781-1502645150-263859304-1004\$RXEABYD\Aplikace\MPR500 Pro 5\AlbumFTPUploader.exe
[2013/07/16 13:09:52 | 000,001,904 | ---- | M] () -- \$Recycle.Bin\S-1-5-21-965781781-1502645150-263859304-1004\$RXEABYD\Aplikace\MPR500 Pro 5\Lang\Czech\AlbumFTPUploaderDialogs.txt
[2011/07/05 17:21:12 | 000,064,263 | ---- | M] () -- \$Recycle.Bin\S-1-5-21-965781781-1502645150-263859304-1004\$RXEABYD\Aplikace\MPR500 Pro 5\Lang\Czech\AlbumMakerHelp_files\FTP_uploader.jpg
[2012/09/06 11:55:44 | 000,001,824 | ---- | M] () -- \$Recycle.Bin\S-1-5-21-965781781-1502645150-263859304-1004\$RXEABYD\Aplikace\MPR500 Pro 5\Lang\English\AlbumFTPUploaderDialogs.txt
[2013/07/16 13:09:52 | 000,001,976 | ---- | M] () -- \$Recycle.Bin\S-1-5-21-965781781-1502645150-263859304-1004\$RXEABYD\Aplikace\MPR500 Pro 5\Lang\Slovak\AlbumFTPUploaderDialogs.txt
[2011/07/05 17:21:12 | 000,064,263 | ---- | M] () -- \$Recycle.Bin\S-1-5-21-965781781-1502645150-263859304-1004\$RXEABYD\Aplikace\MPR500 Pro 5\Lang\Slovak\AlbumMakerHelp_files\FTP_uploader.jpg
[2006/10/26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\coloader.dll
[2006/10/26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\coloader.tlb
[2006/10/26 13:45:02 | 000,061,440 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\coloader80.dll
[2006/10/26 13:45:02 | 000,004,608 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\coloader80.tlb
[2012/05/03 18:38:36 | 000,071,528 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012/05/03 18:39:16 | 000,063,848 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2012/05/21 04:03:06 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2012/05/21 04:03:06 | 000,089,448 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2011/01/17 16:21:04 | 000,006,263 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.py
[2013/04/11 14:58:19 | 000,021,504 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2011/01/17 17:00:08 | 000,000,171 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2013/04/11 14:58:22 | 000,029,184 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010/11/19 12:24:20 | 000,003,689 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\java\unoloader.jar
[2012/07/26 12:05:09 | 000,039,485 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Bing_1.2.0.137_x64__8wekyb3d8bbwe\shell\js\backgroundImageLoader.js
[2013/04/10 17:21:59 | 000,032,157 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Bing_1.5.1.259_x64__8wekyb3d8bbwe\shell\js\backgroundImageLoader.js
[2012/07/26 12:04:06 | 000,002,809 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\DependencyLoader\DependencyLoader.js
[2012/07/26 12:04:06 | 000,001,583 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellComposeDependencyLoader.js
[2012/07/26 12:04:06 | 000,001,711 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellReadDependencyLoader.js
[2012/07/26 12:04:06 | 000,002,509 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellShareAnythingControlDependencyLoader.js
[2012/07/26 12:04:07 | 000,002,394 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernPeople\appframe\BackgroundLoader.js
[2012/07/26 12:04:07 | 000,005,028 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShareAnything\ShareDataLoader.js
[2013/04/10 17:25:06 | 000,002,089 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\DependencyLoader\DependencyLoader.js
[2013/04/10 17:25:12 | 000,001,326 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellComposeDependencyLoader.js
[2013/04/10 17:25:12 | 000,001,208 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellReadDependencyLoader.js
[2013/04/10 17:25:12 | 000,002,552 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellShareAnythingControlDependencyLoader.js
[2013/04/10 17:25:13 | 000,001,915 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernPeople\appframe\BackgroundLoader.js
[2013/04/10 17:25:14 | 000,005,019 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShareAnything\ShareDataLoader.js
[2012/07/26 12:05:07 | 000,049,108 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.XboxLIVEGames_1.0.927.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013/05/03 12:56:50 | 000,046,874 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.XboxLIVEGames_1.3.10.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2012/07/26 12:04:43 | 000,049,108 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneMusic_1.0.927.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013/05/21 08:48:56 | 000,053,549 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneMusic_1.4.18.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013/09/26 10:07:52 | 000,052,389 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneMusic_1.5.146.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2012/07/26 12:04:50 | 000,049,108 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneVideo_1.0.927.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013/08/16 11:59:44 | 000,053,822 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneVideo_1.5.41.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013/10/04 16:51:18 | 000,000,640 | ---- | M] () -- \Users\Marie\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\AlbumFTPUploader.exe.log
[2013/09/21 07:58:55 | 000,000,999 | ---- | M] () -- \Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\73LUQYI0\downloader[1].htm
[2013/09/28 06:29:15 | 000,001,059 | ---- | M] () -- \Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\73LUQYI0\downloader[2].htm
[2013/09/28 08:21:52 | 000,001,070 | ---- | M] () -- \Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B7LY4TGW\downloader[1].htm
[2013/09/28 06:29:17 | 000,001,070 | ---- | M] () -- \Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CKCZBNGJ\downloader[1].htm
[2013/09/28 08:21:51 | 000,001,059 | ---- | M] () -- \Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CKCZBNGJ\downloader[2].htm
[2013/09/28 08:21:43 | 000,141,282 | ---- | M] () -- \Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CKCZBNGJ\monetizationLoader[1].js
[2013/09/21 07:58:59 | 000,001,010 | ---- | M] () -- \Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W28F9BUI\downloader[1].htm
[2013/09/28 08:25:13 | 000,058,608 | ---- | M] () -- \Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\90P5S2AN\sf_preloader[1].js
[2013/09/28 10:33:01 | 000,058,608 | ---- | M] () -- \Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NYMKW8WG\sf_preloader[1].js
[2013/10/04 06:23:24 | 000,001,076 | ---- | M] () -- \Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RCDZV72P\loader[1].js
[2013/10/05 08:47:28 | 000,002,319 | ---- | M] () -- \Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SHPQVN5U\mmoViewerPreloader[1].swf
[2013/10/05 06:27:05 | 000,002,971 | ---- | M] () -- \Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TYQ2T41N\loader[1].gif
[2013/04/13 07:38:58 | 000,015,520 | ---- | M] () -- \Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TZQ62DB0\gloader.0.1.6[1].js
[2013/10/04 05:39:47 | 000,011,516 | ---- | M] () -- \Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TZQ62DB0\loader[1].gif
[2013/10/06 08:36:21 | 000,006,820 | ---- | M] () -- \Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Y0JVE1DO\loader66[1].gif
[2013/10/04 08:12:03 | 000,001,375 | ---- | M] () -- \Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YMMG5OVS\AJAXContentLoader[1].js
[2012/10/04 15:12:16 | 000,001,904 | ---- | M] () -- \Users\Marie\AppData\Local\Temp\ckz_YKQ7\Lang\Czech\AlbumFTPUploaderDialogs.txt
[2011/07/05 17:21:12 | 000,064,263 | ---- | M] () -- \Users\Marie\AppData\Local\Temp\ckz_YKQ7\Lang\Czech\AlbumMakerHelp_files\FTP_uploader.jpg
[2012/09/06 11:55:44 | 000,001,824 | ---- | M] () -- \Users\Marie\AppData\Local\Temp\ckz_YKQ7\Lang\English\AlbumFTPUploaderDialogs.txt
[2012/10/04 15:12:16 | 000,001,976 | ---- | M] () -- \Users\Marie\AppData\Local\Temp\ckz_YKQ7\Lang\Slovak\AlbumFTPUploaderDialogs.txt
[2011/07/05 17:21:12 | 000,064,263 | ---- | M] () -- \Users\Marie\AppData\Local\Temp\ckz_YKQ7\Lang\Slovak\AlbumMakerHelp_files\FTP_uploader.jpg
[2012/08/01 14:38:42 | 000,855,112 | ---- | M] () -- \Users\Marie\AppData\Local\Temp\ckz_YKQ7\MPR500 Pro 5\AlbumFTPUploader.exe
[2013/08/02 06:12:47 | 000,000,121 | ---- | M] () -- \Users\Marie\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2BZQ5NYE\fr-advideum.cdn.videoplaza.tv\com.videoplaza.bootloader.sol
[2013/03/29 13:37:34 | 000,059,384 | ---- | M] () -- \Users\Marie\AppData\Roaming\Seznam.cz\bin\13126libfoxloader.dll
[2013/04/15 13:32:10 | 000,060,416 | ---- | M] () -- \Users\Marie\AppData\Roaming\Seznam.cz\bin\3115libfoxloader-x64.dll
[2013/04/26 13:15:39 | 000,000,165 | ---- | M] () -- \Users\Marie\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013/04/02 15:39:42 | 000,031,516 | ---- | M] () -- \Users\Marie\AppData\Roaming\Seznam.cz\install\cz.seznam.software.libfoxloader-3.1.2-win32.zip
[2013/03/25 16:27:20 | 000,000,665 | ---- | M] () -- \Users\Marie\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.install.bat
[2013/03/25 16:27:26 | 000,000,117 | ---- | M] () -- \Users\Marie\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.uninstall.bat
[2012/05/05 08:42:40 | 000,032,113 | ---- | M] () -- \Users\Marie\Desktop\Mamka\GIMPPortable\App\gimp\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-svg.dll
[2011/03/08 18:43:28 | 000,013,734 | ---- | M] () -- \Users\Marie\Desktop\Mamka\GIMPPortable\App\gimp\Python\Lib\unittest\loader.py
[2013/04/15 11:53:57 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2012/07/26 10:36:17 | 000,589,312 | R--- | M] () -- \Windows\ConfigSetRoot\sources\upgloader.dll
[2012/07/26 10:36:17 | 000,022,016 | R--- | M] () -- \Windows\ConfigSetRoot\sources\cs-cz\upgloader.dll.mui
[2013/10/04 16:47:20 | 000,216,642 | ---- | M] () -- \Windows\Prefetch\ALBUMFTPUPLOADER.EXE-36B0DA12.pf
[2013/06/09 07:56:50 | 000,030,852 | ---- | M] () -- \Windows\Prefetch\LOADER.EXE-7F43515F.pf
[2012/07/26 04:46:24 | 000,003,072 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/07/26 04:46:25 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-1.dll
[2012/07/26 04:46:36 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-0.dll
[2012/07/26 05:18:20 | 000,036,352 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012/07/26 04:46:24 | 000,003,072 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/07/26 04:46:25 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-1.dll
[2012/07/26 04:46:36 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-0.dll
[2012/07/26 05:18:20 | 000,036,352 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[1 \Windows\WinSxS\*.tmp files -> \Windows\WinSxS\*.tmp -> ]
[2012/07/26 06:53:16 | 001,084,144 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16384_none_891afac5ef497dae\hvloader.efi
[2012/07/26 06:53:16 | 000,998,128 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16384_none_891afac5ef497dae\hvloader.exe
[2012/10/11 10:42:55 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16433_none_89500bfdef21d5c9\hvloader.efi
[2012/10/11 10:42:55 | 000,998,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16433_none_89500bfdef21d5c9\hvloader.exe
[2013/03/02 12:39:39 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16548_none_894a3f69ef256d94\hvloader.efi
[2013/03/02 12:39:39 | 000,998,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16548_none_894a3f69ef256d94\hvloader.exe
[2013/03/02 12:39:39 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16579_none_892acfefef3cdabe\hvloader.efi
[2013/04/09 07:24:49 | 000,998,152 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16579_none_892acfefef3cdabe\hvloader.exe
[2013/06/01 14:02:14 | 001,084,160 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856

,144 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16628_none_895fe127ef1532d9\hvloader.exe
[2012/10/11 09:29:20 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20534_none_89daa913083e8eea\hvloader.efi
[2012/10/11 09:29:20 | 000,998,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20534_none_89daa913083e8eea\hvloader.exe
[2013/03/02 12:22:17 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20652_none_89c30a8d08509145\hvloader.efi
[2013/03/02 12:22:17 | 000,998,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20652_none_89c30a8d08509145\hvloader.exe
[2013/03/02 12:22:17 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20683_none_89a39b130867fe6f\hvloader.efi
[2013/04/09 02:24:11 | 000,998,152 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20683_none_89a39b130867fe6f\hvloader.exe
[2013/06/01 14:49:37 | 001,084,160 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20733_none_89d9ac95083f6fe1\hvloader.efi
[2013/06/01 14:49:37 | 000,998,144 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20733_none_89d9ac95083f6fe1\hvloader.exe
[2012/07/26 05:05:30 | 000,047,616 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.2.9200.16384_none_9ebdc35619670551\dmloader.dll
[2012/07/26 04:35:54 | 000,003,072 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_637b975b05942933\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/07/26 04:35:54 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_637b975b05942933\api-ms-win-core-libraryloader-l1-1-1.dll
[2012/07/26 04:35:58 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_637b975b05942933\api-ms-win-core-stringloader-l1-1-0.dll
[2012/07/26 12:01:16 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_8c0c160e86cdb00c.manifest
[2012/07/26 12:01:16 | 000,030,448 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_8c0c160e86cdb00c_winload.efi.mui_35ee487d
[2012/07/26 12:01:16 | 000,030,448 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_8c0c160e86cdb00c_winload.exe.mui_3bc5b827
[2012/07/26 12:01:16 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_8c0c160e86cdb00c_winresume.efi.mui_f412814e
[2012/07/26 12:01:16 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_8c0c160e86cdb00c_winresume.exe.mui_ff8b5358
[2013/07/17 05:22:35 | 000,005,808 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a.manifest
[2013/07/17 05:22:35 | 001,403,296 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a_winload.efi_75834aa0
[2013/07/17 05:22:36 | 001,271,584 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a_winload.exe_75835076
[2013/07/17 05:22:36 | 001,217,352 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a_winresume.efi_85cd069f
[2013/07/17 05:22:36 | 001,093,904 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a_winresume.exe_85cd1215
[2012/07/26 10:11:35 | 000,000,596 | ---- | M] () -- \Windows\WinSxS\FileMaps\programdata_microsoft_network_downloader_7fafaef6d33e4371.cdf-ms
[2012/07/26 11:59:59 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_8c0c160e86cdb00c.manifest
[2012/07/26 07:00:58 | 000,005,810 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16384_none_b3f06196f66b163f.manifest
[2012/09/20 10:33:02 | 000,005,810 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16420_none_b42d41dcf63e0664.manifest
[2012/10/11 09:33:59 | 000,005,810 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16433_none_b42572cef6436e5a.manifest
[2013/04/09 08:04:17 | 000,005,808 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16579_none_b40036c0f65e734f.manifest
[2013/06/01 13:31:54 | 000,005,808 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a.manifest
[2012/09/20 11:24:25 | 000,005,810 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.20521_none_b4b7def20f5abf85.manifest
[2012/10/11 09:26:48 | 000,005,810 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.20534_none_b4b00fe40f60277b.manifest
[2013/04/09 02:53:04 | 000,005,808 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.20683_none_b47901e40f899700.manifest
[2013/06/01 14:10:50 | 000,005,808 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.20733_none_b4af13660f610872.manifest
[2012/07/26 05:18:20 | 000,036,352 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.2.9200.16384_none_429f27d26109941b\dmloader.dll
[2012/07/26 04:46:24 | 000,003,072 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_075cfbd74d36b7fd\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/07/26 04:46:25 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_075cfbd74d36b7fd\api-ms-win-core-libraryloader-l1-1-1.dll
[2012/07/26 04:46:36 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_075cfbd74d36b7fd\api-ms-win-core-stringloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2013/05/13 15:14:36 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.dll
[2013/09/28 17:57:57 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.ni.dll
[2005/10/28 15:29:20 | 000,000,592 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\VBSnippets\1033\Connectivity\EnumerateSerialPorts.snippet
[2005/10/28 15:29:20 | 000,001,178 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\VBSnippets\1033\Connectivity\ReadDatafromaSerialPort.snippet
[2005/10/28 15:29:20 | 000,001,492 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\VBSnippets\1033\Connectivity\UseaSerialPorttoDialaPhoneNumber.snippet
[2012/10/10 03:35:25 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2013/05/13 17:04:04 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.dll
[2013/09/28 17:58:19 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.ni.dll
[2012/10/10 03:36:13 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2012/07/26 12:00:56 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013/06/07 12:11:55 | 000,032,768 | ---- | M] () -- \Users\Marie\AppData\Local\HF Designer\{D7CA0C2B-EEE7-42A6-BAF7-DCAA19AAFF97}\mdbu\Locations!IX_VolumeSerialNumber_Location.ind
[2013/06/07 12:11:55 | 000,008,192 | ---- | M] () -- \Users\Marie\AppData\Local\HF Designer\{D7CA0C2B-EEE7-42A6-BAF7-DCAA19AAFF97}\mdbu\Media!IX_VolumeSerialNumber.ind
[2013/10/05 10:55:54 | 000,002,992 | ---- | M] () -- \Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\093TL50V\nejlepsiserialy[1].gif
[2013/10/04 08:06:36 | 000,002,013 | ---- | M] () -- \Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LIMJP6P7\jquery.serialScroll-1.2.2-min[1].js
[2013/10/04 08:12:03 | 000,002,013 | ---- | M] () -- \Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LIMJP6P7\jquery.serialScroll-1.2.2-min[2].js
[2013/10/05 10:55:30 | 000,001,314 | ---- | M] () -- \Users\Marie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\T13XXH7K\serialzone[1].gif
[2013/05/06 15:07:49 | 000,000,013 | ---- | M] () -- \Users\Marie\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\27G8SQA2\www.serialzone[1].xml
[2012/06/12 19:32:25 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/07/06 04:01:14 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/26 12:00:56 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012/10/10 03:35:25 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/08/16 08:09:01 | 002,786,816 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\945ba6fe50e8eb0db17d47f899d5f6c4\System.Runtime.Serialization.ni.dll
[2013/08/16 08:09:01 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\945ba6fe50e8eb0db17d47f899d5f6c4\System.Runtime.Serialization.ni.dll.aux
[2013/08/16 08:07:39 | 003,602,944 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\48b764fe44c1af86ea4052b7d4b08a47\System.Runtime.Serialization.ni.dll
[2013/08/16 08:07:39 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\48b764fe44c1af86ea4052b7d4b08a47\System.Runtime.Serialization.ni.dll.aux
[2012/07/26 10:36:17 | 000,131,072 | R--- | M] () -- \Windows\ConfigSetRoot\sources\sxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.2.9200.16384_none_5313850cd3a87f7b\system.runtime.serialization.formatters.soap.dll
[2012/07/26 10:36:17 | 000,011,776 | R--- | M] () -- \Windows\ConfigSetRoot\sources\sxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.2.9200.16384_cs-cz_0c3c9b78cd408874\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/07/26 10:36:17 | 000,970,752 | R--- | M] () -- \Windows\ConfigSetRoot\sources\sxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.16384_none_dd235adf680f4fc6\system.runtime.serialization.dll
[2012/07/26 10:36:17 | 000,090,112 | R--- | M] () -- \Windows\ConfigSetRoot\sources\sxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.16384_cs-cz_6acea198775b6fe0\System.RunTime.Serialization.Resources.dll
[2012/07/26 10:36:17 | 000,970,752 | R--- | M] () -- \Windows\ConfigSetRoot\sources\sxs\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.16384_none_0d6690798fb650f9\system.runtime.serialization.dll
[2012/07/26 10:36:17 | 000,011,776 | R--- | M] () -- \Windows\ConfigSetRoot\sources\sxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_bcd776d47cbcd7df\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/07/26 10:36:17 | 000,090,112 | R--- | M] () -- \Windows\ConfigSetRoot\sources\sxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_5a1f1e7223e59e1c\System.RunTime.Serialization.Resources.dll
[2012/07/26 10:36:17 | 000,970,752 | R--- | M] () -- \Windows\ConfigSetRoot\sources\sxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16384_none_12413c46d08ceb3b\system.runtime.serialization.dll
[2012/07/26 10:09:26 | 000,001,032 | ---- | M] () -- \Windows\Inf\c_multiportserial.inf
[2013/08/23 04:38:23 | 000,004,224 | ---- | M] () -- \Windows\Inf\c_multiportserial.PNF
[2012/08/31 02:51:52 | 000,027,808 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/07/12 04:02:06 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/12 04:02:06 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2012/07/12 04:02:06 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2012/08/31 02:51:46 | 000,113,752 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2012/07/12 04:02:06 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013/02/23 01:11:46 | 001,050,728 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012/07/12 04:02:08 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2012/07/12 04:02:08 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2012/07/06 04:01:14 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2005/09/23 07:56:56 | 000,008,007 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.xml
[2012/06/12 19:31:09 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/10/10 03:35:25 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/02/23 01:11:46 | 001,050,728 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2012/07/12 04:02:06 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/12 04:02:06 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2012/07/12 04:02:06 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2012/07/12 04:02:06 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2012/07/12 04:02:08 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2012/07/12 04:02:08 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2012/08/31 02:51:52 | 000,027,808 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/08/31 02:51:52 | 000,113,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2012/07/06 04:01:05 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012/06/12 19:32:25 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012/10/10 03:36:14 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/02/23 01:09:26 | 001,050,728 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2012/07/12 04:01:17 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/12 04:01:17 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2012/07/12 04:01:17 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2012/07/12 04:01:17 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2012/07/12 04:01:20 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2012/07/12 04:01:20 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2012/08/31 02:51:45 | 000,027,808 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/08/31 02:51:46 | 000,113,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2012/07/26 05:19:54 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2012/07/26 12:00:46 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2012/07/26 12:00:36 | 000,000,232 | ---- | M] () -- \Windows\System32\DriverStore\en-US\c_multiportserial.inf_loc
[2012/07/25 22:35:47 | 000,001,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\c_multiportserial.inf_amd64_45188a76c7257c7d\c_multiportserial.inf
[2012/07/26 04:30:01 | 000,076,800 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_b9497ff7bf3c4b05\serial.sys
[2012/07/26 05:19:54 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2012/07/26 12:00:46 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[1 \Windows\WinSxS\*.tmp files -> \Windows\WinSxS\*.tmp -> ]
[2012/07/26 12:00:36 | 000,000,232 | ---- | M] () -- \Windows\WinSxS\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.2.9200.16384_en-us_9df633403910846e\c_multiportserial.inf_loc
[2012/07/25 22:35:47 | 000,001,032 | ---- | M] () -- \Windows\WinSxS\amd64_c_multiportserial.inf_31bf3856ad364e35_6.2.9200.16384_none_f9bc515a3410ee82\c_multiportserial.inf
[2013/07/02 06:50:44 | 000,000,181 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_18f61258351a4915\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012/06/12 19:32:25 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_192822b234f5552b\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2013/07/02 06:50:50 | 000,000,181 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_19b2bfc74e120e4c\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012/07/26 12:00:46 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_a73488f66d6efa73\serialui.dll.mui
[2012/07/26 05:07:10 | 000,017,920 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.2.9200.16384_none_4dcb48f2a86ef2b0\serialui.dll
[2013/07/02 07:11:35 | 000,000,184 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_b63db9f5dc430f52\System.RunTime.Serialization.Resources.dll
[2012/07/26 12:00:56 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_b66fca4fdc1e1b68\System.RunTime.Serialization.Resources.dll
[2013/07/02 07:11:36 | 000,000,184 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_b6fa6764f53ad489\System.RunTime.Serialization.Resources.dll
[2012/07/26 12:00:36 | 000,009,728 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_1d7fc9ead6009a1c\serial.sys.mui
[2012/07/26 04:30:01 | 000,076,800 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf_31bf3856ad364e35_6.2.9200.16384_none_5161581642227a2a\serial.sys
[2013/07/02 07:19:47 | 000,004,892 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_6b79c54ad2b7ba05\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/07/02 07:19:29 | 000,004,906 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_6b79c54ad2b7ba05\System.RunTime.Serialization.resources.dll
[2012/08/31 02:51:45 | 000,027,808 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_6babd5a4d292c61b\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/08/31 02:51:46 | 000,113,752 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_6babd5a4d292c61b\System.RunTime.Serialization.resources.dll
[2013/07/02 07:20:21 | 000,002,683 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_6c3672b9ebaf7f3c\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/07/02 07:20:15 | 000,003,257 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_6c3672b9ebaf7f3c\System.RunTime.Serialization.resources.dll
[2012/07/12 04:01:17 | 000,132,656 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9200.16384_none_d68148ce3ff07e02\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/12 04:01:17 | 000,022,048 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..lization.primitives_b03f5f7f11d50a3a_4.0.9200.16384_none_43a8275875494b8e\System.Runtime.Serialization.Primitives.dll
[2012/07/12 04:01:17 | 000,022,024 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9200.16384_none_e25d0cd734f43e04\System.Runtime.Serialization.Json.dll
[2012/07/12 04:01:17 | 000,022,016 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9200.16384_none_c974e4aa59db7371\System.Runtime.Serialization.Xml.dll
[2012/07/12 04:01:17 | 001,050,096 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.16384_none_8f14a7bb8fcb8036\System.Runtime.Serialization.dll
[2013/02/23 01:09:26 | 001,050,728 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.16543_none_8f10bd138fcf01db\System.Runtime.Serialization.dll
[2013/02/23 01:13:33 | 001,051,768 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.20647_none_7842bb33a976c865\System.Runtime.Serialization.dll
[2012/07/12 04:01:20 | 000,036,320 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9200.16384_none_fed799684e8c8f15\System.Xml.Serialization.dll
[2012/07/12 04:01:20 | 000,022,496 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9200.16384_none_ea6130aafff18bc8\System.Xml.XmlSerializer.dll
[2012/07/06 04:01:05 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.2.9200.16384_none_e04b053008b35686\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/06 04:02:29 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.16384_none_8fbcf8a56818c79c\System.Runtime.Serialization.dll
[2012/10/10 03:36:14 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.16432_none_8fb8249f681d15f8\System.Runtime.Serialization.dll
[2012/10/10 03:36:23 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.20533_none_78ea671781c48f9f\System.Runtime.Serialization.dll
[2012/07/06 04:02:29 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16384_none_ca94056fbc10c235\System.Runtime.Serialization.dll
[2012/10/10 03:36:13 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16432_none_ca8f3169bc151091\System.Runtime.Serialization.dll
[2012/10/10 03:36:22 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.20533_none_b3c173e1d5bc8a38\System.Runtime.Serialization.dll
[2012/07/26 11:59:31 | 000,001,131 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf-languagepack_31bf3856ad364e35_6.2.9200.16384_cs-cz_2b0eb54f379ff467.manifest
[2012/07/26 11:59:43 | 000,001,852 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.2.9200.16384_en-us_9df633403910846e.manifest
[2012/07/26 07:09:43 | 000,001,513 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf_31bf3856ad364e35_6.2.9200.16384_none_f9bc515a3410ee82.manifest
[2012/07/26 07:26:40 | 000,002,626 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.2.9200.16384_none_6a7f3483366f250c.manifest
[2012/07/26 07:07:04 | 000,009,894 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-serial-classextension_31bf3856ad364e35_6.2.9200.16384_none_8ede5994e2f7c2e3.manifest
[2012/07/26 07:06:54 | 000,000,452 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.2.9200.16384_none_85867a4c903a2d8f.manifest
[2012/07/26 06:48:21 | 000,002,226 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9200.16384_none_e25d0cd734f43e04.manifest
[2012/07/26 06:48:33 | 000,002,222 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9200.16384_none_c974e4aa59db7371.manifest
[2012/07/26 06:48:19 | 000,002,206 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.16384_none_8f14a7bb8fcb8036.manifest
[2013/02/25 03:50:28 | 000,002,206 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.16543_none_8f10bd138fcf01db.manifest
[2013/02/25 03:20:05 | 000,002,206 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.20647_none_7842bb33a976c865.manifest
[2012/07/26 06:48:28 | 000,002,190 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9200.16384_none_fed799684e8c8f15.manifest
[2012/07/26 06:48:22 | 000,002,190 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9200.16384_none_ea6130aafff18bc8.manifest
[2012/07/26 06:48:30 | 000,002,276 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.16384_none_8fbcf8a56818c79c.manifest
[2012/10/10 11:35:16 | 000,002,276 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.16432_none_8fb8249f681d15f8.manifest
[2012/10/10 10:57:11 | 000,002,276 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.20533_none_78ea671781c48f9f.manifest
[2012/07/26 06:48:13 | 000,002,301 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16384_none_ca94056fbc10c235.manifest
[2012/10/10 11:35:02 | 000,002,301 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16432_none_ca8f3169bc151091.manifest
[2012/10/10 10:56:39 | 000,002,301 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.20533_none_b3c173e1d5bc8a38.manifest
[2012/07/26 05:40:05 | 000,002,301 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9200.16384_none_4133a81e70d69dc1.manifest
[2012/07/26 05:45:32 | 000,002,325 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9200.16384_none_bd2cf9cf998cc8b9.manifest
[2012/07/26 05:43:53 | 000,002,265 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.16384_none_dd235adf680f4fc6.manifest
[2012/10/10 09:14:13 | 000,002,265 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.16432_none_dd1e86d968139e22.manifest
[2012/10/10 09:29:05 | 000,002,265 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.20533_none_c650c95181bb17c9.manifest
[2012/07/26 12:00:17 | 000,001,569 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16384_cs-cz_04bd693af2668cc0.manifest
[2012/10/06 09:45:01 | 000,001,569 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16430_cs-cz_04b8c2c4f26aa7da.manifest
[2013/02/25 06:17:13 | 000,001,569 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16543_cs-cz_04b97e92f26a0e65.manifest
[2012/10/06 09:49:51 | 000,001,569 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.20531_cs-cz_edeb053d0c122181.manifest
[2013/02/25 08:16:34 | 000,001,569 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.20647_cs-cz_edeb7cb30c11d4ef.manifest
[2012/07/26 12:00:15 | 000,001,643 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.16384_cs-cz_6acea198775b6fe0.manifest
[2012/10/10 17:41:47 | 000,001,643 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.16432_cs-cz_6ac9cd92775fbe3c.manifest
[2012/10/10 17:40:30 | 000,001,643 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.20533_cs-cz_53fc100a910737e3.manifest
[2012/07/26 05:40:13 | 000,002,297 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9200.16384_none_ec5267dfb07eac70.manifest
[2012/07/26 05:40:38 | 000,002,730 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.16384_none_a755581c0ac16dd9.manifest
[2013/02/25 02:20:49 | 000,002,730 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.16543_none_a7516d740ac4ef7e.manifest
[2013/02/25 01:54:09 | 000,002,730 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.20647_none_90836b94246cb608.manifest
[2012/07/26 05:45:31 | 000,002,018 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.16384_none_0d6690798fb650f9.manifest
[2012/10/10 09:14:19 | 000,002,018 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.16432_none_0d61bc738fba9f55.manifest
[2012/10/10 09:29:12 | 000,002,018 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.20533_none_f693feeba96218fc.manifest
[2012/07/26 05:46:59 | 000,002,382 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.serialization_b77a5c561934e089_4.0.9200.16384_none_39f3d82244d5cd7e.manifest
[2012/07/26 05:44:37 | 000,002,265 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9200.16384_none_1c0994e6b8e022d1.manifest
[2012/07/26 05:40:08 | 000,002,299 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16384_none_12413c46d08ceb3b.manifest
[2012/10/10 09:14:00 | 000,002,299 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16432_none_123c6840d0913997.manifest
[2012/10/10 09:28:50 | 000,002,299 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.20533_none_fb6eaab8ea38b33e.manifest
[2012/07/12 04:02:06 | 000,132,656 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9200.16384_none_ed024caf4eb39c5b\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/06 04:01:14 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.2.9200.16384_none_5313850cd3a87f7b\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/26 12:00:58 | 000,027,736 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_4.0.9200.16384_cs-cz_a62b631b484ba554\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/08/31 02:51:52 | 000,027,808 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_4.0.9200.16430_cs-cz_a626bca5484fc06e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/08/31 02:52:17 | 000,027,808 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_4.0.9200.20531_cs-cz_8f58ff1d61f73a15\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/06/12 19:32:25 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.2.9200.16384_cs-cz_0c3c9b78cd408874\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/07/12 04:02:06 | 000,022,024 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9200.16384_none_4133a81e70d69dc1\System.Runtime.Serialization.Json.dll
[2012/07/12 04:02:06 | 000,022,048 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9200.16384_none_bd2cf9cf998cc8b9\System.Runtime.Serialization.Primitives.dll
[2012/07/06 04:02:29 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.16384_none_dd235adf680f4fc6\System.Runtime.Serialization.dll
[2012/10/10 03:35:25 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.16432_none_dd1e86d968139e22\System.Runtime.Serialization.dll
[2012/10/10 03:36:08 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.20533_none_c650c95181bb17c9\System.Runtime.Serialization.dll
[2012/07/26 12:00:59 | 000,113,704 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16384_cs-cz_04bd693af2668cc0\System.RunTime.Serialization.resources.dll
[2012/08/31 02:51:52 | 000,113,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16430_cs-cz_04b8c2c4f26aa7da\System.RunTime.Serialization.resources.dll
[2012/08/31 02:51:46 | 000,113,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16543_cs-cz_04b97e92f26a0e65\System.RunTime.Serialization.resources.dll
[2012/08/31 02:52:18 | 000,113,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.20531_cs-cz_edeb053d0c122181\System.RunTime.Serialization.resources.dll
[2012/08/31 02:52:07 | 000,113,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.20647_cs-cz_edeb7cb30c11d4ef\System.RunTime.Serialization.resources.dll
[2012/07/26 12:00:56 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.16384_cs-cz_6acea198775b6fe0\System.RunTime.Serialization.Resources.dll
[2012/07/26 12:00:56 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.16432_cs-cz_6ac9cd92775fbe3c\System.RunTime.Serialization.Resources.dll
[2012/07/26 12:00:56 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.20533_cs-cz_53fc100a910737e3\System.RunTime.Serialization.Resources.dll
[2012/07/12 04:02:06 | 000,022,016 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9200.16384_none_ec5267dfb07eac70\System.Runtime.Serialization.Xml.dll
[2012/07/12 04:02:06 | 001,050,096 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.16384_none_a755581c0ac16dd9\System.Runtime.Serialization.dll
[2013/02/23 01:11:46 | 001,050,728 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.16543_none_a7516d740ac4ef7e\System.Runtime.Serialization.dll
[2013/02/23 01:13:32 | 001,051,768 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.20647_none_90836b94246cb608\System.Runtime.Serialization.dll
[2012/07/06 04:02:28 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.16384_none_0d6690798fb650f9\System.Runtime.Serialization.dll
[2012/10/10 03:35:25 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.16432_none_0d61bc738fba9f55\System.Runtime.Serialization.dll
[2012/10/10 03:36:07 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.20533_none_f693feeba96218fc\System.Runtime.Serialization.dll
[2012/07/12 04:02:08 | 000,036,320 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.serialization_b77a5c561934e089_4.0.9200.16384_none_39f3d82244d5cd7e\System.Xml.Serialization.dll
[2012/07/12 04:02:08 | 000,022,496 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9200.16384_none_1c0994e6b8e022d1\System.Xml.XmlSerializer.dll
[2013/07/02 19:53:54 | 000,004,893 | ---- | M] () -- \Windows\WinSxS\wow64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_75ce6f9d07187c00\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/07/02 19:53:47 | 000,004,266 | ---- | M] () -- \Windows\WinSxS\wow64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_75ce6f9d07187c00\System.RunTime.Serialization.resources.dll
[2012/08/31 02:51:52 | 000,027,808 | ---- | M] () -- \Windows\WinSxS\wow64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_76007ff706f38816\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/08/31 02:51:52 | 000,113,752 | ---- | M] () -- \Windows\WinSxS\wow64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_76007ff706f38816\System.RunTime.Serialization.resources.dll
[2013/07/02 19:54:23 | 000,002,754 | ---- | M] () -- \Windows\WinSxS\wow64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_768b1d0c20104137\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/07/02 19:54:18 | 000,002,384 | ---- | M] () -- \Windows\WinSxS\wow64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_768b1d0c20104137\System.RunTime.Serialization.resources.dll
[2013/07/03 06:49:32 | 000,000,181 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_bcd776d47cbcd7df\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/06/12 19:31:09 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_bd09872e7c97e3f5\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/07/03 06:49:39 | 000,000,181 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_bd94244395b49d16\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/07/26 12:00:46 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_4b15ed72b511893d\serialui.dll.mui
[2012/07/26 05:19:54 | 000,015,360 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.2.9200.16384_none_f1acad6ef011817a\serialui.dll
[2012/07/06 04:02:28 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16384_none_12413c46d08ceb3b\System.Runtime.Serialization.dll
[2012/10/10 03:35:25 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16432_none_123c6840d0913997\System.Runtime.Serialization.dll
[2012/10/10 03:36:07 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.20533_none_fb6eaab8ea38b33e\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

Odinstalujte MBAM


Vypnete antivir, at nebrani programu v praci!
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands) Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.