VIRY.CZ

Děkuji za další rady, bohužel mi dnes nezbyl čas na jejich provedení. Zkusím to snad zítra nebo pozítří.

Soubory oskenované na virustotal.com

File already analysed

This file was already analysed by VirusTotal on 2013-11-01 23:47:54 .

Detection ratio: 0/47

You can take a look at the last analysis or analyse it again now.


A druhý soubor:

SHA256: 41f91e1043480eafe0faaa2f3d557d5e403d0d5b0cf6346a919347d81941feda
File name: Dump_Hdd0_DR0.old
Detection ratio: 2 / 47
Analysis date: 2013-11-06 18:35:53 UTC ( 0 minut ago )

A dole vypsané antiviry - všchno v pořádku, kromě

NANO-Antivirus Virus.Boot.Gen-Resident-Crypt.ccnj 20131106
VBA32 suspected of Unknown.BootVirus.I 20131106

19:48:42.0457 5656 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:48:46.0061 5656 ============================================================
19:48:46.0061 5656 Current date / time: 2013/11/06 19:48:46.0061
19:48:46.0061 5656 SystemInfo:
19:48:46.0061 5656
19:48:46.0061 5656 OS Version: 6.1.7601 ServicePack: 1.0
19:48:46.0061 5656 Product type: Workstation
19:48:46.0061 5656 ComputerName: ABECOMPUTER
19:48:46.0061 5656 UserName: Abe
19:48:46.0061 5656 Windows directory: C:\windows
19:48:46.0061 5656 System windows directory: C:\windows
19:48:46.0061 5656 Running under WOW64
19:48:46.0061 5656 Processor architecture: Intel x64
19:48:46.0061 5656 Number of processors: 4
19:48:46.0061 5656 Page size: 0x1000
19:48:46.0061 5656 Boot type: Normal boot
19:48:46.0061 5656 ============================================================
19:48:46.0544 5656 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x162DD1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000040
19:48:46.0544 5656 ============================================================
19:48:46.0544 5656 \Device\Harddisk0\DR0:
19:48:46.0544 5656 MBR partitions:
19:48:46.0544 5656 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:48:46.0544 5656 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6600000
19:48:46.0560 5656 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x6633000, BlocksNum 0x4E2CC800
19:48:46.0560 5656 ============================================================
19:48:46.0591 5656 C: <-> \Device\Harddisk0\DR0\Partition2
19:48:46.0638 5656 D: <-> \Device\Harddisk0\DR0\Partition3
19:48:46.0638 5656 ============================================================
19:48:46.0638 5656 Initialize success
19:48:46.0638 5656 ============================================================
19:48:54.0797 2744 ============================================================
19:48:54.0797 2744 Scan started
19:48:54.0797 2744 Mode: Manual; SigCheck; TDLFS;
19:48:54.0797 2744 ============================================================
19:48:54.0937 2744 ================ Scan system memory ========================
19:48:54.0937 2744 System memory - ok
19:48:54.0937 2744 ================ Scan services =============================
19:48:55.0078 2744 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
19:48:55.0140 2744 1394ohci - ok
19:48:55.0171 2744 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
19:48:55.0187 2744 ACPI - ok
19:48:55.0218 2744 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
19:48:55.0234 2744 AcpiPmi - ok
19:48:55.0358 2744 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:48:55.0374 2744 AdobeARMservice - ok
19:48:55.0499 2744 [ A283108E14F3970432C21AF4C0CB1BCE ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:48:55.0514 2744 AdobeFlashPlayerUpdateSvc - ok
19:48:55.0561 2744 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
19:48:55.0592 2744 adp94xx - ok
19:48:55.0608 2744 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
19:48:55.0624 2744 adpahci - ok
19:48:55.0639 2744 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
19:48:55.0655 2744 adpu320 - ok
19:48:55.0686 2744 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
19:48:55.0733 2744 AeLookupSvc - ok
19:48:55.0795 2744 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
19:48:55.0811 2744 AFD - ok
19:48:55.0842 2744 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
19:48:55.0858 2744 agp440 - ok
19:48:55.0904 2744 [ 44F360B65C37A42EB5B71C2E5179FDD5 ] aksdf C:\windows\system32\drivers\aksdf.sys
19:48:55.0920 2744 aksdf - ok
19:48:56.0014 2744 [ 43415AF4F20E9867974623840A22FE98 ] aksfridge C:\windows\system32\drivers\aksfridge.sys
19:48:56.0014 2744 aksfridge - ok
19:48:56.0045 2744 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
19:48:56.0060 2744 ALG - ok
19:48:56.0060 2744 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
19:48:56.0076 2744 aliide - ok
19:48:56.0092 2744 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
19:48:56.0107 2744 amdide - ok
19:48:56.0123 2744 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
19:48:56.0138 2744 AmdK8 - ok
19:48:56.0138 2744 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
19:48:56.0154 2744 AmdPPM - ok
19:48:56.0201 2744 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
19:48:56.0216 2744 amdsata - ok
19:48:56.0248 2744 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
19:48:56.0263 2744 amdsbs - ok
19:48:56.0279 2744 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
19:48:56.0294 2744 amdxata - ok
19:48:56.0341 2744 [ 9921E78BC29634235F4BF5809E7E8CDE ] AMPPAL C:\windows\system32\DRIVERS\AMPPAL.sys
19:48:56.0357 2744 AMPPAL - ok
19:48:56.0357 2744 [ 9921E78BC29634235F4BF5809E7E8CDE ] AMPPALP C:\windows\system32\DRIVERS\amppal.sys
19:48:56.0388 2744 AMPPALP - ok
19:48:56.0497 2744 [ 83A0E7BA4AE616D3654E700D9C5FF9DB ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
19:48:56.0544 2744 AMPPALR3 - ok
19:48:56.0560 2744 Andbus - ok
19:48:56.0560 2744 AndDiag - ok
19:48:56.0560 2744 AndGps - ok
19:48:56.0575 2744 ANDModem - ok
19:48:56.0575 2744 androidusb - ok
19:48:56.0606 2744 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
19:48:56.0653 2744 AppID - ok
19:48:56.0684 2744 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
19:48:56.0731 2744 AppIDSvc - ok
19:48:56.0747 2744 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
19:48:56.0794 2744 Appinfo - ok
19:48:56.0840 2744 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
19:48:56.0872 2744 arc - ok
19:48:56.0887 2744 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
19:48:56.0903 2744 arcsas - ok
19:48:57.0043 2744 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:48:57.0059 2744 aspnet_state - ok
19:48:57.0074 2744 [ 1EC6777695564CA7EB3ADB36C78322E5 ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
19:48:57.0106 2744 aswFsBlk - ok
19:48:57.0121 2744 [ 316271CC32FDFFFCDB30677684906D5E ] aswKbd C:\windows\system32\drivers\aswKbd.sys
19:48:57.0137 2744 aswKbd - ok
19:48:57.0152 2744 [ FAF7B0B0C44A2FBD6FBC54E3E0F38545 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
19:48:57.0168 2744 aswMonFlt - ok
19:48:57.0184 2744 [ 679712B7A353EE665B9301592164A172 ] aswRdr C:\windows\system32\drivers\aswRdr2.sys
19:48:57.0199 2744 aswRdr - ok
19:48:57.0246 2744 [ C04F7B373881009D7994D9BF55D24AB4 ] aswRvrt C:\windows\system32\drivers\aswRvrt.sys
19:48:57.0277 2744 aswRvrt - ok
19:48:57.0308 2744 [ 3E07C93A2CB67840E4CD56C00959A402 ] aswSnx C:\windows\system32\drivers\aswSnx.sys
19:48:57.0355 2744 aswSnx - ok
19:48:57.0402 2744 [ 79ADA401A6E2054F110E7FBDFAC71942 ] aswSP C:\windows\system32\drivers\aswSP.sys
19:48:57.0418 2744 aswSP - ok
19:48:57.0464 2744 [ 81C42096CE90B45C03DCFF017A8A49C7 ] aswTdi C:\windows\system32\drivers\aswTdi.sys
19:48:57.0480 2744 aswTdi - ok
19:48:57.0527 2744 [ 59787B95DD9CA44CB139D96863438587 ] aswVmm C:\windows\system32\drivers\aswVmm.sys
19:48:57.0542 2744 aswVmm - ok
19:48:57.0558 2744 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
19:48:57.0620 2744 AsyncMac - ok
19:48:57.0636 2744 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
19:48:57.0652 2744 atapi - ok
19:48:57.0683 2744 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
19:48:57.0745 2744 AudioEndpointBuilder - ok
19:48:57.0761 2744 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
19:48:57.0823 2744 AudioSrv - ok
19:48:57.0901 2744 [ 7A189530FD0CFD415DBE41123F8A6A59 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:48:57.0917 2744 avast! Antivirus - ok
19:48:57.0932 2744 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
19:48:57.0948 2744 AxInstSV - ok
19:48:58.0010 2744 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
19:48:58.0042 2744 b06bdrv - ok
19:48:58.0057 2744 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
19:48:58.0073 2744 b57nd60a - ok
19:48:58.0104 2744 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
19:48:58.0120 2744 BDESVC - ok
19:48:58.0135 2744 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
19:48:58.0182 2744 Beep - ok
19:48:58.0229 2744 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
19:48:58.0291 2744 BFE - ok
19:48:58.0338 2744 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\system32\qmgr.dll
19:48:58.0400 2744 BITS - ok
19:48:58.0432 2744 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
19:48:58.0447 2744 blbdrive - ok
19:48:58.0556 2744 [ 2E251B39ABEA79351E5633E5A7C36BE4 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
19:48:58.0572 2744 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - warning
19:48:58.0572 2744 Bluetooth Device Monitor - detected UnsignedFile.Multi.Generic (1)
19:48:58.0634 2744 [ 1EC546F8B6222F1F984220C1324EA945 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
19:48:58.0666 2744 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - warning
19:48:58.0666 2744 Bluetooth Media Service - detected UnsignedFile.Multi.Generic (1)
19:48:58.0728 2744 [ ADB9C79CCBEF779D56A9AC931F9C8DF0 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
19:48:58.0744 2744 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - warning
19:48:58.0744 2744 Bluetooth OBEX Service - detected UnsignedFile.Multi.Generic (1)
19:48:58.0775 2744 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
19:48:58.0790 2744 bowser - ok
19:48:58.0822 2744 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
19:48:58.0853 2744 BrFiltLo - ok
19:48:58.0853 2744 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
19:48:58.0868 2744 BrFiltUp - ok
19:48:58.0900 2744 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
19:48:58.0946 2744 BridgeMP - ok
19:48:58.0962 2744 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\windows\System32\browser.dll
19:48:59.0024 2744 Browser - ok
19:48:59.0056 2744 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
19:48:59.0087 2744 Brserid - ok
19:48:59.0087 2744 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
19:48:59.0102 2744 BrSerWdm - ok
19:48:59.0118 2744 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
19:48:59.0134 2744 BrUsbMdm - ok
19:48:59.0134 2744 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
19:48:59.0149 2744 BrUsbSer - ok
19:48:59.0196 2744 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\DRIVERS\BthEnum.sys
19:48:59.0212 2744 BthEnum - ok
19:48:59.0243 2744 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
19:48:59.0274 2744 BTHMODEM - ok
19:48:59.0290 2744 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
19:48:59.0321 2744 BthPan - ok
19:48:59.0336 2744 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\windows\system32\Drivers\BTHport.sys
19:48:59.0368 2744 BTHPORT - ok
19:48:59.0399 2744 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
19:48:59.0461 2744 bthserv - ok
19:48:59.0492 2744 [ A5B3E8B2B78C7B3DA56A0DE490E6718C ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
19:48:59.0492 2744 BTHSSecurityMgr - ok
19:48:59.0524 2744 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\system32\Drivers\BTHUSB.sys
19:48:59.0539 2744 BTHUSB - ok
19:48:59.0570 2744 [ 274E47BD9C1367BDBFA9DF10C2E6C544 ] btmaudio C:\windows\system32\drivers\btmaud.sys
19:48:59.0586 2744 btmaudio - ok
19:48:59.0617 2744 [ 76A1340ADB32798D18394AA424D584E2 ] btmaux C:\windows\system32\DRIVERS\btmaux.sys
19:48:59.0633 2744 btmaux - ok
19:48:59.0680 2744 [ 40C6FEC49D1CC4D112368A2BCD2BCBB7 ] btmhsf C:\windows\system32\DRIVERS\btmhsf.sys
19:48:59.0711 2744 btmhsf - ok
19:48:59.0758 2744 catchme - ok
19:48:59.0789 2744 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
19:48:59.0851 2744 cdfs - ok
19:48:59.0867 2744 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
19:48:59.0882 2744 cdrom - ok
19:48:59.0914 2744 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
19:48:59.0960 2744 CertPropSvc - ok
19:48:59.0992 2744 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
19:49:00.0007 2744 circlass - ok
19:49:00.0038 2744 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
19:49:00.0054 2744 CLFS - ok
19:49:00.0132 2744 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:49:00.0148 2744 clr_optimization_v2.0.50727_32 - ok
19:49:00.0194 2744 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:49:00.0210 2744 clr_optimization_v2.0.50727_64 - ok
19:49:00.0272 2744 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:49:00.0288 2744 clr_optimization_v4.0.30319_32 - ok
19:49:00.0304 2744 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:49:00.0319 2744 clr_optimization_v4.0.30319_64 - ok
19:49:00.0350 2744 [ E13A438F9E51DD034730678E33B73290 ] clwvd C:\windows\system32\DRIVERS\clwvd.sys
19:49:00.0366 2744 clwvd - ok
19:49:00.0366 2744 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
19:49:00.0382 2744 CmBatt - ok
19:49:00.0413 2744 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
19:49:00.0428 2744 cmdide - ok
19:49:00.0491 2744 [ C4943B6C962E4B82197542447AD599F4 ] CNG C:\windows\system32\Drivers\cng.sys
19:49:00.0522 2744 CNG - ok
19:49:00.0538 2744 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
19:49:00.0553 2744 Compbatt - ok
19:49:00.0569 2744 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
19:49:00.0584 2744 CompositeBus - ok
19:49:00.0584 2744 COMSysApp - ok
19:49:00.0600 2744 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
19:49:00.0616 2744 crcdisk - ok
19:49:00.0647 2744 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\windows\system32\cryptsvc.dll
19:49:00.0709 2744 CryptSvc - ok
19:49:00.0740 2744 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
19:49:00.0787 2744 DcomLaunch - ok
19:49:00.0834 2744 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
19:49:00.0896 2744 defragsvc - ok
19:49:00.0912 2744 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
19:49:00.0959 2744 DfsC - ok
19:49:00.0974 2744 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
19:49:01.0021 2744 Dhcp - ok
19:49:01.0052 2744 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
19:49:01.0099 2744 discache - ok
19:49:01.0115 2744 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
19:49:01.0130 2744 Disk - ok
19:49:01.0177 2744 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
19:49:01.0193 2744 Dnscache - ok
19:49:01.0224 2744 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
19:49:01.0286 2744 dot3svc - ok
19:49:01.0318 2744 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\windows\system32\DRIVERS\Dot4.sys
19:49:01.0333 2744 Dot4 - ok
19:49:01.0349 2744 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\windows\system32\DRIVERS\Dot4Prt.sys
19:49:01.0364 2744 Dot4Print - ok
19:49:01.0380 2744 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\windows\system32\DRIVERS\dot4usb.sys
19:49:01.0411 2744 dot4usb - ok
19:49:01.0427 2744 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
19:49:01.0474 2744 DPS - ok
19:49:01.0505 2744 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
19:49:01.0520 2744 drmkaud - ok
19:49:01.0552 2744 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
19:49:01.0583 2744 DXGKrnl - ok
19:49:01.0614 2744 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
19:49:01.0676 2744 EapHost - ok
19:49:01.0786 2744 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
19:49:01.0864 2744 ebdrv - ok
19:49:01.0895 2744 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
19:49:01.0910 2744 EFS - ok
19:49:01.0942 2744 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
19:49:01.0973 2744 elxstor - ok
19:49:01.0988 2744 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
19:49:02.0004 2744 ErrDev - ok
19:49:02.0035 2744 [ 98B103D1D5C426A10219437E36E03FE8 ] ETD C:\windows\system32\DRIVERS\ETD.sys
19:49:02.0051 2744 ETD - ok
19:49:02.0098 2744 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
19:49:02.0144 2744 EventSystem - ok
19:49:02.0176 2744 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
19:49:02.0222 2744 exfat - ok
19:49:02.0254 2744 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
19:49:02.0300 2744 fastfat - ok
19:49:02.0347 2744 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
19:49:02.0378 2744 Fax - ok
19:49:02.0394 2744 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
19:49:02.0410 2744 fdc - ok
19:49:02.0425 2744 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
19:49:02.0472 2744 fdPHost - ok
19:49:02.0488 2744 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
19:49:02.0534 2744 FDResPub - ok
19:49:02.0566 2744 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
19:49:02.0581 2744 FileInfo - ok
19:49:02.0612 2744 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
19:49:02.0659 2744 Filetrace - ok
19:49:02.0659 2744 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
19:49:02.0675 2744 flpydisk - ok
19:49:02.0706 2744 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
19:49:02.0722 2744 FltMgr - ok
19:49:02.0784 2744 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
19:49:02.0831 2744 FontCache - ok
19:49:02.0878 2744 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:49:02.0893 2744 FontCache3.0.0.0 - ok
19:49:02.0909 2744 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
19:49:02.0924 2744 FsDepends - ok
19:49:02.0956 2744 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
19:49:02.0971 2744 Fs_Rec - ok
19:49:03.0002 2744 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
19:49:03.0018 2744 fvevol - ok
19:49:03.0065 2744 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
19:49:03.0080 2744 gagp30kx - ok
19:49:03.0127 2744 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
19:49:03.0190 2744 gpsvc - ok
19:49:03.0268 2744 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:49:03.0283 2744 gupdate - ok
19:49:03.0283 2744 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:49:03.0299 2744 gupdatem - ok
19:49:03.0330 2744 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:49:03.0346 2744 gusvc - ok
19:49:03.0377 2744 [ D619BA1712B83D14149850E758B835AD ] hardlock C:\windows\system32\drivers\hardlock.sys
19:49:03.0408 2744 hardlock - ok
19:49:03.0408 2744 hasplms - ok
19:49:03.0439 2744 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
19:49:03.0455 2744 hcw85cir - ok
19:49:03.0486 2744 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
19:49:03.0517 2744 HdAudAddService - ok
19:49:03.0548 2744 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
19:49:03.0580 2744 HDAudBus - ok
19:49:03.0595 2744 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
19:49:03.0611 2744 HidBatt - ok
19:49:03.0626 2744 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
19:49:03.0642 2744 HidBth - ok
19:49:03.0658 2744 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
19:49:03.0689 2744 HidIr - ok
19:49:03.0720 2744 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
19:49:03.0767 2744 hidserv - ok
19:49:03.0782 2744 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
19:49:03.0798 2744 HidUsb - ok
19:49:03.0829 2744 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
19:49:03.0876 2744 hkmsvc - ok
19:49:03.0892 2744 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
19:49:03.0923 2744 HomeGroupListener - ok
19:49:03.0938 2744 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
19:49:03.0970 2744 HomeGroupProvider - ok
19:49:04.0048 2744 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
19:49:04.0063 2744 hpqcxs08 - ok
19:49:04.0126 2744 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
19:49:04.0126 2744 hpqddsvc - ok
19:49:04.0172 2744 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
19:49:04.0188 2744 HpSAMD - ok
19:49:04.0219 2744 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
19:49:04.0282 2744 HTTP - ok
19:49:04.0297 2744 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
19:49:04.0313 2744 hwpolicy - ok
19:49:04.0313 2744 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
19:49:04.0344 2744 i8042prt - ok
19:49:04.0375 2744 [ 53CC5BF8B5A219119953C7ABB19A7705 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
19:49:04.0406 2744 iaStor - ok
19:49:04.0453 2744 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
19:49:04.0469 2744 iaStorV - ok
19:49:04.0516 2744 [ FC47F5CF561BF0FD897EFD1A9604DCCF ] iBtFltCoex C:\windows\system32\DRIVERS\iBtFltCoex.sys
19:49:04.0516 2744 iBtFltCoex - ok
19:49:04.0578 2744 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:49:04.0609 2744 idsvc - ok
19:49:04.0906 2744 [ F4F91789C7C7A159CE8215C1F69F2A85 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
19:49:05.0124 2744 igfx - ok
19:49:05.0171 2744 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
19:49:05.0186 2744 iirsp - ok
19:49:05.0233 2744 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
19:49:05.0296 2744 IKEEXT - ok
19:49:05.0420 2744 [ 8E05ADB4B809B478B2EC65A1A1633DEB ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
19:49:05.0498 2744 IntcAzAudAddService - ok
19:49:05.0530 2744 [ AE594CC17C33AC146739494615E14851 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
19:49:05.0545 2744 IntcDAud - ok
19:49:05.0576 2744 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
19:49:05.0592 2744 intelide - ok
19:49:05.0623 2744 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
19:49:05.0639 2744 intelppm - ok
19:49:05.0670 2744 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
19:49:05.0717 2744 IPBusEnum - ok
19:49:05.0732 2744 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
19:49:05.0779 2744 IpFilterDriver - ok
19:49:05.0826 2744 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
19:49:05.0888 2744 iphlpsvc - ok
19:49:05.0904 2744 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
19:49:05.0935 2744 IPMIDRV - ok
19:49:05.0951 2744 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
19:49:05.0998 2744 IPNAT - ok
19:49:06.0029 2744 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
19:49:06.0044 2744 IRENUM - ok
19:49:06.0076 2744 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
19:49:06.0076 2744 isapnp - ok
19:49:06.0122 2744 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
19:49:06.0138 2744 iScsiPrt - ok
19:49:06.0154 2744 IT9135BDA - ok
19:49:06.0169 2744 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
19:49:06.0185 2744 kbdclass - ok
19:49:06.0216 2744 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
19:49:06.0232 2744 kbdhid - ok
19:49:06.0247 2744 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
19:49:06.0263 2744 KeyIso - ok
19:49:06.0294 2744 [ DA1E991A61CFDD755A589E206B97644B ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
19:49:06.0310 2744 KSecDD - ok
19:49:06.0341 2744 [ 7E33198D956943A4F11A5474C1E9106F ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
19:49:06.0356 2744 KSecPkg - ok
19:49:06.0372 2744 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
19:49:06.0419 2744 ksthunk - ok
19:49:06.0450 2744 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
19:49:06.0512 2744 KtmRm - ok
19:49:06.0544 2744 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
19:49:06.0590 2744 LanmanServer - ok
19:49:06.0637 2744 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
19:49:06.0684 2744 LanmanWorkstation - ok
19:49:06.0700 2744 LgBttPort - ok
19:49:06.0731 2744 lgbusenum - ok
19:49:06.0746 2744 LGVMODEM - ok
19:49:06.0778 2744 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
19:49:06.0824 2744 lltdio - ok
19:49:06.0856 2744 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
19:49:06.0918 2744 lltdsvc - ok
19:49:06.0934 2744 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
19:49:06.0980 2744 lmhosts - ok
19:49:07.0027 2744 [ F4A17DCAB576267C85663E64F3ACE5A4 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:49:07.0043 2744 LMS - ok
19:49:07.0074 2744 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
19:49:07.0090 2744 LSI_FC - ok
19:49:07.0121 2744 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
19:49:07.0136 2744 LSI_SAS - ok
19:49:07.0152 2744 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
19:49:07.0168 2744 LSI_SAS2 - ok
19:49:07.0183 2744 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
19:49:07.0199 2744 LSI_SCSI - ok
19:49:07.0214 2744 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
19:49:07.0277 2744 luafv - ok
19:49:07.0292 2744 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
19:49:07.0324 2744 megasas - ok
19:49:07.0339 2744 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
19:49:07.0355 2744 MegaSR - ok
19:49:07.0386 2744 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
19:49:07.0402 2744 MEIx64 - ok
19:49:07.0417 2744 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
19:49:07.0464 2744 MMCSS - ok
19:49:07.0495 2744 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
19:49:07.0558 2744 Modem - ok
19:49:07.0589 2744 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
19:49:07.0604 2744 monitor - ok
19:49:07.0620 2744 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
19:49:07.0636 2744 mouclass - ok
19:49:07.0667 2744 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
19:49:07.0682 2744 mouhid - ok
19:49:07.0698 2744 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
19:49:07.0714 2744 mountmgr - ok
19:49:07.0792 2744 [ 5D494509432897338AFC19DB78A76DCB ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:49:07.0807 2744 MozillaMaintenance - ok
19:49:07.0823 2744 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
19:49:07.0838 2744 mpio - ok
19:49:07.0854 2744 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
19:49:07.0901 2744 mpsdrv - ok
19:49:07.0948 2744 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
19:49:08.0010 2744 MpsSvc - ok
19:49:08.0057 2744 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
19:49:08.0072 2744 MRxDAV - ok
19:49:08.0119 2744 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
19:49:08.0135 2744 mrxsmb - ok
19:49:08.0166 2744 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
19:49:08.0182 2744 mrxsmb10 - ok
19:49:08.0213 2744 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
19:49:08.0244 2744 mrxsmb20 - ok
19:49:08.0275 2744 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
19:49:08.0291 2744 msahci - ok
19:49:08.0306 2744 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
19:49:08.0322 2744 msdsm - ok
19:49:08.0338 2744 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
19:49:08.0369 2744 MSDTC - ok
19:49:08.0400 2744 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
19:49:08.0447 2744 Msfs - ok
19:49:08.0478 2744 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
19:49:08.0525 2744 mshidkmdf - ok
19:49:08.0540 2744 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
19:49:08.0556 2744 msisadrv - ok
19:49:08.0587 2744 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
19:49:08.0650 2744 MSiSCSI - ok
19:49:08.0650 2744 msiserver - ok
19:49:08.0665 2744 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
19:49:08.0712 2744 MSKSSRV - ok
19:49:08.0743 2744 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
19:49:08.0790 2744 MSPCLOCK - ok
19:49:08.0806 2744 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
19:49:08.0852 2744 MSPQM - ok
19:49:08.0884 2744 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
19:49:08.0915 2744 MsRPC - ok
19:49:08.0946 2744 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
19:49:08.0962 2744 mssmbios - ok
19:49:08.0977 2744 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
19:49:09.0040 2744 MSTEE - ok
19:49:09.0040 2744 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
19:49:09.0055 2744 MTConfig - ok
19:49:09.0071 2744 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
19:49:09.0086 2744 Mup - ok
19:49:09.0133 2744 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
19:49:09.0196 2744 napagent - ok
19:49:09.0211 2744 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
19:49:09.0258 2744 NativeWifiP - ok
19:49:09.0289 2744 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\windows\system32\drivers\ndis.sys
19:49:09.0320 2744 NDIS - ok
19:49:09.0352 2744 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
19:49:09.0398 2744 NdisCap - ok
19:49:09.0430 2744 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
19:49:09.0476 2744 NdisTapi - ok
19:49:09.0492 2744 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
19:49:09.0539 2744 Ndisuio - ok
19:49:09.0554 2744 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
19:49:09.0601 2744 NdisWan - ok
19:49:09.0617 2744 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
19:49:09.0664 2744 NDProxy - ok
19:49:09.0695 2744 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
19:49:09.0710 2744 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
19:49:09.0710 2744 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
19:49:09.0726 2744 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
19:49:09.0773 2744 NetBIOS - ok
19:49:09.0788 2744 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
19:49:09.0851 2744 NetBT - ok
19:49:09.0866 2744 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
19:49:09.0882 2744 Netlogon - ok
19:49:09.0913 2744 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
19:49:09.0960 2744 Netman - ok
19:49:09.0991 2744 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:49:10.0007 2744 NetMsmqActivator - ok
19:49:10.0022 2744 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:49:10.0022 2744 NetPipeActivator - ok
19:49:10.0054 2744 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
19:49:10.0132 2744 netprofm - ok
19:49:10.0147 2744 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:49:10.0163 2744 NetTcpActivator - ok
19:49:10.0163 2744 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:49:10.0178 2744 NetTcpPortSharing - ok
19:49:10.0444 2744 [ B51E9AD4F4E4F8DBE0AB882756BC5DAB ] NETwNs64 C:\windows\system32\DRIVERS\NETwNs64.sys
19:49:10.0678 2744 NETwNs64 - ok
19:49:10.0709 2744 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
19:49:10.0740 2744 nfrd960 - ok
19:49:10.0771 2744 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
19:49:10.0818 2744 NlaSvc - ok
19:49:10.0896 2744 [ B6E56578E167AD7D146F1B316490AC03 ] nlsX86cc C:\windows\SysWOW64\NLSSRV32.EXE
19:49:10.0912 2744 nlsX86cc - ok
19:49:10.0943 2744 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
19:49:10.0990 2744 Npfs - ok
19:49:11.0021 2744 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
19:49:11.0068 2744 nsi - ok
19:49:11.0083 2744 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
19:49:11.0130 2744 nsiproxy - ok
19:49:11.0208 2744 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
19:49:11.0255 2744 Ntfs - ok
19:49:11.0286 2744 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
19:49:11.0333 2744 Null - ok
19:49:11.0629 2744 [ CE1B54F1ED2080B15DAF9044EC92075A ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
19:49:11.0972 2744 nvlddmkm - ok
19:49:12.0004 2744 [ A12E1047131E957456F63DB1FEAF6F64 ] nvpciflt C:\windows\system32\DRIVERS\nvpciflt.sys
19:49:12.0019 2744 nvpciflt - ok
19:49:12.0035 2744 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
19:49:12.0066 2744 nvraid - ok
19:49:12.0097 2744 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
19:49:12.0113 2744 nvstor - ok
19:49:12.0206 2744 [ 67E9F641C1B5387F298F3063FAFA022B ] nvsvc C:\windows\system32\nvvsvc.exe
19:49:12.0238 2744 nvsvc - ok
19:49:12.0394 2744 [ 005E474630A7AA05A617C574B702FEED ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:49:12.0456 2744 nvUpdatusService - ok
19:49:12.0503 2744 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
19:49:12.0518 2744 nv_agp - ok
19:49:12.0534 2744 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
19:49:12.0550 2744 ohci1394 - ok
19:49:12.0628 2744 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:49:12.0643 2744 ose - ok
19:49:12.0830 2744 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:49:12.0955 2744 osppsvc - ok
19:49:13.0033 2744 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
19:49:13.0049 2744 p2pimsvc - ok
19:49:13.0080 2744 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
19:49:13.0096 2744 p2psvc - ok
19:49:13.0111 2744 papycpu - ok
19:49:13.0111 2744 papyjoy - ok
19:49:13.0158 2744 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
19:49:13.0174 2744 Parport - ok
19:49:13.0220 2744 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
19:49:13.0236 2744 partmgr - ok
19:49:13.0252 2744 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
19:49:13.0283 2744 PcaSvc - ok
19:49:13.0298 2744 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
19:49:13.0314 2744 pci - ok
19:49:13.0330 2744 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
19:49:13.0361 2744 pciide - ok
19:49:13.0376 2744 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
19:49:13.0392 2744 pcmcia - ok
19:49:13.0423 2744 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
19:49:13.0439 2744 pcw - ok
19:49:13.0470 2744 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
19:49:13.0548 2744 PEAUTH - ok
19:49:13.0579 2744 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
19:49:13.0595 2744 PerfHost - ok
19:49:13.0704 2744 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
19:49:13.0782 2744 pla - ok
19:49:13.0813 2744 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
19:49:13.0844 2744 PlugPlay - ok
19:49:13.0860 2744 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
19:49:13.0876 2744 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
19:49:13.0876 2744 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
19:49:13.0907 2744 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
19:49:13.0922 2744 PNRPAutoReg - ok
19:49:13.0954 2744 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
19:49:13.0969 2744 PNRPsvc - ok
19:49:14.0016 2744 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
19:49:14.0094 2744 PolicyAgent - ok
19:49:14.0125 2744 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
19:49:14.0188 2744 Power - ok
19:49:14.0219 2744 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
19:49:14.0281 2744 PptpMiniport - ok
19:49:14.0297 2744 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
19:49:14.0312 2744 Processor - ok
19:49:14.0328 2744 prodrv06 - ok
19:49:14.0359 2744 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\windows\system32\profsvc.dll
19:49:14.0406 2744 ProfSvc - ok
19:49:14.0406 2744 prohlp02 - ok
19:49:14.0437 2744 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
19:49:14.0453 2744 ProtectedStorage - ok
19:49:14.0468 2744 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
19:49:14.0515 2744 Psched - ok
19:49:14.0546 2744 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys
19:49:14.0562 2744 PxHlpa64 - ok
19:49:14.0624 2744 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
19:49:14.0687 2744 ql2300 - ok
19:49:14.0687 2744 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
19:49:14.0718 2744 ql40xx - ok
19:49:14.0780 2744 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
19:49:14.0812 2744 QWAVE - ok
19:49:14.0843 2744 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
19:49:14.0874 2744 QWAVEdrv - ok
19:49:14.0890 2744 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
19:49:14.0936 2744 RasAcd - ok
19:49:14.0968 2744 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
19:49:15.0046 2744 RasAgileVpn - ok
19:49:15.0061 2744 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
19:49:15.0124 2744 RasAuto - ok
19:49:15.0139 2744 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
19:49:15.0186 2744 Rasl2tp - ok
19:49:15.0217 2744 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
19:49:15.0264 2744 RasMan - ok
19:49:15.0280 2744 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
19:49:15.0342 2744 RasPppoe - ok
19:49:15.0358 2744 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
19:49:15.0404 2744 RasSstp - ok
19:49:15.0420 2744 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
19:49:15.0482 2744 rdbss - ok
19:49:15.0498 2744 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
19:49:15.0514 2744 rdpbus - ok
19:49:15.0545 2744 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
19:49:15.0592 2744 RDPCDD - ok
19:49:15.0623 2744 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
19:49:15.0670 2744 RDPENCDD - ok
19:49:15.0685 2744 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
19:49:15.0732 2744 RDPREFMP - ok
19:49:15.0779 2744 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
19:49:15.0794 2744 RDPWD - ok
19:49:15.0841 2744 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
19:49:15.0857 2744 rdyboost - ok
19:49:15.0904 2744 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
19:49:15.0966 2744 RemoteAccess - ok
19:49:16.0013 2744 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
19:49:16.0060 2744 RemoteRegistry - ok
19:49:16.0091 2744 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
19:49:16.0122 2744 RFCOMM - ok
19:49:16.0153 2744 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
19:49:16.0200 2744 RpcEptMapper - ok
19:49:16.0231 2744 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
19:49:16.0247 2744 RpcLocator - ok
19:49:16.0294 2744 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
19:49:16.0356 2744 RpcSs - ok
19:49:16.0403 2744 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
19:49:16.0450 2744 rspndr - ok
19:49:16.0496 2744 [ F4C374B1C46DE294B573BB43723AC3F6 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
19:49:16.0512 2744 RTL8167 - ok
19:49:16.0574 2744 [ 4CA0DBA9E224473D664C25E411F5A3BD ] rtport C:\windows\SysWOW64\drivers\rtport.sys
19:49:16.0590 2744 rtport - ok
19:49:16.0621 2744 [ 62DB6CC4B0818F1B5F3441241B098F12 ] SABI C:\windows\system32\Drivers\SABI.sys
19:49:16.0637 2744 SABI - ok
19:49:16.0652 2744 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
19:49:16.0668 2744 SamSs - ok
19:49:16.0730 2744 [ 5E66ABD041D76C46CBF55AEF910FCA56 ] SamsungDeviceConfigurationWinService C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
19:49:16.0746 2744 SamsungDeviceConfigurationWinService - ok
19:49:16.0777 2744 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
19:49:16.0793 2744 sbp2port - ok
19:49:16.0855 2744 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
19:49:16.0902 2744 SCardSvr - ok
19:49:16.0933 2744 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
19:49:16.0980 2744 scfilter - ok
19:49:17.0027 2744 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
19:49:17.0089 2744 Schedule - ok
19:49:17.0120 2744 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
19:49:17.0167 2744 SCPolicySvc - ok
19:49:17.0198 2744 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
19:49:17.0230 2744 SDRSVC - ok
19:49:17.0261 2744 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
19:49:17.0308 2744 secdrv - ok
19:49:17.0323 2744 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
19:49:17.0370 2744 seclogon - ok
19:49:17.0386 2744 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
19:49:17.0448 2744 SENS - ok
19:49:17.0464 2744 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
19:49:17.0479 2744 SensrSvc - ok
19:49:17.0495 2744 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
19:49:17.0526 2744 Serenum - ok
19:49:17.0542 2744 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
19:49:17.0557 2744 Serial - ok
19:49:17.0557 2744 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
19:49:17.0573 2744 sermouse - ok
19:49:17.0635 2744 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
19:49:17.0682 2744 SessionEnv - ok
19:49:17.0713 2744 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
19:49:17.0729 2744 sffdisk - ok
19:49:17.0729 2744 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
19:49:17.0760 2744 sffp_mmc - ok
19:49:17.0760 2744 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
19:49:17.0791 2744 sffp_sd - ok
19:49:17.0791 2744 sfhlp01 - ok
19:49:17.0807 2744 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
19:49:17.0822 2744 sfloppy - ok
19:49:17.0869 2744 [ 2FE1CD3AA602414841DB10AD96C95A5E ] SGDrv C:\windows\system32\DRIVERS\SGdrv64.sys
19:49:17.0869 2744 SGDrv - ok
19:49:17.0947 2744 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
19:49:18.0010 2744 SharedAccess - ok
19:49:18.0072 2744 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
19:49:18.0134 2744 ShellHWDetection - ok
19:49:18.0150 2744 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
19:49:18.0166 2744 SiSRaid2 - ok
19:49:18.0197 2744 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
19:49:18.0212 2744 SiSRaid4 - ok
19:49:18.0228 2744 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
19:49:18.0275 2744 Smb - ok
19:49:18.0306 2744 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
19:49:18.0337 2744 SNMPTRAP - ok
19:49:18.0368 2744 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
19:49:18.0384 2744 spldr - ok
19:49:18.0415 2744 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\windows\System32\spoolsv.exe
19:49:18.0462 2744 Spooler - ok
19:49:18.0587 2744 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
19:49:18.0696 2744 sppsvc - ok
19:49:18.0743 2744 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
19:49:18.0790 2744 sppuinotify - ok
19:49:18.0852 2744 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
19:49:18.0883 2744 srv - ok
19:49:18.0899 2744 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
19:49:18.0930 2744 srv2 - ok
19:49:18.0961 2744 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
19:49:18.0977 2744 srvnet - ok
19:49:19.0008 2744 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
19:49:19.0070 2744 SSDPSRV - ok
19:49:19.0102 2744 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
19:49:19.0164 2744 SstpSvc - ok
19:49:19.0195 2744 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
19:49:19.0211 2744 stexstor - ok
19:49:19.0258 2744 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
19:49:19.0304 2744 stisvc - ok
19:49:19.0320 2744 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
19:49:19.0351 2744 swenum - ok
19:49:19.0382 2744 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
19:49:19.0445 2744 swprv - ok
19:49:19.0523 2744 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
19:49:19.0570 2744 SysMain - ok
19:49:19.0616 2744 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
19:49:19.0648 2744 TabletInputService - ok
19:49:19.0679 2744 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
19:49:19.0741 2744 TapiSrv - ok
19:49:19.0757 2744 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
19:49:19.0819 2744 TBS - ok
19:49:19.0897 2744 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\windows\system32\drivers\tcpip.sys
19:49:19.0960 2744 Tcpip - ok
19:49:19.0991 2744 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
19:49:20.0053 2744 TCPIP6 - ok
19:49:20.0100 2744 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
19:49:20.0147 2744 tcpipreg - ok
19:49:20.0178 2744 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
19:49:20.0194 2744 TDPIPE - ok
19:49:20.0225 2744 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
19:49:20.0240 2744 TDTCP - ok
19:49:20.0272 2744 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
19:49:20.0318 2744 tdx - ok
19:49:20.0490 2744 [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
19:49:20.0584 2744 TeamViewer8 - ok
19:49:20.0615 2744 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
19:49:20.0630 2744 TermDD - ok
19:49:20.0693 2744 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
19:49:20.0755 2744 TermService - ok
19:49:20.0802 2744 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
19:49:20.0818 2744 Themes - ok
19:49:20.0849 2744 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
19:49:20.0911 2744 THREADORDER - ok
19:49:20.0927 2744 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
19:49:20.0989 2744 TrkWks - ok
19:49:21.0036 2744 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
19:49:21.0083 2744 TrustedInstaller - ok
19:49:21.0114 2744 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
19:49:21.0161 2744 tssecsrv - ok
19:49:21.0192 2744 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
19:49:21.0208 2744 TsUsbFlt - ok
19:49:21.0223 2744 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
19:49:21.0254 2744 TsUsbGD - ok
19:49:21.0270 2744 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
19:49:21.0317 2744 tunnel - ok
19:49:21.0348 2744 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
19:49:21.0364 2744 uagp35 - ok
19:49:21.0395 2744 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
19:49:21.0457 2744 udfs - ok
19:49:21.0504 2744 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
19:49:21.0520 2744 UI0Detect - ok
19:49:21.0535 2744 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
19:49:21.0551 2744 uliagpkx - ok
19:49:21.0582 2744 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
19:49:21.0598 2744 umbus - ok
19:49:21.0613 2744 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
19:49:21.0629 2744 UmPass - ok
19:49:21.0769 2744 [ DB641944F7E4B14C13C3FEFC89843F69 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:49:21.0863 2744 UNS - ok
19:49:21.0894 2744 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
19:49:21.0956 2744 upnphost - ok
19:49:22.0003 2744 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\windows\system32\drivers\usbaudio.sys
19:49:22.0019 2744 usbaudio - ok
19:49:22.0066 2744 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
19:49:22.0081 2744 usbccgp - ok
19:49:22.0128 2744 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
19:49:22.0144 2744 usbcir - ok
19:49:22.0159 2744 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
19:49:22.0190 2744 usbehci - ok
19:49:22.0222 2744 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
19:49:22.0237 2744 usbhub - ok
19:49:22.0268 2744 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
19:49:22.0284 2744 usbohci - ok
19:49:22.0315 2744 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
19:49:22.0331 2744 usbprint - ok
19:49:22.0362 2744 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
19:49:22.0393 2744 usbscan - ok
19:49:22.0424 2744 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
19:49:22.0440 2744 USBSTOR - ok
19:49:22.0456 2744 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
19:49:22.0487 2744 usbuhci - ok
19:49:22.0518 2744 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
19:49:22.0549 2744 usbvideo - ok
19:49:22.0580 2744 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
19:49:22.0658 2744 UxSms - ok
19:49:22.0674 2744 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
19:49:22.0690 2744 VaultSvc - ok
19:49:22.0705 2744 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
19:49:22.0705 2744 vdrvroot - ok
19:49:22.0752 2744 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
19:49:22.0814 2744 vds - ok
19:49:22.0846 2744 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
19:49:22.0861 2744 vga - ok
19:49:22.0892 2744 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
19:49:22.0939 2744 VgaSave - ok
19:49:22.0970 2744 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
19:49:23.0002 2744 vhdmp - ok
19:49:23.0033 2744 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
19:49:23.0048 2744 viaide - ok
19:49:23.0080 2744 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
19:49:23.0095 2744 volmgr - ok
19:49:23.0126 2744 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
19:49:23.0142 2744 volmgrx - ok
19:49:23.0204 2744 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
19:49:23.0220 2744 volsnap - ok
19:49:23.0251 2744 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
19:49:23.0267 2744 vsmraid - ok
19:49:23.0345 2744 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
19:49:23.0423 2744 VSS - ok
19:49:23.0438 2744 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
19:49:23.0454 2744 vwifibus - ok
19:49:23.0501 2744 [ 13A0DECD1794DE60A8427862C8669D27 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
19:49:23.0516 2744 vwififlt - ok
19:49:23.0532 2744 [ 49003B357D101CDC474937437ECF5ABC ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
19:49:23.0548 2744 vwifimp - ok
19:49:23.0579 2744 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
19:49:23.0641 2744 W32Time - ok
19:49:23.0688 2744 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
19:49:23.0704 2744 WacomPen - ok
19:49:23.0719 2744 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
19:49:23.0766 2744 WANARP - ok
19:49:23.0782 2744 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
19:49:23.0828 2744 Wanarpv6 - ok
19:49:23.0891 2744 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
19:49:23.0953 2744 WatAdminSvc - ok
19:49:24.0031 2744 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
19:49:24.0062 2744 wbengine - ok
19:49:24.0109 2744 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
19:49:24.0140 2744 WbioSrvc - ok
19:49:24.0187 2744 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
19:49:24.0218 2744 wcncsvc - ok
19:49:24.0250 2744 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
19:49:24.0281 2744 WcsPlugInService - ok
19:49:24.0312 2744 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
19:49:24.0328 2744 Wd - ok
19:49:24.0359 2744 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
19:49:24.0390 2744 Wdf01000 - ok
19:49:24.0421 2744 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
19:49:24.0452 2744 WdiServiceHost - ok
19:49:24.0452 2744 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
19:49:24.0484 2744 WdiSystemHost - ok
19:49:24.0515 2744 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
19:49:24.0546 2744 WebClient - ok
19:49:24.0577 2744 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
19:49:24.0640 2744 Wecsvc - ok
19:49:24.0655 2744 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
19:49:24.0718 2744 wercplsupport - ok
19:49:24.0733 2744 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
19:49:24.0796 2744 WerSvc - ok
19:49:24.0796 2744 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
19:49:24.0842 2744 WfpLwf - ok
19:49:24.0874 2744 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
19:49:24.0889 2744 WIMMount - ok
19:49:24.0905 2744 WinDefend - ok
19:49:24.0936 2744 WinHttpAutoProxySvc - ok
19:49:24.0998 2744 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
19:49:25.0061 2744 Winmgmt - ok
19:49:25.0154 2744 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
19:49:25.0232 2744 WinRM - ok
19:49:25.0326 2744 [ 2768A2E8C1EF5088DAD9B78109A1803F ] Wisaroc C:\windows\Wisaroc.exe
19:49:25.0357 2744 Wisaroc ( UnsignedFile.Multi.Generic ) - warning
19:49:25.0357 2744 Wisaroc - detected UnsignedFile.Multi.Generic (1)
19:49:25.0404 2744 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
19:49:25.0451 2744 Wlansvc - ok
19:49:25.0576 2744 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:49:25.0638 2744 wlidsvc - ok
19:49:25.0669 2744 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
19:49:25.0685 2744 WmiAcpi - ok
19:49:25.0716 2744 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
19:49:25.0732 2744 wmiApSrv - ok
19:49:25.0763 2744 WMPNetworkSvc - ok
19:49:25.0810 2744 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
19:49:25.0841 2744 WPCSvc - ok
19:49:25.0872 2744 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
19:49:25.0903 2744 WPDBusEnum - ok
19:49:25.0950 2744 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
19:49:25.0997 2744 ws2ifsl - ok
19:49:26.0028 2744 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
19:49:26.0059 2744 wscsvc - ok
19:49:26.0059 2744 WSearch - ok
19:49:26.0184 2744 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
19:49:26.0262 2744 wuauserv - ok
19:49:26.0278 2744 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
19:49:26.0340 2744 WudfPf - ok
19:49:26.0371 2744 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
19:49:26.0418 2744 WUDFRd - ok
19:49:26.0465 2744 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
19:49:26.0512 2744 wudfsvc - ok
19:49:26.0543 2744 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
19:49:26.0590 2744 WwanSvc - ok
19:49:26.0668 2744 ================ Scan global ===============================
19:49:26.0730 2744 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
19:49:26.0761 2744 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
19:49:26.0777 2744 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
19:49:26.0792 2744 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
19:49:26.0855 2744 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
19:49:26.0855 2744 [Global] - ok
19:49:26.0855 2744 ================ Scan MBR ==================================
19:49:26.0870 2744 [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
19:49:27.0182 2744 \Device\Harddisk0\DR0 - ok
19:49:27.0198 2744 ================ Scan VBR ==================================
19:49:27.0198 2744 [ 7680EBE5EECBE461C987984EE924839A ] \Device\Harddisk0\DR0\Partition1
19:49:27.0198 2744 \Device\Harddisk0\DR0\Partition1 - ok
19:49:27.0229 2744 [ D68D32630C073222511E80507DD50F81 ] \Device\Harddisk0\DR0\Partition2
19:49:27.0229 2744 \Device\Harddisk0\DR0\Partition2 - ok
19:49:27.0245 2744 [ E2224E034F698E6BB40DA9BC7BBFB4CF ] \Device\Harddisk0\DR0\Partition3
19:49:27.0260 2744 \Device\Harddisk0\DR0\Partition3 - ok
19:49:27.0260 2744 ============================================================
19:49:27.0260 2744 Scan finished
19:49:27.0260 2744 ============================================================
19:49:27.0260 0788 Detected object count: 6
19:49:27.0260 0788 Actual detected object count: 6
19:49:59.0974 0788 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - skipped by user
19:49:59.0974 0788 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:49:59.0974 0788 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:49:59.0974 0788 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:49:59.0974 0788 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:49:59.0974 0788 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:49:59.0974 0788 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
19:49:59.0974 0788 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:49:59.0989 0788 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
19:49:59.0989 0788 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:49:59.0989 0788 Wisaroc ( UnsignedFile.Multi.Generic ) - skipped by user
19:49:59.0989 0788 Wisaroc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:50:11.0705 0120 Deinitialize success

RogueKiller V8.7.6 [Oct 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Abe [Práva správce]
Mód : Kontrola -- Datum : 11/06/2013 19:59:05
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 14 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowUser (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowHelp (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_TrackProgs (0) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 1 ¤¤¤
[V2][SUSP PATH] Seagate 2GE4DYGC Product Registration (Abe) : C:\Users\Abe\AppData\Roaming\Leadertech\PowerRegister\Seagate 2GE4DYGC Product Registration.exe - /remind /language=CSY /SRNM="2GE4DYGC" /BRND="Seagate" /BDSR="Seagate 2GE4DYGC" /loadsrnm="2GE4DYGC" [7][x][x][x][x] -> NALEZENO

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) SAMSUNG HN-M750MBB +++++
--- User ---
[MBR] 738ee056a13c9cf03c9e930449167599
[BSP] db077060c83f0d80ae2bd2b75de78fd3 : KIWI Image system MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 52224 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 107161600 | Size: 640410 Mo
3 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 1418721280 | Size: 22669 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_11062013_195905.txt >>

PCHunter

log v příloze

OTL

OTL log

OTL logfile created on: 6.11.2013 20:37:52 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Abe\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,92 Gb Total Physical Memory | 5,73 Gb Available Physical Memory | 72,35% Memory free
15,83 Gb Paging File | 13,92 Gb Available in Paging File | 87,94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 51,00 Gb Total Space | 6,36 Gb Free Space | 12,48% Space Free | Partition Type: NTFS
Drive D: | 625,40 Gb Total Space | 407,59 Gb Free Space | 65,17% Space Free | Partition Type: NTFS

Computer Name: ABECOMPUTER | User Name: Abe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2013.11.06 20:33:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Abe\Desktop\OTL.exe
PRC - [2013.11.03 14:01:27 | 003,568,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.11.03 14:01:27 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.10.26 02:53:20 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.08.27 22:15:38 | 002,155,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.05.11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.12.14 10:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2012.05.30 20:55:26 | 001,112,968 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
PRC - [2012.05.02 08:03:44 | 002,279,304 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
PRC - [2012.02.13 15:02:24 | 000,031,624 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
PRC - [2011.11.14 16:14:24 | 000,995,392 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2011.11.14 16:14:20 | 001,355,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2011.11.14 16:13:58 | 000,921,664 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2011.11.14 16:13:52 | 000,839,744 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
PRC - [2011.05.05 13:44:54 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.05.05 13:44:52 | 000,326,424 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe


========== Modules (All) ==========

MOD - [2013.11.06 20:33:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Abe\Desktop\OTL.exe
MOD - [2013.11.06 13:28:07 | 000,046,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\13110600\uiext.dll
MOD - [2013.11.03 14:01:31 | 000,163,632 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
MOD - [2013.11.03 14:01:30 | 000,272,800 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2013.11.03 14:01:28 | 000,544,744 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswSqLt.dll
MOD - [2013.11.03 14:01:28 | 000,391,280 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCommChannel.dll
MOD - [2013.11.03 14:01:28 | 000,335,672 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswData.dll
MOD - [2013.11.03 14:01:28 | 000,241,936 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswLog.dll
MOD - [2013.11.03 14:01:28 | 000,204,856 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2013.11.03 14:01:28 | 000,069,384 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastIP.dll
MOD - [2013.11.03 14:01:28 | 000,064,264 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswResourceLib.dll
MOD - [2013.11.03 14:01:28 | 000,062,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
MOD - [2013.11.03 14:01:28 | 000,044,152 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswUtil.dll
MOD - [2013.11.03 14:01:28 | 000,025,616 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswRemoteCache.dll
MOD - [2013.11.03 14:01:27 | 004,087,432 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\CommonRes.dll
MOD - [2013.11.03 14:01:27 | 003,568,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
MOD - [2013.11.03 14:01:27 | 000,795,040 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswAux.dll
MOD - [2013.11.03 14:01:27 | 000,658,568 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashBase.dll
MOD - [2013.11.03 14:01:27 | 000,358,832 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
MOD - [2013.11.03 14:01:27 | 000,353,176 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTask.dll
MOD - [2013.11.03 14:01:27 | 000,270,264 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
MOD - [2013.11.03 14:01:27 | 000,159,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll
MOD - [2013.11.03 14:01:27 | 000,124,016 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
MOD - [2013.11.03 14:01:27 | 000,078,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
MOD - [2013.11.03 14:01:26 | 001,179,784 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\Aavm4h.dll
MOD - [2013.11.03 14:01:26 | 000,279,528 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1029\uiLangRes.dll
MOD - [2013.11.03 14:01:26 | 000,089,984 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1029\Base.dll
MOD - [2013.11.03 13:59:47 | 003,166,600 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\HTMLayout.dll
MOD - [2013.11.03 13:52:47 | 001,441,880 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswAra.dll
MOD - [2013.10.26 02:54:20 | 000,272,496 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
MOD - [2013.10.26 02:54:19 | 022,028,400 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xul.dll
MOD - [2013.10.26 02:53:49 | 000,153,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
MOD - [2013.10.26 02:53:45 | 000,092,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
MOD - [2013.10.26 02:53:44 | 000,393,328 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
MOD - [2013.10.26 02:53:43 | 001,775,728 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nss3.dll
MOD - [2013.10.26 02:53:40 | 003,368,048 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013.10.26 02:53:35 | 000,130,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
MOD - [2013.10.26 02:53:34 | 000,017,008 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
MOD - [2013.10.26 02:53:28 | 003,459,696 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
MOD - [2013.10.26 02:53:22 | 000,302,192 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
MOD - [2013.10.26 02:53:20 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
MOD - [2013.10.21 18:32:13 | 004,456,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\mfc110u.dll
MOD - [2013.10.21 18:32:13 | 000,875,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcr110.dll
MOD - [2013.10.21 18:32:13 | 000,535,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcp110.dll
MOD - [2013.10.21 18:32:12 | 001,176,064 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\AVAST Software\Avast\libeay32.dll
MOD - [2013.10.21 18:32:12 | 000,269,312 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\AVAST Software\Avast\ssleay32.dll
MOD - [2013.10.21 18:32:11 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013.10.21 18:32:11 | 006,289,024 | ---- | M] (The ICU Project) -- C:\Program Files\AVAST Software\Avast\icudt.dll
MOD - [2013.05.25 01:36:40 | 000,130,736 | ---- | M] (Dropbox, Inc.) -- C:\Users\Abe\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
MOD - [2012.11.23 14:41:29 | 009,738,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2012.11.23 14:41:29 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2012.11.23 14:41:29 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2012.11.23 14:41:29 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2012.11.23 14:41:29 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MOD - [2012.11.23 14:41:29 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll
MOD - [2012.06.16 18:06:37 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2012.06.16 18:06:22 | 001,625,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
MOD - [2012.06.16 18:06:07 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2012.05.30 20:55:26 | 001,112,968 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
MOD - [2012.05.02 08:03:44 | 002,279,304 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
MOD - [2012.04.01 03:49:58 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2012.04.01 03:49:58 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MOD - [2012.04.01 03:43:00 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MOD - [2012.03.05 11:10:22 | 000,321,416 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\SUS.dll
MOD - [2012.01.31 15:58:48 | 000,221,064 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\GPSTurboModeDLL.dll
MOD - [2012.01.10 12:55:06 | 007,988,224 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\igd10umd32.dll
MOD - [2012.01.10 12:15:14 | 000,024,576 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\igfxexps32.dll
MOD - [2012.01.04 09:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2012.01.04 09:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2011.12.16 08:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2011.11.17 06:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2011.11.17 06:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2011.11.17 06:34:52 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2011.11.17 06:34:52 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2011.11.17 06:28:48 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2011.11.14 16:13:52 | 000,839,744 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
MOD - [2011.09.22 14:39:12 | 000,027,704 | ---- | M] (SAMSUNG ELECTRONICS) -- C:\Program Files (x86)\Samsung\Easy Settings\Sabi3.dll
MOD - [2011.09.07 01:10:31 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2011.09.07 01:10:14 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll
MOD - [2011.08.27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011.08.27 05:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011.07.16 05:24:22 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2011.07.16 05:24:22 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2011.06.16 05:33:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2011.05.24 11:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011.05.24 11:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011.03.03 06:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2010.11.21 04:25:15 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010.11.21 04:25:11 | 003,207,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mf.dll
MOD - [2010.11.21 04:25:11 | 000,547,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PortableDeviceApi.dll
MOD - [2010.11.21 04:25:11 | 000,196,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfreadwrite.dll
MOD - [2010.11.21 04:24:51 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bthprops.cpl
MOD - [2010.11.21 04:24:51 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WinSATAPI.dll
MOD - [2010.11.21 04:24:51 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davclnt.dll
MOD - [2010.11.21 04:24:50 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wshbth.dll
MOD - [2010.11.21 04:24:43 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010.11.21 04:24:33 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2010.11.21 04:24:33 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2010.11.21 04:24:32 | 001,003,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptui.dll
MOD - [2010.11.21 04:24:32 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010.11.21 04:24:28 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2010.11.21 04:24:26 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2010.11.21 04:24:25 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010.11.21 04:24:23 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010.11.21 04:24:20 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\StructuredQuery.dll
MOD - [2010.11.21 04:24:16 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2010.11.21 04:24:16 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2010.11.21 04:24:16 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010.11.21 04:24:16 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010.11.21 04:24:16 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010.11.21 04:24:16 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010.11.21 04:24:16 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2010.11.21 04:24:15 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\networkexplorer.dll
MOD - [2010.11.21 04:24:14 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2010.11.21 04:24:14 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2010.11.21 04:24:14 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010.11.21 04:24:11 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2010.11.21 04:24:09 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2010.11.21 04:24:09 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010.11.21 04:24:09 | 000,327,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\zipfldr.dll
MOD - [2010.11.21 04:24:09 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2010.11.21 04:24:08 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010.11.21 04:24:08 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2010.11.21 04:24:08 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2010.11.21 04:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2010.11.21 04:24:08 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010.11.21 04:24:08 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2010.11.21 04:24:08 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorAPI.dll
MOD - [2010.11.21 04:24:08 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\thumbcache.dll
MOD - [2010.11.21 04:24:07 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2010.11.21 04:24:03 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010.11.21 04:24:03 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll
MOD - [2010.11.21 04:24:02 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2010.11.21 04:24:01 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010.11.21 04:24:01 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\actxprxy.dll
MOD - [2010.11.21 04:24:01 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2010.11.21 04:24:01 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010.11.21 04:24:00 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2010.11.21 04:24:00 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntlanman.dll
MOD - [2010.11.21 04:23:59 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2010.11.21 04:23:55 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010.11.21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010.11.21 04:23:55 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2010.11.21 04:23:55 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2010.11.21 04:23:54 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SearchFolder.dll
MOD - [2010.11.21 04:23:54 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2010.11.21 04:23:54 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010.11.21 04:23:51 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010.11.21 04:23:51 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010.11.21 04:23:51 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2010.11.21 04:23:48 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010.11.21 04:23:48 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010.11.21 04:23:48 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll
MOD - [2010.11.21 04:23:48 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2010.09.21 06:03:14 | 000,145,280 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
MOD - [2010.05.26 10:41:02 | 002,106,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DCompiler_43.dll
MOD - [2010.03.18 17:15:26 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
MOD - [2010.03.18 17:15:26 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
MOD - [2009.07.14 02:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2009.07.14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009.07.14 02:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll
MOD - [2009.07.14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009.07.14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009.07.14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009.07.14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009.07.14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009.07.14 02:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll
MOD - [2009.07.14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009.07.14 02:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2009.07.14 02:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2009.07.14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009.07.14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009.07.14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009.07.14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009.07.14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009.07.14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009.07.14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009.07.14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009.07.14 02:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
MOD - [2009.07.14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009.07.14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2009.07.14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009.07.14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009.07.14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009.07.14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009.07.14 02:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2009.07.14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009.07.14 02:16:02 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2009.07.14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2009.07.14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009.07.14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009.07.14 02:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009.07.14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009.07.14 02:15:41 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Defender\MpOAV.dll
MOD - [2009.07.14 02:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009.07.14 02:15:39 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfplat.dll
MOD - [2009.07.14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009.07.14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009.07.14 02:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009.07.14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009.07.14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009.07.14 02:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009.07.14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009.07.14 02:15:13 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll
MOD - [2009.07.14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009.07.14 02:15:13 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\drprov.dll
MOD - [2009.07.14 02:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009.07.14 02:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2009.07.14 02:15:08 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davhlpr.dll
MOD - [2009.07.14 02:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll
MOD - [2009.07.14 02:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll
MOD - [2009.07.14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009.07.14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009.07.14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009.07.14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009.07.14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009.07.14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009.07.14 02:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009.07.14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009.07.14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009.07.14 02:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009.07.14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009.02.25 18:31:50 | 001,080,656 | ---- | M] (Microsoft Corporation) -- C:\Program Files\AVAST Software\Avast\dbghelp.dll
MOD - [2008.10.15 05:22:52 | 000,452,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3dx10_40.dll
MOD - [2006.08.12 12:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013.11.03 14:01:27 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011.12.30 06:39:40 | 004,889,032 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\Windows\SysNative\hasplms.exe -- (hasplms)
SRV:64bit: - [2011.04.21 08:34:16 | 001,136,640 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2011.04.21 07:42:50 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.10.31 21:06:02 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.10.11 18:31:26 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.08.27 22:15:38 | 002,155,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.05.11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.14 10:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012.05.16 14:33:14 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) [Disabled | Stopped] -- C:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2012.02.13 15:02:24 | 000,031,624 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe -- (SamsungDeviceConfigurationWinService)
SRV - [2011.11.14 16:14:24 | 000,995,392 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011.11.14 16:14:20 | 001,355,840 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011.11.14 16:13:58 | 000,921,664 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2011.05.05 13:44:54 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.05.05 13:44:52 | 000,326,424 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.11.08 10:06:28 | 001,686,020 | ---- | M] (Remak) [Auto | Stopped] -- C:\Windows\Wisaroc.exe -- (Wisaroc)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [1998.10.06 13:36:26 | 000,001,984 | ---- | M] () [Unknown (-1) | Unknown] -- C:\Windows\SysWOW64\drivers\papycpu.sys -- (papycpu)
SRV - [1998.10.06 13:36:26 | 000,001,888 | ---- | M] () [Unknown (-1) | Unknown] -- C:\Windows\SysWOW64\drivers\papyjoy.sys -- (papyjoy)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.11.06 19:14:45 | 000,409,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2013.11.03 14:01:31 | 000,065,264 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.11.03 14:01:30 | 001,032,416 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.11.03 14:01:30 | 000,084,328 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.11.03 14:01:30 | 000,038,984 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013.10.21 18:32:12 | 000,205,320 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.10.21 18:32:12 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.10.21 18:32:12 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.09.12 09:58:10 | 000,032,032 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2012.06.16 18:06:07 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.03.07 00:02:45 | 000,028,504 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012.01.10 13:28:16 | 012,311,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.12.09 10:45:14 | 000,060,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2011.12.01 22:51:00 | 011,417,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011.11.22 13:14:54 | 000,139,592 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge)
DRV:64bit: - [2011.11.22 13:14:54 | 000,078,208 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
DRV:64bit: - [2011.11.14 16:13:44 | 000,327,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011.11.14 16:13:40 | 000,084,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011.11.14 16:13:38 | 000,051,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmaud.sys -- (btmaudio)
DRV:64bit: - [2011.09.28 14:31:30 | 000,321,536 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock)
DRV:64bit: - [2011.08.23 04:12:56 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.08.17 08:19:38 | 000,031,216 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2011.07.29 23:47:20 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI)
DRV:64bit: - [2011.06.17 04:40:40 | 000,186,152 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2011.04.22 11:17:04 | 000,471,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.04.21 08:09:26 | 000,294,912 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2011.04.21 08:09:26 | 000,294,912 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011.04.11 11:55:24 | 000,007,680 | ---- | M] (Phoenix Technologies Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SGDrv64.sys -- (SGDrv)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.18 00:11:54 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.20 17:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.09 02:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2011.09.29 06:11:51 | 000,015,144 | ---- | M] (Windows (R) 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\rtport.sys -- (rtport)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2004.01.26 16:36:35 | 000,095,552 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.01.26 16:01:28 | 000,052,224 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003.12.01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [1998.10.06 13:36:26 | 000,001,984 | ---- | M] () [Unknown (-1) | Unknown (-1) | Stopped] -- C:\Windows\SysWOW64\drivers\papycpu.sys -- (papycpu)
DRV - [1998.10.06 13:36:26 | 000,001,888 | ---- | M] () [Unknown (-1) | Unknown (-1) | Stopped] -- C:\Windows\SysWOW64\drivers\papyjoy.sys -- (papyjoy)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://samsung.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1571869238-3936240484-2151935606-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = D:\Upload\AmateurLapdencer
IE - HKU\S-1-5-21-1571869238-3936240484-2151935606-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.pinktube.com/index.php?s=user.login
IE - HKU\S-1-5-21-1571869238-3936240484-2151935606-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1571869238-3936240484-2151935606-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1571869238-3936240484-2151935606-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1571869238-3936240484-2151935606-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>


========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.11.03 14:01:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.1.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.1.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2013.11.03 18:45:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Abe\AppData\Roaming\Mozilla\Extensions
[2013.10.31 21:05:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.11.03 18:45:00 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.candidlooks.com/cfmanager/menu.php
CHR - plugin: Windows Live\u0099 Photo Gallery (Disabled) = C:\windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Disk Google = C:\Users\Abe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: avast! Ad Blocker = C:\Users\Abe\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd\8.0_0\
CHR - Extension: avast! Online Security = C:\Users\Abe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Users\Abe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\

O1 HOSTS File: ([2013.11.03 19:04:35 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1571869238-3936240484-2151935606-1001\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKU\S-1-5-21-1571869238-3936240484-2151935606-1001..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-1571869238-3936240484-2151935606-1128..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-21-1571869238-3936240484-2151935606-1128..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Abe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Carka mezera na carka.ahk ()
O4 - Startup: C:\Users\Abe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Carka mezera na mezera.ahk ()
O4 - Startup: C:\Users\Abe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Abe\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Abe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HST login.ahk ()
O4 - Startup: C:\Users\Abe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HST Site and URL.ahk ()
O4 - Startup: C:\Users\Abe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HST Tagy 2.ahk ()
O4 - Startup: C:\Users\Abe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HST Tagy.ahk ()
O4 - Startup: C:\Users\Abe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JZ login.ahk ()
O4 - Startup: C:\Users\Abe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PinkTube webmaster.ahk ()
O4 - Startup: C:\Users\Abe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PT login.ahk ()
O4 - Startup: C:\Users\Abe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RT login.ahk ()
O4 - Startup: C:\Users\Abe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TeamViewer.ahk ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1571869238-3936240484-2151935606-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1571869238-3936240484-2151935606-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1571869238-3936240484-2151935606-1128\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Abe\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Abe\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O13 - gopher Prefix: missing
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2FEA240C-5088-4500-8EF0-295358EACE9C}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)

SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.11.06 20:36:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Abe\Desktop\OTL.exe
[2013.11.06 19:56:33 | 000,000,000 | ---D | C] -- C:\Users\Abe\Desktop\RK_Quarantine
[2013.11.05 16:20:20 | 000,000,000 | ---D | C] -- C:\cfd
[2013.11.04 15:21:49 | 000,000,000 | ---D | C] -- C:\Users\Abe\.matplotlib
[2013.11.03 19:04:44 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.11.03 18:45:10 | 000,000,000 | ---D | C] -- C:\Users\Abe\AppData\Roaming\Mozilla
[2013.11.03 01:13:07 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2013.11.03 01:13:07 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2013.11.03 01:13:07 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2013.11.03 01:12:12 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.11.03 01:11:48 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2013.11.03 01:10:57 | 005,143,186 | R--- | C] (Swearware) -- C:\Users\Abe\Desktop\ComboFix.exe
[2013.11.03 01:07:38 | 000,000,000 | ---D | C] -- C:\Users\Abe\AppData\Roaming\GetRightToGo
[2013.10.31 21:05:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013.11.06 20:39:28 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.11.06 20:33:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Abe\Desktop\OTL.exe
[2013.11.06 19:14:55 | 000,021,200 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.11.06 19:14:55 | 000,021,200 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.11.06 19:14:45 | 000,409,832 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswsp.sys
[2013.11.06 19:10:57 | 001,576,358 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013.11.06 19:10:57 | 000,666,398 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2013.11.06 19:10:57 | 000,652,102 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013.11.06 19:10:57 | 000,140,062 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2013.11.06 19:10:57 | 000,121,034 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013.11.06 19:06:24 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.11.06 19:06:18 | 4204,314,623 | -HS- | M] () -- C:\hiberfil.sys
[2013.11.05 16:24:38 | 000,000,816 | ---- | M] () -- C:\Users\Abe\Desktop\OpenFOAM Designer.lnk
[2013.11.03 19:04:35 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2013.11.03 14:01:31 | 000,065,264 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswTdi.sys
[2013.11.03 14:01:30 | 001,032,416 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys
[2013.11.03 14:01:30 | 000,334,648 | ---- | M] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe
[2013.11.03 14:01:30 | 000,084,328 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys
[2013.11.03 14:01:30 | 000,038,984 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys
[2013.11.03 14:01:29 | 000,043,152 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr
[2013.11.03 01:11:20 | 005,143,186 | R--- | M] (Swearware) -- C:\Users\Abe\Desktop\ComboFix.exe
[2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.11.06 20:39:28 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.11.05 16:24:38 | 000,000,816 | ---- | C] () -- C:\Users\Abe\Desktop\OpenFOAM Designer.lnk
[2013.11.03 01:13:07 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2013.11.03 01:13:07 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2013.11.03 01:13:07 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2013.11.03 01:13:07 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2013.11.03 01:13:07 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2013.10.17 21:08:54 | 000,000,325 | ---- | C] () -- C:\Users\Abe\AppData\Roaming\mbam.context.scan
[2013.10.05 12:46:29 | 000,000,307 | ---- | C] () -- C:\windows\game.ini
[2013.07.26 11:47:06 | 000,018,944 | ---- | C] ( ) -- C:\windows\SysWow64\implode.dll
[2012.09.24 23:35:17 | 000,001,984 | ---- | C] () -- C:\windows\SysWow64\drivers\papycpu.sys
[2012.09.24 23:35:17 | 000,001,888 | ---- | C] () -- C:\windows\SysWow64\drivers\papyjoy.sys
[2012.09.24 23:34:15 | 000,000,127 | ---- | C] () -- C:\windows\SIERRA.INI
[2012.08.26 22:15:28 | 000,010,240 | ---- | C] () -- C:\Users\Abe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.08.15 22:32:27 | 000,000,052 | ---- | C] () -- C:\windows\DESERTDERBY.INI
[2012.07.11 19:25:38 | 000,000,532 | ---- | C] () -- C:\windows\eReg.dat
[2012.06.19 12:09:46 | 000,053,248 | ---- | C] () -- C:\windows\SysWow64\CommonDL.dll
[2012.06.19 12:09:46 | 000,002,413 | ---- | C] () -- C:\windows\SysWow64\lgAxconfig.ini
[2012.05.05 18:53:06 | 000,260,531 | ---- | C] () -- C:\windows\pdfcvt.dat
[2012.04.15 23:40:04 | 000,053,760 | ---- | C] () -- C:\windows\SysWow64\zlib.dll
[2012.04.09 01:15:04 | 000,000,017 | ---- | C] () -- C:\windows\SysWow64\shortcut_ex.dat
[2012.04.03 09:22:58 | 000,180,834 | ---- | C] () -- C:\windows\hpoins36.dat
[2012.04.03 09:22:58 | 000,000,578 | ---- | C] () -- C:\windows\hpomdl36.dat
[2012.03.31 20:13:52 | 000,007,626 | ---- | C] () -- C:\Users\Abe\AppData\Local\Resmon.ResmonCfg
[2012.03.31 18:56:04 | 000,000,095 | ---- | C] () -- C:\windows\winamp.ini
[2012.03.31 16:08:39 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2012.03.31 13:24:42 | 001,556,196 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012.01.10 13:27:24 | 000,963,884 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2012.01.10 13:27:24 | 000,221,264 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2012.01.10 13:16:52 | 000,056,832 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2012.01.10 12:29:52 | 013,904,384 | ---- | C] () -- C:\windows\SysWow64\ig4icd32.dll

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.01.04 11:44:25 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.01.04 09:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.10.21 18:37:38 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\AVAST Software
[2012.07.12 18:37:55 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\avidemux
[2013.09.16 16:10:53 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\Blender Foundation
[2013.08.19 08:14:24 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\Downloaded Installations
[2013.11.06 19:10:46 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\Dropbox
[2012.12.18 22:51:08 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\DVDVideoSoft
[2012.11.17 02:45:43 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\Easy File Share
[2012.05.18 23:13:58 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\FileOpen
[2012.06.11 22:26:56 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\FM Software Studio
[2013.11.03 01:08:55 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\GetRightToGo
[2013.01.06 21:48:04 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\IObit
[2013.03.16 17:37:31 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\Leadertech
[2013.04.05 12:19:57 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\MotionDSP
[2012.03.31 20:25:36 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\Nemetschek
[2013.10.18 13:17:19 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\ParaView
[2013.06.05 17:44:32 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\SoftGrid Client
[2012.08.28 17:45:36 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.01.20 18:22:37 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\TeamViewer
[2012.03.31 14:06:42 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\Thunderbird
[2012.03.31 13:27:15 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\TP
[2013.09.20 13:28:02 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\VitySoft

========== Purity Check ==========



========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: SAMSUNG HN-M750MBB
Partitions: 4
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100,00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 51,00GB
Starting Offset: 105906176
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: Extended w/Extended Int 13
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 625,00GB
Starting Offset: 54866739200
Hidden sectors: 0


DeviceID: Disk #0, Partition #3
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 22,00GB
Starting Offset: 726385295360
Hidden sectors: 0

[2013.10.11 22:12:35 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2011.09.06 09:26:02 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2013.04.29 22:24:52 | 014,965,064 | -H-- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Picasa3\setup.exe
[2012.11.05 18:30:01 | 000,000,000 | -H-D | M] -- C:\Program Files\Intel\WiFi\bin\WLANProfiles
[2013.10.21 17:27:58 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser
[2012.04.22 20:23:53 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CLUpdater\Power2Go\6.1
[2012.06.03 21:31:31 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CLUpdater\PowerDirector\8.00
[2012.04.14 01:04:20 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CLUpdater\YouCam\3.1
[2012.04.22 20:25:02 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser\Media+ Player\10.0
[2012.04.22 20:29:11 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser\MEDIASHOW\5.0
[2012.04.22 20:23:51 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser\Power2Go\6.1
[2012.04.22 20:29:10 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser\POWERDIRECTOR\8.00
[2012.04.14 01:04:20 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser\YouCam\3.1
[2012.11.05 18:30:01 | 000,000,000 | -H-D | M] -- C:\ProgramData\Intel\Wireless\PANDevices
[2012.11.05 18:30:00 | 000,000,000 | -H-D | M] -- C:\ProgramData\Intel\Wireless\WLANProfiles
[2009.07.14 06:32:38 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc
[2009.07.14 06:32:38 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\Profiles
[2012.09.03 17:28:14 | 000,000,000 | -H-D | M] -- C:\ProgramData\SafeNet Sentinel\Sentinel LDK\5aad7b38-12f0-a0ed-7119-5e1b04bad3ff\.434e4631
[2013.11.03 01:34:19 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2012.03.31 17:34:09 | 000,000,000 | -H-D | M] -- C:\Users\Abe\AppData
[2013.08.13 13:01:56 | 000,000,000 | -H-D | M] -- C:\Users\Abe\AppData\Local\Microsoft\CardSpace
[2013.10.04 12:04:16 | 000,000,000 | -H-D | M] -- C:\Users\Abe\AppData\Local\Microsoft\Device Metadata\dmrccache\downloads
[2012.03.31 18:02:18 | 000,000,000 | -H-D | M] -- C:\Users\Abe\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2013.01.10 23:06:45 | 000,000,000 | -H-D | M] -- C:\Users\Abe\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
[2012.03.31 10:06:48 | 000,000,000 | -H-D | M] -- C:\Users\Abe\AppData\Local\Microsoft\Media Player\Mezipaměť grafiky
[2012.05.25 19:53:30 | 000,000,000 | RH-D | M] -- C:\Users\Abe\AppData\Local\Microsoft\Windows\Burn\Burn
[2012.07.11 19:23:38 | 000,000,000 | RH-D | M] -- C:\Users\Abe\AppData\Local\Microsoft\Windows\Burn\Burn1
[2013.01.02 21:57:42 | 000,000,000 | RH-D | M] -- C:\Users\Abe\AppData\Local\Microsoft\Windows\Burn\Burn2
[2012.06.11 16:35:11 | 000,000,000 | -H-D | M] -- C:\Users\Abe\AppData\Local\VirtualStore\ProgramData
[2013.09.26 19:26:49 | 000,000,000 | -H-D | M] -- C:\Users\Abe\AppData\Roaming\CyberLink\MediaCache
[2012.03.30 23:16:47 | 000,000,000 | -H-D | M] -- C:\Users\Abe\AppData\Roaming\CyberLink\MediaCache\Power2Go
[2012.04.01 15:05:45 | 000,000,000 | -H-D | M] -- C:\Users\Abe\AppData\Roaming\CyberLink\PowerDirector\8.0\ShadowEditFiles
[2012.04.01 15:05:44 | 000,000,000 | -H-D | M] -- C:\Users\Abe\AppData\Roaming\CyberLink\PowerDirector\8.0\SpltrCache
[2012.11.05 18:29:51 | 000,000,000 | -H-D | M] -- C:\Users\Abe\AppData\Roaming\Intel\Wireless\Settings
[2012.11.05 18:30:00 | 000,000,000 | -H-D | M] -- C:\Users\Abe\AppData\Roaming\Intel\Wireless\WLANProfiles
[2012.05.16 16:29:28 | 000,000,000 | -H-D | M] -- C:\Users\Abe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013.01.23 19:05:52 | 000,000,000 | -H-D | M] -- C:\Users\Abe\Documents\Picasa\.picasaoriginals
[2013.06.24 18:41:27 | 000,000,000 | -H-D | M] -- C:\Users\Abe\Documents\Picasa\Panoramata\.picasaoriginals
[2013.05.13 12:32:35 | 000,000,000 | -H-D | M] -- C:\Users\Abe\Documents\Picasa\Přednášky Pája Upraveno\Přednášky 1-11\.picasaoriginals
[2013.05.13 12:33:11 | 000,000,000 | -H-D | M] -- C:\Users\Abe\Documents\Picasa\Přednášky Pája Upraveno\Přednášky 12-13\.picasaoriginals
[2013.04.12 17:32:09 | 000,000,000 | -H-D | M] -- C:\Users\Abe\Documents\Picasa\sadfghjkl\.picasaoriginals
[2013.05.26 18:46:46 | 000,000,000 | -H-D | M] -- C:\Users\Abe\Documents\Picasa\vzt 1-10 anicka prednasky\.picasaoriginals
[2013.03.15 21:19:46 | 000,000,000 | -H-D | M] -- C:\Users\Abe\Documents\Youcam\.picasaoriginals
[2012.03.30 23:27:52 | 000,000,000 | -H-D | M] -- C:\Users\Abe\Documents\Youcam\EffectManualOrder
[2012.04.14 01:12:13 | 000,000,000 | -H-D | M] -- C:\Users\Abe\Documents\Youcam\FileSharingTmp
[2012.04.14 01:11:35 | 000,000,000 | -H-D | M] -- C:\Users\Abe\Documents\Youcam\PPT_Split
[2012.11.05 18:29:39 | 000,000,000 | -H-D | M] -- C:\Users\Abe\Roaming\Intel\Wireless\Settings
[2013.10.21 17:27:58 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser
[2012.04.22 20:23:53 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CLUpdater\Power2Go\6.1
[2012.06.03 21:31:31 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CLUpdater\PowerDirector\8.00
[2012.04.14 01:04:20 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CLUpdater\YouCam\3.1
[2012.04.22 20:25:02 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser\Media+ Player\10.0
[2012.04.22 20:29:11 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser\MEDIASHOW\5.0
[2012.04.22 20:23:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser\Power2Go\6.1
[2012.04.22 20:29:10 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser\POWERDIRECTOR\8.00
[2012.04.14 01:04:20 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser\YouCam\3.1
[2012.11.05 18:30:01 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Intel\Wireless\PANDevices
[2012.11.05 18:30:00 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Intel\Wireless\WLANProfiles
[2009.07.14 06:32:38 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc
[2009.07.14 06:32:38 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\Profiles
[2012.09.03 17:28:14 | 000,000,000 | -H-D | M] -- C:\Users\All Users\SafeNet Sentinel\Sentinel LDK\5aad7b38-12f0-a0ed-7119-5e1b04bad3ff\.434e4631
[2009.07.14 04:20:08 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2012.11.05 18:29:39 | 000,000,000 | -H-D | M] -- C:\Users\Default\Roaming\Intel\Wireless\Settings
[2013.11.03 14:05:07 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2009.07.14 03:34:59 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites
[2013.01.15 22:53:44 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2012.12.16 12:58:58 | 000,000,000 | -H-D | M] -- C:\Users\Public\CyberLink\OLReg
[2013.04.20 11:20:09 | 000,000,000 | -H-D | M] -- C:\Users\Public\CyberLink\OLReg\HKEY_CLASS_ROOT\CLSID\{397A21FB-EADF-4116-9027-32B8FA04C3E2}\Version\6.1
[2013.04.20 11:19:04 | 000,000,000 | -H-D | M] -- C:\Users\Public\CyberLink\OLReg\HKEY_CLASS_ROOT\CLSID\{748DB920-B5DD-4cdb-9EC4-5A3B61A21936}\Version\8.00
[2012.12.16 12:58:58 | 000,000,000 | -H-D | M] -- C:\Users\Public\CyberLink\OLReg\HKEY_CLASS_ROOT\CLSID\{E303BA32-9368-4a3c-AE3A-AFDADCBDE48B}\Version\3.1
[2012.03.31 14:29:36 | 000,000,000 | -H-D | M] -- C:\Users\Public\Recorded TV\TempRec
[2013.09.28 14:22:21 | 000,000,000 | -H-D | M] -- C:\Users\UpdatusUser.ABECOMPUTER\AppData
[2012.11.05 18:29:39 | 000,000,000 | -H-D | M] -- C:\Users\UpdatusUser.ABECOMPUTER\Roaming\Intel\Wireless\Settings
[2012.11.05 18:29:39 | 000,000,000 | -H-D | M] -- C:\Users\UpdatusUser\Roaming\Intel\Wireless\Settings
[2011.09.06 09:54:58 | 000,000,000 | -H-D | M] -- C:\Windows\ehome\Samsung
[2012.03.31 13:13:01 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData
[2012.06.17 21:26:20 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData
[2012.03.31 18:01:47 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Media Player\Mezipaměť grafiky
[2012.11.05 18:30:00 | 000,000,000 | -H-D | M] -- C:\windows\SysNative\WLANProfiles
[2012.08.15 22:27:35 | 000,000,000 | -H-D | M] -- C:\Windows\SysWOW64\directx\websetup

========== Base Services ==========
SRV:64bit: - [2009.07.14 02:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2010.11.21 04:24:08 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009.07.14 02:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010.11.21 04:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010.11.21 04:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009.07.14 02:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009.07.14 02:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2010.11.21 04:24:16 | 000,136,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2010.11.21 04:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2010.11.21 04:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010.11.21 04:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010.11.21 04:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010.11.21 04:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011.03.03 07:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009.07.14 02:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009.07.14 02:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009.07.14 02:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009.07.14 02:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010.11.21 04:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009.07.14 02:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009.07.14 02:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009.07.14 02:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009.07.14 02:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009.07.14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2010.11.21 04:23:54 | 000,303,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009.07.14 02:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011.05.24 12:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2010.11.21 04:24:27 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009.07.14 02:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010.11.21 04:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010.11.21 04:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010.11.21 04:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009.07.14 02:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010.11.21 04:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010.11.21 04:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010.11.21 04:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010.11.21 04:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010.11.21 04:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010.11.21 04:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009.07.14 02:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2010.11.21 04:24:01 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010.11.21 04:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010.11.21 04:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010.11.21 04:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010.11.21 04:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010.11.21 04:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010.11.21 04:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010.11.21 04:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010.11.21 04:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010.11.21 04:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009.07.14 02:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012.06.02 23:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010.11.21 04:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009.07.14 02:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010.11.21 04:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,550 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT

< MD5 for: ACPI.SYS >
[2010.11.21 04:23:47 | 000,334,208 | ---- | M] (Microsoft Corporation) MD5=D81D9E70B8A6DD14D42D7B4EFA65D5F2 -- C:\windows\SysNative\drivers\acpi.sys
[2010.11.21 04:23:47 | 000,334,208 | ---- | M] (Microsoft Corporation) MD5=D81D9E70B8A6DD14D42D7B4EFA65D5F2 -- C:\windows\SysNative\DriverStore\FileRepository\acpi.inf_amd64_neutral_aed2e7a487803437\acpi.sys
[2010.11.21 04:23:47 | 000,334,208 | ---- | M] (Microsoft Corporation) MD5=D81D9E70B8A6DD14D42D7B4EFA65D5F2 -- C:\Windows\winsxs\amd64_acpi.inf_31bf3856ad364e35_6.1.7601.17514_none_80aec972e4a75989\acpi.sys

< MD5 for: AFD.SYS >
[2011.12.28 04:59:24 | 000,498,688 | ---- | M] (Microsoft Corporation) MD5=1C7857B62DE5994A75B054A9FD4C3825 -- C:\windows\SysNative\drivers\afd.sys
[2011.12.28 04:59:24 | 000,498,688 | ---- | M] (Microsoft Corporation) MD5=1C7857B62DE5994A75B054A9FD4C3825 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17752_none_35e10b89752ee0f5\afd.sys
[2011.12.28 05:01:36 | 000,498,176 | ---- | M] (Microsoft Corporation) MD5=36A14FD1A23F57046361733B792CA8DB -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21887_none_364f3a028e605345\afd.sys
[2010.11.21 04:24:08 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=D31DC7A16DEA4A9BAF179F3D6FBDB38C -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_360e4801750ca991\afd.sys
[2011.04.25 03:34:03 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=D5B031C308A409A0A576BFF4CF083D30 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_3618198975057170\afd.sys
[2011.04.25 04:09:35 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=F4AD06143EAC303F55D0E86C40802976 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_3695e61e8e2c13d4\afd.sys

< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\windows\SysNative\autochk.exe
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\drivers\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CMD.EXE >
[2010.11.21 04:23:55 | 000,345,088 | ---- | M] (Microsoft Corporation) MD5=5746BD7E255DD6A8AFA06F7C42C1BA41 -- C:\windows\SysNative\cmd.exe
[2010.11.21 04:23:55 | 000,345,088 | ---- | M] (Microsoft Corporation) MD5=5746BD7E255DD6A8AFA06F7C42C1BA41 -- C:\Windows\winsxs\amd64_microsoft-windows-commandprompt_31bf3856ad364e35_6.1.7601.17514_none_e932cc2c30fc13b0\cmd.exe
[2010.11.21 04:24:03 | 000,302,592 | ---- | M] (Microsoft Corporation) MD5=AD7B9C14083B52BC532FBA5948342B98 -- C:\Windows\SysWOW64\cmd.exe
[2010.11.21 04:24:03 | 000,302,592 | ---- | M] (Microsoft Corporation) MD5=AD7B9C14083B52BC532FBA5948342B98 -- C:\Windows\winsxs\wow64_microsoft-windows-commandprompt_31bf3856ad364e35_6.1.7601.17514_none_f387767e655cd5ab\cmd.exe

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\erdnt\cache86\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\erdnt\cache64\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2010.11.21 04:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\erdnt\cache64\cryptsvc.dll
[2010.11.21 04:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\windows\SysNative\cryptsvc.dll
[2010.11.21 04:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2010.11.21 04:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\erdnt\cache86\cryptsvc.dll
[2010.11.21 04:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SysWOW64\cryptsvc.dll
[2010.11.21 04:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2009.07.14 02:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\windows\SysNative\csrss.exe
[2009.07.14 02:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe

< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: FASTFAT.SYS >
[2009.07.14 00:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- C:\windows\SysNative\drivers\fastfat.sys
[2009.07.14 00:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- C:\Windows\winsxs\amd64_microsoft-windows-fat_31bf3856ad364e35_6.1.7600.16385_none_0aa81d2771152f86\fastfat.sys

< MD5 for: HAL.DLL >
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\windows\SysNative\hal.dll
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: I8042PRT.SYS >
[2009.07.14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\windows\SysNative\drivers\i8042prt.sys
[2009.07.14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\windows\SysNative\DriverStore\FileRepository\keyboard.inf_amd64_neutral_0684fdc43059f486\i8042prt.sys
[2009.07.14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\windows\SysNative\DriverStore\FileRepository\msmouse.inf_amd64_neutral_7a5f47d3150cc0eb\i8042prt.sys
[2009.07.14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bf\i8042prt.sys
[2009.07.14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\winsxs\amd64_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_aa28fd23ec0c39f9\i8042prt.sys

< MD5 for: IASTOR.SYS >
[2011.02.18 00:11:54 | 000,439,320 | ---- | M] (Intel Corporation) MD5=53CC5BF8B5A219119953C7ABB19A7705 -- C:\windows\SysNative\drivers\iaStor.sys
[2011.02.18 00:11:54 | 000,439,320 | ---- | M] (Intel Corporation) MD5=53CC5BF8B5A219119953C7ABB19A7705 -- C:\windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_52b32c0ad3e84c62\iaStor.sys

< MD5 for: IASTORV.SYS >
[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\drivers\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: KBDCLASS.SYS >
[2009.07.14 02:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- C:\Windows\erdnt\cache64\kbdclass.sys
[2009.07.14 02:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- C:\windows\SysNative\drivers\kbdclass.sys
[2009.07.14 02:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- C:\windows\SysNative\DriverStore\FileRepository\keyboard.inf_amd64_neutral_0684fdc43059f486\kbdclass.sys
[2009.07.14 02:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bf\kbdclass.sys

< MD5 for: LSASS.EXE >
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 07:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\erdnt\cache64\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\windows\SysNative\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe

< MD5 for: NDIS.SYS >
[2010.12.29 11:33:33 | 000,950,656 | ---- | M] (Microsoft Corporation) MD5=303310C91F8C0740ED1C76851C759874 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.21628_none_066fff3d4bd0b870\ndis.sys
[2010.11.21 04:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2010.12.29 11:57:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=C38B8AE57F78915905064A9A24DC1586 -- C:\Windows\erdnt\cache64\ndis.sys
[2010.12.29 11:57:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=C38B8AE57F78915905064A9A24DC1586 -- C:\windows\SysNative\drivers\ndis.sys
[2010.12.29 11:57:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=C38B8AE57F78915905064A9A24DC1586 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17530_none_05d3903632c269df\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\erdnt\cache64\netlogon.dll
[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\windows\SysNative\netlogon.dll
[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\erdnt\cache86\netlogon.dll
[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NTFS.SYS >
[2010.11.21 04:23:55 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=05D78AA5CB5F3F5C31160BDB955D0B7C -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_04972f2c338b23d4\ntfs.sys
[2011.03.11 07:19:20 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=87B104128D4D3BA3C13098BAEBF38082 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_04d11b5b4ce521d9\ntfs.sys
[2011.03.11 07:41:34 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=A2F74975097F52A00745F9637451FDD8 -- C:\Windows\erdnt\cache64\ntfs.sys
[2011.03.11 07:41:34 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=A2F74975097F52A00745F9637451FDD8 -- C:\windows\SysNative\drivers\ntfs.sys
[2011.03.11 07:41:34 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=A2F74975097F52A00745F9637451FDD8 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_0459508233b9177f\ntfs.sys

< MD5 for: NTKRNLPA.EXE >
[2011.04.09 07:02:25 | 003,967,872 | ---- | M] (Microsoft Corporation) MD5=102A6182087B18C795664BCD22EB52E9 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17592_none_6ddf4b9812a7d84d\ntkrnlpa.exe
[2010.11.21 04:23:51 | 003,966,848 | ---- | M] (Microsoft Corporation) MD5=144BD78C6103C8616DE047B3532142DB -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17514_none_6e37cb8c12652b73\ntkrnlpa.exe
[2011.11.19 12:11:29 | 003,971,440 | ---- | M] (Microsoft Corporation) MD5=2EDA0DCCF5F00CDB91A9ECBE45CB0B3D -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21863_none_6e8a5c3d2bac37e9\ntkrnlpa.exe
[2011.11.19 15:50:02 | 003,968,368 | ---- | M] (Microsoft Corporation) MD5=31C59B0CA08B1203E35D2BA19319279E -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17727_none_6e30004a126a8db7\ntkrnlpa.exe
[2011.06.23 06:55:25 | 003,967,872 | ---- | M] (Microsoft Corporation) MD5=3624D782F8B061B6FBA3A35E2FE53CFD -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21755_none_6e972ad72ba2517f\ntkrnlpa.exe
[2012.06.16 18:27:35 | 003,968,368 | ---- | M] (Microsoft Corporation) MD5=4A56DB06360F59130CAED69FA7526F0A -- C:\Windows\erdnt\cache86\ntkrnlpa.exe
[2012.06.16 18:27:35 | 003,968,368 | ---- | M] (Microsoft Corporation) MD5=4A56DB06360F59130CAED69FA7526F0A -- C:\Windows\SysWOW64\ntkrnlpa.exe
[2012.06.16 18:27:35 | 003,968,368 | ---- | M] (Microsoft Corporation) MD5=4A56DB06360F59130CAED69FA7526F0A -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17835_none_6e2331b012747421\ntkrnlpa.exe
[2012.06.16 18:21:38 | 003,968,368 | ---- | M] (Microsoft Corporation) MD5=8F6D5704D7522AAB8B4B82C0D35D9184 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17803_none_6e41a0e0125deda0\ntkrnlpa.exe
[2012.06.16 18:21:38 | 003,971,952 | ---- | M] (Microsoft Corporation) MD5=93358348D0B79812CAAA83A1377E4449 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21955_none_6e972ea32ba24bcd\ntkrnlpa.exe
[2011.04.09 07:01:20 | 003,967,872 | ---- | M] (Microsoft Corporation) MD5=9CF7F5D025183FA10E130445BC071B70 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21701_none_6ec9394b2b7d606e\ntkrnlpa.exe
[2011.06.23 05:33:57 | 003,967,872 | ---- | M] (Microsoft Corporation) MD5=A4A8EF2ACE5FA5863AA0B04C9BBFECA7 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17640_none_6e135c8612811711\ntkrnlpa.exe
[2012.06.16 18:27:35 | 003,971,952 | ---- | M] (Microsoft Corporation) MD5=AFF886D9D718D3747E5031816C0DA7D2 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21987_none_6e78bf732bb8d24e\ntkrnlpa.exe
[2011.04.08 08:35:10 | 003,967,872 | ---- | M] (Microsoft Corporation) MD5=CD1B3477BA75660EE7AE3DECCCEC9F28 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17591_none_6dde4b4e12a8bef6\ntkrnlpa.exe
[2011.04.08 07:47:46 | 003,967,872 | ---- | M] (Microsoft Corporation) MD5=F09089C2F523C5CAFA3ECBE76AFE88FA -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21700_none_6ec839012b7e4717\ntkrnlpa.exe

< MD5 for: NTOSKRNL.EXE >
[2011.11.19 12:11:28 | 003,916,656 | ---- | M] (Microsoft Corporation) MD5=00B12EA93ED392FBD09F07B63E926647 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21863_none_6e8a5c3d2bac37e9\ntoskrnl.exe
[2012.06.16 18:21:38 | 005,559,664 | ---- | M] (Microsoft Corporation) MD5=03B5C6DBA5A770CEEFD1615E380C6BC3 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17803_none_ca603c63cabb5ed6\ntoskrnl.exe
[2011.04.08 08:35:09 | 003,912,576 | ---- | M] (Microsoft Corporation) MD5=0F8186D2A0E4BAF407088BA10C4B30E9 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17591_none_6dde4b4e12a8bef6\ntoskrnl.exe
[2011.11.19 16:20:37 | 005,559,152 | ---- | M] (Microsoft Corporation) MD5=1AFFF8D5352AECEF2ECD47FFA02D7F7D -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17727_none_ca4e9bcdcac7feed\ntoskrnl.exe
[2010.11.21 04:23:51 | 003,911,040 | ---- | M] (Microsoft Corporation) MD5=2088D9994332583EDB3C561DE31EA5AD -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17514_none_6e37cb8c12652b73\ntoskrnl.exe
[2012.06.16 18:27:35 | 005,559,664 | ---- | M] (Microsoft Corporation) MD5=2819BB6417B85D38169A4F151463A815 -- C:\Windows\erdnt\cache64\ntoskrnl.exe
[2012.06.16 18:27:35 | 005,559,664 | ---- | M] (Microsoft Corporation) MD5=2819BB6417B85D38169A4F151463A815 -- C:\windows\SysNative\ntoskrnl.exe
[2012.06.16 18:27:35 | 005,559,664 | ---- | M] (Microsoft Corporation) MD5=2819BB6417B85D38169A4F151463A815 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17835_none_ca41cd33cad1e557\ntoskrnl.exe
[2012.06.16 18:21:38 | 003,913,072 | ---- | M] (Microsoft Corporation) MD5=28F44480E411C3DDF04B63F6560E6EF4 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17803_none_6e41a0e0125deda0\ntoskrnl.exe
[2012.06.16 18:21:38 | 003,916,656 | ---- | M] (Microsoft Corporation) MD5=2E02A17E8965AD671E4987E503AD38B1 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21955_none_6e972ea32ba24bcd\ntoskrnl.exe
[2011.04.08 08:46:39 | 005,562,240 | ---- | M] (Microsoft Corporation) MD5=2F926E1E23AA0D99D2021163ACEF070E -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17591_none_c9fce6d1cb06302c\ntoskrnl.exe
[2012.06.16 18:27:35 | 003,913,072 | ---- | M] (Microsoft Corporation) MD5=53483A0B2DE3617E832F1DBAF9620F39 -- C:\Windows\erdnt\cache86\ntoskrnl.exe
[2012.06.16 18:27:35 | 003,913,072 | ---- | M] (Microsoft Corporation) MD5=53483A0B2DE3617E832F1DBAF9620F39 -- C:\Windows\SysWOW64\ntoskrnl.exe
[2012.06.16 18:27:35 | 003,913,072 | ---- | M] (Microsoft Corporation) MD5=53483A0B2DE3617E832F1DBAF9620F39 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17835_none_6e2331b012747421\ntoskrnl.exe
[2011.06.23 06:43:12 | 005,561,216 | ---- | M] (Microsoft Corporation) MD5=577841951E8BAD6EA8288106693CD39F -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17640_none_ca31f809cade8847\ntoskrnl.exe
[2011.04.09 07:02:25 | 003,912,576 | ---- | M] (Microsoft Corporation) MD5=5D21C487F79F8245E799071589E035BF -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17592_none_6ddf4b9812a7d84d\ntoskrnl.exe
[2012.06.16 18:27:35 | 005,561,200 | ---- | M] (Microsoft Corporation) MD5=6A692DB27A943B463E97B749DD34F3DA -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21987_none_ca975af6e4164384\ntoskrnl.exe
[2012.06.16 18:21:38 | 005,561,200 | ---- | M] (Microsoft Corporation) MD5=708A4C721CEE6B3845B5A54477D873CF -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21955_none_cab5ca26e3ffbd03\ntoskrnl.exe
[2011.11.19 13:04:17 | 005,561,200 | ---- | M] (Microsoft Corporation) MD5=70A2D18E0B2A1ADBAE90008684E030AC -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21863_none_caa8f7c0e409a91f\ntoskrnl.exe
[2011.04.08 08:28:39 | 005,562,240 | ---- | M] (Microsoft Corporation) MD5=8C71CEA8AA6EB34DFCDBA23DAB6E2F6C -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21700_none_cae6d484e3dbb84d\ntoskrnl.exe
[2011.06.23 06:55:25 | 003,912,576 | ---- | M] (Microsoft Corporation) MD5=90EFDB506F6140EEA9DEE398D9449D86 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21755_none_6e972ad72ba2517f\ntoskrnl.exe
[2011.04.09 07:50:20 | 005,562,240 | ---- | M] (Microsoft Corporation) MD5=99C2715F138E7ED2F489AB796DD3B53C -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21701_none_cae7d4cee3dad1a4\ntoskrnl.exe
[2012.06.16 18:27:35 | 003,916,656 | ---- | M] (Microsoft Corporation) MD5=A37A39568C8EC9A17D1B7471445B81A8 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21987_none_6e78bf732bb8d24e\ntoskrnl.exe
[2010.11.21 04:24:26 | 005,563,776 | ---- | M] (Microsoft Corporation) MD5=C6CEC3E6CC9842B73501C70AA64C00FE -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17514_none_ca56670fcac29ca9\ntoskrnl.exe
[2011.04.08 07:47:46 | 003,912,576 | ---- | M] (Microsoft Corporation) MD5=C84EE04906FC06DC5D69AFC61A454AD6 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21700_none_6ec839012b7e4717\ntoskrnl.exe
[2011.06.23 06:22:01 | 005,561,728 | ---- | M] (Microsoft Corporation) MD5=CE6AF5EC2DB1567B6297ADCB56B39B5D -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21755_none_cab5c65ae3ffc2b5\ntoskrnl.exe
[2011.04.09 07:01:20 | 003,912,576 | ---- | M] (Microsoft Corporation) MD5=D385343510B75545EC5DB3A64C2D2492 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21701_none_6ec9394b2b7d606e\ntoskrnl.exe
[2011.04.09 08:02:55 | 005,562,240 | ---- | M] (Microsoft Corporation) MD5=D60D9BCEAE5870A67E6C167F4681877B -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17592_none_c9fde71bcb054983\ntoskrnl.exe
[2011.11.19 15:50:02 | 003,913,584 | ---- | M] (Microsoft Corporation) MD5=F0F0E99A65F598A1A7720F5111C4DA8F -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17727_none_6e30004a126a8db7\ntoskrnl.exe
[2011.06.23 05:33:57 | 003,912,576 | ---- | M] (Microsoft Corporation) MD5=FB58ABD5E1F75A2CF713C9DFF0EC0804 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17640_none_6e135c8612811711\ntoskrnl.exe

< MD5 for: NVRAID.SYS >
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\drivers\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010.11.21 04:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.21 04:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 07:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: REGEDIT.EXE >
[2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\erdnt\cache86\regedit.exe
[2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe
[2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe

< MD5 for: SCECLI.DLL >
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\windows\SysNative\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\windows\SysNative\services.exe
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\windows\SysNative\smss.exe
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SPOOLSV.EXE >
[2010.11.21 04:24:27 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=B96C17B5DC1424D56EEA3A99E97428CD -- C:\Windows\erdnt\cache64\spoolsv.exe
[2010.11.21 04:24:27 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=B96C17B5DC1424D56EEA3A99E97428CD -- C:\windows\SysNative\spoolsv.exe
[2010.11.21 04:24:27 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=B96C17B5DC1424D56EEA3A99E97428CD -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_3471a890d8284f57\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2011.03.01 09:10:51 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=635455A95EB8EC47AC72142E501465ED -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_14271b75353e4391\svchost.exe
[2011.03.01 09:07:49 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=6F68F63794097E54F36474ED4384B759 -- C:\Windows\erdnt\cache64\svchost.exe
[2011.03.01 09:07:49 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=6F68F63794097E54F36474ED4384B759 -- C:\windows\SysNative\svchost.exe
[2011.03.01 09:07:49 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=6F68F63794097E54F36474ED4384B759 -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_13af509c1c123937\svchost.exe
[2011.03.01 09:07:49 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=A91A288C91F9D9F1CFA4FAA9893C4D55 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_b8087ff17ce0d25b\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[2011.03.01 09:05:31 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\erdnt\cache86\svchost.exe
[2011.03.01 09:05:31 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\SysWOW64\svchost.exe
[2011.03.01 09:05:31 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_b790b51863b4c801\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.21 04:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.06.16 18:19:16 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2012.06.16 18:19:16 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\erdnt\cache64\tcpip.sys
[2012.06.16 18:19:16 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\windows\SysNative\drivers\tcpip.sys
[2012.06.16 18:19:16 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: TDX.SYS >
[2010.11.21 04:24:32 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806 -- C:\Windows\erdnt\cache64\tdx.sys
[2010.11.21 04:24:32 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806 -- C:\windows\SysNative\drivers\tdx.sys
[2010.11.21 04:24:32 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806 -- C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_4863cdbaf2b532f8\tdx.sys

< MD5 for: USER32.DLL >
[2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\erdnt\cache86\user32.dll
[2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\erdnt\cache64\user32.dll
[2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\windows\SysNative\user32.dll
[2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll

< MD5 for: USERINIT.EXE >
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WDF01000.SYS >
[2009.07.14 02:45:55 | 000,654,928 | ---- | M] (Microsoft Corporation) MD5=441BD2D7B4F98134C3A4F9FA570FD250 -- C:\windows\SysNative\drivers\Wdf01000.sys
[2009.07.14 02:45:55 | 000,654,928 | ---- | M] (Microsoft Corporation) MD5=441BD2D7B4F98134C3A4F9FA570FD250 -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.1.7600.16385_none_d24809e1379d1f91\Wdf01000.sys

< MD5 for: WIN32K.SYS >
[2012.06.16 18:32:06 | 003,148,800 | ---- | M] (Microsoft Corporation) MD5=1D7EDEAD6891810BCF8566B2319A8B11 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21995_none_174da290ca83e41f\win32k.sys
[2011.06.11 04:07:25 | 003,137,536 | ---- | M] (Microsoft Corporation) MD5=7A1BCE8E431CE1083E6807D43C1B0661 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17630_none_16ffe00fb13a23ae\win32k.sys
[2012.06.16 18:21:38 | 003,148,800 | ---- | M] (Microsoft Corporation) MD5=88592AB8F8AE4F7264A936AEE682BBE5 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21955_none_1778e240ca63745b\win32k.sys
[2012.06.16 18:32:06 | 003,146,752 | ---- | M] (Microsoft Corporation) MD5=A0360F2DEFCBC40497A4F3D0599FE71A -- C:\windows\SysNative\win32k.sys
[2012.06.16 18:32:06 | 003,146,752 | ---- | M] (Microsoft Corporation) MD5=A0360F2DEFCBC40497A4F3D0599FE71A -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17842_none_16f71483b1406c9b\win32k.sys
[2012.02.03 05:34:34 | 003,145,728 | ---- | M] (Microsoft Corporation) MD5=A3A7E9D10745A7CAC5F346370B81D08B -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17772_none_16d6a2d9b158c347\win32k.sys
[2010.11.21 04:24:16 | 003,126,272 | ---- | M] (Microsoft Corporation) MD5=A89392A32BA98468710FD7E38318934B -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17514_none_17197f29b1265401\win32k.sys
[2012.02.03 05:15:32 | 003,148,288 | ---- | M] (Microsoft Corporation) MD5=D743EB3F1917EE3D2861064D8A53E07F -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21914_none_17a321a6ca43eb40\win32k.sys
[2011.06.11 03:54:15 | 003,140,096 | ---- | M] (Microsoft Corporation) MD5=D9DC465D72719EB413FDD056B0F25EED -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21744_none_1782ae16ca5c44c5\win32k.sys
[2012.06.16 18:21:38 | 003,146,240 | ---- | M] (Microsoft Corporation) MD5=F4C456F9235ED440B81107E951555411 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17803_none_1723547db11f162e\win32k.sys

< MD5 for: WINLOGON.EXE >
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< MD5 for: WINSRV.DLL >
[2011.05.14 08:11:21 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=1A589228B6DC007120F877DBBD6CB79D -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21728_none_15276bfecc16de2a\winsrv.dll
[2011.05.14 08:24:33 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=3A8135A7DED2FA0DAD3BDE1B14865A8A -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17617_none_14a79ed5b2f20918\winsrv.dll
[2011.06.03 08:01:31 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=5AA1C7B5F471C4657BE38447BC397665 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21738_none_151c9c12cc1efa1b\winsrv.dll
[2011.06.03 07:57:44 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=9F761CE1C6C013120B2F0DB27D48C06F -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17625_none_149ace55b2fbf25b\winsrv.dll
[2011.06.24 06:27:05 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=C13D05A015346DED3D722BE285814495 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21756_none_1504fba6cc30ff4f\winsrv.dll
[2010.11.21 04:24:16 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=E0406AEF04B088D1C49FC78D0546F689 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17514_none_14a49c11b2f4bfec\winsrv.dll
[2011.06.24 06:34:53 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=EB6A48CC998E1090E44E8E7F1009A640 -- C:\windows\SysNative\winsrv.dll
[2011.06.24 06:34:53 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=EB6A48CC998E1090E44E8E7F1009A640 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17641_none_14812d55b30fc4e1\winsrv.dll

< MD5 for: WS2_32.DLL >
[2010.11.21 04:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\erdnt\cache64\ws2_32.dll
[2010.11.21 04:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\windows\SysNative\ws2_32.dll
[2010.11.21 04:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010.11.21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\erdnt\cache86\ws2_32.dll
[2010.11.21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

< MD5 for: WSCRIPT.EXE >
[2009.07.14 02:39:57 | 000,168,960 | ---- | M] (Microsoft Corporation) MD5=8886E0697B0A93C521F99099EF643450 -- C:\windows\SysNative\wscript.exe
[2009.07.14 02:39:57 | 000,168,960 | ---- | M] (Microsoft Corporation) MD5=8886E0697B0A93C521F99099EF643450 -- C:\Windows\winsxs\amd64_microsoft-windows-scripting_31bf3856ad364e35_6.1.7600.16385_none_a45d44bd1a0af822\wscript.exe
[2009.07.14 02:14:49 | 000,141,824 | ---- | M] (Microsoft Corporation) MD5=D1AB72DB2BEDD2F255D35DA3DA0D4B16 -- C:\Windows\SysWOW64\wscript.exe
[2009.07.14 02:14:49 | 000,141,824 | ---- | M] (Microsoft Corporation) MD5=D1AB72DB2BEDD2F255D35DA3DA0D4B16 -- C:\Windows\winsxs\wow64_microsoft-windows-scripting_31bf3856ad364e35_6.1.7600.16385_none_aeb1ef0f4e6bba1d\wscript.exe

< >

< %systemroot%\system32\logevent.dll /md5 >

< %systemroot%\system32\sceclt.dll /md5 >

< %systemroot%\system32\ntelogon.dll /md5 >

< %systemroot%\system32\consrv.dll /md5 >

< >

< %systemroot%\system32\logevent.dll /md5 /64 >

< %systemroot%\system32\sceclt.dll /md5 /64 >

< %systemroot%\system32\ntelogon.dll /md5 /64 >

< %systemroot%\system32\consrv.dll /md5 /64 >

< >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.11.06 20:39:28 | 000,000,512 | ---- | M] () MD5=738EE056A13C9CF03C9E930449167599 -- C:\PhysicalMBR.bin

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.10.26 02:53:20 | 000,275,568 | ---- | M] (Mozilla Corporation) MD5=EF01D104449CC654FDCF423C92BD8846 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2013.10.09 01:02:45 | 000,844,752 | ---- | M] (Google Inc.) MD5=3E399A1328181C2A352472369DE2A93A -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %systemroot%\system32\Spool\prtprocs\*.* /s >
[2008.10.06 14:39:18 | 000,254,464 | ---- | M] (Hewlett-Packard Corporation) -- C:\windows\system32\Spool\prtprocs\x64\hpfpp083.dll
[2010.11.21 04:24:16 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\Spool\prtprocs\x64\winprint.dll
[2011.09.07 01:03:37 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\windows\system32\Spool\prtprocs\x64\cs-CZ\LXKPTPRC.DLL.mui

< %systemroot%\system32\drivers\*.sys /10 >

< %systemroot%\system32\drivers\*.sys /X >
[2009.06.10 22:14:29 | 003,440,660 | ---- | M] () -- C:\windows\system32\drivers\gm.dls
[2009.06.10 22:14:29 | 000,000,646 | ---- | M] () -- C:\windows\system32\drivers\gmreadme.txt

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /10 >
[2013.11.06 19:09:29 | 000,000,018 | ---- | M] () -- C:\windows\system32\log.txt
[2 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

< %systemroot%\system32\*.* /lockedfiles >
[2013.11.06 19:09:29 | 000,000,018 | ---- | M] () Unable to obtain MD5 -- C:\windows\system32\log.txt
[2 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

< %systemroot%\system32\config\*.sav >

< >

< c:\$Recycle.Bin|L,N,U,@;true;true;true /FN >

< c:\Windows\Installer|L,N,U,@;true;true;true /FN >

< >

< %systemroot%\Tasks\*.job >

< %systemroot%\*.* /U /s >
[3 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
[2 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[1 C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp files -> C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp -> ]
[2 C:\windows\SysWOW64\*.tmp files -> C:\windows\SysWOW64\*.tmp -> ]
[1 C:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp files -> C:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp -> ]
[162 C:\windows\Temp\*.tmp files -> C:\windows\Temp\*.tmp -> ]
[1 C:\windows\twain_32\*.tmp files -> C:\windows\twain_32\*.tmp -> ]

< %systemroot%\*. /rp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Nabídka Start\*.lnk /x >

< %ALLUSERSPROFILE%\Data Aplikácií\*.* >

< %ALLUSERSPROFILE%\Data Aplikácií\*.exe /s >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %APPDATA%\*. >
[2012.08.29 14:26:50 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\Adobe
[2013.10.21 18:37:38 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\AVAST Software
[2012.07.12 18:37:55 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\avidemux
[2013.09.16 16:10:53 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\Blender Foundation
[2012.04.22 20:28:54 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\CyberLink
[2013.08.19 08:14:24 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\Downloaded Installations
[2013.11.06 19:10:46 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\Dropbox
[2012.12.18 22:51:08 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\DVDVideoSoft
[2012.11.17 02:45:43 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\Easy File Share
[2012.05.18 23:13:58 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\FileOpen
[2012.06.11 22:26:56 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\FM Software Studio
[2013.11.03 01:08:55 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\GetRightToGo
[2012.04.03 09:38:51 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\HP
[2012.03.31 17:41:36 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\Identities
[2012.11.05 18:29:51 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\Intel
[2013.01.06 21:48:04 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\IObit
[2013.03.16 17:37:31 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\Leadertech
[2012.03.31 18:18:52 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\Macromedia
[2013.02.25 19:20:16 | 000,000,000 | --SD | M] -- C:\Users\Abe\AppData\Roaming\Microsoft
[2013.04.05 12:19:57 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\MotionDSP
[2013.11.03 18:45:33 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\Mozilla
[2012.03.31 20:25:36 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\Nemetschek
[2013.09.28 12:16:04 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\NVIDIA
[2013.10.18 13:17:19 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\ParaView
[2013.11.02 14:07:18 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\Skype
[2012.03.31 16:08:38 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\skypePM
[2013.06.05 17:44:32 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\SoftGrid Client
[2012.08.28 17:45:36 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.01.20 18:22:37 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\TeamViewer
[2012.03.31 14:06:42 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\Thunderbird
[2012.03.31 13:27:15 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\TP
[2013.09.20 13:28:02 | 000,000,000 | ---D | M] -- C:\Users\Abe\AppData\Roaming\VitySoft

< %APPDATA%\*.* >
[2013.10.17 21:08:54 | 000,000,325 | ---- | M] () -- C:\Users\Abe\AppData\Roaming\mbam.context.scan

< %APPDATA%\*.exe /s >
[2013.05.25 01:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Users\Abe\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2013.05.25 01:48:34 | 000,229,288 | ---- | M] (Dropbox, Inc.) -- C:\Users\Abe\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2012.05.24 19:39:24 | 000,872,144 | ---- | M] (Dropbox, Inc.) -- C:\Users\Abe\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2009.01.16 09:19:56 | 001,731,736 | ---- | M] (Leader Technologies/Seagate) -- C:\Users\Abe\AppData\Roaming\Leadertech\PowerRegister\Seagate 2GE4DYGC Product Registration.exe
[2012.08.28 17:20:10 | 000,010,134 | R--- | M] () -- C:\Users\Abe\AppData\Roaming\Microsoft\Installer\{024521CF-C07E-4F8E-8481-0D75695E03AF}\ARPPRODUCTICON.exe
[2013.06.06 19:39:18 | 000,043,385 | R--- | M] () -- C:\Users\Abe\AppData\Roaming\Microsoft\Installer\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}\_0CE5D65C672A59FCFADCFA.exe
[2013.06.06 19:39:18 | 000,043,385 | R--- | M] () -- C:\Users\Abe\AppData\Roaming\Microsoft\Installer\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}\_112D608FD02CD87FDC7735.exe
[2013.06.06 19:39:18 | 000,032,579 | R--- | M] () -- C:\Users\Abe\AppData\Roaming\Microsoft\Installer\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}\_853F67D554F05449430E7E.exe

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\system32|bak;true;false;false /fp >

< %PROGRAMFILES%|bak;true;false;false /fp >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"GoogleDriveSync" = "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart -- [2013.09.25 16:37:00 | 020,133,824 | ---- | M] (Google)

========== Alternate Data Streams ==========

@Alternate Data Stream - 6392 bytes -> C:\windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:890CC2F3
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:C25DC0ED
@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:302A9871

< End of report >

OTL

Extras log

C:\windows\Wisaroc.exe

na virus total nic detekováno, všechno ok

C:\Windows\SysWOW64\drivers\papycpu.sys

na virus total nic detekováno, všechno ok


Ohledně webu, sice jsem neměl tušení že je nastaven jako homepage a tak vůbec (asi se stala v minulosti někde chyba) nicméně mám ponětí co je zač (není nebezpečný).

V tom případě velice děkuji za pomoc a snad je vše v pořádku.

Měl bych ještě jeden dotaz, který je mimo toto téma. Jen mě tak napadlo, jak mají snad všechny notebooky v dnešní době oddíl na disku pro přeinstalování systému, tak jetli když má člověk skutečně zavirovaný počítač a je nutná přeinstalace sytému, tak jestli se viry skutečně smažou, nebo se můžou "vloudit" už na ten instalační oddíl a naistalovat se znovu do systému spolu s instalací systému?

A ještě jedna otázečka : složku Qoobox po Combofixu můžu normálně smazat předpokládám?