VIRY.CZ

# AdwCleaner v3.017 - Report created 13/01/2014 at 14:41:59
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : z0ny - Z0NY-PC
# Running from : C:\Users\z0ny\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\dt soft\daemon tools toolbar
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\InstallIQ

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16526


-\\ Google Chrome v

[ File : C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2097 octets] - [12/01/2014 19:54:43]
AdwCleaner[R1].txt - [2157 octets] - [13/01/2014 14:40:00]
AdwCleaner[R2].txt - [2217 octets] - [13/01/2014 14:40:42]
AdwCleaner[R3].txt - [2277 octets] - [13/01/2014 14:41:20]
AdwCleaner[S0].txt - [2146 octets] - [13/01/2014 14:41:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2206 octets] ##########

Pouzivate nejaky antivir?

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

Nepouzivam, kdysi jsem pouzival Avast cca 4-5let zpet, ale po 5ti letech bez jakekoli detekovane infekce jsem ho odinstaloval. Obcas 1x za 1-2 mesice poustim ESET Online Scanner.

RogueKiller V8.8.0 [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : z0ny [Práva správce]
Mód : Kontrola -- Datum : 01/13/2014 15:11:14
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 13 ¤¤¤
[PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyServer (server.z0ny.net:3128 [Country: (Private Address) (XX), City: (Private Address)]) -> NALEZENO
[PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyEnable (1) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowUser (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) ADATA SSD S599 128GB +++++
--- User ---
[MBR] 04d505707687f74ed33a63e886a67259
[BSP] 8d2a0a03ed32d111e83530ea25b1cf17 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 114370 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ SCSI) SAMSUNG HD103SJ +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097151 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ SCSI) SAMSUNG HD103UJ +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097151 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_01132014_151114.txt >>
RKreport[0]_S_01132014_150731.txt

z0ny píše:Nepouzivam

To je velka chyba.

Ty proxy tam jsou chvalne?

[PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyServer (server.z0ny.net:3128 [Country: (Private Address) (XX), City: (Private Address)]) -> NALEZENO
[PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyEnable (1) -> NALEZENO

Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

Márty84 píše:Ty proxy tam jsou chvalne?

[PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyServer (server.z0ny.net:3128 [Country: (Private Address) (XX), City: (Private Address)]) -> NALEZENO
[PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyEnable (1) -> NALEZENO

Ano, je to proxy na mem serveru

Márty84 píše::arrow: Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

Predpokladam ze kdyz mam ty proxy schvalne mam dat zatrzitko pryc z tech dvou polozek, je to tak?

z0ny píše:Predpokladam ze kdyz mam ty proxy schvalne mam dat zatrzitko pryc z tech dvou polozek, je to tak?

Teoreticky neni treba, protoze proxy se opravuje zvlast, ale pro jistotu...

No nechal jsem to teda zaskrtnute nastavit si to muzu pripadne znova :)

Dejte novy log z RSIT

Logfile of random's system information tool 1.08 (written by random/random)
Run by z0ny at 2014-01-15 11:21:48
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 30 GB (26%) free of 114 GB
Total RAM: 12286 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:21:49, on 15.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16526)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\TrueCrypt\TrueCrypt.exe
C:\Program Files (x86)\NetMeter\NetMeter.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Hry\Steam\Steam.exe
C:\Program Files (x86)\Miranda IM\miranda32.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\foobar2000\foobar2000.exe
C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\z0ny.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = server.z0ny.net:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (file missing)
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKCU\..\Run: [TrueCrypt] "C:\Program Files (x86)\TrueCrypt\TrueCrypt.exe" /q preferences
O4 - HKCU\..\Run: [NetMeter] C:\Program Files (x86)\NetMeter\NetMeter.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Hry\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Google Update] "C:\Users\z0ny\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Miranda IM.lnk = C:\Program Files (x86)\Miranda IM\miranda32.exe
O4 - Global Startup: System.lnk = C:\Windows\System32\taskmgr.exe
O8 - Extra context menu item: &Stáhnout FlashGetem - C:\Program Files (x86)\FlashGet\jc_link.htm
O8 - Extra context menu item: &Stáhnout všechny FlashGetem - C:\Program Files (x86)\FlashGet\jc_all.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: CyberLink Product - 2011/08/13 01:33:46 (CLKMSVC10_9EC60124) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10491 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
WLIDSvcM.exe 2216
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized
"C:\Program Files (x86)\TrueCrypt\TrueCrypt.exe" /q preferences
"C:\Program Files (x86)\NetMeter\NetMeter.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Hry\Steam\Steam.exe" -silent
"C:\Program Files\TortoiseSVN\bin\TSVNCache.exe"
"C:\Windows\System32\taskmgr.exe"
"C:\Program Files (x86)\Miranda IM\miranda32.exe"
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
"C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\foobar2000\foobar2000.exe"
"C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5092.0.1695395027\1713445336" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,12,22,26 --gpu-vendor-id=0x10de --gpu-device-id=0x1200 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.2723 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group3 pct:10b stable:r7 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --extension-process --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --channel="5092.3.501148622\631260202" /prefetch:673131151
"C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group3 pct:10b stable:r7 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --channel="5092.6.360746445\1914974367" /prefetch:673131151
"C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group3 pct:10b stable:r7 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --channel="5092.14.1807884499\199499638" /prefetch:673131151
"C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group3 pct:10b stable:r7 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --channel="5092.15.1645458438\986257060" /prefetch:673131151
"C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group3 pct:10b stable:r7 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --channel="5092.16.1028005245\1930004794" /prefetch:673131151
"C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group3 pct:10b stable:r7 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --channel="5092.17.2131684506\353507330" /prefetch:673131151
"C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group3 pct:10b stable:r7 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --extension-process --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --channel="5092.63.1617163834\1992355434" /prefetch:673131151
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group3 pct:10b stable:r7 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --disable-client-side-phishing-detection --renderer-print-preview --instant-process --disable-html-notifications --channel="5092.82.987727641\813119866" /prefetch:673131151
taskeng.exe {3DDAB350-9EE4-45A8-8A4A-FAFB4AD7D088}
taskeng.exe {C773A9CD-3A5F-4A15-83FF-EA39126B62A0}
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files\Total Commander\TOTALCMD64.EXE"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Users\z0ny\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2802937240-2648798408-2496797330-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2802937240-2648798408-2496797330-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-06-28 350984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-06-28 53512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files (x86)\FlashGet\jccatch.dll [2007-08-06 94308]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files (x86)\FlashGet\getflash.dll [2007-05-18 163840]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Acronis Scheduler2 Service"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2009-11-12 361632]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]
"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2013-04-24 7477016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TrueCrypt"=C:\Program Files (x86)\TrueCrypt\TrueCrypt.exe [2010-03-07 1415632]
"NetMeter"=C:\Program Files (x86)\NetMeter\NetMeter.exe [2009-08-09 293888]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Steam"=C:\Hry\Steam\steam.exe [2014-01-07 1815464]
"Google Update"=C:\Users\z0ny\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-16 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2010-11-23 75048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl9]
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [2010-08-02 87336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut]
C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [2010-06-02 222504]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2009-11-12 5106904]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
System.lnk - C:\Windows\System32\taskmgr.exe

C:\Users\z0ny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Miranda IM.lnk - C:\Program Files (x86)\Miranda IM\miranda32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2014-01-15 11:21:48 ----D---- C:\rsit
2014-01-15 11:21:48 ----D---- C:\Program Files\trend micro
2014-01-13 15:07:15 ----A---- C:\Windows\system32\drivers\WUDFRd.sys.bak
2014-01-13 15:07:15 ----A---- C:\Windows\system32\drivers\WUDFPf.sys.bak
2014-01-13 15:07:15 ----A---- C:\Windows\system32\drivers\ws2ifsl.sys.bak
2014-01-13 15:07:15 ----A---- C:\Windows\system32\drivers\WmXlCore.sys.bak
2014-01-13 15:07:15 ----A---- C:\Windows\system32\drivers\WmVirHid.sys.bak
2014-01-13 15:07:15 ----A---- C:\Windows\system32\drivers\wmilib.sys.bak
2014-01-13 15:07:15 ----A---- C:\Windows\system32\drivers\wmiacpi.sys.bak
2014-01-13 15:07:15 ----A---- C:\Windows\system32\drivers\WmFilter.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\WmBEnum.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\winusb.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\winhv.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\wimmount.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\wfplwf.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\WdfLdr.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\Wdf01000.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\wdcsam64.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\wd.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\watchdog.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\wanarp.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\wacompen.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\vwifimp.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\vwififlt.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\vwifibus.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\vsmraid.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\volsnap.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\volmgrx.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\volmgr.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\vmstorfl.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\vms3cap.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\VMBusHID.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\vmbus.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\videoprt.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\viaide.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\vhdmp.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\vgapnp.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\vga.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\vdrvroot.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\usbuhci.sys.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS.bak
2014-01-13 15:07:14 ----A---- C:\Windows\system32\drivers\usbrpm.sys.bak
2014-01-13 15:07:13 ----A---- C:\Windows\system32\drivers\usbprint.sys.bak
2014-01-13 15:07:13 ----A---- C:\Windows\system32\drivers\usbport.sys.bak
2014-01-13 15:07:13 ----A---- C:\Windows\system32\drivers\usbohci.sys.bak
2014-01-13 15:07:13 ----A---- C:\Windows\system32\drivers\usbhub.sys.bak
2014-01-13 15:07:13 ----A---- C:\Windows\system32\drivers\usbehci.sys.bak
2014-01-13 15:07:13 ----A---- C:\Windows\system32\drivers\usbd.sys.bak
2014-01-13 15:07:13 ----A---- C:\Windows\system32\drivers\usbcir.sys.bak
2014-01-13 15:07:13 ----A---- C:\Windows\system32\drivers\usbccgp.sys.bak
2014-01-13 15:07:13 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys.bak
2014-01-13 15:07:13 ----A---- C:\Windows\system32\drivers\usb8023.sys.bak
2014-01-13 15:07:13 ----A---- C:\Windows\system32\drivers\umpass.sys.bak
2014-01-13 15:07:13 ----A---- C:\Windows\system32\drivers\umbus.sys.bak
2014-01-13 15:07:13 ----A---- C:\Windows\system32\drivers\ULIAGPKX.SYS.bak
2014-01-13 15:07:13 ----A---- C:\Windows\system32\drivers\udfs.sys.bak
2014-01-13 15:07:13 ----A---- C:\Windows\system32\drivers\UAGP35.SYS.bak
2014-01-13 15:07:13 ----A---- C:\Windows\system32\drivers\tunnel.sys.bak
2014-01-13 15:07:13 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys.bak
2014-01-13 15:07:13 ----A---- C:\Windows\system32\drivers\tssecsrv.sys.bak
2014-01-13 15:07:13 ----A---- C:\Windows\system32\drivers\timntr.sys.bak
2014-01-13 15:07:13 ----A---- C:\Windows\system32\drivers\termdd.sys.bak
2014-01-13 15:07:13 ----A---- C:\Windows\system32\drivers\tdx.sys.bak
2014-01-13 15:07:13 ----A---- C:\Windows\system32\drivers\tdtcp.sys.bak
2014-01-13 15:07:13 ----A---- C:\Windows\system32\drivers\tdrpm258.sys.bak
2014-01-13 15:07:13 ----A---- C:\Windows\system32\drivers\tdpipe.sys.bak
2014-01-13 15:07:13 ----A---- C:\Windows\system32\drivers\tdi.sys.bak
2014-01-13 15:07:13 ----A---- C:\Windows\system32\drivers\tcpipreg.sys.bak
2014-01-13 15:07:13 ----A---- C:\Windows\system32\drivers\tcpip.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\tape.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\tap0901.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\tap0801.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\swenum.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\stream.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\storvsc.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\storport.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\stexstor.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\srvnet.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\srv2.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\srv.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\sptd.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\spsys.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\spldr.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\snapman.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\smclib.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\smb.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\sisraid4.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\sisraid2.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\sfloppy.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\sffp_sd.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\sffp_mmc.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\sffdisk.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\sermouse.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\serial.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\serenum.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\secdrv.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\scsiport.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\scfilter.sys.bak
2014-01-13 15:07:12 ----A---- C:\Windows\system32\drivers\sbp2port.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\Rt64win7.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\rspndr.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\rootmdm.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\RNDISMP.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\rmcast.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\rdyboost.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\rdpwd.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\RDPREFMP.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\RDPENCDD.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\rdpdr.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\RDPCDD.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\rdpbus.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\rdbss.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\rassstp.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\raspptp.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\raspppoe.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\rasl2tp.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\rasacd.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\qwavedrv.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\ql40xx.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\ql2300.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\processr.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\portcls.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\PEAuth.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\pcw.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\pcmcia.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\pciidex.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\pciide.sys.bak
2014-01-13 15:07:11 ----A---- C:\Windows\system32\drivers\pci.sys.bak
2014-01-13 15:07:10 ----A---- C:\Windows\system32\drivers\partmgr.sys.bak
2014-01-13 15:07:10 ----A---- C:\Windows\system32\drivers\parport.sys.bak
2014-01-13 15:07:10 ----A---- C:\Windows\system32\drivers\pacer.sys.bak
2014-01-13 15:07:10 ----A---- C:\Windows\system32\drivers\ohci1394.sys.bak
2014-01-13 15:07:10 ----A---- C:\Windows\system32\drivers\nwifi.sys.bak
2014-01-13 15:07:10 ----A---- C:\Windows\system32\drivers\nvstor.sys.bak
2014-01-13 15:07:10 ----A---- C:\Windows\system32\drivers\nvraid.sys.bak
2014-01-13 15:07:10 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys.bak
2014-01-13 15:07:10 ----A---- C:\Windows\system32\drivers\nvhda64v.sys.bak
2014-01-13 15:07:10 ----A---- C:\Windows\system32\drivers\nvflash.sys.bak
2014-01-13 15:07:10 ----A---- C:\Windows\system32\drivers\NV_AGP.SYS.bak
2014-01-13 15:07:10 ----A---- C:\Windows\system32\drivers\null.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\ntfs.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\nsiproxy.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\npfs.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\nfrd960.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\netio.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\netbt.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\netbios.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\ndproxy.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\ndiswan.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\ndisuio.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\ndistapi.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\ndiscap.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\ndis.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\mup.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\MTConfig.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\mstee.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\mssmbios.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\msrpc.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\mspqm.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\mspclock.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\mskssrv.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\msiscsi.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\msisadrv.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\mshidkmdf.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\msfs.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\msdsm.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\msahci.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\mrxsmb.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\mrxdav.sys.bak
2014-01-13 15:07:09 ----A---- C:\Windows\system32\drivers\mpsdrv.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\mpio.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\mountmgr.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\mouhid.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\mouclass.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\monitor.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\modem.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\MO3v2Driver.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\MegaSR.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\megasas.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\mcd.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\luafv.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\lsi_scsi.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\lsi_sas2.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\lsi_sas.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\lsi_fc.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\LNonPnP.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\LMouFilt.Sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\lltdio.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\lirsgt.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\LHidFilt.Sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\LGVirHid.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\LGSHidFilt.Sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\LGBusEnum.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\L8042Kbd.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\ksthunk.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\ksecpkg.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\ksecdd.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\ks.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\kbdhid.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\kbdclass.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\isapnp.sys.bak
2014-01-13 15:07:08 ----A---- C:\Windows\system32\drivers\irenum.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\irda.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\ipnat.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\ipfltdrv.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\intelppm.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\intelide.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\iirsp.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\iaStorV.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\iaStor.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\i8042prt.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\hwpolicy.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\http.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\HpSAMD.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\hidusb.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\hidparse.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\hidir.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\hidclass.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\hidbth.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\hidbatt.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\HdAudio.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\hdaudbus.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\hcw85cir.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\GenericMount.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\GAGP30KX.SYS.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\fvevol.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\fsdepends.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\fs_rec.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\fltMgr.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\flpydisk.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\filetrace.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\fileinfo.sys.bak
2014-01-13 15:07:07 ----A---- C:\Windows\system32\drivers\fdc.sys.bak
2014-01-13 15:07:06 ----A---- C:\Windows\system32\drivers\fastfat.sys.bak
2014-01-13 15:07:06 ----A---- C:\Windows\system32\drivers\exfat.sys.bak
2014-01-13 15:07:06 ----A---- C:\Windows\system32\drivers\evbda.sys.bak
2014-01-13 15:07:06 ----A---- C:\Windows\system32\drivers\errdev.sys.bak
2014-01-13 15:07:06 ----A---- C:\Windows\system32\drivers\elxstor.sys.bak
2014-01-13 15:07:06 ----A---- C:\Windows\system32\drivers\dxgmms1.sys.bak
2014-01-13 15:07:06 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys.bak
2014-01-13 15:07:06 ----A---- C:\Windows\system32\drivers\dxg.sys.bak
2014-01-13 15:07:06 ----A---- C:\Windows\system32\drivers\dxapi.sys.bak
2014-01-13 15:07:06 ----A---- C:\Windows\system32\drivers\dumpfve.sys.bak
2014-01-13 15:07:06 ----A---- C:\Windows\system32\drivers\Dumpata.sys.bak
2014-01-13 15:07:06 ----A---- C:\Windows\system32\drivers\drmkaud.sys.bak
2014-01-13 15:07:06 ----A---- C:\Windows\system32\drivers\drmk.sys.bak
2014-01-13 15:07:06 ----A---- C:\Windows\system32\drivers\Diskdump.sys.bak
2014-01-13 15:07:06 ----A---- C:\Windows\system32\drivers\disk.sys.bak
2014-01-13 15:07:06 ----A---- C:\Windows\system32\drivers\discache.sys.bak
2014-01-13 15:07:06 ----A---- C:\Windows\system32\drivers\dfsc.sys.bak
2014-01-13 15:07:06 ----A---- C:\Windows\system32\drivers\csc.sys.bak
2014-01-13 15:07:06 ----A---- C:\Windows\system32\drivers\crcdisk.sys.bak
2014-01-13 15:07:06 ----A---- C:\Windows\system32\drivers\crashdmp.sys.bak
2014-01-13 15:07:06 ----A---- C:\Windows\system32\drivers\CompositeBus.sys.bak
2014-01-13 15:07:06 ----A---- C:\Windows\system32\drivers\compbatt.sys.bak
2014-01-13 15:07:06 ----A---- C:\Windows\system32\drivers\cng.sys.bak
2014-01-13 15:07:06 ----A---- C:\Windows\system32\drivers\cmdide.sys.bak
2014-01-13 15:07:06 ----A---- C:\Windows\system32\drivers\CmBatt.sys.bak
2014-01-13 15:07:06 ----A---- C:\Windows\system32\drivers\Classpnp.sys.bak
2014-01-13 15:07:06 ----A---- C:\Windows\system32\drivers\circlass.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\cdrom.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\cdfs.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\bxvbda.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\bthmodem.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\BrUsbSer.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\BrUsbMdm.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\BrSerWdm.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\BrSerId.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\bridge.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\BrFiltUp.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\BrFiltLo.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\bowser.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\blbdrive.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\beep.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\battc.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\b57nd60a.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\atksgt.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\ataport.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\atapi.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\asyncmac.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\arcsas.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\arc.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\appid.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\amdxata.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\amdsbs.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\amdsata.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\amdppm.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\amdk8.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\amdide.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\aliide.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\AGP440.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\agilevpn.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\afd.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\afcdp.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\adpu320.sys.bak
2014-01-13 15:07:05 ----A---- C:\Windows\system32\drivers\adpahci.sys.bak
2014-01-13 15:07:04 ----A---- C:\Windows\system32\drivers\adp94xx.sys.bak
2014-01-13 15:07:04 ----A---- C:\Windows\system32\drivers\acpipmi.sys.bak
2014-01-13 15:07:04 ----A---- C:\Windows\system32\drivers\acpi.sys.bak
2014-01-13 15:07:04 ----A---- C:\Windows\system32\drivers\1394ohci.sys.bak
2014-01-13 15:07:04 ----A---- C:\Windows\system32\drivers\1394bus.sys.bak
2014-01-12 15:36:51 ----D---- C:\Users\z0ny\AppData\Roaming\Malwarebytes
2014-01-12 15:36:29 ----D---- C:\ProgramData\Malwarebytes
2014-01-08 12:10:44 ----D---- C:\Users\z0ny\AppData\Roaming\KeePassX
2014-01-03 02:06:49 ----D---- C:\Program Files (x86)\World of Warcraft
2013-12-16 04:05:00 ----D---- C:\Program Files (x86)\Mozilla Thunderbird

======List of files/folders modified in the last 1 months======

2014-01-15 11:21:49 ----D---- C:\Windows\Temp
2014-01-15 11:21:48 ----D---- C:\Program Files
2014-01-15 11:17:16 ----D---- C:\Windows\system32\config
2014-01-15 00:38:10 ----SHD---- C:\Windows\Installer
2014-01-15 00:38:10 ----SHD---- C:\Config.Msi
2014-01-15 00:38:00 ----D---- C:\Windows\SysWOW64
2014-01-15 00:06:04 ----D---- C:\Users\z0ny\AppData\Roaming\TS3Client
2014-01-14 11:05:58 ----SHD---- C:\System Volume Information
2014-01-13 15:10:58 ----D---- C:\Windows\system32\drivers
2014-01-13 14:50:47 ----D---- C:\Users\z0ny\AppData\Roaming\foobar2000
2014-01-13 14:49:42 ----D---- C:\Windows\System32
2014-01-13 14:49:42 ----D---- C:\Windows\inf
2014-01-13 14:49:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-13 14:43:39 ----D---- C:\ProgramData\NVIDIA
2014-01-13 14:41:59 ----HD---- C:\ProgramData
2014-01-12 19:59:00 ----D---- C:\Users\z0ny\AppData\Roaming\Mumble
2014-01-12 19:47:05 ----D---- C:\Program Files (x86)
2014-01-12 19:45:22 ----D---- C:\Users\z0ny\AppData\Roaming\mIRC
2014-01-12 16:57:08 ----D---- C:\Program Files (x86)\Common Files
2014-01-12 16:16:55 ----RSD---- C:\Windows\assembly
2014-01-12 15:20:46 ----D---- C:\Program Files\TeamSpeak 3 Client
2014-01-09 15:01:28 ----D---- C:\Program Files (x86)\mIRC
2014-01-09 11:27:04 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-08 09:51:44 ----D---- C:\Program Files (x86)\Origin
2014-01-07 15:45:37 ----HD---- C:\Users\z0ny\AppData\Roaming\.minecraft
2014-01-03 02:07:18 ----D---- C:\Hry
2013-12-26 20:04:48 ----AD---- C:\ProgramData\TEMP
2013-12-22 20:34:04 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-12-16 18:50:16 ----D---- C:\Program Files (x86)\Google

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2010-03-27 267872]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-03-08 834544]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258); C:\Windows\system32\DRIVERS\tdrpm258.sys [2010-03-27 1477728]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2010-03-27 943712]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 truecrypt;truecrypt; C:\Windows\SysWOW64\drivers\truecrypt.sys [2010-03-07 222160]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-07-04 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-07-04 43680]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2010-03-27 251488]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [2013-01-17 66800]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-06-16 196384]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2009-07-16 31232]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-27 26440]
R3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-27 16200]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 77512]
S1 ArcSec;ArcSec; C:\Windows\system32\drivers\ArcSec.sys []
S3 am09vcpe;am09vcpe; C:\Windows\system32\drivers\am09vcpe.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files (x86)\MediaCoder\SysInfoX64.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2010-03-12 25640]
S3 GenericMount;Generic Mount Driver; C:\Windows\system32\DRIVERS\GenericMount.sys [2009-09-21 54320]
S3 L8042Kbd;SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2009-06-17 30736]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 55312]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 57872]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SSMO3v2Filter;MMO3v2 Mouse; C:\Windows\system32\drivers\MO3v2Driver.sys [2010-12-17 23040]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 tap0801;TAP-Win32 Adapter V8; C:\Windows\system32\DRIVERS\tap0801.sys [2005-04-13 30720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 43976]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2009-11-12 894136]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 afcdpsrv;Acronis Nonstop Backup service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2010-03-27 2480048]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-09-12 920864]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-10-08 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-09-12 414496]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 CLKMSVC10_9EC60124;CyberLink Product - 2011/08/13 01:33:46; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2010-11-23 240112]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 FastUserSwitchingCompatibility;AMD External Events Utility .NET.; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-10 1266464]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-12 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2014-01-12 49152]
S3 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-22 116648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-22 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-16 119408]
S3 OpenVPNService;OpenVPN Service; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [2009-07-16 36352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-02-01 541608]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-18 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Zopakujte mi prosim jeste sken s OTL http://forum.viry.cz/viewtopic.php?f=30 ... 2#p1286625
Tentokrat by se mel objevit uz jen jeden log.

Pak budem mazat. Bohuzel pres tyden mam hodne malo casu

Ten prvni script opet hazel ze nelze vytvorit cmd.bat na plose, tak jsem spustil ten druhej

OTL logfile created on: 16.1.2014 11:31:54 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\z0ny\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

12,00 Gb Total Physical Memory | 8,80 Gb Available Physical Memory | 73,30% Memory free
12,00 Gb Paging File | 8,56 Gb Available in Paging File | 71,37% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 28,73 Gb Free Space | 25,72% Space Free | Partition Type: NTFS
Drive D: | 293,19 Gb Total Space | 237,30 Gb Free Space | 80,94% Space Free | Partition Type: NTFS
Drive E: | 1862,77 Gb Total Space | 1243,28 Gb Free Space | 66,74% Space Free | Partition Type: NTFS
Drive I: | 5544,63 Gb Total Space | 730,60 Gb Free Space | 13,18% Space Free | Partition Type: NTFS
Drive Z: | 931,51 Gb Total Space | 573,11 Gb Free Space | 61,52% Space Free | Partition Type: NTFS

Computer Name: Z0NY-PC | User Name: z0ny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.01.12 12:19:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\z0ny\Desktop\OTL.exe
PRC - [2014.01.07 22:00:20 | 001,815,464 | ---- | M] (Valve Corporation) -- C:\Hry\Steam\Steam.exe
PRC - [2013.12.18 19:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.12.06 09:21:13 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
PRC - [2013.10.08 20:04:16 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.09.12 00:17:46 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.09.14 12:14:54 | 001,771,008 | ---- | M] (Peter Pawlowski) -- C:\Program Files (x86)\foobar2000\foobar2000.exe
PRC - [2010.04.01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.03.27 12:03:36 | 002,480,048 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2010.03.07 22:10:09 | 001,415,632 | ---- | M] (TrueCrypt Foundation) -- C:\Program Files (x86)\TrueCrypt\TrueCrypt.exe
PRC - [2010.03.04 21:44:06 | 000,696,931 | ---- | M] ( ) -- C:\Program Files (x86)\Miranda IM\miranda32.exe
PRC - [2009.11.12 03:49:16 | 000,361,632 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2009.11.12 03:48:30 | 005,106,904 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2009.08.09 15:08:02 | 000,293,888 | ---- | M] () -- C:\Program Files (x86)\NetMeter\NetMeter.exe
PRC - [2009.06.04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe


========== Modules (No Company Name) ==========

MOD - [2014.01.07 22:00:22 | 001,138,088 | ---- | M] () -- C:\Hry\Steam\bin\chromehtml.dll
MOD - [2014.01.07 22:00:22 | 000,121,256 | ---- | M] () -- C:\Hry\Steam\bin\audio.dll
MOD - [2013.12.12 23:19:40 | 000,142,848 | ---- | M] () -- C:\Hry\Steam\libavresample-1.dll
MOD - [2013.12.12 23:19:08 | 016,242,056 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2013.12.12 23:04:18 | 020,625,832 | ---- | M] () -- C:\Hry\Steam\bin\libcef.dll
MOD - [2013.12.12 23:04:14 | 000,716,800 | ---- | M] () -- C:\Hry\Steam\SDL2.dll
MOD - [2013.12.04 03:48:04 | 000,399,312 | ---- | M] () -- C:\Users\z0ny\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppgooglenaclpluginchrome.dll
MOD - [2013.12.04 03:48:02 | 004,055,504 | ---- | M] () -- C:\Users\z0ny\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll
MOD - [2013.12.04 03:47:11 | 000,702,416 | ---- | M] () -- C:\Users\z0ny\AppData\Local\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
MOD - [2013.12.04 03:47:11 | 000,099,792 | ---- | M] () -- C:\Users\z0ny\AppData\Local\Google\Chrome\Application\31.0.1650.63\libegl.dll
MOD - [2013.12.04 03:47:08 | 001,619,408 | ---- | M] () -- C:\Users\z0ny\AppData\Local\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
MOD - [2013.11.05 02:12:06 | 000,890,592 | ---- | M] () -- C:\Hry\Steam\libavutil-52.dll
MOD - [2013.06.15 00:49:16 | 000,153,088 | ---- | M] () -- C:\Hry\Steam\bin\mssvoice.asi
MOD - [2013.06.15 00:49:16 | 000,071,680 | ---- | M] () -- C:\Hry\Steam\bin\mssmp3.asi
MOD - [2013.06.15 00:49:12 | 001,100,800 | ---- | M] () -- C:\Hry\Steam\bin\avcodec-53.dll
MOD - [2013.06.15 00:49:12 | 000,192,000 | ---- | M] () -- C:\Hry\Steam\bin\avformat-53.dll
MOD - [2013.06.15 00:49:12 | 000,124,416 | ---- | M] () -- C:\Hry\Steam\bin\avutil-51.dll
MOD - [2012.09.14 12:13:32 | 001,632,256 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_input_std.dll
MOD - [2012.09.14 12:13:32 | 000,359,936 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_albumlist.dll
MOD - [2012.09.14 12:13:28 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_dsp_std.dll
MOD - [2012.09.14 12:13:10 | 000,915,968 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_ui_std.dll
MOD - [2012.09.14 12:13:08 | 000,303,616 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_cdda.dll
MOD - [2012.09.14 12:12:50 | 000,287,744 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_rgscan.dll
MOD - [2012.09.14 12:12:44 | 000,491,008 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_converter.dll
MOD - [2012.09.14 12:11:24 | 000,150,016 | ---- | M] () -- C:\Program Files (x86)\foobar2000\shared.dll
MOD - [2010.04.21 14:03:30 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_seek_box.dll
MOD - [2010.04.21 13:48:00 | 000,066,560 | ---- | M] () -- C:\Program Files (x86)\foobar2000\zlib1.dll
MOD - [2010.03.04 21:45:42 | 000,090,215 | ---- | M] () -- C:\Program Files (x86)\Miranda IM\Plugins\srmm.dll
MOD - [2010.03.04 21:43:32 | 000,052,839 | ---- | M] () -- C:\Program Files (x86)\Miranda IM\zlib.dll
MOD - [2010.03.04 21:43:16 | 000,314,989 | ---- | M] () -- C:\Program Files (x86)\Miranda IM\Plugins\ICQ.dll
MOD - [2010.03.04 21:43:04 | 000,036,976 | ---- | M] () -- C:\Program Files (x86)\Miranda IM\Plugins\dbx_mmap.dll
MOD - [2010.03.04 21:42:46 | 000,061,553 | ---- | M] () -- C:\Program Files (x86)\Miranda IM\Plugins\clist_classic.dll
MOD - [2010.03.04 21:42:44 | 000,213,095 | ---- | M] () -- C:\Program Files (x86)\Miranda IM\Plugins\chat.dll
MOD - [2010.03.04 21:42:38 | 000,064,613 | ---- | M] () -- C:\Program Files (x86)\Miranda IM\Plugins\avs.dll
MOD - [2009.08.10 14:53:54 | 000,099,840 | ---- | M] () -- C:\Program Files (x86)\Miranda IM\Plugins\stopspam.dll
MOD - [2009.08.09 15:08:02 | 000,293,888 | ---- | M] () -- C:\Program Files (x86)\NetMeter\NetMeter.exe


========== Services (SafeList) ==========

SRV:64bit: - [2013.05.27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014.01.12 16:57:08 | 000,049,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2013.12.18 19:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.12.16 04:05:01 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.12.12 23:19:08 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.10.08 20:04:16 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.09.12 00:17:46 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.09.11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013.02.10 04:25:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.02.01 20:52:49 | 000,541,608 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.07.03 12:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010.11.23 16:33:22 | 000,240,112 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe -- (CLKMSVC10_9EC60124)
SRV - [2010.03.27 12:03:36 | 002,480,048 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2009.11.12 03:50:24 | 000,894,136 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2009.07.16 10:20:06 | 000,036,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.06.16 13:38:15 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013.01.17 20:15:12 | 000,066,800 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.17 15:25:44 | 000,023,040 | ---- | M] (Sagatek Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MO3v2Driver.sys -- (SSMO3v2Filter)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.07.04 02:32:36 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2010.07.04 02:32:36 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010.04.27 15:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010.04.27 15:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010.04.27 13:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010.04.27 13:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2010.03.27 12:56:05 | 000,267,872 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2010.03.27 12:03:36 | 000,251,488 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2010.03.27 12:03:35 | 001,477,728 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm258.sys -- (tdrpman258)
DRV:64bit: - [2010.03.27 12:03:33 | 000,943,712 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2010.03.08 20:03:38 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.11.24 01:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.24 01:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.09.21 20:26:10 | 000,054,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GenericMount.sys -- (GenericMount)
DRV:64bit: - [2009.07.16 10:20:26 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.17 17:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009.06.17 17:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009.06.17 17:53:34 | 000,030,736 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.03.01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.02.13 12:02:52 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2005.04.13 22:17:52 | 000,030,720 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0801.sys -- (tap0801)
DRV - [2010.03.12 20:51:56 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EC A7 18 DD 25 BE CA 01 [binary data]
IE - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\..\SearchScopes,DefaultScope = {9096CEDD-2C4C-4ACF-86A4-0F8F767074A3}
IE - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\..\SearchScopes\{9096CEDD-2C4C-4ACF-86A4-0F8F767074A3}: "URL" = http://www.google.cz/search?q={searchTe ... {startPage}
IE - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;localhost
IE - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = server.z0ny.net:3128


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.132.0: C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.140.0: C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.4: C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@vmware.com/vmrc,version=2.5.0.00000: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@kb-ext.cz/PKIComponent: C:\Users\z0ny\AppData\Roaming\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll (Komerční banka, a.s.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\z0ny\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\z0ny\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2010.09.16 21:45:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\z0ny\AppData\Roaming\Mozilla\Extensions
[2010.09.16 21:45:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\z0ny\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.cz/ig
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\z0ny\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\z0ny\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\z0ny\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Download Helper (Enabled) = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfjkgbjaikamkkojmakjclmkianficch\5.0.2_0\plugin/download_helper.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Google Update (Enabled) = C:\Users\z0ny\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: Bejeweled = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\
CHR - Extension: Angry Birds = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: YouTube = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0\
CHR - Extension: AdBlock = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.18_0\
CHR - Extension: HTTP Headers = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\hplfkkmefamockhligfdcfgfnbcdddbg\1.0.0.2_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014.01.14 10:58:35 | 000,000,741 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll (http://www.flashget.com)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll (http://www.flashget.com)
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000..\Run: [NetMeter] C:\Program Files (x86)\NetMeter\NetMeter.exe ()
O4 - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000..\Run: [Steam] C:\Hry\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000..\Run: [TrueCrypt] C:\Program Files (x86)\TrueCrypt\TrueCrypt.exe (TrueCrypt Foundation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\z0ny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Miranda IM.lnk = C:\Program Files (x86)\Miranda IM\miranda32.exe ( )
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: &Stáhnout FlashGetem - C:\Program Files (x86)\FlashGet\JC_LINK.HTM ()
O8:64bit: - Extra context menu item: &Stáhnout všechny FlashGetem - C:\Program Files (x86)\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: &Stáhnout FlashGetem - C:\Program Files (x86)\FlashGet\JC_LINK.HTM ()
O8 - Extra context menu item: &Stáhnout všechny FlashGetem - C:\Program Files (x86)\FlashGet\JC_ALL.HTM ()
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\flashget.exe (FlashGet.com)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - CC:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - CC:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\..Trusted Domains: mojebanka.cz ([etrading] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\..Trusted Domains: mojebanka.cz ([sign] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\..Trusted Domains: mojebanka.cz ([www] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\..Trusted Domains: mojeplatba.cz ([www] https in Důvěryhodné servery)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/f ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 46.227.171.26 46.227.171.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B5087D5D-0EA8-4B7D-A9E4-ED3C60E8BF8E}: DhcpNameServer = 46.227.171.26 46.227.171.25
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.02.16 02:42:34 | 001,201,152 | ---- | M] (ShockingSoft) - E:\AutoClicker.exe -- [ NTFS ]
O33 - MountPoints2\{6b05e085-32b6-11df-a5fb-00241d1037e4}\Shell - "" = AutoRun
O33 - MountPoints2\{6b05e085-32b6-11df-a5fb-00241d1037e4}\Shell\AutoRun\command - "" = "H:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.lameacm - LameACM.acm (http://www.mp3dev.org/)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: VIDC.TMB0 - File not found
Drivers32:64bit: vidc.x264 - C:\PROGRA~1\X264VF~1\X264VF~1.DLL (x264vfw project)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\LameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.i420 - C:\Windows\SysWow64\i420vfw.dll (http://www.helixcommunity.org)
Drivers32: VIDC.RTV1 - rtvcvfw32.dll File not found
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: VIDC.YV12 - C:\Windows\SysWow64\yv12vfw.dll (http://www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.01.16 11:02:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\z0ny\Desktop\OTL.exe
[2014.01.13 15:07:15 | 000,077,512 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\drivers\WmXlCore.sys.bak
[2014.01.13 15:07:15 | 000,043,976 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\drivers\WmFilter.sys.bak
[2014.01.13 15:07:15 | 000,016,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wmilib.sys.bak
[2014.01.13 15:07:15 | 000,016,200 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\drivers\WmVirHid.sys.bak
[2014.01.13 15:07:14 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys.bak
[2014.01.13 15:07:14 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys.bak
[2014.01.13 15:07:14 | 000,052,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\winhv.sys.bak
[2014.01.13 15:07:14 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys.bak
[2014.01.13 15:07:14 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys.bak
[2014.01.13 15:07:14 | 000,026,440 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\drivers\WmBEnum.sys.bak
[2014.01.13 15:07:14 | 000,014,464 | ---- | C] (Western Digital Technologies) -- C:\Windows\SysNative\drivers\wdcsam64.sys.bak
[2014.01.13 15:07:13 | 001,477,728 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\tdrpm258.sys.bak
[2014.01.13 15:07:13 | 000,943,712 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\timntr.sys.bak
[2014.01.13 15:07:13 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys.bak
[2014.01.13 15:07:13 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys.bak
[2014.01.13 15:07:13 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys.bak
[2014.01.13 15:07:13 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys.bak
[2014.01.13 15:07:13 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys.bak
[2014.01.13 15:07:13 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys.bak
[2014.01.13 15:07:12 | 000,834,544 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys.bak
[2014.01.13 15:07:12 | 000,426,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys.bak
[2014.01.13 15:07:12 | 000,267,872 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\snapman.sys.bak
[2014.01.13 15:07:12 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys.bak
[2014.01.13 15:07:12 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys.bak
[2014.01.13 15:07:12 | 000,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys.bak
[2014.01.13 15:07:12 | 000,031,232 | ---- | C] (The OpenVPN Project) -- C:\Windows\SysNative\drivers\tap0901.sys.bak
[2014.01.13 15:07:12 | 000,030,720 | ---- | C] (The OpenVPN Project) -- C:\Windows\SysNative\drivers\tap0801.sys.bak
[2014.01.13 15:07:12 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tape.sys.bak
[2014.01.13 15:07:12 | 000,024,656 | ---- | C] (Promise Technology) -- C:\Windows\SysNative\drivers\stexstor.sys.bak
[2014.01.13 15:07:12 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\smclib.sys.bak
[2014.01.13 15:07:11 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys.bak
[2014.01.13 15:07:11 | 000,187,392 | ---- | C] (Realtek Corporation ) -- C:\Windows\SysNative\drivers\Rt64win7.sys.bak
[2014.01.13 15:07:11 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys.bak
[2014.01.13 15:07:11 | 000,048,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys.bak
[2014.01.13 15:07:11 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys.bak
[2014.01.13 15:07:11 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys.bak
[2014.01.13 15:07:11 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rootmdm.sys.bak
[2014.01.13 15:07:10 | 000,196,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys.bak
[2014.01.13 15:07:09 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys.bak
[2014.01.13 15:07:08 | 000,066,800 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys.bak
[2014.01.13 15:07:08 | 000,065,600 | ---- | C] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2014.01.13 15:07:08 | 000,057,872 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LMouFilt.Sys.bak
[2014.01.13 15:07:08 | 000,055,312 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LHidFilt.Sys.bak
[2014.01.13 15:07:08 | 000,030,736 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\L8042Kbd.sys.bak
[2014.01.13 15:07:08 | 000,023,040 | ---- | C] (Sagatek Co. Ltd.) -- C:\Windows\SysNative\drivers\MO3v2Driver.sys.bak
[2014.01.13 15:07:08 | 000,022,408 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\drivers\LGBusEnum.sys.bak
[2014.01.13 15:07:08 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mcd.sys.bak
[2014.01.13 15:07:08 | 000,018,960 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys.bak
[2014.01.13 15:07:08 | 000,016,008 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\drivers\LGVirHid.sys.bak
[2014.01.13 15:07:07 | 000,408,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys.bak
[2014.01.13 15:07:07 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS.bak
[2014.01.13 15:07:07 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\irda.sys.bak
[2014.01.13 15:07:07 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys.bak
[2014.01.13 15:07:07 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys.bak
[2014.01.13 15:07:07 | 000,054,320 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\GenericMount.sys.bak
[2014.01.13 15:07:07 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys.bak
[2014.01.13 15:07:07 | 000,031,232 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys.bak
[2014.01.13 15:07:07 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys.bak
[2014.01.13 15:07:06 | 003,286,016 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\evbda.sys.bak
[2014.01.13 15:07:06 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys.bak
[2014.01.13 15:07:06 | 000,179,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys.bak
[2014.01.13 15:07:06 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys.bak
[2014.01.13 15:07:06 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys.bak
[2014.01.13 15:07:06 | 000,055,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpfve.sys.bak
[2014.01.13 15:07:06 | 000,039,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys.bak
[2014.01.13 15:07:06 | 000,028,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys.bak
[2014.01.13 15:07:06 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys.bak
[2014.01.13 15:07:06 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxapi.sys.bak
[2014.01.13 15:07:05 | 000,468,480 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bxvbda.sys.bak
[2014.01.13 15:07:05 | 000,270,848 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\b57nd60a.sys.bak
[2014.01.13 15:07:05 | 000,251,488 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\afcdp.sys.bak
[2014.01.13 15:07:05 | 000,194,128 | ---- | C] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys.bak
[2014.01.13 15:07:05 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys.bak
[2014.01.13 15:07:05 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys.bak
[2014.01.13 15:07:05 | 000,028,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\battc.sys.bak
[2014.01.13 15:07:05 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys.bak
[2014.01.13 15:07:04 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\1394bus.sys.bak
[2014.01.12 16:57:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BattlEye
[2014.01.12 16:17:11 | 000,000,000 | ---D | C] -- C:\Users\z0ny\Documents\DayZ Other Profiles
[2014.01.12 16:17:05 | 000,000,000 | ---D | C] -- C:\Users\z0ny\Documents\DayZ
[2014.01.12 16:17:05 | 000,000,000 | ---D | C] -- C:\Users\z0ny\AppData\Local\DayZ
[2014.01.12 15:36:51 | 000,000,000 | ---D | C] -- C:\Users\z0ny\AppData\Roaming\Malwarebytes
[2014.01.12 15:36:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.01.08 12:10:44 | 000,000,000 | ---D | C] -- C:\Users\z0ny\AppData\Roaming\KeePassX
[2014.01.06 21:31:53 | 000,000,000 | ---D | C] -- C:\Users\z0ny\Documents\BotaniculaSaves
[2014.01.06 21:24:27 | 000,000,000 | ---D | C] -- C:\Users\z0ny\Documents\Another World
[2014.01.04 12:58:25 | 000,000,000 | ---D | C] -- C:\Users\z0ny\AppData\Local\Criterion Games
[2014.01.03 08:31:51 | 000,000,000 | ---D | C] -- C:\Users\z0ny\Documents\SavedGames
[2014.01.03 06:32:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment
[2014.01.03 02:06:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Warcraft
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.01.16 11:33:12 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.01.16 11:26:00 | 000,000,958 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2802937240-2648798408-2496797330-1000UA.job
[2014.01.16 11:26:00 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.01.16 11:19:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.01.16 11:09:27 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.01.16 11:09:27 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.01.16 10:59:43 | 000,002,329 | ---- | M] () -- C:\Users\z0ny\Desktop\Google Chrome.lnk
[2014.01.16 10:57:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.01.16 10:57:40 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.01.16 10:57:40 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2802937240-2648798408-2496797330-1000Core.job
[2014.01.13 15:10:58 | 000,077,512 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\drivers\WmXlCore.sys.bak
[2014.01.13 15:10:58 | 000,054,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys.bak
[2014.01.13 15:10:58 | 000,052,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\winhv.sys.bak
[2014.01.13 15:10:58 | 000,043,976 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\drivers\WmFilter.sys.bak
[2014.01.13 15:10:58 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys.bak
[2014.01.13 15:10:58 | 000,026,440 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\drivers\WmBEnum.sys.bak
[2014.01.13 15:10:58 | 000,016,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wmilib.sys.bak
[2014.01.13 15:10:58 | 000,016,200 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\drivers\WmVirHid.sys.bak
[2014.01.13 15:10:58 | 000,014,464 | ---- | M] (Western Digital Technologies) -- C:\Windows\SysNative\drivers\wdcsam64.sys.bak
[2014.01.13 15:10:57 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys.bak
[2014.01.13 15:10:57 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys.bak
[2014.01.13 15:10:57 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys.bak
[2014.01.13 15:10:57 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys.bak
[2014.01.13 15:10:57 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys.bak
[2014.01.13 15:10:57 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys.bak
[2014.01.13 15:10:57 | 000,007,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys.bak
[2014.01.13 15:10:56 | 001,477,728 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\tdrpm258.sys.bak
[2014.01.13 15:10:56 | 000,943,712 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\timntr.sys.bak
[2014.01.13 15:10:56 | 000,189,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys.bak
[2014.01.13 15:10:56 | 000,068,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys.bak
[2014.01.13 15:10:56 | 000,031,232 | ---- | M] (The OpenVPN Project) -- C:\Windows\SysNative\drivers\tap0901.sys.bak
[2014.01.13 15:10:56 | 000,030,720 | ---- | M] (The OpenVPN Project) -- C:\Windows\SysNative\drivers\tap0801.sys.bak
[2014.01.13 15:10:56 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tape.sys.bak
[2014.01.13 15:10:56 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys.bak
[2014.01.13 15:10:56 | 000,024,656 | ---- | M] (Promise Technology) -- C:\Windows\SysNative\drivers\stexstor.sys.bak
[2014.01.13 15:10:55 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys.bak
[2014.01.13 15:10:55 | 000,426,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys.bak
[2014.01.13 15:10:55 | 000,267,872 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\snapman.sys.bak
[2014.01.13 15:10:55 | 000,187,392 | ---- | M] (Realtek Corporation ) -- C:\Windows\SysNative\drivers\Rt64win7.sys.bak
[2014.01.13 15:10:55 | 000,171,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys.bak
[2014.01.13 15:10:55 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys.bak
[2014.01.13 15:10:55 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys.bak
[2014.01.13 15:10:55 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\smclib.sys.bak
[2014.01.13 15:10:55 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys.bak
[2014.01.13 15:10:55 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rootmdm.sys.bak
[2014.01.13 15:10:54 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys.bak
[2014.01.13 15:10:54 | 000,048,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys.bak
[2014.01.13 15:10:53 | 000,376,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys.bak
[2014.01.13 15:10:53 | 000,196,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys.bak
[2014.01.13 15:10:53 | 000,013,416 | ---- | M] () -- C:\Windows\SysNative\drivers\nvflash.sys.bak
[2014.01.13 15:10:52 | 000,023,040 | ---- | M] (Sagatek Co. Ltd.) -- C:\Windows\SysNative\drivers\MO3v2Driver.sys.bak
[2014.01.13 15:10:52 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mcd.sys.bak
[2014.01.13 15:10:51 | 000,408,600 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys.bak
[2014.01.13 15:10:51 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\irda.sys.bak
[2014.01.13 15:10:51 | 000,066,800 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys.bak
[2014.01.13 15:10:51 | 000,065,600 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2014.01.13 15:10:51 | 000,057,872 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LMouFilt.Sys.bak
[2014.01.13 15:10:51 | 000,055,312 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LHidFilt.Sys.bak
[2014.01.13 15:10:51 | 000,043,680 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys.bak
[2014.01.13 15:10:51 | 000,030,736 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\L8042Kbd.sys.bak
[2014.01.13 15:10:51 | 000,022,408 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\drivers\LGBusEnum.sys.bak
[2014.01.13 15:10:51 | 000,018,960 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys.bak
[2014.01.13 15:10:51 | 000,016,008 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\drivers\LGVirHid.sys.bak
[2014.01.13 15:10:50 | 003,286,016 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\evbda.sys.bak
[2014.01.13 15:10:50 | 000,288,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS.bak
[2014.01.13 15:10:50 | 000,078,720 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys.bak
[2014.01.13 15:10:50 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys.bak
[2014.01.13 15:10:50 | 000,054,320 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\GenericMount.sys.bak
[2014.01.13 15:10:50 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys.bak
[2014.01.13 15:10:50 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys.bak
[2014.01.13 15:10:50 | 000,023,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys.bak
[2014.01.13 15:10:49 | 000,468,480 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bxvbda.sys.bak
[2014.01.13 15:10:49 | 000,265,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys.bak
[2014.01.13 15:10:49 | 000,179,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys.bak
[2014.01.13 15:10:49 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys.bak
[2014.01.13 15:10:49 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys.bak
[2014.01.13 15:10:49 | 000,055,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpfve.sys.bak
[2014.01.13 15:10:49 | 000,039,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys.bak
[2014.01.13 15:10:49 | 000,028,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys.bak
[2014.01.13 15:10:49 | 000,027,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys.bak
[2014.01.13 15:10:49 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxapi.sys.bak
[2014.01.13 15:10:48 | 000,314,016 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys.bak
[2014.01.13 15:10:48 | 000,270,848 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\b57nd60a.sys.bak
[2014.01.13 15:10:48 | 000,251,488 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\afcdp.sys.bak
[2014.01.13 15:10:48 | 000,194,128 | ---- | M] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys.bak
[2014.01.13 15:10:48 | 000,155,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys.bak
[2014.01.13 15:10:48 | 000,107,904 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys.bak
[2014.01.13 15:10:48 | 000,028,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\battc.sys.bak
[2014.01.13 15:10:48 | 000,027,008 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys.bak
[2014.01.13 15:10:47 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\1394bus.sys.bak
[2014.01.13 14:49:42 | 001,507,908 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.01.13 14:49:42 | 000,641,418 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.01.13 14:49:42 | 000,627,030 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.01.13 14:49:42 | 000,130,986 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.01.13 14:49:42 | 000,113,056 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.01.13 14:43:37 | 1072,525,310 | -HS- | M] () -- C:\hiberfil.sys
[2014.01.12 12:19:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\z0ny\Desktop\OTL.exe
[2014.01.07 15:11:46 | 000,000,600 | ---- | M] () -- C:\Users\z0ny\AppData\Local\PUTTY.RND
[2014.01.03 06:43:47 | 000,000,800 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2013.12.22 20:34:04 | 000,290,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.12.22 20:34:04 | 000,290,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.12.22 20:33:57 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.01.16 11:33:12 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.01.13 15:07:10 | 000,013,416 | ---- | C] () -- C:\Windows\SysNative\drivers\nvflash.sys.bak
[2014.01.13 15:07:08 | 000,043,680 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys.bak
[2014.01.13 15:07:05 | 000,314,016 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys.bak
[2014.01.03 02:20:54 | 000,000,800 | ---- | C] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2011.10.22 17:08:19 | 000,000,600 | ---- | C] () -- C:\Users\z0ny\AppData\Roaming\winscp.rnd
[2011.06.13 19:33:43 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.08.16 02:54:04 | 000,004,508 | ---- | C] () -- C:\Users\z0ny\AppData\Local\Temp21.html
[2010.08.16 02:40:47 | 000,000,778 | ---- | C] () -- C:\Users\z0ny\AppData\Local\Temp1.html
[2010.06.30 19:23:03 | 000,007,626 | ---- | C] () -- C:\Users\z0ny\AppData\Local\Resmon.ResmonCfg
[2010.03.20 21:05:37 | 000,000,600 | ---- | C] () -- C:\Users\z0ny\AppData\Local\PUTTY.RND
[2010.03.11 15:02:25 | 000,000,600 | ---- | C] () -- C:\Users\z0ny\PUTTY.RND

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2010.05.04 19:30:19 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Subversion
[2014.01.07 15:45:37 | 000,000,000 | -H-D | M] -- C:\Users\z0ny\AppData\Roaming\.minecraft
[2012.01.29 23:30:08 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\.Nitrous
[2010.03.11 14:10:13 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Acronis
[2013.07.31 22:26:27 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Audacity
[2013.08.06 22:52:34 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Battle.net
[2012.10.21 01:18:45 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Bioshock
[2010.03.08 20:35:13 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\BITS
[2013.02.23 19:24:45 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Broad Intelligence
[2011.06.06 14:26:42 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\BSplayer
[2010.03.08 20:26:34 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\BSplayer Pro
[2011.09.20 18:17:31 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Cobra Mobile
[2013.04.20 14:34:42 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Curse Advertising
[2011.10.09 01:52:03 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\CzDC
[2010.03.09 18:48:08 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\DAEMON Tools Lite
[2011.09.04 18:40:31 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Feedreader
[2010.03.09 18:48:23 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\FlashGet
[2014.01.13 14:50:47 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\foobar2000
[2010.03.09 18:48:55 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\GHISLER
[2013.09.08 01:18:20 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Image-Line
[2013.10.06 02:36:30 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\JetBrains
[2013.11.04 14:53:22 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\KB-ext
[2014.01.08 12:11:58 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\KeePassX
[2011.04.17 01:24:50 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Lazy 8 Studios
[2013.07.13 11:25:23 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Leadertech
[2010.11.06 04:48:50 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Leawo
[2010.03.09 18:49:32 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Mikrotik
[2010.11.06 04:48:50 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Moyea
[2014.01.12 19:59:00 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Mumble
[2010.03.09 18:51:01 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\NetMeter
[2010.03.09 19:24:15 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Notepad++
[2013.08.16 23:10:38 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Origin
[2011.04.03 14:37:49 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Rovio
[2013.07.13 11:19:22 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\SteelSeries
[2010.03.12 20:51:40 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Subversion
[2011.07.08 18:16:01 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\System
[2011.01.26 01:16:15 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Sytexis Software
[2010.03.09 18:59:53 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Thunderbird
[2010.03.07 22:27:30 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\TrueCrypt
[2014.01.15 22:34:54 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\TS3Client
[2013.05.22 20:07:05 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Wargaming.net
[2010.03.18 23:22:52 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Western Digital
[2011.07.08 18:53:16 | 000,000,000 | -HSD | M] -- C:\Users\z0ny\AppData\Roaming\wyUpdate AU
[2013.08.18 01:32:52 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\XnView
[2010.07.24 01:00:37 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\XRay Engine

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,620 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.09.16 20:58:02 | 000,000,906 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2802937240-2648798408-2496797330-1000Core.job
[2010.09.16 20:58:03 | 000,000,958 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2802937240-2648798408-2496797330-1000UA.job
[2012.04.15 12:44:04 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.06.22 17:32:43 | 000,000,944 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.06.22 17:32:43 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013.05.08 07:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2013.01.04 06:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2012.03.30 11:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 12:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2013.01.03 06:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2013.09.07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.08.22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010.06.14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2013.05.08 07:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2011.06.21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.07.06 06:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013.01.04 06:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2011.06.21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 07:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[15 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.01.07 15:45:37 | 000,000,000 | -H-D | M] -- C:\Users\z0ny\AppData\Roaming\.minecraft
[2012.01.29 23:30:08 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\.Nitrous
[2010.03.11 14:10:13 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Acronis
[2012.08.26 20:15:58 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Adobe
[2011.06.13 18:30:40 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\ArcSoft
[2013.07.31 22:26:27 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Audacity
[2013.08.06 22:52:34 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Battle.net
[2012.10.21 01:18:45 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Bioshock
[2010.03.08 20:35:13 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\BITS
[2013.02.23 19:24:45 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Broad Intelligence
[2011.06.06 14:26:42 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\BSplayer
[2010.03.08 20:26:34 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\BSplayer Pro
[2011.09.20 18:17:31 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Cobra Mobile
[2013.04.20 14:34:42 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Curse Advertising
[2011.06.13 18:32:46 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\CyberLink
[2011.10.09 01:52:03 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\CzDC
[2010.03.09 18:48:08 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\DAEMON Tools Lite
[2011.09.04 18:40:31 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Feedreader
[2010.03.09 18:48:23 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\FlashGet
[2014.01.13 14:50:47 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\foobar2000
[2010.03.09 18:48:55 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\GHISLER
[2010.03.07 19:22:49 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Identities
[2013.09.08 01:18:20 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Image-Line
[2010.03.07 19:26:16 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\InstallShield
[2013.10.06 02:36:30 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\JetBrains
[2013.11.04 14:53:22 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\KB-ext
[2014.01.08 12:11:58 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\KeePassX
[2011.04.17 01:24:50 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Lazy 8 Studios
[2013.07.13 11:25:23 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Leadertech
[2010.11.06 04:48:50 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Leawo
[2013.07.13 11:23:51 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Logishrd
[2013.07.13 11:23:51 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Logitech
[2010.03.07 21:42:29 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Macromedia
[2014.01.12 15:36:51 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Malwarebytes
[2009.07.14 16:36:38 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Media Center Programs
[2012.08.26 20:15:58 | 000,000,000 | --SD | M] -- C:\Users\z0ny\AppData\Roaming\Microsoft
[2010.08.01 14:47:45 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Microsoft Corporation
[2010.03.09 18:49:32 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Mikrotik
[2014.01.12 19:45:22 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\mIRC
[2010.11.06 04:48:50 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Moyea
[2010.09.16 21:45:52 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Mozilla
[2014.01.12 19:59:00 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Mumble
[2010.03.09 18:51:01 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\NetMeter
[2010.03.09 19:24:15 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Notepad++
[2011.09.28 03:59:08 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\NVIDIA
[2013.08.16 23:10:38 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Origin
[2011.04.03 14:37:49 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Rovio
[2010.03.13 01:22:06 | 000,000,000 | RH-D | M] -- C:\Users\z0ny\AppData\Roaming\SecuROM
[2013.09.11 22:30:21 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Skype
[2013.07.13 11:19:22 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\SteelSeries
[2010.03.12 20:51:40 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Subversion
[2011.07.08 18:16:01 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\System
[2011.01.26 01:16:15 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Sytexis Software
[2010.03.09 18:51:29 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\teamspeak2
[2010.03.09 18:59:53 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Thunderbird
[2010.08.03 14:56:04 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\TortoiseSVN
[2010.03.07 22:27:30 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\TrueCrypt
[2014.01.15 22:34:54 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\TS3Client
[2010.03.09 18:51:48 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Ventrilo
[2011.11.20 19:38:05 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\VMware
[2013.05.22 20:07:05 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Wargaming.net
[2010.03.18 23:22:52 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Western Digital
[2011.07.08 18:53:16 | 000,000,000 | -HSD | M] -- C:\Users\z0ny\AppData\Roaming\wyUpdate AU
[2013.08.18 01:32:52 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\XnView
[2010.07.24 01:00:37 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\XRay Engine

< %APPDATA%\*.exe /s >
[2007.08.18 09:54:02 | 000,020,480 | ---- | M] () -- C:\Users\z0ny\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2007.08.18 09:53:50 | 000,016,384 | ---- | M] () -- C:\Users\z0ny\AppData\Roaming\BSplayer\AC3 Filter\dialog_patch.exe
[2008.04.13 17:26:54 | 000,036,396 | ---- | M] () -- C:\Users\z0ny\AppData\Roaming\BSplayer\AC3 Filter\uninstall.exe
[2008.04.01 11:51:06 | 000,691,717 | ---- | M] () -- C:\Users\z0ny\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2008.03.29 17:42:00 | 000,103,424 | ---- | M] () -- C:\Users\z0ny\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2008.03.29 17:42:02 | 000,335,872 | ---- | M] () -- C:\Users\z0ny\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2008.03.29 17:41:54 | 000,135,168 | ---- | M] () -- C:\Users\z0ny\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2008.06.10 09:11:02 | 000,041,412 | ---- | M] () -- C:\Users\z0ny\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2013.12.13 22:39:55 | 001,175,960 | ---- | M] () -- C:\Users\z0ny\AppData\Roaming\KB-ext\lib\unins000.exe
[2010.03.08 20:53:12 | 000,010,134 | R--- | M] () -- C:\Users\z0ny\AppData\Roaming\Microsoft\Installer\{9DAB307E-531F-4992-AB30-6F1AD39E6CF9}\_8C4C6DE2B4274D54DAD619.exe
[2013.12.14 02:13:06 | 000,010,134 | R--- | M] () -- C:\Users\z0ny\AppData\Roaming\Microsoft\Installer\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}\ARPPRODUCTICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2014.01.16 11:19:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.01.16 10:57:40 | 000,000,944 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.01.16 11:26:00 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014.01.16 10:57:40 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2802937240-2648798408-2496797330-1000Core.job
[2014.01.16 11:26:00 | 000,000,958 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2802937240-2648798408-2496797330-1000UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< *crack* /s >
[2010.08.05 20:38:49 | 000,026,924 | ---- | M] () -- \Hry\Steam\steamapps\common\alien swarm\swarm\sound\vo\crash\hackcrackhome.wav
[2013.09.16 02:39:39 | 000,000,590 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Areas\BIOS20\PATH\crack1.pth
[2013.09.16 02:39:38 | 000,000,719 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Areas\BIOS20\PATH\crack2.pth
[2013.09.16 02:39:40 | 000,000,717 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Areas\BIOS20\PATH\crack31.pth
[2013.09.16 02:39:38 | 000,000,481 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Areas\BIOS20\PATH\crack32.pth
[2013.09.16 02:39:38 | 000,011,714 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Areas\BIOS20\Scripts\crack.cfg
[2013.09.16 02:39:41 | 000,005,645 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Areas\BIOS20\Scripts\sl_crack.cfg
[2013.09.16 02:39:39 | 000,000,590 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Areas\BIOS91\PATH\crack1.pth
[2013.09.16 02:39:38 | 000,000,719 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Areas\BIOS91\PATH\crack2.pth
[2013.09.16 02:39:40 | 000,000,717 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Areas\BIOS91\PATH\crack31.pth
[2013.09.16 02:39:38 | 000,000,481 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Areas\BIOS91\PATH\crack32.pth
[2013.09.16 02:40:02 | 000,011,889 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Areas\BIOS91\Scripts\crack.cfg
[2013.09.16 02:40:03 | 000,005,930 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Areas\BIOS91\Scripts\sl_crack.cfg
[2013.09.16 02:40:14 | 000,019,998 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Models\Characters\Things\IceParts\ice_crack.CMF
[2013.09.16 02:40:18 | 000,001,467 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Scripts\emitters\emgfx\Presets\Sparks\red_crack_sparks.cfg
[2013.09.16 02:40:20 | 000,002,063 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Scripts\environments\Things\ice_crack.phys
[2013.09.16 03:08:47 | 000,385,688 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Tracks\Characters\Actors\_Hero\Hero_sledge_crack_fall.CHA
[2013.09.16 03:09:06 | 000,641,764 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Tracks\Characters\Actors\Muffled_half\Muffled_cracking_the_door.CHA
[2013.09.16 03:08:59 | 000,004,380 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Tracks\Characters\Devices\Sledge\crack_fall.CHA
[2013.09.16 03:08:36 | 000,006,760 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Tracks\Characters\Devices\Sledge\crack_fall_all.CHA
[2011.08.19 21:43:35 | 000,699,192 | ---- | M] () -- \Hry\Steam\steamapps\common\dogfighter\packages\DogFighterV1\models\terrain\redmines\redminescrackedsand2.dds
[2011.08.19 21:43:58 | 000,699,178 | ---- | M] () -- \Hry\Steam\steamapps\common\dogfighter\packages\DogFighterV1\models\terrain\redmines\redminescrackedsand2nrm.dds
[2011.08.19 21:45:52 | 000,349,680 | ---- | M] () -- \Hry\Steam\steamapps\common\dogfighter\packages\DogFighterV1\models\terrain\redmines\redminescrackedsand2nrm_c.dds
[2013.03.10 13:46:18 | 000,000,100 | ---- | M] () -- \Hry\Steam\steamapps\common\GarrysMod\garrysmod\addons\CSS Content Addon\materials\concrete\prodwllecracked.vmt
[2013.03.10 13:46:18 | 000,174,968 | ---- | M] () -- \Hry\Steam\steamapps\common\GarrysMod\garrysmod\addons\CSS Content Addon\materials\concrete\prodwllecracked.vtf
[2010.06.26 02:45:52 | 000,000,796 | ---- | M] () -- \Hry\Steam\steamapps\common\grand theft auto san andreas\data\Decision\Craig\crack1.ped
[2013.01.04 20:36:52 | 000,076,652 | ---- | M] () -- \Hry\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Nature\Ground\dirt01_cracked_0.xnb
[2013.01.04 20:35:10 | 000,034,846 | ---- | M] () -- \Hry\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Nature\Ground\dirt01_cracked_NRM_0.xnb
[2013.01.04 20:34:30 | 000,063,448 | ---- | M] () -- \Hry\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\floor_cracks_0.xnb
[2013.01.04 20:36:53 | 000,037,594 | ---- | M] () -- \Hry\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\floor_cracks_nrm_0.xnb
[2013.01.04 20:38:20 | 000,004,354 | ---- | M] () -- \Hry\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\pillar_cracked00_0.xnb
[2013.01.04 20:34:30 | 000,004,058 | ---- | M] () -- \Hry\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\pillar_cracked00_NRM02_0.xnb
[2013.01.04 20:36:45 | 000,008,140 | ---- | M] () -- \Hry\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\wall_cracked00_0.xnb
[2013.01.04 20:35:12 | 000,018,032 | ---- | M] () -- \Hry\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\wall_cracked01_0.xnb
[2013.01.04 20:38:20 | 000,008,364 | ---- | M] () -- \Hry\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\wall_cracked_NRM_0.xnb
[2012.05.18 22:06:10 | 000,087,536 | ---- | M] () -- \Hry\Steam\steamapps\common\resident evil operation raccoon city\dlc\pack1\worlds\data\textures\decals\concrete_cracks_01_d.dds
[2012.05.18 21:29:29 | 000,087,536 | ---- | M] () -- \Hry\Steam\steamapps\common\resident evil operation raccoon city\dlc\pack1\worlds\data\textures\decals\concrete_cracks_01_n.dds
[2012.05.18 21:29:28 | 000,699,192 | ---- | M] () -- \Hry\Steam\steamapps\common\resident evil operation raccoon city\dlc\pack1\worlds\data\textures\terrain\concrete_cracked_01_d.dds
[2012.05.18 21:45:27 | 000,043,832 | ---- | M] () -- \Hry\Steam\steamapps\common\resident evil operation raccoon city\dlc\pack1\worlds\data\textures\terrain\concrete_cracked_01_m.dds
[2012.05.18 21:55:23 | 001,398,256 | ---- | M] () -- \Hry\Steam\steamapps\common\resident evil operation raccoon city\dlc\pack1\worlds\data\textures\terrain\concrete_cracked_01_n.dds
[2012.05.18 22:04:45 | 000,699,192 | ---- | M] () -- \Hry\Steam\steamapps\common\resident evil operation raccoon city\dlc\pack1\worlds\data\textures\terrain\concrete_cracked_01_s.dds
[2012.05.18 21:58:19 | 000,000,355 | ---- | M] () -- \Hry\Steam\steamapps\common\resident evil operation raccoon city\dlc\pack1\worlds\surfaces\decals\dec_concrete_cracks_01.matb
[2008.09.08 21:55:14 | 000,000,204 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Effects\Hardcore\Presets\I cracked my Tube!.hdprg
[2010.01.15 21:56:40 | 000,000,272 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Generators\Drumaxx\Drum Patches\Sound FX\Crack.dmpatch
[2010.01.15 21:56:40 | 000,000,272 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Generators\DrumPad\Drum Patches\Sound FX\Crack.dmpatch

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2013.10.23 21:07:40 | 000,007,825 | ---- | M] () -- \Hry\Steam\remoteui\static\libs\images\ajax-loader.gif
[2011.07.07 19:56:47 | 000,253,691 | ---- | M] () -- \Hry\Steam\steamapps\common\audiosurf\engine\Preloader.cgr
[2011.07.07 20:00:06 | 000,000,878 | ---- | M] () -- \Hry\Steam\steamapps\common\audiosurf\engine\Preloader_config.xml
[2013.09.16 02:22:41 | 000,097,889 | ---- | M] () -- \Hry\Steam\steamapps\common\audiosurf\engine\start - project loader.cgr
[2011.07.07 19:55:11 | 000,016,384 | ---- | M] () -- \Hry\Steam\steamapps\common\audiosurf\engine\channels\FileLoader.dll
[2013.12.14 02:14:13 | 000,058,880 | ---- | M] () -- \Hry\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\PhysXLoader.dll
[2013.02.09 15:19:40 | 000,058,880 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\Binaries\Win32\PhysXLoader.dll
[2013.11.26 22:32:16 | 000,001,444 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\DEU\GD_Allium_LootMidgetLoaderBUL.DEU
[2013.11.26 22:32:18 | 000,000,764 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\DEU\GD_Allium_LootMidget_LoaderJET.DEU
[2013.11.26 22:32:27 | 000,000,710 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\DEU\GD_HolidayLoader.DEU
[2013.11.26 22:32:40 | 000,001,396 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\ESN\GD_Allium_LootMidgetLoaderBUL.ESN
[2013.11.26 22:32:22 | 000,000,788 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\ESN\GD_Allium_LootMidget_LoaderJET.ESN
[2013.11.26 22:32:19 | 000,000,734 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\ESN\GD_HolidayLoader.ESN
[2013.11.26 22:32:17 | 000,001,414 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\FRA\GD_Allium_LootMidgetLoaderBUL.FRA
[2013.11.26 22:32:19 | 000,000,738 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\FRA\GD_Allium_LootMidget_LoaderJET.FRA
[2013.11.26 22:32:19 | 000,000,684 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\FRA\GD_HolidayLoader.FRA
[2013.11.26 22:32:20 | 000,001,440 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\ITA\GD_Allium_LootMidgetLoaderBUL.ITA
[2013.11.26 22:32:28 | 000,000,784 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\ITA\GD_Allium_LootMidget_LoaderJET.ITA
[2013.11.26 22:32:19 | 000,000,730 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\ITA\GD_HolidayLoader.ITA
[2013.11.26 22:32:20 | 000,001,270 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\JPN\GD_Allium_LootMidgetLoaderBUL.JPN
[2013.11.26 22:32:20 | 000,000,722 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\JPN\GD_Allium_LootMidget_LoaderJET.JPN
[2013.11.26 22:32:34 | 000,000,668 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\JPN\GD_HolidayLoader.JPN
[2013.02.09 15:20:14 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderBadass.DEU
[2013.02.09 15:20:09 | 000,000,916 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderBUL.DEU
[2013.02.09 15:20:09 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderEXP.DEU
[2013.02.09 15:20:08 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderGUN.DEU
[2013.02.09 15:20:08 | 000,000,916 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderHOT.DEU
[2013.02.09 15:20:03 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderJET.DEU
[2013.02.09 15:20:10 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderPWR.DEU
[2013.02.09 15:20:15 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderRPG.DEU
[2013.02.09 15:20:15 | 000,002,656 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_Population_Loader.DEU
[2013.02.09 15:20:14 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderBadass.ESN
[2013.02.09 15:20:11 | 000,000,852 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderBUL.ESN
[2013.02.09 15:20:09 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderEXP.ESN
[2013.02.09 15:20:08 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderGUN.ESN
[2013.02.09 15:20:03 | 000,000,852 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderHOT.ESN
[2013.02.09 15:20:03 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderJET.ESN
[2013.02.09 15:20:10 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderPWR.ESN
[2013.02.09 15:20:15 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderRPG.ESN
[2013.02.09 15:20:12 | 000,002,868 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_Population_Loader.ESN
[2013.02.09 15:20:14 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderBadass.FRA
[2013.02.09 15:20:12 | 000,000,876 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderBUL.FRA
[2013.02.09 15:20:09 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderEXP.FRA
[2013.02.09 15:20:08 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderGUN.FRA
[2013.02.09 15:20:17 | 000,000,876 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderHOT.FRA
[2013.02.09 15:20:03 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderJET.FRA
[2013.02.09 15:20:10 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderPWR.FRA
[2013.02.09 15:20:15 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderRPG.FRA
[2013.02.09 15:20:08 | 000,002,706 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_Population_Loader.FRA
[2013.02.09 15:20:14 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderBadass.ITA
[2013.02.09 15:20:18 | 000,000,856 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderBUL.ITA
[2013.02.09 15:20:09 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderEXP.ITA
[2013.02.09 15:20:08 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderGUN.ITA
[2013.02.09 15:20:13 | 000,000,856 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderHOT.ITA
[2013.02.09 15:20:03 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderJET.ITA
[2013.02.09 15:20:10 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderPWR.ITA
[2013.02.09 15:20:15 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderRPG.ITA
[2013.02.09 15:21:08 | 000,002,754 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_Population_Loader.ITA
[2013.02.09 15:20:14 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderBadass.JPN
[2013.02.09 15:20:15 | 000,000,748 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderBUL.JPN
[2013.02.09 15:20:09 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderEXP.JPN
[2013.02.09 15:20:08 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderGUN.JPN
[2013.02.09 15:20:11 | 000,000,748 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderHOT.JPN
[2013.02.09 15:20:03 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderJET.JPN
[2013.02.09 15:20:10 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderPWR.JPN
[2013.02.09 15:20:15 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderRPG.JPN
[2013.02.09 15:20:11 | 000,002,636 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_Population_Loader.JPN
[2013.09.01 18:07:08 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderBadass.KOR
[2013.09.01 18:07:54 | 000,000,728 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderBUL.KOR
[2013.09.01 18:07:08 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderEXP.KOR
[2013.09.01 18:07:08 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderGUN.KOR
[2013.09.01 18:07:37 | 000,000,728 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderHOT.KOR
[2013.09.01 18:07:08 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderJET.KOR
[2013.09.01 18:07:08 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderPWR.KOR
[2013.09.01 18:07:08 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderRPG.KOR
[2013.09.01 18:07:08 | 000,002,636 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_Population_Loader.KOR
[2013.09.01 18:07:24 | 000,001,144 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\DEU\GD_BigLoaderTurret_Digi.DEU
[2013.09.01 18:07:55 | 000,000,570 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\DEU\GD_LoaderUltimateBadass_Digi.DEU
[2013.09.01 18:07:35 | 000,001,102 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\ESN\GD_BigLoaderTurret_Digi.ESN
[2013.09.01 18:07:27 | 000,000,572 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\ESN\GD_LoaderUltimateBadass_Digi.ESN
[2013.09.01 18:08:03 | 000,001,128 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\FRA\GD_BigLoaderTurret_Digi.FRA
[2013.09.01 18:07:56 | 000,000,574 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\FRA\GD_LoaderUltimateBadass_Digi.FRA
[2013.09.01 18:07:23 | 000,001,108 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\ITA\GD_BigLoaderTurret_Digi.ITA
[2013.09.01 18:07:55 | 000,000,570 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\ITA\GD_LoaderUltimateBadass_Digi.ITA
[2013.09.01 18:07:28 | 000,000,990 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\JPN\GD_BigLoaderTurret_Digi.JPN
[2013.09.01 18:07:55 | 000,000,570 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\JPN\GD_LoaderUltimateBadass_Digi.JPN
[2013.02.09 15:20:34 | 000,000,232 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderBadass.DEU
[2013.02.09 15:20:34 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderBoss.DEU
[2013.02.09 15:20:13 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderBUL.DEU
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderEXP.DEU
[2013.02.09 15:20:34 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderGUN.DEU
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderHOT.DEU
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderION.DEU
[2013.02.09 15:20:25 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderJunk.DEU
[2013.02.09 15:20:34 | 000,000,232 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderPirate.DEU
[2013.02.09 15:20:13 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderPWR.DEU
[2013.02.09 15:20:25 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderRPG.DEU
[2013.02.09 15:20:27 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderWAR.DEU
[2013.02.09 15:20:38 | 000,004,418 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_Pop_Loader.DEU
[2013.02.09 15:21:41 | 000,000,216 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_Pop_LoaderBoss.DEU
[2013.02.09 15:20:34 | 000,000,232 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderBadass.ESN
[2013.02.09 15:20:34 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderBoss.ESN
[2013.02.09 15:20:13 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderBUL.ESN
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderEXP.ESN
[2013.02.09 15:20:34 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderGUN.ESN
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderHOT.ESN
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderION.ESN
[2013.02.09 15:20:25 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderJunk.ESN
[2013.02.09 15:20:34 | 000,000,232 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderPirate.ESN
[2013.02.09 15:20:13 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderPWR.ESN
[2013.02.09 15:20:25 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderRPG.ESN
[2013.02.09 15:20:27 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderWAR.ESN
[2013.02.09 15:20:41 | 000,004,550 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_Pop_Loader.ESN
[2013.02.09 15:21:41 | 000,000,216 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_Pop_LoaderBoss.ESN
[2013.02.09 15:20:34 | 000,000,232 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderBadass.FRA
[2013.02.09 15:20:34 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderBoss.FRA
[2013.02.09 15:20:13 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderBUL.FRA
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderEXP.FRA
[2013.02.09 15:20:34 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderGUN.FRA
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderHOT.FRA
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderION.FRA
[2013.02.09 15:20:25 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderJunk.FRA
[2013.02.09 15:20:34 | 000,000,232 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderPirate.FRA
[2013.02.09 15:20:13 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderPWR.FRA
[2013.02.09 15:20:25 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderRPG.FRA
[2013.02.09 15:20:27 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderWAR.FRA
[2013.02.09 15:20:27 | 000,004,486 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_Pop_Loader.FRA
[2013.02.09 15:21:41 | 000,000,216 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_Pop_LoaderBoss.FRA
[2013.02.09 15:20:34 | 000,000,232 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderBadass.ITA
[2013.02.09 15:20:34 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderBoss.ITA
[2013.02.09 15:20:13 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderBUL.ITA
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderEXP.ITA
[2013.02.09 15:20:34 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderGUN.ITA
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderHOT.ITA
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderION.ITA
[2013.02.09 15:20:25 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderJunk.ITA
[2013.02.09 15:20:34 | 000,000,232 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderPirate.ITA
[2013.02.09 15:20:13 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderPWR.ITA
[2013.02.09 15:20:25 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderRPG.ITA
[2013.02.09 15:20:27 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderWAR.ITA
[2013.02.09 15:20:43 | 000,004,558 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_Pop_Loader.ITA
[2013.02.09 15:21:41 | 000,000,216 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_Pop_LoaderBoss.ITA
[2013.02.09 15:20:34 | 000,000,232 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderBadass.JPN
[2013.02.09 15:20:34 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderBoss.JPN
[2013.02.09 15:20:13 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderBUL.JPN
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderEXP.JPN
[2013.02.09 15:20:34 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderGUN.JPN
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderHOT.JPN
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderION.JPN
[2013.02.09 15:20:25 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderJunk.JPN
[2013.02.09 15:20:34 | 000,000,232 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderPirate.JPN
[2013.02.09 15:20:13 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderPWR.JPN
[2013.02.09 15:20:25 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderRPG.JPN
[2013.02.09 15:20:27 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderWAR.JPN
[2013.02.09 15:20:38 | 000,004,418 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_Pop_Loader.JPN
[2013.02.09 15:21:41 | 000,000,216 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_Pop_LoaderBoss.JPN
[2013.09.01 18:07:09 | 000,000,232 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderBadass.KOR
[2013.09.01 18:07:09 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderBoss.KOR
[2013.09.01 18:07:09 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderBUL.KOR
[2013.09.01 18:07:09 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderEXP.KOR
[2013.09.01 18:07:09 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderGUN.KOR
[2013.09.01 18:07:09 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderHOT.KOR
[2013.09.01 18:07:09 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderION.KOR
[2013.09.01 18:07:09 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderJunk.KOR
[2013.09.01 18:07:09 | 000,000,232 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderPirate.KOR
[2013.09.01 18:07:09 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderPWR.KOR
[2013.09.01 18:07:09 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderRPG.KOR
[2013.09.01 18:07:09 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderWAR.KOR
[2013.09.01 18:07:09 | 000,004,418 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_Pop_Loader.KOR
[2013.09.01 18:07:09 | 000,000,216 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_Pop_LoaderBoss.KOR
[2013.02.09 15:23:18 | 000,000,892 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Sage\Compat\Localization\ESN\GD_Sage_Pop_Loader.ESN
[2013.02.09 15:22:56 | 000,000,874 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Sage\Compat\Localization\FRA\GD_Sage_Pop_Loader.FRA
[2013.02.09 15:22:54 | 000,000,898 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Sage\Compat\Localization\ITA\GD_Sage_Pop_Loader.ITA
[2013.09.01 18:07:49 | 000,000,866 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Sage\Compat\Localization\KOR\GD_Sage_Pop_Loader.KOR
[2013.02.09 14:57:38 | 003,465,909 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\CookedPCConsole\Boss_Cliffs_CombatLoader.upk
[2013.02.09 15:05:48 | 000,032,232 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\CookedPCConsole\Loader.upk
[2013.02.09 15:24:28 | 000,001,140 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\DEU\GD_BigLoaderTurret.DEU
[2013.02.09 15:24:11 | 000,000,504 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\DEU\GD_LootMidget_LoaderGUN.DEU
[2013.02.09 15:24:10 | 000,009,492 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\DEU\GD_Population_Loader.DEU
[2013.02.09 15:23:18 | 000,001,072 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\ESN\GD_BigLoaderTurret.ESN
[2013.02.09 15:24:08 | 000,000,518 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\ESN\GD_LootMidget_LoaderGUN.ESN
[2013.02.09 15:24:08 | 000,009,746 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\ESN\GD_Population_Loader.ESN
[2013.02.09 15:24:13 | 000,001,098 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\FRA\GD_BigLoaderTurret.FRA
[2013.02.09 15:24:10 | 000,000,514 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\FRA\GD_LootMidget_LoaderGUN.FRA
[2013.02.09 15:24:10 | 000,009,610 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\FRA\GD_Population_Loader.FRA
[2013.02.09 15:24:31 | 000,001,068 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\ITA\GD_BigLoaderTurret.ITA
[2013.02.09 15:24:29 | 000,000,530 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\ITA\GD_LootMidget_LoaderGUN.ITA
[2013.02.09 15:24:32 | 000,009,798 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\ITA\GD_Population_Loader.ITA
[2013.02.09 15:24:33 | 000,000,946 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\JPN\GD_BigLoaderTurret.JPN
[2013.02.09 15:24:15 | 000,000,502 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\JPN\GD_LootMidget_LoaderGUN.JPN
[2013.02.09 15:24:16 | 000,009,486 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\JPN\GD_Population_Loader.JPN
[2011.08.19 21:48:02 | 000,075,104 | ---- | M] () -- \Hry\Steam\steamapps\common\dogfighter\bin\x86_vc8\PhysXLoader.dll
[2011.08.19 21:46:52 | 000,071,008 | ---- | M] () -- \Hry\Steam\steamapps\common\dogfighter\bin\x86_vc8\iePhysxLegacy\PhysXLoader.dll
[2013.09.16 02:36:38 | 000,352,548 | ---- | M] () -- \Hry\Steam\steamapps\common\Half-Life\bshift\models\loader.mdl
[2013.09.16 02:36:46 | 000,012,764 | ---- | M] () -- \Hry\Steam\steamapps\common\Half-Life\bshift\sound\ambience\loader_hydra1.wav
[2013.09.16 02:36:58 | 000,012,164 | ---- | M] () -- \Hry\Steam\steamapps\common\Half-Life\bshift\sound\ambience\loader_step1.wav
[2013.09.16 02:33:42 | 000,341,264 | ---- | M] () -- \Hry\Steam\steamapps\common\Half-Life\gearbox\models\loader.mdl
[2013.09.16 02:34:54 | 000,352,548 | ---- | M] () -- \Hry\Steam\steamapps\common\Half-Life\valve\models\loader.mdl
[2013.09.16 02:34:54 | 000,012,764 | ---- | M] () -- \Hry\Steam\steamapps\common\Half-Life\valve\sound\ambience\loader_hydra1.wav
[2013.09.16 02:35:10 | 000,012,164 | ---- | M] () -- \Hry\Steam\steamapps\common\Half-Life\valve\sound\ambience\loader_step1.wav
[2013.01.03 00:33:34 | 000,068,688 | ---- | M] () -- \Hry\Steam\steamapps\common\Mass Effect\Binaries\PhysXLoader.dll
[2011.01.01 20:29:57 | 000,065,536 | ---- | M] () -- \Hry\Steam\steamapps\common\medal of honor\Binaries\PhysXLocal\PhysXLoader.dll
[2013.09.04 23:06:31 | 000,064,832 | ---- | M] () -- \Hry\Steam\steamapps\common\Metro Last Light\PhysXLoader.dll
[2013.07.15 22:56:54 | 000,068,688 | ---- | M] () -- \Hry\Steam\steamapps\common\mirrors edge\Binaries\PhysXLocal\PhysXLoader.dll
[2011.03.23 19:23:17 | 001,855,488 | ---- | M] () -- \Hry\Steam\steamapps\common\neverwinter nights 2\nwloader.exe
[2011.03.22 23:07:09 | 000,565,436 | ---- | M] () -- \Hry\Steam\steamapps\common\neverwinter nights 2\NWN2_Autodownloader_Server_Admin_Guide.pdf
[2011.03.22 23:06:50 | 000,530,662 | ---- | M] () -- \Hry\Steam\steamapps\common\neverwinter nights 2\NWN2_Autodownloader_Toolset_User_Guide.pdf
[2011.03.23 19:45:04 | 000,000,150 | ---- | M] () -- \Hry\Steam\steamapps\common\neverwinter nights 2\Campaigns\Neverwinter Nights 2 Campaign_X2\campaigndownloaderresources.XML
[2011.03.22 23:06:37 | 000,565,436 | ---- | M] () -- \Hry\Steam\steamapps\common\neverwinter nights 2\Documentation\NWN2_Autodownloader_Server_Admin_Guide.pdf
[2011.03.23 19:01:37 | 000,530,662 | ---- | M] () -- \Hry\Steam\steamapps\common\neverwinter nights 2\Documentation\NWN2_Autodownloader_Toolset_User_Guide.pdf
[2011.12.23 21:09:28 | 000,064,352 | ---- | M] () -- \Hry\Steam\steamapps\common\railworks\PhysXLoader.dll
[2012.12.23 04:02:52 | 000,053,248 | ---- | M] () -- \Hry\Steam\steamapps\common\Splinter Cell - Double Agent\SCDA-Online\System\PhysXLoader.dll
[2009.12.24 00:57:55 | 000,069,632 | ---- | M] () -- \Hry\Steam\steamapps\common\Star Trek Online\Star Trek Online\Live\PhysXLoader.dll
[2013.02.02 20:17:53 | 000,000,182 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoader.ini
[2009.05.16 00:09:01 | 000,040,960 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v10.dll
[2009.05.16 00:09:01 | 000,002,413 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v10.u
[2009.05.24 13:53:53 | 000,152,186 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v11.dll
[2009.05.24 13:53:53 | 000,001,069 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v11.u
[2009.06.11 16:51:28 | 000,061,440 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v12.dll
[2009.06.11 16:51:28 | 000,001,341 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v12.u
[2009.10.09 20:12:22 | 000,061,440 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v13.dll
[2009.10.09 20:12:22 | 000,001,367 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v13.u
[2011.03.23 19:16:18 | 000,081,920 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v16b.dll
[2011.03.23 19:16:18 | 000,084,764 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v16b.so
[2011.03.23 19:16:18 | 000,001,739 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v16b.u
[2013.02.02 20:17:53 | 000,081,920 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v16c.dll
[2013.02.02 20:17:53 | 000,095,325 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v16c.so
[2013.02.02 20:17:53 | 000,001,739 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v16c.u
[2014.01.03 06:42:53 | 001,069,712 | ---- | M] () -- \Hry\World of Warcraft\BackgroundDownloader.exe
[2014.01.03 02:35:16 | 000,003,080 | ---- | M] () -- \Hry\World of Warcraft\Data\enGB\Documentation\Troubleshooting\(Mac)BlizzardDownloaderProblems.html
[2014.01.03 02:35:16 | 000,004,295 | ---- | M] () -- \Hry\World of Warcraft\Data\enGB\Documentation\Troubleshooting\(PC)BlizzardDownloaderProblems.html
[2012.08.29 21:44:02 | 000,000,194 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2010.03.18 22:21:56 | 000,063,312 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2010.03.17 23:17:14 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2012.12.06 23:38:40 | 000,268,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2012.12.06 23:38:40 | 000,019,000 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2010.05.17 17:19:18 | 000,058,664 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD9\PK\Koan\pyloader.dll
[2011.03.28 15:01:36 | 000,023,849 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD9\PK\subsys\PyImpLoader\PyImpLoader.kc
[2011.03.28 15:01:48 | 000,107,816 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD9\PK\subsys\PyImpLoader\_PyImpLoader.pyd
[2011.06.23 19:49:30 | 000,010,779 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\mm\MediaCtrl\ImageLoader.kc
[2011.06.23 19:49:36 | 000,003,490 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\widget\langloader.kc
[2011.06.23 19:49:36 | 000,013,373 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\widget\layoutloader.kc
[2010.04.29 19:51:58 | 000,010,775 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cox\mm\MediaCtrl\ImageLoader.kc
[2010.04.29 19:52:00 | 000,003,486 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cox\widget\langloader.kc
[2010.04.29 19:52:00 | 000,013,369 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cox\widget\layoutloader.kc
[2013.06.29 05:29:54 | 000,000,106 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\gems\debug_preloader.rb
[2013.06.29 05:29:54 | 000,001,230 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\paramdefs\minitest_paramdefs_loader.rb
[2013.06.29 05:29:54 | 000,006,188 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\paramdefs\paramdefs_loader_base.rb
[2013.06.29 05:29:54 | 000,003,653 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\paramdefs\rspec_paramdefs_loader.rb
[2013.06.29 05:29:54 | 000,002,407 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\paramdefs\bundler\bundler_paramdefs_loader.rb
[2013.06.29 05:29:54 | 000,006,266 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\paramdefs\capistrano\capistrano_paramdefs_loader.rb
[2013.06.29 05:29:54 | 000,002,256 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\paramdefs\mongoid\mongoid_paramdefs_loader.rb
[2013.06.29 05:29:54 | 000,023,220 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\paramdefs\rails\paramdefs_loader.rb
[2013.06.29 05:29:54 | 000,009,755 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\paramdefs\rails\rails3_paramdefs_loader.rb
[2013.06.29 05:29:54 | 000,001,507 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\paramdefs\rails\rails4_paramdefs_loader.rb
[2013.06.29 05:29:54 | 000,003,256 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\paramdefs\sinatra\sinatra_paramdefs_loader.rb
[2013.06.29 05:29:54 | 000,003,099 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\testing\sm_factory_provider_loader.rb
[2013.07.25 02:43:28 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.07.25 02:43:30 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013.07.25 02:43:12 | 000,073,024 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.07.25 02:43:12 | 000,080,704 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2012.12.06 23:38:40 | 000,364,088 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2012.12.06 23:38:40 | 000,019,000 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.06.28 22:44:10 | 000,002,941 | ---- | M] () -- \Program Files\Java\jdk1.6.0_33\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2012.06.28 22:44:10 | 000,000,411 | ---- | M] () -- \Program Files\Java\jdk1.6.0_33\lib\visualvm\platform\config\Modules\org-openide-loaders.xml
[2012.06.28 22:44:10 | 001,138,236 | ---- | M] () -- \Program Files\Java\jdk1.6.0_33\lib\visualvm\platform\modules\org-openide-loaders.jar
[2012.06.28 22:44:10 | 000,007,002 | ---- | M] () -- \Program Files\Java\jdk1.6.0_33\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar
[2012.06.28 22:44:10 | 000,006,658 | ---- | M] () -- \Program Files\Java\jdk1.6.0_33\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2012.06.28 22:44:10 | 000,000,457 | ---- | M] () -- \Program Files\Java\jdk1.6.0_33\lib\visualvm\platform\update_tracking\org-openide-loaders.xml
[2012.06.18 11:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.06.18 11:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.06.18 11:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.06.18 11:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.12.13 22:38:23 | 000,000,673 | ---- | M] () -- \Users\z0ny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3O62SKUO\loader.white[1].gif
[2013.01.28 21:23:01 | 000,105,903 | ---- | M] () -- \Users\z0ny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LBEUA70Y\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2013.09.11 19:35:25 | 000,001,511 | ---- | M] () -- \Users\z0ny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R9FQBKA2\AdLoader[1].htm
[2013.11.02 16:23:58 | 000,004,178 | ---- | M] () -- \Users\z0ny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R9FQBKA2\loader[1].gif
[2013.09.11 19:35:25 | 000,109,505 | ---- | M] () -- \Users\z0ny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T2QX6R85\AdLoader-3ce32d357de39fd9427f374be93bd0ac.min[1].js
[2010.03.08 01:10:05 | 000,006,820 | ---- | M] () -- \Users\z0ny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4CXNUTVF\ajax-loader000[1].gif
[2010.03.07 22:02:58 | 000,002,545 | ---- | M] () -- \Users\z0ny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4CXNUTVF\ajax-loader[1].gif
[2010.03.08 01:51:39 | 000,001,797 | ---- | M] () -- \Users\z0ny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4CXNUTVF\grey_loader[1].gif
[2010.12.15 21:20:42 | 000,000,054 | ---- | M] () -- \Users\z0ny\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\G86VJE7A\media.mtvnservices.com\player\loader\loaderLogging.sol
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 16:22:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:26:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:46:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 15:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 06:11:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 16:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 16:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 16:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 16:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 16:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.04.12 20:12:00 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.04.12 20:12:00 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.04.12 20:12:00 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.04.12 20:12:00 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.04.12 20:12:00 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 12:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 05:59:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 02:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >
[2011.07.07 19:57:49 | 000,942,080 | ---- | M] () -- \Hry\Steam\steamapps\common\audiosurf\engine\channels\XML_SetRootNode.dll

< *AutoKMS* /s >

< *activator* /s >
[2011.03.23 19:08:16 | 000,002,173 | ---- | M] () -- \Hry\Steam\steamapps\common\neverwinter nights 2\Campaigns\Neverwinter Nights 2 Campaign_X1\beamactivator.UTI
[2011.03.23 19:06:01 | 000,006,336 | ---- | M] () -- \Hry\Steam\steamapps\common\neverwinter nights 2\Campaigns\Neverwinter Nights 2 Campaign_X1\i_beamactivator_ac.NCS
[2011.03.23 19:40:14 | 000,003,234 | ---- | M] () -- \Hry\Steam\steamapps\common\neverwinter nights 2\Campaigns\Neverwinter Nights 2 Campaign_X1\i_beamactivator_ac.NSS

< *serial* /s >
[2013.12.02 23:41:48 | 000,712,704 | ---- | M] () -- \Hry\Steam\steamapps\common\GarrysMod\bin\dmserializers.dll
[2013.07.10 23:42:36 | 000,712,704 | ---- | M] () -- \Hry\Steam\steamapps\common\Half-Life 2\bin\dmserializers.dll
[2010.06.02 17:38:50 | 000,712,704 | ---- | M] () -- \Hry\Steam\steamapps\common\Portal\bin\dmserializers.dll
[2011.06.27 20:04:54 | 000,000,017 | ---- | M] () -- \Hry\Steam\steamapps\common\stalker clear sky\serial.txt
[2010.07.23 20:28:24 | 000,000,017 | ---- | M] () -- \Hry\Steam\steamapps\common\stalker clear sky\STEAM_serial.txt
[2010.05.29 12:50:11 | 000,712,704 | ---- | M] () -- \Hry\Steam\steamapps\z0ny\half-life 2 episode two\bin\dmserializers.dll
[2011.03.17 20:44:00 | 000,712,704 | ---- | M] () -- \Hry\Steam\steamapps\z0ny\half-life 2\bin\dmserializers.dll
[2009.10.30 23:29:04 | 000,122,880 | ---- | M] () -- \Hry\Steam\steamapps\z0ny\half-life source\bin\dmserializers.dll
[2008.12.09 15:12:00 | 000,018,944 | ---- | M] () -- \Program Files (x86)\GameSpy\Comrade\ComradeLib.XmlSerializers.dll
[2008.12.09 15:11:30 | 000,009,728 | ---- | M] () -- \Program Files (x86)\GameSpy\Comrade\GameSpy.BuddySync.XmlSerializers.dll
[2008.12.09 15:10:08 | 000,065,536 | ---- | M] () -- \Program Files (x86)\GameSpy\Comrade\GameSpy.Core.XmlSerializers.dll
[2008.12.09 15:11:24 | 000,019,456 | ---- | M] () -- \Program Files (x86)\GameSpy\Comrade\GameSpy.Presence.XmlSerializers.dll
[2003.10.09 06:11:48 | 000,000,216 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Generators\Sytrus\Artwork\DelSerialCache.bmp
[2013.06.29 05:29:54 | 000,000,113 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\cov_deserializers.rb
[2013.06.29 05:29:54 | 000,003,238 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\deserializers\rcov_deserializer.rb
[2009.07.16 10:20:56 | 000,000,003 | ---- | M] () -- \Program Files (x86)\OpenVPN\easy-rsa\serial.start
[2010.03.18 18:31:26 | 000,370,552 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v3.5\Profile\Client\System.Runtime.Serialization.dll
[2010.03.18 18:31:26 | 000,042,904 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v3.5\Profile\Client\System.Runtime.Serialization.Formatters.Soap.dll
[2009.08.31 02:48:08 | 000,009,272 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v3.5\Profile\Client\System.Runtime.Serialization.Formatters.Soap.xml
[2009.08.31 02:48:08 | 000,285,032 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v3.5\Profile\Client\System.Runtime.Serialization.xml
[2010.03.18 18:31:26 | 000,429,432 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\System.Runtime.Serialization.dll
[2010.03.18 18:31:26 | 000,032,664 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\System.Runtime.Serialization.Formatters.Soap.dll
[2009.10.22 18:47:54 | 000,007,862 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\System.Runtime.Serialization.Formatters.Soap.xml
[2010.01.10 21:09:56 | 000,332,539 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\System.Runtime.Serialization.xml
[2010.03.18 18:31:26 | 000,429,432 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\Profile\Client\System.Runtime.Serialization.dll
[2010.03.18 18:31:26 | 000,032,664 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\Profile\Client\System.Runtime.Serialization.Formatters.Soap.dll
[2009.10.22 18:47:54 | 000,007,862 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\Profile\Client\System.Runtime.Serialization.Formatters.Soap.xml
[2010.01.10 21:09:56 | 000,332,539 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\Profile\Client\System.Runtime.Serialization.xml
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.08.31 02:48:08 | 000,285,032 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\en\System.Runtime.Serialization.xml
[2012.06.28 22:44:10 | 000,040,168 | ---- | M] () -- \Program Files\Java\jdk1.6.0_33\bin\serialver.exe
[1998.12.21 02:52:42 | 000,000,005 | ---- | M] () -- \Program Files\OpenSSL-Win64\bin\PEM\demoCA\serial
[2012.10.05 11:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.05.16 19:13:02 | 000,003,120 | ---- | M] () -- \Users\z0ny\AppData\Local\Apps\2.0\033CNL7D.437\4Y9H4776.0LW\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e04426adbac\Curse.CurseClient.Common.XmlSerializers.cdf-ms
[2013.05.16 19:12:55 | 000,013,312 | ---- | M] () -- \Users\z0ny\AppData\Local\Apps\2.0\033CNL7D.437\4Y9H4776.0LW\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e04426adbac\Curse.CurseClient.Common.XmlSerializers.dll
[2013.05.16 19:13:02 | 000,001,079 | ---- | M] () -- \Users\z0ny\AppData\Local\Apps\2.0\033CNL7D.437\4Y9H4776.0LW\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e04426adbac\Curse.CurseClient.Common.XmlSerializers.manifest
[2013.05.25 13:52:28 | 000,003,120 | ---- | M] () -- \Users\z0ny\AppData\Local\Apps\2.0\033CNL7D.437\4Y9H4776.0LW\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.CurseClient.Common.XmlSerializers.cdf-ms
[2013.05.25 13:52:05 | 000,013,312 | ---- | M] () -- \Users\z0ny\AppData\Local\Apps\2.0\033CNL7D.437\4Y9H4776.0LW\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.CurseClient.Common.XmlSerializers.dll
[2013.05.25 13:52:28 | 000,001,079 | ---- | M] () -- \Users\z0ny\AppData\Local\Apps\2.0\033CNL7D.437\4Y9H4776.0LW\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.CurseClient.Common.XmlSerializers.manifest
[2012.10.20 21:51:51 | 000,013,312 | ---- | M] () -- \Users\z0ny\AppData\Local\Apps\2.0\033CNL7D.437\4Y9H4776.0LW\curs..zers_c85bb4cad3a5dfb5_0001.0000_none_311750f664a5eb21\Curse.CurseClient.Common.XmlSerializers.dll
[2012.07.17 22:13:10 | 000,000,249 | ---- | M] () -- \Users\z0ny\AppData\Local\Rockstar Games\GTA IV\Settings\serial.dat
[2009.07.14 16:17:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 03:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.08.15 10:39:55 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d462f459c4353e2c628e6def1430aed7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.18 01:59:55 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
[2013.08.15 10:38:05 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\845e04461d3d879b24c5b0d30947050a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.18 02:09:40 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\dbfc784cc4bde7b16fb471e14563569d\System.Runtime.Serialization.ni.dll
[2013.11.16 22:48:02 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\a281f3909e9182522777315b3a25ec5a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.11.16 22:48:02 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\a281f3909e9182522777315b3a25ec5a\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2013.11.16 22:48:09 | 002,825,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\66ce786a0b16af8c3f5c480cd6e84376\System.Runtime.Serialization.ni.dll
[2013.11.16 22:48:09 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\66ce786a0b16af8c3f5c480cd6e84376\System.Runtime.Serialization.ni.dll.aux
[2013.11.17 04:50:16 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\6b054c1a64987a9caa2a1c98b070f47f\System.Xml.Serialization.ni.dll
[2013.11.17 04:50:16 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\6b054c1a64987a9caa2a1c98b070f47f\System.Xml.Serialization.ni.dll.aux
[2013.11.17 04:53:11 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\be004a953afb5efce4024c709ba7530b\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.11.17 04:53:11 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\be004a953afb5efce4024c709ba7530b\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2013.11.17 04:54:27 | 003,640,320 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\8d4b7607099258e7d99570bdccb896ee\System.Runtime.Serialization.ni.dll
[2013.11.17 04:54:27 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\8d4b7607099258e7d99570bdccb896ee\System.Runtime.Serialization.ni.dll.aux
[2013.11.17 04:56:32 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\e296a5b243715614b9ab338b4a60f8b0\System.Xml.Serialization.ni.dll
[2013.11.17 04:56:32 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\e296a5b243715614b9ab338b4a60f8b0\System.Xml.Serialization.ni.dll.aux
[2013.09.11 22:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013.09.11 22:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013.09.11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.08.31 02:48:08 | 000,009,272 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\en\System.Runtime.Serialization.Formatters.Soap.xml
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 22:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 22:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 20:32:16 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 20:32:16 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009.07.14 16:17:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.14 16:17:22 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2009.07.14 16:17:25 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 21:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2010.11.05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2009.06.10 21:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2010.11.05 02:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 11:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2011.04.12 20:12:00 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.04.12 20:12:00 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2009.07.14 16:17:49 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009.07.14 16:17:47 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 14:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 14:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 03:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2010.11.20 06:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 19:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 19:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2009.07.14 03:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2010.11.20 06:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 19:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 19:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.14 16:16:38 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 21:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 20:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 16:17:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009.07.14 16:17:21 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:76650B61

< End of report >

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands) Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

EDIT:
- bylo by dobre zminit ze tento krok
1) zresetuje nastaveni nabidek (napravo) ve startu
2) zapne na max, resp asi zresetuje do defaultu nastaveni rizeni uzivatelskych uctu

- nyni mi nejdou spoustet binarky ze sitovych jednotek, obecne ze site a la hlaska "Při vykonávání programu došlo k chybě! (5)", pripisuju to te zmene v rizeni uzivatelskych uctu, zatim jsem to neresil

- nejak jsem to moc nezkoumal na tohle jsem prisel svym normalnim pouzivanim behem jedne hodiny. Mozna tech zresetovanych nastaveni bude vic, dam kdyztak vedet

z0ny píše:1) zresetuje nastaveni nabidek (napravo) ve startu

Co ze to ma resetovat? Jake nabidky? Mi nic nemenil No kdyby nahodou, dela pred mazanim bod obnovy.

z0ny píše:2) zapne na max, resp asi zresetuje do defaultu nastaveni rizeni uzivatelskych uctu

To nevim, jestli to dela zrovna OTL, ale da se to zase jednoduse vypnout.



Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.