Otravné reklami

Zpráva

??? · #16 Příspěvek od **???** » 25 lis 2014 08:33

vysledok scanu:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 25.11.2014
Scan Time: 5:56:16
Logfile: scan.txt
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.11.25.02
Rootkit Database: v2014.11.22.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: admin

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 560418
Time Elapsed: 2 hr, 4 min, 3 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 6
PUP.Optional.Conduit.A, C:\FRST\Quarantine\C\zoek_backup\C_Users_admin_Downloads_bs_MyWinLocker.exe.vir, , [27cfbe8123596dc95cc117f9cb3a35cb],
PUP.Optional.Softonic, C:\FRST\Quarantine\C\zoek_backup\C_Users_admin_Downloads_SoftonicDownloader_for_mkv-player.exe.vir, , [bb3b330c69132c0ae1b74e0c56aaa65a],
PUP.Optional.Softonic.A, C:\FRST\Quarantine\C\zoek_backup\C_Users_admin_Downloads_SoftonicDownloader_for_mywinlocker.exe.vir, , [de18f54a760651e5ea16d3685aa7f60a],
PUP.Optional.OpenCandy, C:\Users\admin\Downloads\DTLite4452-0287.exe, , [9c5a70cf3c4053e38c474d2d60a5d52b],
PUP.Optional.OpenCandy, C:\Users\admin\Downloads\DAEMON.Tools.v4.48.1.exe, , [3db9eb54dd9fa3932fa49bdf24e1a957],
PUP.Optional.Spigot.A, C:\Users\admin\Downloads\YTDSetup.exe, , [ab4b45fa76061125b319b472cb350bf5],

Physical Sectors: 0
(No malicious items detected)

(end)

#17 Příspěvek od **altrok** » 25 lis 2014 16:28

Nalezy smazte/presunte do karanteny.

Ulozte na plochu OTL http://oldtimer.geekstogo.com/OTL.exe

kliknete pravym na ikonu OTL a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
zatrhnete moznosti Pro vsechny uzivatele, Kontrola na havet "LOP", Kontrola na havěť "Purity"
do okna dole (Custom Scans/Fixes) zkopirujte script, ktery je nize
zbytek ponechte, jak je a kliknete na Prohledat
vysledne logy (OTL.txt a Extras.txt) budou dlouhe, takze je rozdelte do vice prispevku (odpovedi)

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

??? · #18 Příspěvek od **???** » 25 lis 2014 20:43

OTL logfile created on: 25.11.2014 20:08:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\admin\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17416)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d.M.yyyy

3,89 Gb Total Physical Memory | 2,64 Gb Available Physical Memory | 67,95% Memory free
4,58 Gb Paging File | 3,23 Gb Available in Paging File | 70,62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,11 Gb Total Space | 111,43 Gb Free Space | 39,92% Space Free | Partition Type: NTFS
Drive D: | 397,87 Gb Total Space | 230,73 Gb Free Space | 57,99% Space Free | Partition Type: NTFS

Computer Name: ASUS | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.11.25 20:05:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
PRC - [2014.11.14 22:15:26 | 000,856,904 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014.09.12 10:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.10.24 03:16:48 | 000,049,456 | ---- | M] () -- C:\Program Files (x86)\Garena Plus\ggdllhost.exe
PRC - [2013.05.16 19:08:38 | 001,826,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.04.16 17:25:30 | 000,020,792 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
PRC - [2013.03.27 10:57:52 | 000,323,584 | R--- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2013.02.26 11:08:24 | 000,176,240 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
PRC - [2012.11.28 17:56:40 | 000,054,488 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
PRC - [2012.10.26 14:35:44 | 000,184,704 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2012.10.24 15:02:32 | 001,196,416 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
PRC - [2012.10.17 19:08:40 | 000,205,184 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2012.10.05 15:55:50 | 000,110,976 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2012.09.18 12:51:54 | 001,124,032 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2012.09.14 13:14:16 | 000,328,064 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2012.08.31 19:27:20 | 000,590,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
PRC - [2012.08.22 09:24:28 | 001,559,936 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
PRC - [2012.07.17 14:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.07.17 14:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.06.27 12:47:02 | 000,129,856 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012.06.25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012.05.28 10:04:48 | 000,113,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2012.04.24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
PRC - [2012.04.13 10:14:00 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
PRC - [2012.03.28 18:34:30 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2011.11.21 14:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

========== Modules (No Company Name) ==========

MOD - [2014.11.14 22:15:23 | 009,009,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\pdf.dll
MOD - [2014.11.14 22:15:19 | 001,077,064 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\libglesv2.dll
MOD - [2014.11.14 22:15:17 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\libegl.dll
MOD - [2014.11.14 22:15:16 | 001,677,128 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\ffmpegsumo.dll
MOD - [2014.10.19 09:22:34 | 007,785,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\43edd630a9f8cd6ac38c527b106ec94f\System.Xml.ni.dll
MOD - [2014.10.19 09:22:25 | 001,874,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\6281ab590224520bad7c4f5b3ef37575\System.Xaml.ni.dll
MOD - [2014.10.19 09:22:21 | 012,856,832 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\70c6bf4a51d18b4a9a1805cd48d1caad\System.Windows.Forms.ni.dll
MOD - [2014.10.19 09:20:56 | 001,635,328 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\8efdc7a3726640f79d9333da88accaf8\System.Drawing.ni.dll
MOD - [2014.10.19 09:20:45 | 000,968,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\00fc7d14bbb38db00e4103912c041adf\System.Configuration.ni.dll
MOD - [2014.10.19 09:20:44 | 000,463,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\eb62bc6e97d1d2aafbf3a101d7f029e1\PresentationFramework.Aero2.ni.dll
MOD - [2014.10.19 09:20:42 | 018,744,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\377e9afc870e7d53922fbcfd6023b2f7\PresentationFramework.ni.dll
MOD - [2014.10.19 09:20:18 | 011,027,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\a1799dc618cfa61adb75b82311884c3d\PresentationCore.ni.dll
MOD - [2014.10.19 09:20:09 | 003,957,760 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\b8e2e79f70d09551560548cda72e2c51\WindowsBase.ni.dll
MOD - [2014.10.19 09:19:54 | 010,030,592 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\1c5fe4cb68f67046baec4c3a854f722f\System.ni.dll
MOD - [2014.01.27 12:52:41 | 017,395,376 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\c90ef9a73ea0044641d31b19023aad61\mscorlib.ni.dll
MOD - [2013.12.10 08:13:08 | 000,013,088 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2013.10.24 03:17:00 | 000,553,776 | ---- | M] () -- C:\Program Files (x86)\Garena Plus\ggspawn.dll
MOD - [2013.10.24 03:16:48 | 000,049,456 | ---- | M] () -- C:\Program Files (x86)\Garena Plus\ggdllhost.exe

========== Services (SafeList) ==========

SRV:64bit: - [2014.10.31 05:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014.10.07 02:54:27 | 000,226,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014.09.22 04:05:56 | 000,368,632 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014.09.22 04:05:56 | 000,023,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014.08.16 04:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014.08.16 01:58:35 | 000,287,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014.08.16 01:45:51 | 000,267,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014.07.24 08:28:58 | 001,600,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014.03.14 07:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014.03.08 06:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014.03.06 08:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014.02.22 16:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014.02.22 10:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014.02.22 10:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014.02.22 10:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014.02.22 10:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013.12.10 08:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013.08.22 12:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013.08.22 12:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013.08.22 12:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013.08.22 12:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013.08.22 12:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013.08.22 11:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013.08.22 11:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013.08.22 10:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013.08.22 10:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013.08.22 10:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013.08.22 10:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013.08.22 10:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013.08.22 10:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013.08.22 10:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013.08.22 10:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012.04.20 14:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2010.04.29 18:10:40 | 000,127,800 | ---- | M] (HP) [Auto | Running] -- C:\Windows\SysNative\HPSIsvc.exe -- (HPSIService)
SRV - [2014.11.18 21:23:34 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014.11.11 21:37:43 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.09.12 10:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014.08.22 14:04:06 | 000,009,216 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2014.08.16 04:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014.04.03 19:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014.03.14 07:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013.10.01 13:02:42 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013.08.22 04:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013.08.22 03:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013.05.16 19:08:38 | 001,826,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.03.27 11:39:42 | 000,227,968 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2013.03.27 10:57:52 | 000,323,584 | R--- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent)
SRV - [2012.12.19 07:10:38 | 000,072,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe -- (Asus WebStorage Windows Service)
SRV - [2012.10.05 15:55:50 | 000,110,976 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2012.09.13 04:59:08 | 002,466,448 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012.07.17 14:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.07.17 14:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.06.27 12:47:02 | 000,129,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012.06.25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012.04.24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2012.04.13 10:14:00 | 000,277,120 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2011.11.21 14:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2010.10.12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.10.10 02:58:57 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014.09.22 04:06:16 | 000,258,368 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014.09.22 04:06:16 | 000,114,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014.09.22 03:49:43 | 000,035,320 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014.08.15 01:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014.07.24 16:28:38 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014.07.24 16:28:38 | 000,412,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014.07.24 12:42:22 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014.05.01 14:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014.03.20 04:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014.03.13 13:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014.03.08 21:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014.02.22 17:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014.02.22 16:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014.02.22 16:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014.02.22 16:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014.02.22 16:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014.02.22 13:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014.01.28 14:32:18 | 000,593,000 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2013.12.25 19:30:19 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013.12.25 19:30:18 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013.12.25 19:30:18 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013.12.10 08:13:16 | 000,032,544 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013.12.04 19:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013.11.14 08:28:56 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013.11.14 08:25:34 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013.11.14 08:16:49 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013.10.30 20:00:26 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.10.01 13:02:30 | 004,177,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013.08.22 23:51:12 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013.08.22 23:51:12 | 000,026,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013.08.22 14:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013.08.22 14:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013.08.22 13:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013.08.22 13:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013.08.22 13:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013.08.22 13:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013.08.22 13:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013.08.22 13:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013.08.22 13:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013.08.22 13:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013.08.22 13:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013.08.22 13:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013.08.22 13:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013.08.22 13:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013.08.22 13:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013.08.22 13:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013.08.22 13:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013.08.22 13:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013.08.22 13:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013.08.22 13:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013.08.22 13:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013.08.22 13:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013.08.22 13:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013.08.22 13:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013.08.22 13:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013.08.22 13:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013.08.22 13:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013.08.22 13:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013.08.22 13:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013.08.22 12:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013.08.22 12:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013.08.22 12:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013.08.22 12:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013.08.22 12:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013.08.22 12:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013.08.22 12:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013.08.22 12:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013.08.22 12:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013.08.22 12:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013.08.22 12:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013.08.22 12:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013.08.22 12:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013.08.22 12:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013.08.22 12:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013.08.22 12:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013.08.22 12:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013.08.22 12:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013.08.22 12:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013.08.22 12:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013.08.22 12:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013.08.22 09:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013.08.13 00:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013.08.10 01:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013.07.30 19:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013.07.25 20:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013.06.18 15:46:17 | 000,591,360 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013.06.18 15:45:02 | 003,680,256 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr)
DRV:64bit: - [2013.04.16 17:25:46 | 000,065,784 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusTP.sys -- (ATP)
DRV:64bit: - [2013.03.27 11:18:52 | 000,136,784 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2013.03.27 11:18:50 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2013.03.27 11:18:50 | 000,089,168 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2013.03.27 11:18:50 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2013.03.27 11:18:48 | 000,346,192 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2013.03.27 11:18:48 | 000,115,280 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2013.01.09 03:26:24 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012.12.24 06:53:24 | 000,020,480 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mvusbews.sys -- (mvusbews)
DRV:64bit: - [2012.10.08 10:47:42 | 000,298,640 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsBaStor.sys -- (RSBASTOR)
DRV:64bit: - [2012.09.18 12:51:54 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:64bit: - [2012.09.14 06:15:10 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012.08.02 04:22:48 | 000,014,992 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2012.07.02 15:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.05.31 04:47:44 | 000,021,152 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsHIDSwitch64.sys -- (HIDSwitch)
DRV:64bit: - [2009.12.23 11:36:04 | 000,105,592 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\Tpkd.sys -- (Tpkd)
DRV:64bit: - [2009.09.03 10:49:48 | 000,187,912 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MAudioMicro.sys -- (MAUSBMICRO)
DRV - [2011.09.07 09:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009.07.02 17:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3701647376-3946651554-1493002649-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-3701647376-3946651554-1493002649-1002\..\SearchScopes,DefaultScope = {012E1000-F331-11DB-8314-0800200C9A66}
IE - HKU\S-1-5-21-3701647376-3946651554-1493002649-1002\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-3701647376-3946651554-1493002649-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-3701647376-3946651554-1493002649-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@t.garena.com/garenatalk: C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014.11.24 23:02:58 | 000,000,035 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe (ASUS Cloud Corporation)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-3701647376-3946651554-1493002649-1002..\Run: [GarenaPlus] C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe ()
O4 - HKU\S-1-5-21-3701647376-3946651554-1493002649-1002..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-3701647376-3946651554-1493002649-1003..\RunOnce: [WAB Migrate] C:\Program Files (x86)\Windows Mail\wab.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Atheros Communications)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8:64bit: - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Key error. File not found
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 94.249.192.82 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{592F78B9-78DD-441C-8141-316236FE1390}: DhcpNameServer = 94.249.192.82 8.8.8.8
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\WINDOWS\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.11.25 20:05:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
[2014.11.25 05:54:04 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014.11.25 05:53:34 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014.11.25 05:53:34 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2014.11.25 05:53:34 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014.11.25 05:53:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014.11.25 05:53:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.11.24 23:39:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014.11.24 23:37:28 | 000,000,000 | -HSD | C] -- C:\Users\admin\AppData\Local\EmieBrowserModeList
[2014.11.24 23:29:53 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Google Chrome Backup
[2014.11.24 23:29:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Parhelia Tools
[2014.11.24 23:29:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google Chrome Backup
[2014.11.24 22:32:54 | 000,000,000 | ---D | C] -- C:\FRST
[2014.11.24 22:32:21 | 000,112,640 | ---- | C] (forum.viry.cz) -- C:\Users\admin\Desktop\FRSTLauncher.exe
[2014.11.24 22:31:51 | 002,118,144 | ---- | C] (Farbar) -- C:\Users\admin\Desktop\FRST64.exe
[2014.11.24 22:23:59 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014.11.24 22:22:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2014.11.24 22:22:14 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Temp
[2014.11.21 14:00:17 | 000,000,000 | ---D | C] -- C:\Users\admin\Desktop\SWAY
[2014.11.12 08:52:40 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll
[2014.11.12 08:52:40 | 000,104,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll
[2014.11.12 08:52:40 | 000,088,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll
[2014.11.12 08:52:35 | 003,320,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2014.11.12 08:52:35 | 002,773,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014.11.12 08:52:33 | 002,459,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014.11.12 08:52:33 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msihnd.dll
[2014.11.12 08:52:33 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msihnd.dll
[2014.11.12 08:52:33 | 000,116,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\consent.exe
[2014.11.12 08:52:29 | 001,519,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2014.11.12 08:52:28 | 000,258,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys
[2014.11.12 08:52:28 | 000,114,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys
[2014.11.12 08:52:28 | 000,035,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys
[2014.11.12 08:52:28 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winshfhc.dll
[2014.11.12 08:52:28 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winshfhc.dll
[2014.11.12 08:51:45 | 006,040,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014.11.12 08:51:40 | 002,865,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2014.11.12 08:51:38 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014.11.12 08:51:38 | 000,812,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2014.11.12 08:51:38 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014.11.12 08:51:38 | 000,661,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2014.11.12 08:51:38 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieui.dll
[2014.11.12 08:51:37 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014.11.12 08:51:37 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieui.dll
[2014.11.12 08:51:36 | 002,051,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014.11.12 08:51:36 | 000,580,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2014.11.12 08:51:35 | 002,124,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014.11.12 08:51:35 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014.11.12 08:51:35 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2014.11.12 08:51:35 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2014.11.12 08:51:34 | 000,799,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014.11.12 08:51:34 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014.11.12 08:51:32 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\html.iec
[2014.11.12 08:51:32 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014.11.12 08:51:32 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hlink.dll
[2014.11.12 08:51:31 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014.11.12 08:51:31 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014.11.12 08:51:31 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iepeers.dll
[2014.11.12 08:51:31 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014.11.12 08:51:31 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll
[2014.11.12 08:51:31 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014.11.12 08:51:31 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014.11.12 08:51:31 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesysprep.dll
[2014.11.12 08:51:31 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesysprep.dll
[2014.11.12 08:51:30 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\html.iec
[2014.11.12 08:51:30 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\occache.dll
[2014.11.12 08:51:30 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inseng.dll
[2014.11.12 08:51:30 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014.11.12 08:51:30 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inseng.dll
[2014.11.12 08:51:30 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdc.ocx
[2014.11.12 08:51:30 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JavaScriptCollectionAgent.dll
[2014.11.12 08:51:30 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014.11.12 08:51:30 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdc.ocx
[2014.11.12 08:51:29 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\occache.dll
[2014.11.12 08:51:29 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iexpress.exe
[2014.11.12 08:51:29 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IEAdvpack.dll
[2014.11.12 08:51:29 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll
[2014.11.12 08:51:29 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll
[2014.11.12 08:51:29 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll
[2014.11.12 08:51:29 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imgutil.dll
[2014.11.12 08:51:28 | 000,237,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\url.dll
[2014.11.12 08:51:28 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\url.dll
[2014.11.12 08:51:28 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wextract.exe
[2014.11.12 08:51:28 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IEAdvpack.dll
[2014.11.12 08:51:28 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pngfilt.dll
[2014.11.12 08:51:28 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014.11.12 08:51:28 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pngfilt.dll
[2014.11.12 08:51:28 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014.11.12 08:51:28 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014.11.12 08:51:28 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\licmgr10.dll
[2014.11.12 08:51:28 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014.11.12 08:51:28 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\licmgr10.dll
[2014.11.12 08:51:27 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wextract.exe
[2014.11.12 08:51:27 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014.11.12 08:51:25 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iexpress.exe
[2014.11.12 08:51:25 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msfeedssync.exe
[2014.11.12 08:51:24 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshta.exe
[2014.11.12 08:51:24 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeedssync.exe
[2014.11.12 08:51:18 | 003,547,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2014.11.12 08:51:17 | 001,441,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014.11.12 08:51:17 | 000,445,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certcli.dll
[2014.11.12 08:51:17 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certcli.dll
[2014.11.12 08:51:16 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adtschema.dll
[2014.11.12 08:51:16 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adtschema.dll
[2014.11.12 08:51:16 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msaudite.dll
[2014.11.12 08:51:16 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msaudite.dll
[2014.11.12 08:51:16 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2014.11.12 08:51:16 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rfxvmt.dll
[2014.11.12 08:51:16 | 000,027,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys
[2014.11.12 08:51:01 | 000,789,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2014.11.12 08:50:53 | 001,714,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2014.11.12 08:50:53 | 000,894,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2014.11.12 08:50:53 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2014.11.12 08:50:53 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2014.11.12 08:50:52 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2014.11.12 08:50:52 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2014.11.12 08:50:52 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2014.11.12 08:50:52 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2014.11.12 08:50:52 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2014.11.12 08:50:52 | 000,055,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2014.11.12 08:50:52 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2014.11.12 08:50:52 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2014.11.12 08:50:52 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2014.11.12 08:50:52 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2014.11.12 08:50:52 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuaext.dll
[2014.11.12 08:50:26 | 000,500,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2014.11.12 08:50:26 | 000,482,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2014.11.12 08:50:26 | 000,394,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2014.11.12 08:50:26 | 000,344,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2014.11.12 08:50:26 | 000,272,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2014.11.12 08:50:26 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2014.11.12 08:50:26 | 000,108,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EncDump.dll
[2014.11.12 08:50:23 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\packager.dll
[2014.11.12 08:50:23 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\packager.dll
[2014.11.12 08:50:19 | 007,484,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2014.11.12 08:50:16 | 013,424,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014.11.12 08:50:16 | 002,714,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2014.11.12 08:50:14 | 001,053,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2014.11.12 08:50:14 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2014.11.12 08:50:14 | 000,836,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2014.11.12 08:50:12 | 011,820,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014.11.12 08:50:12 | 000,822,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2014.11.12 08:50:12 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2014.11.12 08:50:12 | 000,670,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2014.11.12 08:50:12 | 000,474,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys
[2014.11.12 08:50:11 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiobj.dll
[2014.11.12 08:50:10 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\puiobj.dll
[2014.11.12 08:50:09 | 000,545,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2014.11.12 08:50:09 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2014.11.12 08:50:09 | 000,428,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2014.11.12 08:50:08 | 000,615,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOMEX.dll
[2014.11.12 08:50:07 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSAPI.dll
[2014.11.12 08:50:07 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FXSAPI.dll
[2014.11.09 16:26:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Sibelius Software
[2014.11.09 16:25:15 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Sibelius Software
[2014.11.09 16:15:57 | 000,000,000 | ---D | C] -- C:\Users\admin\Documents\Scores
[2014.11.09 16:15:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sibelius Software
[2014.11.09 16:13:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sibelius Software
[2014.11.09 13:49:28 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\MusE
[2014.11.09 13:49:27 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\MusE
[2014.10.30 23:07:45 | 000,000,000 | ---D | C] -- C:\Users\admin\Documents\The KMPlayer
[2014.10.30 23:05:53 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.11.25 20:09:55 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.11.25 20:05:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
[2014.11.25 20:05:01 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.11.25 20:03:39 | 000,000,062 | ---- | M] () -- C:\Users\admin\AppData\Roaming\sp_data.sys
[2014.11.25 20:03:24 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.11.25 20:03:00 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014.11.25 20:02:59 | 3340,075,008 | -HS- | M] () -- C:\hiberfil.sys
[2014.11.25 09:43:00 | 000,000,944 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.11.25 09:37:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.11.25 05:54:15 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014.11.25 05:53:41 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.11.24 23:39:34 | 000,002,293 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.11.24 23:02:58 | 000,000,035 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2014.11.24 23:02:08 | 000,029,696 | ---- | M] () -- C:\Users\admin\AppData\Local\MSGBOX.EXE
[2014.11.24 23:02:08 | 000,015,327 | ---- | M] () -- C:\Users\admin\Desktop\LM.bat
[2014.11.24 22:40:08 | 000,009,010 | ---- | M] () -- C:\Users\admin\Desktop\Addition.zip
[2014.11.24 22:32:15 | 000,112,640 | ---- | M] (forum.viry.cz) -- C:\Users\admin\Desktop\FRSTLauncher.exe
[2014.11.24 22:30:55 | 002,118,144 | ---- | M] (Farbar) -- C:\Users\admin\Desktop\FRST64.exe
[2014.11.13 09:55:33 | 000,379,776 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014.11.09 16:26:19 | 000,000,604 | -H-- | M] () -- C:\WINDOWS\T4
[2014.11.09 16:26:19 | 000,000,604 | -H-- | M] () -- C:\WINDOWS\SysWow64\T3
[2014.11.09 16:26:19 | 000,000,604 | -H-- | M] () -- C:\Program Files (x86)\STLL Notifier
[2014.11.09 16:15:56 | 000,002,107 | ---- | M] () -- C:\Users\Public\Desktop\Sibelius 5.lnk
[2014.11.09 15:33:57 | 000,907,186 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014.11.09 15:33:57 | 000,722,476 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014.11.09 15:33:57 | 000,135,592 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014.11.09 15:33:57 | 000,048,754 | ---- | M] () -- C:\WINDOWS\SysNative\perfh01B.dat
[2014.11.09 15:33:57 | 000,012,006 | ---- | M] () -- C:\WINDOWS\SysNative\perfc01B.dat
[2014.11.01 18:35:17 | 001,567,408 | ---- | M] () -- C:\Users\admin\Desktop\20141101_183517.jpg
[2014.10.31 06:12:41 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wextract.exe
[2014.10.31 06:12:05 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshta.exe
[2014.10.31 06:10:13 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iexpress.exe
[2014.10.31 06:09:37 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pngfilt.dll
[2014.10.31 06:08:00 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeedssync.exe
[2014.10.31 06:06:45 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014.10.31 06:06:21 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\url.dll
[2014.10.31 06:06:09 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2014.10.31 06:06:00 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014.10.31 06:05:50 | 000,417,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\html.iec
[2014.10.31 06:04:28 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll
[2014.10.31 05:56:53 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014.10.31 05:54:13 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IEAdvpack.dll
[2014.10.31 05:53:06 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieui.dll
[2014.10.31 05:52:22 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hlink.dll
[2014.10.31 05:51:37 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014.10.31 05:51:31 | 000,812,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2014.10.31 05:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014.10.31 05:50:44 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014.10.31 05:50:11 | 006,040,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014.10.31 05:40:07 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\licmgr10.dll
[2014.10.31 05:38:28 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2014.10.31 05:30:28 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JavaScriptCollectionAgent.dll
[2014.10.31 05:29:50 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesysprep.dll
[2014.10.31 05:29:17 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdc.ocx
[2014.10.31 05:28:58 | 000,107,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inseng.dll
[2014.10.31 05:25:24 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014.10.31 05:24:25 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014.10.31 05:23:46 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iepeers.dll
[2014.10.31 05:21:30 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2014.10.31 05:19:49 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\occache.dll
[2014.10.31 05:05:52 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014.10.31 05:05:35 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014.10.31 05:03:02 | 002,124,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014.10.31 04:44:32 | 002,865,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2014.10.31 04:42:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imgutil.dll
[2014.10.31 04:28:47 | 000,137,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wextract.exe
[2014.10.31 04:27:26 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iexpress.exe
[2014.10.31 04:26:45 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pngfilt.dll
[2014.10.31 04:25:24 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msfeedssync.exe
[2014.10.31 04:24:23 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014.10.31 04:24:00 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\url.dll
[2014.10.31 04:23:37 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014.10.31 04:23:21 | 000,340,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\html.iec
[2014.10.31 04:22:08 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll
[2014.10.31 04:20:27 | 000,799,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014.10.31 04:15:59 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014.10.31 04:14:25 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IEAdvpack.dll
[2014.10.31 04:13:35 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieui.dll
[2014.10.31 04:12:17 | 000,661,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2014.10.31 04:12:17 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014.10.31 04:11:30 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014.10.31 04:03:33 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\licmgr10.dll
[2014.10.31 03:57:20 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll
[2014.10.31 03:56:44 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesysprep.dll
[2014.10.31 03:56:18 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdc.ocx
[2014.10.31 03:56:08 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inseng.dll
[2014.10.31 03:53:21 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014.10.31 03:52:23 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014.10.31 03:51:02 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll
[2014.10.31 03:48:50 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\occache.dll
[2014.10.31 03:39:28 | 002,051,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014.10.31 03:11:30 | 000,708,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014.10.30 23:05:53 | 000,001,053 | ---- | M] () -- C:\Users\admin\Desktop\KMPlayer.lnk
[2014.10.30 01:55:02 | 000,714,208 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014.10.30 01:55:02 | 000,106,976 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014.10.28 20:56:59 | 000,048,034 | ---- | M] () -- C:\Users\admin\Documents\cc_20141028_205651.reg
[2014.10.28 20:54:00 | 000,000,836 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.11.25 20:09:55 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.11.25 05:53:41 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.11.24 23:39:34 | 000,002,293 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.11.24 23:38:47 | 000,000,944 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.11.24 23:38:47 | 000,000,940 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.11.24 23:02:08 | 000,029,696 | ---- | C] () -- C:\Users\admin\AppData\Local\MSGBOX.EXE
[2014.11.24 23:02:08 | 000,015,327 | ---- | C] () -- C:\Users\admin\Desktop\LM.bat
[2014.11.24 22:40:08 | 000,009,010 | ---- | C] () -- C:\Users\admin\Desktop\Addition.zip
[2014.11.12 08:50:05 | 000,389,176 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014.11.09 16:26:19 | 000,000,604 | -H-- | C] () -- C:\WINDOWS\T4
[2014.11.09 16:26:19 | 000,000,604 | -H-- | C] () -- C:\WINDOWS\SysWow64\T3
[2014.11.09 16:26:19 | 000,000,604 | -H-- | C] () -- C:\Program Files (x86)\STLL Notifier
[2014.11.09 16:15:56 | 000,002,107 | ---- | C] () -- C:\Users\Public\Desktop\Sibelius 5.lnk
[2014.11.01 18:58:44 | 001,567,408 | ---- | C] () -- C:\Users\admin\Desktop\20141101_183517.jpg
[2014.10.30 23:05:53 | 000,001,053 | ---- | C] () -- C:\Users\admin\Desktop\KMPlayer.lnk
[2014.10.28 20:56:56 | 000,048,034 | ---- | C] () -- C:\Users\admin\Documents\cc_20141028_205651.reg
[2014.05.31 15:49:04 | 000,007,605 | ---- | C] () -- C:\Users\admin\AppData\Local\Resmon.ResmonCfg
[2014.04.29 19:31:58 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014.03.19 09:15:56 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013.12.27 11:25:11 | 000,217,088 | ---- | C] () -- C:\WINDOWS\SysWow64\qtmlClient.dll
[2013.11.01 17:27:19 | 000,045,270 | ---- | C] () -- C:\Users\admin\AppData\Roaming\room_v3.dat
[2013.10.31 01:32:10 | 000,000,062 | ---- | C] () -- C:\Users\admin\AppData\Roaming\sp_data.sys
[2013.10.30 22:48:30 | 000,000,161 | ---- | C] () -- C:\WINDOWS\AutoKMS.ini
[2013.10.01 13:02:30 | 000,303,104 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013.10.01 13:02:26 | 000,180,736 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013.10.01 13:02:26 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013.08.22 16:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013.08.22 16:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013.08.22 15:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.08.22 08:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013.08.22 04:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013.08.22 00:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013.08.22 00:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013.05.01 12:15:31 | 000,000,256 | ---- | C] () -- C:\ProgramData\SetStretch.cmd

========== ZeroAccess Check ==========

[2014.06.16 19:34:29 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.08.31 01:15:33 | 021,197,152 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.08.30 23:59:13 | 018,723,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013.08.22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013.08.22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013.08.22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.10.31 01:33:51 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\ASUS WebStorage
[2014.10.28 20:56:25 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\DAEMON Tools Lite
[2013.12.27 22:45:16 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Digidesign
[2013.11.15 18:25:48 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Garena
[2014.07.29 17:39:29 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\GarenaPlus
[2013.12.27 12:38:17 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Leadertech
[2014.11.09 13:49:28 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\MusE
[2013.12.27 11:56:52 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\PACE Anti-Piracy
[2014.03.08 15:49:06 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Propellerhead Software
[2013.11.16 16:31:09 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\STV Software
[2014.06.25 18:30:54 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Ubisoft
[2014.11.21 08:09:36 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\uTorrent

========== Purity Check ==========

========== Custom Scans ==========

< >
[2013.08.22 15:45:54 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2014.03.29 10:15:37 | 000,000,830 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2014.11.24 23:38:47 | 000,000,940 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2014.11.24 23:38:47 | 000,000,944 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: AGP440.SYS >
[2014.05.01 07:49:19 | 000,000,012 | ---- | M] () MD5=06C6E29A8643D00197E214F3AA26A4B9 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\AGP440.sys
[2013.08.22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\WINDOWS\SysNative\drivers\AGP440.sys
[2013.08.22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_36be84f8fc597ea3\AGP440.sys
[2013.08.22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17238_none_ab0b455c927bd60f\AGP440.sys
[2014.09.15 14:56:47 | 000,000,012 | ---- | M] () MD5=AC26F500DB64617F336315BB5A0FDBE1 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\AGP440.sys

< MD5 for: ATAPI.SYS >
[2013.08.22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\drivers\atapi.sys
[2013.08.22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_64aa4354da84c2df\atapi.sys
[2013.08.22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.3.9600.16384_none_cdf68824f580d510\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2014.05.01 07:50:47 | 000,028,249 | ---- | M] () MD5=0CBDE27FB26761852F7B22AFB8C51ACB -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_d2b24d5495b82963\autochk.exe
[2014.02.22 12:24:36 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\SysWOW64\autochk.exe
[2014.02.22 12:24:36 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_76c6a414dd35029f\autochk.exe
[2014.02.22 13:17:06 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\WINDOWS\SysNative\autochk.exe
[2014.02.22 13:17:06 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_d2e53f98959273d5\autochk.exe
[2014.05.01 08:27:07 | 000,023,596 | ---- | M] () MD5=83A4C9BE342BC296EC09492FF7594F13 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_7693b1d0dd5ab82d\autochk.exe

< MD5 for: CDROM.SYS >
[2013.08.22 09:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\drivers\cdrom.sys
[2013.08.22 09:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_42e9c29f0affc440\cdrom.sys
[2013.08.22 09:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.3.9600.16384_none_5067bbed77be70be\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2013.08.22 11:01:39 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=0EFE4B5884A8032617826A4D76F80969 -- C:\WINDOWS\SysNative\cryptsvc.dll
[2013.08.22 11:01:39 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=0EFE4B5884A8032617826A4D76F80969 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.3.9600.16384_none_66bdf96f6ec6545d\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2014.08.23 08:13:24 | 002,084,520 | ---- | M] (Microsoft Corporation) MD5=195822ACCDAA2B4815DD01BAFC335595 -- C:\Windows\SysWOW64\explorer.exe
[2014.08.23 08:13:24 | 002,084,520 | ---- | M] (Microsoft Corporation) MD5=195822ACCDAA2B4815DD01BAFC335595 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4cc798c1821453a8\explorer.exe
[2014.09.15 14:58:38 | 000,270,774 | ---- | M] () MD5=2195687491E604BA42961470EDA7660E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_42acff334d876b54\explorer.exe
[2014.09.15 15:13:57 | 000,220,250 | ---- | M] () MD5=286928E00AD34E9F88EB5BFA52660A70 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_4d01a98581e82d4f\explorer.exe
[2014.05.01 08:17:58 | 000,015,546 | ---- | M] () MD5=347EFF7EC89C3EB4F72F2408E1C4E16D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_4cfaa3b381ee81a0\explorer.exe
[2014.05.01 08:17:54 | 000,238,918 | ---- | M] () MD5=5177BB4FECDDB9CDBCF10EF65916968D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_4ceff22781f6788c\explorer.exe
[2014.09.15 14:58:35 | 000,271,249 | ---- | M] () MD5=667BC926C7CB889BF276A5FEA316CAEE -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_42adfbb14d868a5d\explorer.exe
[2014.05.01 07:56:20 | 000,169,957 | ---- | M] () MD5=6D919C26DCB567396CD2E119B8E4310E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_42a5f9614d8dbfa5\explorer.exe
[2014.08.23 08:48:28 | 002,374,784 | ---- | M] (Microsoft Corporation) MD5=ACDBE1ED38167C8B01B8F63161BB2CEA -- C:\Windows\explorer.exe
[2014.08.23 08:48:28 | 002,374,784 | ---- | M] (Microsoft Corporation) MD5=ACDBE1ED38167C8B01B8F63161BB2CEA -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4272ee6f4db391ad\explorer.exe
[2014.09.15 15:13:53 | 000,208,662 | ---- | M] () MD5=C131BC6F12417306A9C8469CA49110B1 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_4d02a60381e74c58\explorer.exe
[2014.05.01 07:56:18 | 000,283,735 | ---- | M] () MD5=FA98C5D746E7C9E0912E88AC44FF9926 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_429b47d54d95b691\explorer.exe

??? · #19 Příspěvek od **???** » 25 lis 2014 20:44

< MD5 for: HAL.DLL >
[2014.06.02 03:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\WINDOWS\SysNative\hal.dll
[2014.06.02 03:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17196_none_9bde68c32da7abbb\hal.dll
[2014.08.18 13:20:12 | 000,024,467 | ---- | M] () MD5=2635F50EAF3E1B4A8D32B21E1203E130 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17031_none_9c1a44f32d7b883b\hal.dll
[2014.03.23 12:23:55 | 000,014,096 | ---- | M] () MD5=64D2873F32BB723BFFF3F8895032AA35 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16408_none_9c41d51d2d5cc0c4\hal.dll
[2014.05.01 07:57:08 | 000,066,843 | ---- | M] () MD5=D714202F057A317C8E31776EBEA0AEA2 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16500_none_9c39d4b32d63f333\hal.dll

< MD5 for: IASTORV.SYS >
[2013.08.22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\WINDOWS\SysNative\drivers\iaStorV.sys
[2013.08.22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_5069105fb236ae4b\iaStorV.sys
[2013.08.22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_6.3.9600.16384_none_9fcfb2835bbf0103\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2014.05.01 07:49:19 | 000,000,012 | ---- | M] () MD5=06C6E29A8643D00197E214F3AA26A4B9 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\isapnp.sys
[2013.08.22 13:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\WINDOWS\SysNative\drivers\isapnp.sys
[2013.08.22 13:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_36be84f8fc597ea3\isapnp.sys
[2013.08.22 13:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17238_none_ab0b455c927bd60f\isapnp.sys
[2014.09.15 14:56:48 | 000,000,012 | ---- | M] () MD5=AC26F500DB64617F336315BB5A0FDBE1 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\isapnp.sys

< MD5 for: LSASS.EXE >
[2013.08.22 14:25:35 | 000,045,008 | ---- | M] (Microsoft Corporation) MD5=F6F209DDB94959BA104FC8FC87C53759 -- C:\WINDOWS\SysNative\lsass.exe
[2013.08.22 14:25:35 | 000,045,008 | ---- | M] (Microsoft Corporation) MD5=F6F209DDB94959BA104FC8FC87C53759 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.16408_none_2e8484166600f08e\lsass.exe

< MD5 for: NDIS.SYS >
[2014.02.20 12:08:10 | 000,046,734 | ---- | M] () MD5=68A9BA38BB275850F91165D1C1FCA8DA -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16408_none_4a6e60adfbbe952c\ndis.sys
[2014.05.01 08:03:08 | 000,140,607 | ---- | M] () MD5=7B886741BDAE33AC4F116DF991D1E3CB -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16475_none_4a1fb05bfbfa0cbe\ndis.sys
[2014.09.15 15:02:22 | 000,025,682 | ---- | M] () MD5=D2D6A481A75207BF24E9D48C61B7F012 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17031_none_4a46d083fbdd5ca3\ndis.sys
[2014.06.05 15:00:18 | 001,118,040 | ---- | M] (Microsoft Corporation) MD5=E4B4BE2D7750849C07589DA0B0AABA01 -- C:\WINDOWS\SysNative\drivers\ndis.sys
[2014.06.05 15:00:18 | 001,118,040 | ---- | M] (Microsoft Corporation) MD5=E4B4BE2D7750849C07589DA0B0AABA01 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17199_none_4a0df531fc06cc28\ndis.sys

< MD5 for: NETLOGON.DLL >
[2014.03.06 08:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) MD5=2468C21E34C49E4735B4BA430D448E91 -- C:\WINDOWS\SysNative\netlogon.dll
[2014.03.06 08:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) MD5=2468C21E34C49E4735B4BA430D448E91 -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_ee9e39a60bd3552e\netlogon.dll
[2014.05.01 08:22:41 | 000,058,552 | ---- | M] () MD5=35048C9600694C3BF01D644D1AAE62BE -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_f8cac1a04051b0c6\netlogon.dll
[2014.03.06 07:29:17 | 000,688,640 | ---- | M] (Microsoft Corporation) MD5=582918F96C2B7E1E3AE17D08DB6DAC41 -- C:\Windows\SysWOW64\netlogon.dll
[2014.03.06 07:29:17 | 000,688,640 | ---- | M] (Microsoft Corporation) MD5=582918F96C2B7E1E3AE17D08DB6DAC41 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_f8f2e3f840341729\netlogon.dll
[2014.05.01 08:06:39 | 000,108,975 | ---- | M] () MD5=D817ED82C2A0E1CED9B396826F52F7CB -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_ee76174e0bf0eecb\netlogon.dll

< MD5 for: NVRAID.SYS >
[2013.08.22 13:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\WINDOWS\SysNative\drivers\nvraid.sys
[2013.08.22 13:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvraid.sys
[2013.08.22 13:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2013.08.22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\WINDOWS\SysNative\drivers\nvstor.sys
[2013.08.22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvstor.sys
[2013.08.22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvstor.sys

< MD5 for: SCECLI.DLL >
[2013.08.22 03:48:17 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=1F142D5BD1C3869C5D902779B6FEC3EF -- C:\Windows\SysWOW64\scecli.dll
[2013.08.22 03:48:17 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=1F142D5BD1C3869C5D902779B6FEC3EF -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_3320ecb8e1733781\scecli.dll
[2013.08.22 10:55:43 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=1F1B8D07708E40E54C55B392C78ECCE2 -- C:\WINDOWS\SysNative\scecli.dll
[2013.08.22 10:55:43 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=1F1B8D07708E40E54C55B392C78ECCE2 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_28cc4266ad127586\scecli.dll

< MD5 for: SMSS.EXE >
[2014.05.01 08:08:16 | 000,019,120 | ---- | M] () MD5=5FBA1F5F9AA1E09595F015118AE83A36 -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.16384_none_6f1f364dbcc273d3\smss.exe
[2014.02.22 16:43:03 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\WINDOWS\SysNative\smss.exe
[2014.02.22 16:43:03 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.17031_none_6f522891bc9cbe45\smss.exe

< MD5 for: SVCHOST.EXE >
[2013.08.22 06:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\SysWOW64\svchost.exe
[2013.08.22 06:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_4a5b1e2820e75323\svchost.exe
[2014.10.01 11:09:16 | 000,761,656 | ---- | M] (MalwareBytes) MD5=C0AFB3C7E6C7CA3F6E42FF242BBBCB1F -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2013.08.22 13:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\WINDOWS\SysNative\svchost.exe
[2013.08.22 13:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459\svchost.exe

< MD5 for: TCPIP.SYS >
[2014.02.20 12:08:59 | 000,210,441 | ---- | M] () MD5=01941724D120729E2B680B22F05D4123 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16423_none_a41c53813a2d8394\tcpip.sys
[2014.03.16 15:12:57 | 000,271,861 | ---- | M] () MD5=2102610D6FD1D928A3D7155077A78B82 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16456_none_a3fee49b3a43236c\tcpip.sys
[2014.05.01 08:10:04 | 000,481,295 | ---- | M] () MD5=2F83A7537A9B8CF98E6B4710A3E3D381 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16521_none_a41a54d33a2f4e0d\tcpip.sys
[2014.10.21 13:41:50 | 000,445,111 | ---- | M] () MD5=5F46548648648BE21060C8DED2B56238 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17238_none_a4166a733a313d8b\tcpip.sys
[2014.08.18 23:50:30 | 000,223,198 | ---- | M] () MD5=889B53B7C56665B0277CC00EF4051DE4 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17085_none_a3dd562d3a5c82ed\tcpip.sys
[2014.10.03 11:21:04 | 000,254,700 | ---- | M] () MD5=8B15952BE4FB7CF329EC3437A7EC4828 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17039_none_a41766f13a305c94\tcpip.sys
[2014.10.03 11:21:07 | 000,242,003 | ---- | M] () MD5=90511DE4535E8829764B1E1E220F56DB -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17136_none_a41467f93a330db6\tcpip.sys
[2014.09.08 04:07:38 | 002,497,344 | ---- | M] (Microsoft Corporation) MD5=CCB3A2BB60FE5073F2DEA63FE83CF8FE -- C:\WINDOWS\SysNative\drivers\tcpip.sys
[2014.09.08 04:07:38 | 002,497,344 | ---- | M] (Microsoft Corporation) MD5=CCB3A2BB60FE5073F2DEA63FE83CF8FE -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17336_none_a4146bc53a330804\tcpip.sys
[2014.11.15 20:08:43 | 000,241,540 | ---- | M] () MD5=E7D9CAEE2A6C4007CB85632A13D4EEF3 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17278_none_a3eb2ac33a51ad4f\tcpip.sys

< MD5 for: USERINIT.EXE >
[2013.08.22 11:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\WINDOWS\SysNative\userinit.exe
[2013.08.22 11:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_cce71a20a5a6fe7f\userinit.exe
[2013.08.22 03:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\Windows\SysWOW64\userinit.exe
[2013.08.22 03:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_70c87e9ced498d49\userinit.exe

< MD5 for: WINLOGON.EXE >
[2014.02.22 10:45:48 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- C:\WINDOWS\SysNative\winlogon.exe
[2014.02.22 10:45:48 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17031_none_60b45365a8c2ccdb\winlogon.exe
[2014.10.01 11:09:16 | 000,761,656 | ---- | M] (MalwareBytes) MD5=C0AFB3C7E6C7CA3F6E42FF242BBBCB1F -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2014.05.01 08:12:33 | 000,089,459 | ---- | M] () MD5=E40DC8DF924E02F04F3620DBAC1ACE31 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe

< MD5 for: WS2_32.DLL >
[2013.08.22 06:17:54 | 000,313,488 | ---- | M] (Microsoft Corporation) MD5=428AF7FA03FF09CE1CD373ABFEBAD8A3 -- C:\Windows\SysWOW64\ws2_32.dll
[2013.08.22 06:17:54 | 000,313,488 | ---- | M] (Microsoft Corporation) MD5=428AF7FA03FF09CE1CD373ABFEBAD8A3 -- C:\Windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_87577549e9ef9b02\ws2_32.dll
[2013.08.22 14:25:35 | 000,355,872 | ---- | M] (Microsoft Corporation) MD5=6F997D98C6A30D79C622811FBAB9119E -- C:\WINDOWS\SysNative\ws2_32.dll
[2013.08.22 14:25:35 | 000,355,872 | ---- | M] (Microsoft Corporation) MD5=6F997D98C6A30D79C622811FBAB9119E -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_e37610cda24d0c38\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[10 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.11.04 19:45:22 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Adobe
[2013.10.31 01:33:51 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\ASUS WebStorage
[2013.11.03 09:21:31 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Atheros
[2014.10.28 20:56:25 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\DAEMON Tools Lite
[2013.12.27 22:45:16 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Digidesign
[2013.11.15 18:25:48 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Garena
[2014.07.29 17:39:29 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\GarenaPlus
[2014.11.24 23:48:15 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Google Chrome Backup
[2013.12.25 20:11:54 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Identities
[2014.06.24 09:16:21 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\InstallShield
[2013.12.27 12:38:17 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Leadertech
[2013.10.30 19:37:35 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Macromedia
[2014.03.02 16:59:55 | 000,000,000 | --SD | M] -- C:\Users\admin\AppData\Roaming\Microsoft
[2014.11.09 13:49:28 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\MusE
[2013.11.13 19:12:02 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\NVIDIA
[2013.12.27 11:56:52 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\PACE Anti-Piracy
[2014.03.08 15:49:06 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Propellerhead Software
[2014.11.09 16:29:19 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Sibelius Software
[2014.11.24 21:56:32 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Skype
[2013.11.16 16:31:09 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\STV Software
[2014.06.25 18:30:54 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Ubisoft
[2014.11.21 08:09:36 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\uTorrent

< %APPDATA%\*.exe /s >
[2014.02.09 12:24:26 | 000,010,134 | R--- | M] () -- C:\Users\admin\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2014.10.29 23:40:58 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
[2013.11.01 13:32:53 | 001,141,328 | ---- | M] (BitTorrent Inc.) -- C:\Users\admin\AppData\Roaming\uTorrent\updates\3.3.2_30260.exe
[2013.11.19 09:42:10 | 000,900,440 | ---- | M] (BitTorrent Inc.) -- C:\Users\admin\AppData\Roaming\uTorrent\updates\3.3.2_30303.exe
[2014.01.23 14:38:31 | 000,905,296 | ---- | M] (BitTorrent Inc.) -- C:\Users\admin\AppData\Roaming\uTorrent\updates\3.3.2_30488.exe
[2014.05.15 16:21:52 | 001,272,400 | ---- | M] (BitTorrent Inc.) -- C:\Users\admin\AppData\Roaming\uTorrent\updates\3.4.1_31139.exe
[2014.06.13 21:47:40 | 001,267,536 | ---- | M] (BitTorrent Inc.) -- C:\Users\admin\AppData\Roaming\uTorrent\updates\3.4.1_31395.exe
[2014.07.04 12:33:57 | 001,322,832 | ---- | M] (BitTorrent Inc.) -- C:\Users\admin\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe
[2014.09.25 20:12:47 | 001,416,016 | ---- | M] (BitTorrent Inc.) -- C:\Users\admin\AppData\Roaming\uTorrent\updates\3.4.2_34024.exe
[2014.10.08 19:51:19 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\admin\AppData\Roaming\uTorrent\updates\3.4.2_34309.exe
[2014.10.29 23:40:58 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\admin\AppData\Roaming\uTorrent\updates\3.4.2_34944.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.11.25 20:05:42 | 000,000,018 | ---- | M] () -- C:\WINDOWS\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"GarenaPlus" = "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch -- [2014.04.29 10:28:26 | 009,936,176 | ---- | M] ()
"Steam" = "C:\Program Files (x86)\Steam\steam.exe" -silent -- [2014.11.18 21:23:34 | 001,940,160 | ---- | M] (Valve Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.11.25 20:09:55 | 000,000,512 | ---- | M] () MD5=5BE5CD2F6E203CD8F644C61776E2389F -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2006.01.27 20:55:41 | 000,000,149 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\decals\{crack1.vmt
[2006.01.27 20:55:41 | 000,002,896 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\decals\{crack1.vtf
[2006.01.27 20:55:41 | 000,000,149 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\decals\{crack2.vmt
[2006.01.27 20:55:41 | 000,011,088 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\decals\{crack2.vtf
[2006.01.27 20:55:41 | 000,000,149 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\decals\{crack3.vmt
[2006.01.27 20:55:41 | 000,005,680 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\decals\{crack3.vtf
[2006.01.27 20:55:41 | 000,000,149 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\decals\{crack4.vmt
[2006.01.27 20:55:41 | 000,005,680 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\decals\{crack4.vtf
[2013.11.14 17:38:33 | 000,000,159 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Batman A. A. Crack.rar.torrent
[2013.11.14 10:56:06 | 000,014,322 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Batman Arkham Asylum patch 1.1 +RELOADED Crack.torrent
[2014.02.09 12:32:53 | 000,029,992 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\The Sims 3 + Patch 1.15.34 + Crack.torrent
[2014.07.15 10:57:52 | 000,000,483 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Tomb.Raider.CRACK.ONLY-SKIDROW.torrent
[2014.06.25 18:29:11 | 010,722,062 | ---- | M] () -- \Users\admin\Downloads\Assassins-creed-crack-100%FUNKČNÍ.rar
[2013.11.14 17:38:46 | 000,026,525 | ---- | M] () -- \Users\admin\Downloads\Batman A. A. Crack.rar
[2014.02.13 13:27:47 | 005,497,532 | ---- | M] () -- \Users\admin\Downloads\The-sims-3-crack.rar
[2014.05.16 13:42:36 | 004,942,599 | ---- | M] () -- \Users\admin\Downloads\Tomb-Raider-2013-crack-fix.rar
[2014.02.09 12:42:33 | 229,856,467 | ---- | M] () -- \Users\admin\Downloads\The Sims 3 + Patch 1.15.34 + Crack\The Sims 3 Patch 1.15.34 + Crack.7z

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2013.04.16 17:25:34 | 000,171,832 | ---- | M] () -- \Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
[2013.04.16 17:25:30 | 000,170,808 | ---- | M] () -- \Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPLoader.exe
[2012.05.30 20:55:22 | 000,010,781 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\mm\MediaCtrl\ImageLoader.kc
[2012.05.30 20:55:28 | 000,003,492 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\widget\langloader.kc
[2012.05.30 20:55:28 | 000,013,453 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\widget\layoutloader.kc
[2011.05.05 15:35:06 | 000,010,775 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\mm\MediaCtrl\ImageLoader.kc
[2011.05.05 15:35:08 | 000,003,567 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\widget\langloader.kc
[2011.05.05 15:35:08 | 000,013,369 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\widget\layoutloader.kc
[2013.10.24 03:16:54 | 000,051,504 | ---- | M] () -- \Program Files (x86)\Garena Plus\FileLoader.dll
[2013.10.24 03:16:58 | 002,941,232 | ---- | M] () -- \Program Files (x86)\Garena Plus\ggdownloader.dll
[2013.12.19 12:34:02 | 000,255,280 | ---- | M] () -- \Program Files (x86)\Garena Plus\bbtalk\GarenaTalkLoader.exe
[2006.01.27 20:57:17 | 000,000,175 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\models\loader\loaderchrome.vmt
[2006.01.27 20:57:17 | 000,002,936 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\models\loader\loaderCHROME.vtf
[2006.01.27 20:57:16 | 000,000,071 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\models\loader\loader_base.vmt
[2006.01.27 20:57:16 | 000,011,128 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\models\loader\loader_base.vtf
[2006.01.27 20:57:16 | 000,000,078 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\models\loader\loader_base_panels.vmt
[2006.01.27 20:57:16 | 000,002,936 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\models\loader\loader_base_panels.vtf
[2006.01.27 20:57:16 | 000,000,077 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\models\loader\loader_base_sides.vmt
[2006.01.27 20:57:16 | 000,002,936 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\models\loader\loader_base_sides.vtf
[2006.01.27 20:57:16 | 000,000,077 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\models\loader\loader_body_hatch.vmt
[2006.01.27 20:57:16 | 000,011,128 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\models\loader\loader_body_hatch.vtf
[2006.01.27 20:57:16 | 000,000,076 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\models\loader\loader_body_side.vmt
[2006.01.27 20:57:16 | 000,011,128 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\models\loader\loader_body_side.vtf
[2006.01.27 20:57:16 | 000,000,180 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\models\loader\loader_darkchrome.vmt
[2006.01.27 20:57:16 | 000,002,936 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\models\loader\loader_darkCHROME.vtf
[2006.01.27 20:57:16 | 000,000,071 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\models\loader\loader_head.vmt
[2006.01.27 20:57:16 | 000,002,936 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\models\loader\loader_head.vtf
[2006.01.27 20:57:16 | 000,000,076 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\models\loader\loader_leg_hydro.vmt
[2006.01.27 20:57:16 | 000,001,512 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\models\loader\loader_leg_hydro.vtf
[2006.01.27 20:57:16 | 000,000,080 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\models\loader\loader_leg_hydro_cut.vmt
[2006.01.27 20:57:16 | 000,000,888 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\models\loader\loader_leg_hydro_cut.vtf
[2006.01.27 20:57:16 | 000,000,076 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\models\loader\loader_leg_side1.vmt
[2006.01.27 20:57:16 | 000,011,048 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\models\loader\loader_leg_side1.vtf
[2006.01.27 20:57:16 | 000,000,182 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\models\loader\loader_steelchrome1.vmt
[2006.01.27 20:57:16 | 000,002,936 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\materials\models\loader\loader_steelchrome1.vtf
[2006.01.27 20:58:05 | 000,064,175 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\models\loader.dx80.vtx
[2006.01.27 20:58:05 | 000,064,175 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\models\loader.dx90.vtx
[2006.01.27 20:58:05 | 000,142,832 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\models\loader.mdl
[2006.01.27 20:58:05 | 000,062,943 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\models\loader.sw.vtx
[2006.01.27 21:44:57 | 000,807,714 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\models\loader.tga
[2006.01.27 20:58:05 | 000,278,784 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\models\loader.vvd
[2006.01.27 21:44:57 | 000,063,343 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\models\loader_Static.dx80.vtx
[2006.01.27 21:44:57 | 000,063,343 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\models\loader_Static.dx90.vtx
[2006.01.27 21:44:57 | 000,009,563 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\models\loader_Static.jpg
[2006.01.27 21:44:57 | 000,009,820 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\models\loader_Static.mdl
[2006.01.27 21:44:57 | 000,063,343 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\models\loader_Static.sw.vtx
[2006.01.27 21:44:57 | 000,278,784 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\models\loader_Static.vvd
[2006.01.27 20:58:15 | 000,012,764 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\sound\ambience\loader_hydra1.wav
[2006.01.27 20:58:15 | 000,012,164 | ---- | M] () -- \Program Files (x86)\Half Life\hl1\sound\ambience\loader_step1.wav
[2013.02.01 00:16:50 | 000,065,344 | R--- | M] () -- \Program Files (x86)\Hi-Rez Studios\HiRezGames\smite\Binaries\Win32\PhysXLoader.dll
[2013.07.25 03:43:28 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.07.25 03:43:30 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013.07.25 03:43:12 | 000,073,024 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.07.25 03:43:12 | 000,080,704 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2014.11.11 19:48:42 | 000,007,825 | ---- | M] () -- \Program Files (x86)\Steam\remoteui\static\libs\images\ajax-loader.gif
[2014.08.19 08:21:30 | 000,071,008 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\C9\PhysXLoader.dll
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2012.05.21 22:56:04 | 000,002,196 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\GamePlay_Loader.html
[2012.07.19 00:18:28 | 000,000,598 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\EULA\images\downloader_bg_400.gif
[2012.05.21 22:56:04 | 000,009,085 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\Scripts\gameplay_loader.js
[2010.11.03 22:17:00 | 000,002,355 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\Skins\default\gameplay_loader.css
[2013.10.18 02:34:40 | 001,168,672 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{B2B88848-E0C0-4DCD-8EA0-F714F670E194}\ExtensionLoader.dll
[2014.02.20 13:29:46 | 000,000,856 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.212_x64__8wekyb3d8bbwe\js\HtmlFileLoader.js
[2013.11.14 08:17:12 | 000,001,160 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\modernpeople\appframe\backgroundloader.js
[2013.11.14 08:17:13 | 000,004,996 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\modernshareanything\sharedataloader.js
[2013.11.14 08:17:13 | 000,002,125 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\modernsharetarget\sharemaildataloader.js
[2013.11.14 08:18:54 | 000,043,128 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013.12.19 23:11:40 | 000,084,642 | ---- | M] () -- \ProgramData\GarenaMessenger\update\12333\bbtalk\GarenaTalkLoader.exe
[2014.07.24 14:53:16 | 000,072,638 | ---- | M] () -- \Users\admin\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.07.24 14:53:16 | 000,003,032 | ---- | M] () -- \Users\admin\AppData\Local\Skype\Apps\login\images\loader.png
[2014.07.24 14:53:16 | 000,006,012 | ---- | M] () -- \Users\admin\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.07.24 14:53:16 | 000,021,956 | ---- | M] () -- \Users\admin\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.07.24 14:53:16 | 000,009,772 | ---- | M] () -- \Users\admin\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2013.12.19 23:11:40 | 000,084,642 | ---- | M] () -- \Users\All Users\GarenaMessenger\update\12333\bbtalk\GarenaTalkLoader.exe
[2014.10.30 22:51:18 | 000,123,732 | ---- | M] () -- \Windows\Prefetch\SOFTONICDOWNLOADER_FOR_MKV-PL-56935790.pf
[2013.08.22 05:17:27 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.22 05:17:25 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-1.dll
[2013.08.22 05:17:24 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-2-0.dll
[2013.08.22 05:17:20 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013.08.22 05:17:34 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-0.dll
[2013.08.22 05:17:33 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-1.dll
[2013.08.22 04:55:19 | 000,036,352 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.08.22 14:25:39 | 000,003,584 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.22 14:25:39 | 000,003,072 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013.08.22 14:25:38 | 000,002,560 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2013.08.22 05:17:27 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.22 05:17:25 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-1.dll
[2013.08.22 05:17:24 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-2-0.dll
[2013.08.22 05:17:20 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013.08.22 05:17:34 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-0.dll
[2013.08.22 05:17:33 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-1.dll
[2013.08.22 04:55:19 | 000,036,352 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2013.08.22 14:25:39 | 000,003,584 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.22 14:25:39 | 000,003,072 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013.08.22 14:25:38 | 000,002,560 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2014.04.15 22:20:05 | 000,592,677 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.efi
[2014.04.15 22:20:03 | 000,536,051 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.exe
[2014.02.22 16:49:46 | 001,390,936 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17031_none_2142a5b03956989d\hvloader.efi
[2014.02.22 16:49:46 | 001,263,960 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17031_none_2142a5b03956989d\hvloader.exe
[2014.03.04 13:26:22 | 001,390,936 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17039_none_214aa800394f6355\hvloader.efi
[2014.03.04 13:26:22 | 001,263,960 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17039_none_214aa800394f6355\hvloader.exe
[2013.08.22 12:21:30 | 000,046,592 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_36b27bfc6399d5ce\dmloader.dll
[2013.08.22 14:25:37 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.22 14:25:37 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-1.dll
[2013.08.22 14:25:36 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-stringloader-l1-1-1.dll
[2013.08.22 12:45:31 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.22 12:45:33 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-1.dll
[2013.08.22 12:45:35 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-2-0.dll
[2013.08.22 12:45:30 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013.08.22 12:45:40 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-0.dll
[2013.08.22 12:45:44 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-1.dll
[2014.04.30 08:46:21 | 000,000,462 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759.manifest
[2014.05.01 08:35:17 | 000,009,321 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759_winload.efi.mui_35ee487d
[2014.05.01 08:35:17 | 000,009,332 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759_winload.exe.mui_3bc5b827
[2014.05.01 08:35:17 | 000,007,774 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759_winresume.efi.mui_f412814e
[2014.05.01 08:35:17 | 000,007,774 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759_winresume.exe.mui_ff8b5358
[2014.09.14 12:45:30 | 000,000,547 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd.manifest
[2014.09.15 15:23:47 | 000,724,249 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winload.efi_75834aa0
[2014.09.15 15:23:48 | 000,660,625 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winload.exe_75835076
[2014.09.15 15:23:49 | 000,646,411 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winresume.efi_85cd069f
[2014.09.15 15:23:51 | 000,587,303 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winresume.exe_85cd1215
[2013.08.22 16:34:52 | 000,000,596 | ---- | M] () -- \Windows\WinSxS\FileMaps\programdata_microsoft_network_downloader_7fafaef6d33e4371.cdf-ms
[2013.11.14 08:13:54 | 000,000,459 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_en-us_67571a10b7fadce7.manifest
[2014.04.15 21:34:48 | 000,000,462 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759.manifest
[2013.08.22 16:22:38 | 000,000,542 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16384_none_4be51a3d409de6bc.manifest
[2013.11.14 08:25:07 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16411_none_4c2dcab94067d447.manifest
[2013.11.14 08:31:29 | 000,000,546 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16415_none_4c31cbe1406439a3.manifest
[2013.12.25 19:30:07 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16452_none_4c038b5340875d62.manifest
[2014.04.15 21:34:50 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17031_none_4c180c814078312e.manifest
[2014.09.14 08:56:12 | 000,000,547 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd.manifest
[2013.08.22 04:55:19 | 000,036,352 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_da93e078ab3c6498\dmloader.dll
[2013.08.22 14:25:39 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.22 14:25:39 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-1.dll
[2013.08.22 14:25:38 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-stringloader-l1-1-1.dll
[2013.08.22 05:17:27 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.22 05:17:25 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-1.dll
[2013.08.22 05:17:24 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-2-0.dll
[2013.08.22 05:17:20 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013.08.22 05:17:34 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-0.dll
[2013.08.22 05:17:33 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-1.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >
[2013.11.26 15:35:24 | 000,000,161 | ---- | M] () -- \Windows\AutoKMS.ini
[3 \Windows\*.tmp files -> \Windows\*.tmp -> ]

< *activator* /s >

< *serial* /s >
[2006.01.21 20:11:15 | 000,122,880 | ---- | M] () -- \Program Files (x86)\Half Life\bin\dmserializers.dll
[2013.02.13 14:09:51 | 000,020,800 | R--- | M] () -- \Program Files (x86)\Hi-Rez Studios\HiRezGames\smite\Binaries\Autoreporter.XmlSerializers.dll
[2014.07.09 02:45:06 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2005.06.15 18:16:50 | 000,029,102 | ---- | M] () -- \Program Files (x86)\Sibelius Software\Sibelius 5\Worksheet Creator\Worksheets\Worksheet1Composingaserialm.sib
[2014.07.09 02:45:33 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2014.07.19 14:09:19 | 000,018,952 | ---- | M] () -- \Program Files\WindowsApps\AD2F1837.HPPrinterControl_45.1.160.0_x86__v10z8vjag6ke6\MsgSerializerLib.dll
[2014.11.24 23:55:09 | 000,025,646 | ---- | M] () -- \Users\admin\AppData\Local\Microsoft\Windows\INetCache\Low\IE\GKSAT1BT\serial[1].js
[2014.06.23 23:12:42 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2014.07.09 02:45:06 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.10.26 20:43:36 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\6a2440fc7faa6508b9e9a7b0c5c93926\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.09.22 16:07:26 | 000,008,704 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt6a32fdc5#\e689a3a0890ef282d7e70d3367726e7b\System.Runtime.Serialization.Xml.ni.dll
[2014.09.22 16:07:26 | 000,000,292 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt6a32fdc5#\e689a3a0890ef282d7e70d3367726e7b\System.Runtime.Serialization.Xml.ni.dll.aux
[2014.09.22 16:07:30 | 000,008,704 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtdf6812ee#\b7c90cd61aa57b4858a896d7e33c30d9\System.Runtime.Serialization.Primitives.ni.dll
[2014.09.22 16:07:30 | 000,000,300 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtdf6812ee#\b7c90cd61aa57b4858a896d7e33c30d9\System.Runtime.Serialization.Primitives.ni.dll.aux
[2014.10.19 09:21:03 | 002,803,200 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\ab763e7f2c7532e9fe8f587995105156\System.Runtime.Serialization.ni.dll
[2014.10.19 09:21:03 | 000,000,980 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\ab763e7f2c7532e9fe8f587995105156\System.Runtime.Serialization.ni.dll.aux
[2014.10.13 10:42:30 | 000,008,704 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.429e8964#\d875b108d13cb8d893ac4c27fff8f539\System.Xml.XmlSerializer.ni.dll
[2014.10.13 10:42:30 | 000,000,284 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.429e8964#\d875b108d13cb8d893ac4c27fff8f539\System.Xml.XmlSerializer.ni.dll.aux
[2014.10.19 11:30:19 | 003,529,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\769339283c5376245c011d81ce725abd\System.Runtime.Serialization.ni.dll
[2014.10.19 11:30:19 | 000,000,980 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\769339283c5376245c011d81ce725abd\System.Runtime.Serialization.ni.dll.aux
[2013.08.22 16:32:39 | 000,001,032 | ---- | M] () -- \Windows\Inf\c_multiportserial.inf
[2013.08.10 01:55:16 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.08.10 01:55:16 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013.08.10 01:55:16 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013.08.10 01:55:16 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2014.07.24 04:20:32 | 001,059,536 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.08.10 01:55:49 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013.08.10 01:55:49 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2014.06.23 23:12:42 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2014.07.09 02:45:07 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014.07.24 04:20:32 | 001,059,536 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013.08.10 01:55:16 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.08.10 01:55:16 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.08.10 01:55:16 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.08.10 01:55:16 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.08.10 01:55:49 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013.08.10 01:55:49 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2014.06.23 23:12:50 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2014.07.09 02:45:34 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014.07.24 04:20:21 | 001,059,536 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013.08.10 01:41:27 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.08.10 01:41:27 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.08.10 01:41:28 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.08.10 01:41:28 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.08.10 01:42:08 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013.08.10 01:42:08 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.08.22 22:07:12 | 000,008,827 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~sk-SK~6.3.9600.16384.cat
[2013.08.22 21:41:06 | 000,000,781 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~sk-SK~6.3.9600.16384.mum
[2013.08.22 13:55:01 | 000,008,827 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat
[2013.08.22 07:47:48 | 000,000,511 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.mum
[2013.08.22 04:48:16 | 000,015,872 | ---- | M] () -- \Windows\System32\serialui.dll
[2013.08.22 22:07:12 | 000,008,827 | ---- | M] () -- \Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~sk-SK~6.3.9600.16384.cat
[2013.08.22 13:55:01 | 000,008,827 | ---- | M] () -- \Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat
[2013.11.14 08:14:20 | 000,000,232 | ---- | M] () -- \Windows\System32\DriverStore\en-US\c_multiportserial.inf_loc
[2013.08.22 07:57:38 | 000,001,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\c_multiportserial.inf_amd64_7875073d426d59a6\c_multiportserial.inf
[2013.12.25 19:39:21 | 000,004,224 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\c_multiportserial.inf_amd64_7875073d426d59a6\c_multiportserial.PNF
[2013.08.22 12:40:08 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_1be60ad3a61e5531\serial.sys
[2013.11.14 08:14:24 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2013.08.22 04:48:16 | 000,015,872 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2013.11.14 08:14:24 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\sk-SK\serialui.dll.mui
[2013.11.14 08:14:20 | 000,000,232 | ---- | M] () -- \Windows\WinSxS\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_35eaebe6834354eb\c_multiportserial.inf_loc
[2013.08.22 07:57:38 | 000,001,032 | ---- | M] () -- \Windows\WinSxS\amd64_c_multiportserial.inf_31bf3856ad364e35_6.3.9600.16384_none_91b10a007e43beff\c_multiportserial.inf
[2013.11.14 08:14:24 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.3.9600.16384_sk-sk_6abba959e4bb151f\serialui.dll.mui
[2013.08.22 12:13:54 | 000,017,920 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.3.9600.16384_none_e5c00198f2a1c32d\serialui.dll
[2013.11.14 08:14:20 | 000,010,240 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_f8cacded072dc6f7\serial.sys.mui
[2013.08.22 12:40:08 | 000,083,456 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf_31bf3856ad364e35_6.3.9600.16384_none_e95610bc8c554aa7\serial.sys
[2013.08.10 01:41:27 | 000,142,104 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9600.16384_none_f73c7de0bb1de286\System.Runtime.Serialization.Formatters.Soap.dll
[2013.08.10 01:41:28 | 000,029,432 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..lization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_64635c6af076b012\System.Runtime.Serialization.Primitives.dll
[2013.08.10 01:41:27 | 000,029,392 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_031841e9b021a288\System.Runtime.Serialization.Json.dll
[2013.08.10 01:41:28 | 000,029,896 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_ea3019bcd508d7f5\System.Runtime.Serialization.Xml.dll
[2014.09.15 15:07:36 | 000,018,929 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_afcfdcce0af8e4ba\System.Runtime.Serialization.dll
[2014.07.24 04:20:21 | 001,059,536 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.17238_none_afca82460afdc961\System.Runtime.Serialization.dll
[2014.09.15 15:07:39 | 000,004,122 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.20720_none_98fc8f0624a54725\System.Runtime.Serialization.dll
[2013.08.10 01:42:08 | 000,045,720 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_1f92ce7ac9b9f399\System.Xml.Serialization.dll
[2013.08.10 01:42:08 | 000,029,848 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_0b1c65bd7b1ef04c\System.Xml.XmlSerializer.dll
[2014.08.18 23:54:05 | 000,000,531 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.16384_none_f057a9271ce694b1\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.23 23:12:50 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.17226_none_f0517be51cec2cbf\System.Runtime.Serialization.Formatters.Soap.dll
[2014.08.18 23:54:06 | 000,000,491 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.20708_none_d981a48b36959176\System.Runtime.Serialization.Formatters.Soap.dll
[2014.08.18 23:55:32 | 000,000,639 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.16384_none_9fc99c9c7c4c05c7\System.Runtime.Serialization.dll
[2014.09.15 15:09:16 | 000,000,425 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.17226_none_9fc36f5a7c519dd5\System.Runtime.Serialization.dll
[2014.07.09 02:45:34 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.17231_none_9fc4e18c7c503707\System.Runtime.Serialization.dll
[2014.08.18 23:55:34 | 000,000,424 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.20708_none_88f3980095fb028c\System.Runtime.Serialization.dll
[2014.09.15 15:09:18 | 000,000,619 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.20717_none_88f4af1295fa0242\System.Runtime.Serialization.dll
[2014.08.18 23:55:35 | 000,000,639 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_daa0a966d0440060\System.Runtime.Serialization.dll
[2014.09.15 15:09:20 | 000,000,425 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_da9a7c24d049986e\System.Runtime.Serialization.dll
[2014.07.09 02:45:33 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17231_none_da9bee56d04831a0\System.Runtime.Serialization.dll
[2014.08.18 23:55:37 | 000,000,424 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_c3caa4cae9f2fd25\System.Runtime.Serialization.dll
[2014.09.15 15:09:21 | 000,000,619 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20717_none_c3cbbbdce9f1fcdb\System.Runtime.Serialization.dll
[2013.11.14 08:13:23 | 000,000,276 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf-languagepack_31bf3856ad364e35_6.3.9600.16384_sk-sk_ee95d5b2aeec0f13.manifest
[2013.11.14 08:13:35 | 000,000,249 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_35eaebe6834354eb.manifest
[2013.08.22 16:20:14 | 000,000,210 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf_31bf3856ad364e35_6.3.9600.16384_none_91b10a007e43beff.manifest
[2013.08.22 14:25:34 | 000,000,297 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.3.9600.16384_none_0273ed2980a1f589.manifest
[2013.08.22 16:22:11 | 000,001,512 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-serial-classextension_31bf3856ad364e35_6.3.9600.16384_none_26d3123b2d2a9360.manifest
[2013.08.22 16:22:07 | 000,000,110 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.3.9600.16384_none_1d7b32f2da6cfe0c.manifest
[2013.08.22 16:24:27 | 000,000,402 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_031841e9b021a288.manifest
[2013.08.22 16:24:29 | 000,000,401 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_ea3019bcd508d7f5.manifest
[2013.08.22 16:24:24 | 000,000,420 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_afcfdcce0af8e4ba.manifest
[2014.09.10 21:19:29 | 000,000,420 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.17238_none_afca82460afdc961.manifest
[2014.09.10 21:19:29 | 000,000,413 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.20720_none_98fc8f0624a54725.manifest
[2013.08.22 16:24:28 | 000,000,397 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_1f92ce7ac9b9f399.manifest
[2013.08.22 16:24:27 | 000,000,403 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_0b1c65bd7b1ef04c.manifest
[2013.08.22 16:24:13 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.16384_none_9fc99c9c7c4c05c7.manifest
[2014.08.14 00:29:26 | 000,000,404 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.17226_none_9fc36f5a7c519dd5.manifest
[2014.09.10 21:18:24 | 000,000,404 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.17231_none_9fc4e18c7c503707.manifest
[2014.08.14 00:29:26 | 000,000,407 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.20708_none_88f3980095fb028c.manifest
[2014.09.10 21:18:24 | 000,000,406 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.20717_none_88f4af1295fa0242.manifest
[2013.08.22 16:24:13 | 000,000,416 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_daa0a966d0440060.manifest
[2014.08.14 00:29:26 | 000,000,413 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_da9a7c24d049986e.manifest
[2014.09.10 21:18:24 | 000,000,412 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17231_none_da9bee56d04831a0.manifest
[2014.08.14 00:29:26 | 000,000,415 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_c3caa4cae9f2fd25.manifest
[2014.09.10 21:18:24 | 000,000,414 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20717_none_c3cbbbdce9f1fcdb.manifest
[2013.08.22 16:24:29 | 000,000,418 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_61eedd30ec040245.manifest
[2013.08.22 16:24:24 | 000,000,430 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_dde82ee214ba2d3d.manifest
[2013.08.22 16:24:13 | 000,000,400 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.16384_none_ed2ffed67c428df1.manifest
[2014.08.14 00:29:26 | 000,000,399 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.17226_none_ed29d1947c4825ff.manifest
[2014.09.10 21:18:24 | 000,000,401 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.17231_none_ed2b43c67c46bf31.manifest
[2014.08.14 00:29:26 | 000,000,399 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.20708_none_d659fa3a95f18ab6.manifest
[2014.09.10 21:18:24 | 000,000,401 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.20717_none_d65b114c95f08a6c.manifest
[2013.11.14 08:14:03 | 000,000,149 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.16384_en-us_80951863a93f3c56.manifest
[2014.09.10 21:19:28 | 000,000,149 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.17238_en-us_808fbddba94420fd.manifest
[2014.09.10 21:19:28 | 000,000,148 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.20720_en-us_69c1ca9bc2eb9ec1.manifest
[2013.11.14 08:14:01 | 000,000,152 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.16384_en-us_d5f7bfa5c739f91d.manifest
[2014.08.14 00:29:26 | 000,000,151 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.17226_en-us_d5f19263c73f912b.manifest
[2014.09.10 21:18:24 | 000,000,152 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.17231_en-us_d5f30495c73e2a5d.manifest
[2014.08.14 00:29:26 | 000,000,151 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.20708_en-us_bf21bb09e0e8f5e2.manifest
[2014.09.10 21:18:24 | 000,000,152 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.20717_en-us_bf22d21be0e7f598.manifest
[2013.08.22 16:24:24 | 000,000,419 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_0d0d9cf22bac10f4.manifest
[2013.08.22 16:24:27 | 000,000,471 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.16384_none_c8108d2e85eed25d.manifest
[2014.09.10 21:19:29 | 000,000,471 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.17238_none_c80b32a685f3b704.manifest
[2014.09.10 21:19:29 | 000,000,465 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.20720_none_b13d3f669f9b34c8.manifest
[2013.08.22 16:24:13 | 000,000,422 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.16384_none_1d733470a3e98f24.manifest
[2014.08.14 00:29:26 | 000,000,421 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.17226_none_1d6d072ea3ef2732.manifest
[2014.09.10 21:18:24 | 000,000,422 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.17231_none_1d6e7960a3edc064.manifest
[2014.08.14 00:29:26 | 000,000,421 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.20708_none_069d2fd4bd988be9.manifest
[2014.09.10 21:18:24 | 000,000,423 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.20717_none_069e46e6bd978b9f.manifest
[2013.08.22 16:24:28 | 000,000,447 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.serialization_b77a5c561934e089_4.0.9600.16384_none_5aaf0d34c0033202.manifest
[2013.08.22 16:24:24 | 000,000,420 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_3cc4c9f9340d8755.manifest
[2013.08.22 16:24:56 | 000,000,411 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_224de03de4c02966.manifest
[2014.08.14 00:29:26 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_2247b2fbe4c5c174.manifest
[2014.09.10 21:18:24 | 000,000,412 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17231_none_2249252de4c45aa6.manifest
[2014.08.14 00:29:26 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_0b77dba1fe6f262b.manifest
[2014.09.10 21:18:24 | 000,000,411 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20717_none_0b78f2b3fe6e25e1.manifest
[2013.08.10 01:55:16 | 000,142,104 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9600.16384_none_0dbd81c1c9e100df\System.Runtime.Serialization.Formatters.Soap.dll
[2014.08.18 23:57:32 | 000,000,531 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.16384_none_63202903e7dbbda6\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.23 23:12:42 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.17226_none_6319fbc1e7e155b4\System.Runtime.Serialization.Formatters.Soap.dll
[2014.08.18 23:57:33 | 000,000,491 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.20708_none_4c4a2468018aba6b\System.Runtime.Serialization.Formatters.Soap.dll
[2013.08.10 01:55:16 | 000,029,392 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_61eedd30ec040245\System.Runtime.Serialization.Json.dll
[2013.08.10 01:55:16 | 000,029,432 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_dde82ee214ba2d3d\System.Runtime.Serialization.Primitives.dll
[2014.08.18 23:57:35 | 000,000,661 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.16384_none_ed2ffed67c428df1\System.Runtime.Serialization.dll
[2014.09.15 15:10:32 | 000,000,436 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.17226_none_ed29d1947c4825ff\System.Runtime.Serialization.dll
[2014.07.09 02:45:07 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.17231_none_ed2b43c67c46bf31\System.Runtime.Serialization.dll
[2014.08.18 23:57:36 | 000,000,433 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.20708_none_d659fa3a95f18ab6\System.Runtime.Serialization.dll
[2014.09.15 15:10:34 | 000,000,632 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.20717_none_d65b114c95f08a6c\System.Runtime.Serialization.dll
[2013.08.10 01:55:16 | 000,029,896 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_0d0d9cf22bac10f4\System.Runtime.Serialization.Xml.dll
[2014.09.15 15:10:36 | 000,018,929 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.16384_none_c8108d2e85eed25d\System.Runtime.Serialization.dll
[2014.07.24 04:20:32 | 001,059,536 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.17238_none_c80b32a685f3b704\System.Runtime.Serialization.dll
[2014.09.15 15:10:38 | 000,004,122 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.20720_none_b13d3f669f9b34c8\System.Runtime.Serialization.dll
[2014.08.18 23:57:38 | 000,000,661 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.16384_none_1d733470a3e98f24\System.Runtime.Serialization.dll
[2014.09.15 15:10:40 | 000,000,436 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.17226_none_1d6d072ea3ef2732\System.Runtime.Serialization.dll
[2014.07.09 02:45:06 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.17231_none_1d6e7960a3edc064\System.Runtime.Serialization.dll
[2014.08.18 23:57:40 | 000,000,433 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.20708_none_069d2fd4bd988be9\System.Runtime.Serialization.dll
[2014.09.15 15:10:42 | 000,000,632 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.20717_none_069e46e6bd978b9f\System.Runtime.Serialization.dll
[2013.08.10 01:55:49 | 000,045,720 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.serialization_b77a5c561934e089_4.0.9600.16384_none_5aaf0d34c0033202\System.Xml.Serialization.dll
[2013.08.10 01:55:49 | 000,029,848 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_3cc4c9f9340d8755\System.Xml.XmlSerializer.dll
[2013.11.14 08:14:24 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.3.9600.16384_sk-sk_0e9d0dd62c5da3e9\serialui.dll.mui
[2013.08.22 04:48:16 | 000,015,872 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.3.9600.16384_none_89a166153a4451f7\serialui.dll
[2014.08.19 00:12:46 | 000,000,661 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_224de03de4c02966\System.Runtime.Serialization.dll
[2014.09.15 15:22:58 | 000,000,436 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_2247b2fbe4c5c174\System.Runtime.Serialization.dll
[2014.07.09 02:45:06 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17231_none_2249252de4c45aa6\System.Runtime.Serialization.dll
[2014.08.19 00:12:48 | 000,000,433 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_0b77dba1fe6f262b\System.Runtime.Serialization.dll
[2014.09.15 15:22:59 | 000,000,632 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20717_none_0b78f2b3fe6e25e1\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 237 bytes -> C:\Users\admin\SkyDrive:ms-properties
@Alternate Data Stream - 1270 bytes -> C:\Program Files (x86)\Common Files\System:XgL8Je0F9D7y86qRyUR

< End of report >

??? · #20 Příspěvek od **???** » 25 lis 2014 20:44

OTL Extras logfile created on: 25.11.2014 20:08:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\admin\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17416)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d.M.yyyy

3,89 Gb Total Physical Memory | 2,64 Gb Available Physical Memory | 67,95% Memory free
4,58 Gb Paging File | 3,23 Gb Available in Paging File | 70,62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,11 Gb Total Space | 111,43 Gb Free Space | 39,92% Space Free | Partition Type: NTFS
Drive D: | 397,87 Gb Total Space | 230,73 Gb Free Space | 57,99% Space Free | Partition Type: NTFS

Computer Name: ASUS | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3701647376-3946651554-1493002649-1002\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{363962FC-40EA-498D-A649-60B412713574}" = rport=445 | protocol=6 | dir=out | app=system |
"{3D5B0D06-68F5-4453-8824-4E22C4D116A9}" = rport=137 | protocol=17 | dir=out | app=system |
"{413899E7-552C-48BC-BB88-0C56772BAD6F}" = lport=137 | protocol=17 | dir=in | app=system |
"{4D69446C-8C65-4841-9825-8560E5150829}" = lport=445 | protocol=6 | dir=in | app=system |
"{4F255FE5-95DE-45B6-B856-D8A7DF060784}" = lport=139 | protocol=6 | dir=in | app=system |
"{54762AD3-3499-4252-BD4D-543FCA5347BB}" = rport=138 | protocol=17 | dir=out | app=system |
"{66FBF4B0-EEB6-483B-A291-82AB1FB55501}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{69A80AB5-755C-4B37-B7EF-56830C90D051}" = rport=139 | protocol=6 | dir=out | app=system |
"{921343CA-249F-418A-B954-C91E624B930C}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{9CC8B32C-F323-4170-AE47-B7B7761898CF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9DF568BF-1BE4-40F8-B58A-90F91C8AEB20}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{BD7EEA54-1F54-423F-A5EF-1C84B70BE00E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D9FDE7C5-91CF-4946-B79E-C7E264DA859C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E53FDB79-0F92-4F54-AC4C-E771E6EFA986}" = lport=138 | protocol=17 | dir=in | app=system |
"{F75A6549-60DA-41E3-ADAF-A6C7FA4DC938}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02918695-FB3D-404A-A15A-E88774B3F33F}" = dir=out | name=@{microsoft.bingnews_1.7.0.38_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{07725B94-9978-42DB-8974-38DFB959B386}" = dir=out | name=fresh paint |
"{07B4E6C4-F1DD-4E34-B790-675A4251817E}" = protocol=17 | dir=in | app=d:\games\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{0E9D2D2F-1B69-4CA0-B2F5-E3CB54BD8C15}" = dir=out | name=@{microsoft.bingfinance_1.7.0.38_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{0EED4455-6326-4D9A-B8FA-D28FE8299FAF}" = dir=out | name=sonicwall mobile connect |
"{118F0E2E-DD9D-44CF-ADFB-CFB9C7F1B5FC}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{152875A6-07B0-4AF3-B83B-59AF03CADC15}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{178DC030-0385-4D56-A69B-9168D2A73D5E}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{195A877B-32D0-46D3-8E8E-85ED2728F825}" = dir=in | name=sonicwall mobile connect |
"{19AA5AEE-0F1D-4253-A62F-EBDAEF4734A6}" = dir=out | name=check point vpn |
"{1CF59758-3DC5-4242-A7B0-373D36C21D26}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1EA60A2B-5C70-4288-ABA2-5E046ED73267}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{2969CFC2-2C9E-45A0-8899-0D1E50089360}" = dir=out | name=@{microsoft.bingsports_1.8.0.51_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{2A97932B-9D32-4FD5-9429-91D855BFE6DB}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{2C266CE4-2A2D-401D-8BC9-E63E35F82A4B}" = protocol=17 | dir=in | app=c:\program files (x86)\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe |
"{2C90E6D3-4689-4CF5-9DD3-B56DF36F1EEE}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{2DDA9850-8D4A-412C-9425-593677E269D7}" = protocol=6 | dir=in | app=d:\games\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{307C4A26-FB2A-44E6-9FE0-62CF162C31C7}" = dir=out | name=klasická angličtina sk |
"{30DE77EA-3ACB-4E51-B15D-D6C8AF073D35}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{357A3278-90E2-43DF-826D-D9A170F0224E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{35AD93D5-C252-4832-8735-ED1BBED2F128}" = dir=in | name=check point vpn |
"{38C52B2A-E962-44DB-BAF7-57FAB0964F6E}" = dir=out | name=@{microsoft.bingnews_3.0.4.213_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{38F934A9-F868-43DC-80ED-C9E67563E13C}" = protocol=6 | dir=in | app=c:\program files (x86)\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe |
"{3B80D2B4-92CA-4F65-A0F5-25417BCAC2C5}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{3C886246-3B43-47E1-AFD1-534354CBA33F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{3E0DF8AA-B3E2-46ED-9413-E57CB926F93E}" = dir=in | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{3E872706-1247-4C24-BA4C-815E9DFBF5AD}" = dir=out | name=juniper networks junos pulse |
"{40BE102C-8548-4B09-BE5D-F678567796F3}" = dir=in | name=f5 vpn |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{42AB92E3-B857-4155-BB59-BB1E79C178AF}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{430D3DEE-7CF5-4EDF-A055-63DED8A27E2E}" = protocol=6 | dir=in | app=d:\games\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{45EFC1B5-11F8-4CBE-9533-98ACF1B8FF87}" = dir=in | name=pinball fx2 |
"{45F4060D-C980-4EAC-AFD0-3645CFE4B06B}" = dir=out | name=@{microsoft.bingsports_3.0.4.244_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{490FD540-8466-4BF0-B92B-8A09C8AE0885}" = dir=out | name=@{magix.musicmakerjam_2.1.1031.0_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{4C187A7E-D3CA-404E-BD8D-EB95C5434BF2}" = dir=out | name=@{microsoft.bingfinance_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{4C7F573C-1993-496D-9818-4266ECBBF7C1}" = dir=out | name=@{microsoft.zunemusic_1.1.144.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{4CD8C9E2-265A-4DB7-BC65-682BA3590514}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{4D2024AF-2AA3-46DE-8FB9-0166AF9DF131}" = dir=out | name=@{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{4DA68F30-B5BE-4DB7-92EC-187B68A2D204}" = dir=out | name=@{microsoft.xboxlivegames_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{4FF02A86-5294-4BAD-9FBD-82E7A4FE9B1B}" = dir=out | name=windows_ie_ac_001 |
"{500678E6-254D-4561-9311-FB35B0E57DC2}" = dir=out | name=hp all-in-one printer remote |
"{52152D8B-83BA-4803-B9C4-B6558859D3B5}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\panprocess.exe |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{5784D492-4BA4-4F63-8C1B-8BE3AFD88F72}" = dir=in | app=c:\program files (x86)\garena plus\room\garena_room.exe |
"{5D8F0B59-8D6C-4C8E-B948-6FFDB4126992}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{611AE4F6-3581-4F57-8DB4-95415B9083E2}" = protocol=17 | dir=in | app=d:\games\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{67133294-2FA3-464A-B218-E335EDAC55CD}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{6B60402D-CE7F-4391-85B0-61AF00EBBCB1}" = dir=in | name=@{microsoft.skypeapp_1.3.0.112_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{73A69C48-994A-47C4-83FE-5785A2E54694}" = dir=out | name=windows_ie_ac_001 |
"{747852EA-7382-4087-9EEF-4A07E2CD2A78}" = dir=out | name=@{microsoft.zunemusic_2.6.476.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{7CB8A6E7-0850-4A1C-A3F4-74F24BB3512B}" = dir=out | name=@{microsoft.bingweather_3.0.4.249_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{7E327C31-DE86-4FF6-A2BE-9B7E4788E8E4}" = dir=in | app=c:\program files (x86)\garena plus\ggdllhost.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8194E462-A711-46D3-B0C0-5EA2E5A42BA7}" = dir=out | name=- games app - |
"{836DB403-E8D9-4107-A0BC-379438EF4715}" = dir=out | name=@{microsoft.skypeapp_1.3.0.112_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{8FC9E336-3D20-49AF-AD2A-A888867CB3A4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{91A9B4A3-781D-4E9A-A9DE-2C04FE7563FD}" = dir=out | name=f5 vpn |
"{91D0C66A-6228-4941-9E81-056DD18605EB}" = protocol=6 | dir=in | app=c:\users\admin\appdata\roaming\utorrent\utorrent.exe |
"{92417A21-BA58-435D-8AC4-F579E284E1A2}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{92804A52-E3B5-4369-945F-5EF6F0692BC8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{928BA6E9-6026-4A9C-8A24-F9BE0717D2E8}" = dir=out | name=@{microsoft.zunevideo_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{94D1ED62-D232-4263-9146-53F31AAF3127}" = dir=out | name=@{microsoft.bingtravel_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{9951231C-2BCA-4713-9C35-E5A1F5C3454C}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\panprocess.exe |
"{9A2BA1C1-D068-4334-B2E9-1D0F62A15180}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9C63A3A7-FC5D-4D69-BA88-F84972B33762}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{9C7DE214-AA80-411D-87C0-07718147583D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A1C40A5F-EA15-45E4-8BAB-F4EFA4B74681}" = dir=out | name=windows_ie_ac_001 |
"{A5DDD358-8691-4222-B6A9-59C4B74836D4}" = protocol=6 | dir=in | app=d:\games\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{AC4BE571-75EA-4850-A5A9-6A893F574E4A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AF702977-4330-41DC-B7EB-971528C7BDD5}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{B290DDE2-CF59-4D2C-8620-78FDE61B7C2D}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\panprocess.exe |
"{B7AFE8C8-A9BA-4696-A1FC-08A2E995A2CF}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\panprocess.exe |
"{BCA6D4E0-91B1-41A7-B38B-C2A8F2EA9CCC}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{C02D1C44-94A4-4771-BF66-5D8D4A7C3A4F}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{C34F2EFA-DE44-4F0E-BDF7-8BFD44B68E1F}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{CC06FBD0-FC38-47B0-9661-496941C46B2F}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{CDD5A79F-10E1-415C-8DDD-5CFE9827698E}" = dir=out | name=@{microsoft.bingtravel_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{CF875CAF-337D-4ACC-A46E-AF12E4C24695}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\c9\c9mappingaccount.exe |
"{D36B014A-7CD0-4072-B778-E10225A8E532}" = protocol=17 | dir=in | app=d:\games\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D75969BD-4EB3-4184-BC4C-7F17C7DC4911}" = dir=in | name=@{magix.musicmakerjam_2.1.1031.0_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{DA8EEAC6-C97A-4A41-ADFA-9780C6B91784}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{DAE9A8B6-9050-4875-87F3-C833995D1A9C}" = dir=out | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{DB3009B5-B4F7-4B85-A90C-F86022CAD15D}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DF731325-40C1-4BDE-ACF3-A450F28FCB80}" = dir=out | name=pinball fx2 |
"{E2840D88-F303-46AC-B77A-5F429207D027}" = dir=out | name=@{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{E3A0C6AB-C798-4541-8388-E0C2A6D97826}" = protocol=17 | dir=in | app=c:\users\admin\appdata\roaming\utorrent\utorrent.exe |
"{E40BD182-6066-4637-8142-D9A97E09A4B8}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E88CB7AE-C219-4A22-8317-52D27E4ED67D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\c9\c9mappingaccount.exe |
"{EB2A52E7-49CD-455D-A801-DB2B0461998F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{F52D145A-85A1-4812-ACB5-817F229B97B3}" = dir=in | name=hp all-in-one printer remote |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F6F34C5C-2CDB-4789-BB69-D66C5D93858E}" = dir=out | name=@{microsoft.zunevideo_2.6.408.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F98BF961-79B9-413B-BA5F-2B7CE4B79E6D}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{FC7CF798-CB4D-4E30-839B-17CC645A3D96}" = dir=in | name=juniper networks junos pulse |
"TCP Query User{089B6FB7-F1AF-4C4C-863C-E577E8BF110E}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{20D5B255-9B84-4030-9A4F-B48FC17BA87E}C:\users\admin\downloads\diablo-3.exe" = protocol=6 | dir=in | app=c:\users\admin\downloads\diablo-3.exe |
"TCP Query User{3EF1C221-D6D8-4179-BD31-F5DFCFBA690C}D:\games\stronghold\stronghold crusader\stronghold crusader.exe" = protocol=6 | dir=in | app=d:\games\stronghold\stronghold crusader\stronghold crusader.exe |
"TCP Query User{44490FBE-E38C-4230-8059-D5F16615E43E}C:\program files (x86)\garena plus\bbtalk\bbtalk.exe" = protocol=6 | dir=in | app=c:\program files (x86)\garena plus\bbtalk\bbtalk.exe |
"TCP Query User{5E3481E6-36DD-4549-ABEA-CE1B37076489}C:\program files (x86)\garena plus\bbtalk\bbtalk.exe" = protocol=6 | dir=in | app=c:\program files (x86)\garena plus\bbtalk\bbtalk.exe |
"TCP Query User{72E10F2B-4B41-442B-8861-2EA8FCC329DE}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{774912EE-AA00-4388-BBED-707036080CDC}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe |
"TCP Query User{A8A4CE21-D0CF-426D-9190-9BEE4E4E045C}D:\games\warcraft-iii\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\games\warcraft-iii\warcraft iii\war3.exe |
"TCP Query User{BE8B1C4C-6F55-448A-AB43-C7790E02D40A}D:\games\stronghold\stronghold crusader\stronghold crusader.exe" = protocol=6 | dir=in | app=d:\games\stronghold\stronghold crusader\stronghold crusader.exe |
"TCP Query User{C2B27F72-E2AA-4D43-980A-72802469CBF9}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe |
"TCP Query User{F6CF727A-2B96-44B0-BBAD-7BE1404C6AF0}D:\games\stronghold\stronghold crusader\stronghold_crusader_extreme.exe" = protocol=6 | dir=in | app=d:\games\stronghold\stronghold crusader\stronghold_crusader_extreme.exe |
"TCP Query User{FC35479A-FD6D-4A2D-8107-4076D34D96C9}D:\games\firefly studios\stronghold\stronghold.exe" = protocol=6 | dir=in | app=d:\games\firefly studios\stronghold\stronghold.exe |
"UDP Query User{1CCD2E3F-F400-4026-B3B0-E1821BC7C5AE}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe |
"UDP Query User{24B02493-9B34-4C99-92BB-BC461059D146}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{3DE478EC-D0FB-4FBE-970C-22E50D5F9F6D}D:\games\warcraft-iii\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\games\warcraft-iii\warcraft iii\war3.exe |
"UDP Query User{45CA8AD4-1DE0-4276-A25D-F1B6E776AA1E}C:\program files (x86)\garena plus\bbtalk\bbtalk.exe" = protocol=17 | dir=in | app=c:\program files (x86)\garena plus\bbtalk\bbtalk.exe |
"UDP Query User{5B67B5AA-D2C6-4AEA-BE46-DC98C06E89E7}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{6A7A4B8F-B22A-4694-A7E0-815C29B4CDD5}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe |
"UDP Query User{864B9561-CB42-466A-B5D7-4C9782F7B9EB}D:\games\firefly studios\stronghold\stronghold.exe" = protocol=17 | dir=in | app=d:\games\firefly studios\stronghold\stronghold.exe |
"UDP Query User{9711008C-44A2-48AF-90FF-9D902E6F99A5}D:\games\stronghold\stronghold crusader\stronghold crusader.exe" = protocol=17 | dir=in | app=d:\games\stronghold\stronghold crusader\stronghold crusader.exe |
"UDP Query User{A04BBB36-80CA-4732-9177-1E46B33BCC06}D:\games\stronghold\stronghold crusader\stronghold crusader.exe" = protocol=17 | dir=in | app=d:\games\stronghold\stronghold crusader\stronghold crusader.exe |
"UDP Query User{B52D039E-6250-478C-B0AE-EC703A9EF569}D:\games\stronghold\stronghold crusader\stronghold_crusader_extreme.exe" = protocol=17 | dir=in | app=d:\games\stronghold\stronghold crusader\stronghold_crusader_extreme.exe |
"UDP Query User{CF05154B-C4AD-43A5-8E29-ED383455102E}C:\users\admin\downloads\diablo-3.exe" = protocol=17 | dir=in | app=c:\users\admin\downloads\diablo-3.exe |
"UDP Query User{F88E11F2-6CFC-47D5-B3E0-1DCCFEBFC733}C:\program files (x86)\garena plus\bbtalk\bbtalk.exe" = protocol=17 | dir=in | app=c:\program files (x86)\garena plus\bbtalk\bbtalk.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}" = ASUS Screen Saver
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 311.93
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafický ovládač 311.93
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 4.11.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Softvér systému s podporou technológie PhysX 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovládač zvuku HD 1.3.24.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{E8A34AC8-0137-4515-A94B-0A0946DDC251}" = Scan To
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5" = Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170)
"CCleaner" = CCleaner
"HP LaserJet Professional M1130-M1210 MFP Series" = HP LaserJet Professional M1130-M1210 MFP Series

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0DF95460-2887-4011-9344-1959CDF18ADC}" = Photo Common
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 6.21
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros Client Installation Program
"{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}" = Movie Maker
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{49110532-D289-4BFF-807C-45B782E66A7C}" = Photo Common
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4D3286A6-F6AB-498A-82A4-E4F040529F3D}" = ASUS Smart Gesture
"{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}" = Batman: Arkham Asylum
"{52291FC0-33D3-4A18-9587-5115225545D8}_is1" = Google Chrome Backup 1.7.0.114
"{56232E3D-7EA9-45E0-A371-26CD80510AF7}" = Windows Live UX Platform Language Pack
"{579BA58C-F33D-4970-9953-B94B43768AC3}_is1" = Grand Theft Auto IV v1.0 / RePack by Baracuda
"{63824BC0-B747-43F3-9863-1066D64AD919}" = Photo Gallery
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}" = Microsoft Games for Windows Marketplace
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6CEA775F-E70A-4D72-A3B4-1EB3A5AD4B5C}" = Windows Live Essentials
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus" = WildTangent Games App
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{749F674B-2674-47E8-879C-5626A06B2A91}" = ASUS InstantOn
"{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}" = Galeria fotografii
"{797DC296-ADC5-4A08-8CBC-AEB0D6F4B249}" = Windows Live Essentials
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{7E9A63B3-8572-4A4B-9F87-3C2A873BBC55}" = Windows Live UX Platform Language Pack
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{857BC375-BCFB-474E-9BD9-7EBB18EC55E0}" = Windows Live Essentials
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{887868A2-D6DE-3255-AA92-AA0B5A59B874}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}" = Movie Maker
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2007
"{90120000-00BA-041B-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2007
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{9093B0D5-EA59-4C9E-A2E3-CC130138DFCD}" = Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9EDF46F0-2D4E-4C00-B2B6-0660666E9F60}" = Movie Maker
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A035950F-15BA-41C0-9D8F-165FC0536012}" = Movie Maker
"{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}" = Fotogalerie
"{A47EA9D4-BB87-415E-9239-28860434E5A0}" = Movie Maker
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}" = Podstawowe programy Windows Live
"{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}" = ASUS USB Charger Plus
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA82E5EF-70C2-41CB-8432-309078304CBB}" = Photo Common
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-1051-7B44-AB0000000001}" = Adobe Reader XI (11.0.09) - Slovak
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C23B8C30-E05E-4CB5-8188-F27CC3B2DD3E}" = Sibelius 5
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C4D82144-B2D5-4A0E-A470-16F13EBC5BCB}" = Windows Live Essentials
"{C67BC332-A59A-4D40-977F-664F60AB21D8}" = Photo Common
"{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}" = Stronghold
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1" = aTube Catcher verze 3.8
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = ASUSDVD
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18F981B-401C-4D90-BC57-D8903564D558}" = Windows Live UX Platform Language Pack
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E50E3DBC-46AA-4827-B2A6-F995D81DF526}" = Fotótár
"{EB91007A-0110-42A6-B869-2709955A9B2A}" = Photo Common
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F09DD76B-D3D3-4558-B5BC-F1EEA6E00162}" = Windows Live UX Platform Language Pack
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = Zaklínač rozšířená edice
"{F21F0424-B2FF-40BF-A984-9E0D7FB4C97E}" = Windows Live UX Platform Language Pack
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"ASIO4ALL" = ASIO4ALL
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage Sync Agent
"aTube Catcher" = aTube Catcher
"BurnAware Free_is1" = BurnAware Free 6.8
"Bytescout XLS Viewer_is1" = Bytescout XLS Viewer 1.01
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FormatFactory" = FormatFactory 3.3.1.0
"Google Chrome" = Google Chrome
"Half-Life Source" = Half-Life Source
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = ASUSDVD
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.0.3.1025
"MyBitCast" = MyBitCast 2.0
"Polda II_is1" = Polda II
"Reason5_is1" = Reason 5.0
"Scorpions WinCheater 2.07 (s databází 157)_is1" = Scorpions WinCheater
"Steam App 212390" = C9
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"The KMPlayer" = The KMPlayer (remove only)
"UnrealTournament" = Unreal Tournament G.O.T.Y. Edition
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WTA-1137fe53-d992-40ce-a7c1-592d61593a12" = Cut the Rope
"WTA-1aa96af5-7897-4b52-871b-5672bf2a93b1" = Peggle
"WTA-2f1b39cc-83cd-4559-b10f-61626726b133" = Bejeweled 3
"WTA-2f3263a5-c48e-44bb-8641-562ea5476a87" = Azteca
"WTA-6c851d85-eca4-4ecf-853a-81473e512af5" = Tales of Lagoona
"WTA-f7af5d5d-ca08-4f1e-b605-50cc7e4d969d" = Penguins!

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3701647376-3946651554-1493002649-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Bandizip" = Bandizip
"Shutdown8" = Shutdown8
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 27.8.2014 13:16:20 | Computer Name = asus | Source = Application Hang | ID = 1002
Description = The program C9.exe version 2.0.0.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 220c Start Time:
01cfc218553861fd Termination Time: 0 Application Path: C:\Program Files (x86)\Steam\steamapps\common\C9\C9.exe

Report
Id: d8997a6e-2e0d-11e4-bf74-ac220bac81f5 Faulting package full name: Faulting package-relative
application ID:

Error - 29.8.2014 3:05:31 | Computer Name = asus | Source = System Restore | ID = 8193
Description =

Error - 4.9.2014 2:56:39 | Computer Name = asus | Source = PandoraService.exe | ID = 0
Description =

Error - 10.9.2014 14:56:14 | Computer Name = asus | Source = PandoraService.exe | ID = 0
Description =

Error - 11.9.2014 5:43:39 | Computer Name = asus | Source = PandoraService.exe | ID = 0
Description =

Error - 14.9.2014 7:14:17 | Computer Name = asus | Source = Application Hang | ID = 1002
Description = The program C9.exe version 2.0.0.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 5e4 Start Time:
01cfcff1459e2d14 Termination Time: 4294967295 Application Path: C:\Program Files
(x86)\Steam\steamapps\common\C9\C9.exe Report Id: 426dedeb-3c00-11e4-bf7c-ac220bac81f5

Faulting
package full name: Faulting package-relative application ID:

Error - 16.9.2014 2:02:49 | Computer Name = asus | Source = PandoraService.exe | ID = 0
Description =

Error - 24.9.2014 5:59:56 | Computer Name = asus | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Users\admin\Downloads\SoftonicDownloader_for_mywinlocker.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component
2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error - 24.9.2014 15:33:05 | Computer Name = asus | Source = System Restore | ID = 8193
Description =

Error - 25.9.2014 17:54:36 | Computer Name = asus | Source = Application Hang | ID = 1002
Description = The program C9.exe version 2.0.0.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 1a40 Start Time:
01cfd900fccfbe81 Termination Time: 4294967295 Application Path: C:\Program Files
(x86)\Steam\steamapps\common\C9\C9.exe Report Id: 6a731c50-44fe-11e4-bf7f-ac220bac81f5

Faulting
package full name: Faulting package-relative application ID:

[ System Events ]
Error - 26.8.2014 17:16:53 | Computer Name = asus | Source = DCOM | ID = 10010
Description =

Error - 27.8.2014 1:05:38 | Computer Name = asus | Source = DCOM | ID = 10010
Description =

Error - 27.8.2014 1:06:08 | Computer Name = asus | Source = DCOM | ID = 10010
Description =

Error - 27.8.2014 8:53:25 | Computer Name = asus | Source = DCOM | ID = 10010
Description =

Error - 27.8.2014 8:53:55 | Computer Name = asus | Source = DCOM | ID = 10010
Description =

Error - 27.8.2014 10:48:55 | Computer Name = asus | Source = DCOM | ID = 10010
Description =

Error - 27.8.2014 10:49:25 | Computer Name = asus | Source = DCOM | ID = 10010
Description =

Error - 29.8.2014 4:25:05 | Computer Name = asus | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =

Error - 29.8.2014 4:25:16 | Computer Name = asus | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =

Error - 29.8.2014 4:25:54 | Computer Name = asus | Source = DCOM | ID = 10010
Description =

< End of report >

#21 Příspěvek od **altrok** » 26 lis 2014 17:26

Pouzijte nasledujici utility dle navodu kolegy.

vyosek píše: Stahnete si TDSSKiller http://media.kaspersky.com/utilities/Vi ... killer.exe
Po spusteni odsouhlaste licencni podminky (klik na Accept)

Kliknete na volbu Change parametrs

V okne Additional Option zakliknete vsechny moznosti

Kliknete na OK

Utilite prikazte, at skenuje - klik na Start Scan

Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip

Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip

Pokud mate vsude Skip, kliknete na Continue

Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte
Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/
Ulozte nejlepe na Plochu a rozbalte

Spustte kliknutim na mbar

Nyni postupne kliknete na Next a Update

Po dokonceni update (aktualizace) databaze kliknete opet na Next

Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC

Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko

Tez zkontrolujte, jetsli je zatrzitko u Create Restore point

Nyni kliknete na CleanUp cimz nalezenou infekci odstranime

PC bude restartovan

Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

??? · #22 Příspěvek od **???** » 27 lis 2014 08:19

pri tom druhom mi nenaslo ziaden virus, takze mi neponuklo ani restart ani log,
pri tom prvom mi to okno nevyskocilo, ale log bol v c-cku:

01:24:47.0309 0x1794 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
01:24:47.0309 0x1794 UEFI system
01:24:54.0285 0x1794 ============================================================
01:24:54.0285 0x1794 Current date / time: 2014/11/27 01:24:54.0285
01:24:54.0285 0x1794 SystemInfo:
01:24:54.0285 0x1794
01:24:54.0285 0x1794 OS Version: 6.3.9600 ServicePack: 0.0
01:24:54.0285 0x1794 Product type: Workstation
01:24:54.0285 0x1794 ComputerName: ASUS
01:24:54.0285 0x1794 UserName: admin
01:24:54.0285 0x1794 Windows directory: C:\WINDOWS
01:24:54.0285 0x1794 System windows directory: C:\WINDOWS
01:24:54.0285 0x1794 Running under WOW64
01:24:54.0285 0x1794 Processor architecture: Intel x64
01:24:54.0285 0x1794 Number of processors: 4
01:24:54.0285 0x1794 Page size: 0x1000
01:24:54.0285 0x1794 Boot type: Normal boot
01:24:54.0285 0x1794 ============================================================
01:24:56.0567 0x1794 KLMD registered as C:\WINDOWS\system32\drivers\50551198.sys
01:24:58.0997 0x1794 System UUID: {6766065B-7264-F1DC-1670-DD96D6C8AA2D}
01:25:00.0429 0x1794 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:25:00.0431 0x1794 ============================================================
01:25:00.0431 0x1794 \Device\Harddisk0\DR0:
01:25:00.0431 0x1794 GPT partitions:
01:25:00.0432 0x1794 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {6CFA5FFD-0E06-4FDC-B7FB-128C2F484337}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x96000
01:25:00.0432 0x1794 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {18E4C5E1-0D65-4B87-9FA8-2E9170DBFE6F}, Name: Basic data partition, StartLBA 0x96800, BlocksNum 0x1C2000
01:25:00.0432 0x1794 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {4071251F-5C92-4840-A1D8-7F9442443023}, Name: Microsoft reserved partition, StartLBA 0x258800, BlocksNum 0x40000
01:25:00.0432 0x1794 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A3C1702D-0B32-4E69-8925-4BC528342DB9}, Name: Basic data partition, StartLBA 0x298800, BlocksNum 0x22E39800
01:25:00.0432 0x1794 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {27B07764-11FC-4700-91CB-4279A140DB10}, Name: , StartLBA 0x230D2000, BlocksNum 0xAF000
01:25:00.0432 0x1794 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C680589A-21A9-41B5-8A6B-D3F9FDCF2A86}, Name: Basic data partition, StartLBA 0x23181000, BlocksNum 0x31BC0000
01:25:00.0432 0x1794 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F3620292-A897-46CA-B0AB-AD3FA6C797BA}, Name: Basic data partition, StartLBA 0x54D41000, BlocksNum 0x2805000
01:25:00.0432 0x1794 MBR partitions:
01:25:00.0432 0x1794 ============================================================
01:25:00.0454 0x1794 C: <-> \Device\Harddisk0\DR0\Partition4
01:25:00.0533 0x1794 D: <-> \Device\Harddisk0\DR0\Partition6
01:25:00.0533 0x1794 ============================================================
01:25:00.0533 0x1794 Initialize success
01:25:00.0533 0x1794 ============================================================
01:25:24.0915 0x10f4 ============================================================
01:25:24.0915 0x10f4 Scan started
01:25:24.0915 0x10f4 Mode: Manual; SigCheck; TDLFS;
01:25:24.0915 0x10f4 ============================================================
01:25:24.0915 0x10f4 KSN ping started
01:25:27.0600 0x10f4 KSN ping finished: true
01:25:28.0467 0x10f4 ================ Scan system memory ========================
01:25:28.0467 0x10f4 System memory - ok
01:25:28.0468 0x10f4 ================ Scan services =============================
01:25:28.0646 0x10f4 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
01:25:28.0733 0x10f4 1394ohci - ok
01:25:28.0777 0x10f4 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
01:25:28.0787 0x10f4 3ware - ok
01:25:28.0845 0x10f4 [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
01:25:28.0868 0x10f4 ACPI - ok
01:25:28.0880 0x10f4 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
01:25:28.0889 0x10f4 acpiex - ok
01:25:28.0911 0x10f4 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
01:25:28.0933 0x10f4 acpipagr - ok
01:25:28.0963 0x10f4 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
01:25:29.0033 0x10f4 AcpiPmi - ok
01:25:29.0055 0x10f4 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
01:25:29.0078 0x10f4 acpitime - ok
01:25:29.0177 0x10f4 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:25:29.0211 0x10f4 AdobeARMservice - ok
01:25:29.0396 0x10f4 [ F79623288F2A357AB20288B5DC4F452A, AA6F70A4C12E390E08074D6FD0EA0D1856D8274DA833E56A8811BF820A2D41D4 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:25:29.0406 0x10f4 AdobeFlashPlayerUpdateSvc - ok
01:25:29.0443 0x10f4 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
01:25:29.0477 0x10f4 ADP80XX - ok
01:25:29.0517 0x10f4 [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
01:25:29.0592 0x10f4 AeLookupSvc - ok
01:25:29.0637 0x10f4 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys
01:25:29.0688 0x10f4 AFD - ok
01:25:29.0727 0x10f4 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
01:25:29.0735 0x10f4 agp440 - ok
01:25:29.0758 0x10f4 [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
01:25:29.0817 0x10f4 ahcache - ok
01:25:29.0836 0x10f4 [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger C:\WINDOWS\system32\DRIVERS\AiCharger.sys
01:25:29.0846 0x10f4 AiCharger - ok
01:25:29.0871 0x10f4 [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\WINDOWS\System32\alg.exe
01:25:29.0952 0x10f4 ALG - ok
01:25:29.0974 0x10f4 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
01:25:30.0021 0x10f4 AmdK8 - ok
01:25:30.0033 0x10f4 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
01:25:30.0058 0x10f4 AmdPPM - ok
01:25:30.0077 0x10f4 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
01:25:30.0085 0x10f4 amdsata - ok
01:25:30.0101 0x10f4 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
01:25:30.0114 0x10f4 amdsbs - ok
01:25:30.0131 0x10f4 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
01:25:30.0140 0x10f4 amdxata - ok
01:25:30.0150 0x10f4 [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\WINDOWS\system32\drivers\appid.sys
01:25:30.0398 0x10f4 AppID - ok
01:25:30.0426 0x10f4 [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
01:25:30.0468 0x10f4 AppIDSvc - ok
01:25:30.0493 0x10f4 [ 034ED41F13D9C1845C1E081F05B640DB, E4E17BA0B22C464DE60A6BF68D4D035D1B838DE4F0361029DED1AE00503E135C ] Appinfo C:\WINDOWS\System32\appinfo.dll
01:25:30.0551 0x10f4 Appinfo - ok
01:25:30.0600 0x10f4 [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
01:25:30.0676 0x10f4 AppReadiness - ok
01:25:30.0724 0x10f4 [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
01:25:30.0916 0x10f4 AppXSvc - ok
01:25:30.0956 0x10f4 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
01:25:31.0007 0x10f4 arcsas - ok
01:25:31.0056 0x10f4 [ E40AF754F43E3B44E2D6DE829267AD52, 5F9427E595A56464807D071205FB4DFD6BB21B68058E67529DC1727D32FAB0AD ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
01:25:31.0063 0x10f4 ASLDRService - ok
01:25:31.0087 0x10f4 [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
01:25:31.0093 0x10f4 ASMMAP64 - ok
01:25:31.0131 0x10f4 [ 6A122B4F0E5293CACFA8A5F2CBA9B356, 9D69076B697BEE8742E32EBEF1802D829DEA6B1D93AF485D11CC89A08CA4D809 ] ASUS InstantOn C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
01:25:31.0141 0x10f4 ASUS InstantOn - ok
01:25:31.0230 0x10f4 [ AAE374280DDC307061A43ED9FAD1AD57, BFBE60D67B4283868D148C38502689FFE52CC7F13F4294E21F47B37D14FB5821 ] Asus WebStorage Windows Service C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
01:25:31.0291 0x10f4 Asus WebStorage Windows Service - detected UnsignedFile.Multi.Generic ( 1 )
01:25:33.0891 0x10f4 Detect skipped due to KSN trusted
01:25:33.0891 0x10f4 Asus WebStorage Windows Service - ok
01:25:33.0927 0x10f4 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
01:25:33.0934 0x10f4 atapi - ok
01:25:33.0985 0x10f4 [ 1E71A166547A110CD66EA44326DB4552, F66502ACBB50760EB0A676CB2560A539511935F016CBA2747C554F709D3FA1FE ] AthBTPort C:\WINDOWS\system32\DRIVERS\btath_flt.sys
01:25:34.0026 0x10f4 AthBTPort - ok
01:25:34.0082 0x10f4 [ FD4D06946EA00B28D09624E345D46374, 2CB9E7C3BB5E49C17BAB13633F27B48CB03DF8E06A2CE64C3E9E5D965DDC7B9D ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
01:25:34.0090 0x10f4 AtherosSvc - ok
01:25:34.0187 0x10f4 [ 2C7676F892E88FD190F08D98048C7C6C, 44C13C103F61DA4D1A3823D37344F8C9465A611A9560808CE928925FB69604F7 ] athr C:\WINDOWS\system32\DRIVERS\athw8x.sys
01:25:34.0370 0x10f4 athr - ok
01:25:34.0394 0x10f4 [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
01:25:34.0400 0x10f4 ATKGFNEXSrv - ok
01:25:34.0429 0x10f4 [ 41CEAFFCF3550785E59E3EC9BEE8D97A, 89FE604088B65B82AA794E1DA8429033CD2F05FFB2D7EFAAC7B967C7A83D1B1E ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
01:25:34.0433 0x10f4 ATKWMIACPIIO - ok
01:25:34.0462 0x10f4 [ 3903D1056E778BAEFA310B9B6EA6053E, 863977B4166A04557E154C41AC3B194A9F5C56C6090E8DE47C0D9D0E8CBD648E ] ATP C:\WINDOWS\System32\drivers\AsusTP.sys
01:25:34.0467 0x10f4 ATP - ok
01:25:34.0504 0x10f4 [ 7F70B1044272982AAEA7C16E83424770, A7694D38DF5A0E1040688017DB811EF0788874FE505ADD572DE4D4647073DC12 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
01:25:34.0537 0x10f4 AudioEndpointBuilder - ok
01:25:34.0568 0x10f4 [ C0484CA5C7F87E38909746B63C7FC868, 65159639E2300AEA886184E9D47D449350DAF69A8AA2F9DBD6BD8A474BA73177 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
01:25:34.0631 0x10f4 Audiosrv - ok
01:25:34.0668 0x10f4 [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
01:25:34.0718 0x10f4 AxInstSV - ok
01:25:34.0754 0x10f4 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
01:25:34.0781 0x10f4 b06bdrv - ok
01:25:34.0793 0x10f4 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
01:25:34.0869 0x10f4 BasicDisplay - ok
01:25:34.0914 0x10f4 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
01:25:34.0963 0x10f4 BasicRender - ok
01:25:34.0987 0x10f4 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
01:25:34.0993 0x10f4 bcmfn2 - ok
01:25:35.0022 0x10f4 [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
01:25:35.0070 0x10f4 BDESVC - ok
01:25:35.0101 0x10f4 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
01:25:35.0147 0x10f4 Beep - ok
01:25:35.0210 0x10f4 [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE C:\WINDOWS\System32\bfe.dll
01:25:35.0350 0x10f4 BFE - ok
01:25:35.0391 0x10f4 [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\WINDOWS\System32\qmgr.dll
01:25:35.0500 0x10f4 BITS - ok
01:25:35.0527 0x10f4 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
01:25:35.0587 0x10f4 bowser - ok
01:25:35.0609 0x10f4 [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
01:25:35.0665 0x10f4 BrokerInfrastructure - ok
01:25:35.0687 0x10f4 [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser C:\WINDOWS\System32\browser.dll
01:25:35.0719 0x10f4 Browser - ok
01:25:35.0756 0x10f4 [ 5ED7B1EE371751CF2ACAE89E7FC566FA, 965A4A754D8418F1DCF421277799754D55D78F8AD6652C56879D22208F5B5DCA ] BTATH_A2DP C:\WINDOWS\system32\drivers\btath_a2dp.sys
01:25:35.0767 0x10f4 BTATH_A2DP - ok
01:25:35.0778 0x10f4 [ 31BDF24D1C9213A0E891568FE643C79C, DA6C06A282934E87D4BB8E4356C76898B5AAC79C1634440CE09514F22EE3112B ] btath_avdt C:\WINDOWS\system32\drivers\btath_avdt.sys
01:25:35.0785 0x10f4 btath_avdt - ok
01:25:35.0805 0x10f4 [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP C:\WINDOWS\System32\drivers\btath_hcrp.sys
01:25:35.0813 0x10f4 BTATH_HCRP - ok
01:25:35.0857 0x10f4 [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
01:25:35.0882 0x10f4 BTATH_LWFLT - ok
01:25:35.0900 0x10f4 [ 31EC5FC3FC5CB273F2709AAF4AD88ED4, 804401CEBBB24443AE0A304FCF5CB6B0D7679BA7FC5DC3BFF968B0B44FE34EC1 ] BTATH_RCP C:\WINDOWS\System32\drivers\btath_rcp.sys
01:25:35.0938 0x10f4 BTATH_RCP - ok
01:25:35.0985 0x10f4 [ B4A748101F8A06EFD0BF89AA7220B6EE, E36BA3EE483E3FBF45C2E97FA682D94EEA02856D3B4171A1A3507EDCF9B16A87 ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys
01:25:36.0009 0x10f4 BtFilter - ok
01:25:36.0036 0x10f4 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
01:25:36.0063 0x10f4 BthAvrcpTg - ok
01:25:36.0078 0x10f4 [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
01:25:36.0175 0x10f4 BthEnum - ok
01:25:36.0204 0x10f4 [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
01:25:36.0277 0x10f4 BthHFEnum - ok
01:25:36.0311 0x10f4 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
01:25:36.0329 0x10f4 bthhfhid - ok
01:25:36.0360 0x10f4 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\WINDOWS\System32\drivers\BthLEEnum.sys
01:25:36.0401 0x10f4 BthLEEnum - ok
01:25:36.0434 0x10f4 [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
01:25:36.0475 0x10f4 BTHMODEM - ok
01:25:36.0491 0x10f4 [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
01:25:36.0533 0x10f4 BthPan - ok
01:25:36.0594 0x10f4 [ 97B9076611291AE4C4C107BC915BD026, 0A77873AAF1ADB76CAB98A84D2242781E34E2699632E45EB92ED7DB20B2BE0C1 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
01:25:36.0669 0x10f4 BTHPORT - ok
01:25:36.0695 0x10f4 [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\WINDOWS\system32\bthserv.dll
01:25:36.0724 0x10f4 bthserv - ok
01:25:36.0760 0x10f4 [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
01:25:36.0780 0x10f4 BTHUSB - ok
01:25:36.0805 0x10f4 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
01:25:36.0832 0x10f4 cdfs - ok
01:25:36.0863 0x10f4 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
01:25:36.0893 0x10f4 cdrom - ok
01:25:36.0926 0x10f4 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
01:25:36.0974 0x10f4 CertPropSvc - ok
01:25:37.0005 0x10f4 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
01:25:37.0031 0x10f4 circlass - ok
01:25:37.0077 0x10f4 [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
01:25:37.0092 0x10f4 CLFS - ok
01:25:37.0119 0x10f4 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
01:25:37.0158 0x10f4 CmBatt - ok
01:25:37.0161 0x10f4 cmdHlp - ok
01:25:37.0218 0x10f4 [ 4E1207CE16E615B0B7A70DC889F4500E, 1778D5AC0AF5F5DD1551192F4CDBCCB9878995155CF337EBB03460A6FD5C6B78 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
01:25:37.0251 0x10f4 CNG - ok
01:25:37.0274 0x10f4 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
01:25:37.0300 0x10f4 CompositeBus - ok
01:25:37.0304 0x10f4 COMSysApp - ok
01:25:37.0329 0x10f4 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
01:25:37.0370 0x10f4 condrv - ok
01:25:37.0441 0x10f4 [ F9693D45B0F1B346CCDEEC1F341AD389, 342C81EFB434EAC29865F8BB049051635C644D7EF355D0F5FB3ADD9DDCE55D82 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
01:25:37.0452 0x10f4 cphs - ok
01:25:37.0484 0x10f4 [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
01:25:37.0554 0x10f4 CryptSvc - ok
01:25:37.0573 0x10f4 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
01:25:37.0582 0x10f4 dam - ok
01:25:37.0634 0x10f4 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
01:25:37.0718 0x10f4 DcomLaunch - ok
01:25:37.0755 0x10f4 [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
01:25:37.0790 0x10f4 defragsvc - ok
01:25:37.0882 0x10f4 [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
01:25:37.0989 0x10f4 DeviceAssociationService - ok
01:25:38.0013 0x10f4 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
01:25:38.0082 0x10f4 DeviceInstall - ok
01:25:38.0113 0x10f4 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
01:25:38.0149 0x10f4 Dfsc - ok
01:25:38.0181 0x10f4 [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
01:25:38.0299 0x10f4 Dhcp - ok
01:25:38.0342 0x10f4 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
01:25:38.0351 0x10f4 disk - ok
01:25:38.0380 0x10f4 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
01:25:38.0429 0x10f4 dmvsc - ok
01:25:38.0460 0x10f4 [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
01:25:38.0499 0x10f4 Dnscache - ok
01:25:38.0524 0x10f4 [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\WINDOWS\System32\dot3svc.dll
01:25:38.0557 0x10f4 dot3svc - ok
01:25:38.0595 0x10f4 [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\WINDOWS\system32\dps.dll
01:25:38.0670 0x10f4 DPS - ok
01:25:38.0700 0x10f4 [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
01:25:38.0707 0x10f4 drmkaud - ok
01:25:38.0738 0x10f4 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
01:25:38.0769 0x10f4 DsmSvc - ok
01:25:38.0814 0x10f4 [ 6A0E850DDCB136AA3D2FB7234382DF12, C01863E95F45E1B74AC65C9CD12C8DC769299218255B3C94E3EBF58C4D79FEF3 ] dtsoftbus01 C:\WINDOWS\System32\drivers\dtsoftbus01.sys
01:25:38.0824 0x10f4 dtsoftbus01 - ok
01:25:38.0893 0x10f4 [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
01:25:38.0956 0x10f4 DXGKrnl - ok
01:25:38.0984 0x10f4 [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\WINDOWS\System32\eapsvc.dll
01:25:39.0012 0x10f4 Eaphost - ok
01:25:39.0118 0x10f4 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
01:25:39.0227 0x10f4 ebdrv - ok
01:25:39.0254 0x10f4 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\WINDOWS\System32\lsass.exe
01:25:39.0262 0x10f4 EFS - ok
01:25:39.0296 0x10f4 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
01:25:39.0329 0x10f4 EhStorClass - ok
01:25:39.0347 0x10f4 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
01:25:39.0356 0x10f4 EhStorTcgDrv - ok
01:25:39.0370 0x10f4 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
01:25:39.0394 0x10f4 ErrDev - ok
01:25:39.0434 0x10f4 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\WINDOWS\system32\es.dll
01:25:39.0492 0x10f4 EventSystem - ok
01:25:39.0523 0x10f4 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
01:25:39.0559 0x10f4 exfat - ok
01:25:39.0588 0x10f4 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
01:25:39.0600 0x10f4 fastfat - ok
01:25:39.0639 0x10f4 [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\WINDOWS\system32\fxssvc.exe
01:25:39.0734 0x10f4 Fax - ok
01:25:39.0758 0x10f4 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
01:25:39.0770 0x10f4 fdc - ok
01:25:39.0801 0x10f4 [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\WINDOWS\system32\fdPHost.dll
01:25:39.0864 0x10f4 fdPHost - ok
01:25:39.0914 0x10f4 [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\WINDOWS\system32\fdrespub.dll
01:25:39.0944 0x10f4 FDResPub - ok
01:25:39.0961 0x10f4 [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\WINDOWS\system32\fhsvc.dll
01:25:40.0052 0x10f4 fhsvc - ok
01:25:40.0107 0x10f4 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
01:25:40.0115 0x10f4 FileInfo - ok
01:25:40.0139 0x10f4 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
01:25:40.0165 0x10f4 Filetrace - ok
01:25:40.0181 0x10f4 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
01:25:40.0204 0x10f4 flpydisk - ok
01:25:40.0267 0x10f4 [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
01:25:40.0313 0x10f4 FltMgr - ok
01:25:40.0372 0x10f4 [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache C:\WINDOWS\system32\FntCache.dll
01:25:40.0470 0x10f4 FontCache - ok
01:25:40.0544 0x10f4 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:25:40.0551 0x10f4 FontCache3.0.0.0 - ok
01:25:40.0579 0x10f4 [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
01:25:40.0587 0x10f4 FsDepends - ok
01:25:40.0606 0x10f4 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
01:25:40.0613 0x10f4 Fs_Rec - ok
01:25:40.0658 0x10f4 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
01:25:40.0687 0x10f4 fvevol - ok
01:25:40.0710 0x10f4 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
01:25:40.0731 0x10f4 FxPPM - ok
01:25:40.0747 0x10f4 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
01:25:40.0755 0x10f4 gagp30kx - ok
01:25:40.0837 0x10f4 [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
01:25:40.0845 0x10f4 GamesAppService - ok
01:25:40.0888 0x10f4 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
01:25:40.0896 0x10f4 gencounter - ok
01:25:40.0929 0x10f4 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
01:25:40.0940 0x10f4 GPIOClx0101 - ok
01:25:40.0998 0x10f4 [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
01:25:41.0080 0x10f4 gpsvc - ok
01:25:41.0140 0x10f4 [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:25:41.0147 0x10f4 gupdate - ok
01:25:41.0162 0x10f4 [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:25:41.0169 0x10f4 gupdatem - ok
01:25:41.0195 0x10f4 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
01:25:41.0288 0x10f4 HDAudBus - ok
01:25:41.0345 0x10f4 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
01:25:41.0363 0x10f4 HidBatt - ok
01:25:41.0393 0x10f4 [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
01:25:41.0413 0x10f4 HidBth - ok
01:25:41.0417 0x10f4 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
01:25:41.0427 0x10f4 hidi2c - ok
01:25:41.0443 0x10f4 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
01:25:41.0466 0x10f4 HidIr - ok
01:25:41.0501 0x10f4 [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\WINDOWS\system32\hidserv.dll
01:25:41.0526 0x10f4 hidserv - ok
01:25:41.0556 0x10f4 [ A9F2301B8D28BB4D887F5AEBB55ACB3A, 886B04224CA0A90B4FD0B9F8D243EED4FBA367D078FB1CAF99EE671FE1FCEC27 ] HIDSwitch C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
01:25:41.0561 0x10f4 HIDSwitch - ok
01:25:41.0583 0x10f4 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
01:25:41.0610 0x10f4 HidUsb - ok
01:25:41.0652 0x10f4 [ C193FE8507607B2917A6F9B554132559, 962B065219D305B2DE1B4816D234438FBF8F6A79D45389683A21657733C14D5B ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
01:25:41.0671 0x10f4 HiPatchService - detected UnsignedFile.Multi.Generic ( 1 )
01:25:44.0295 0x10f4 Detect skipped due to KSN trusted
01:25:44.0295 0x10f4 HiPatchService - ok
01:25:44.0322 0x10f4 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
01:25:44.0349 0x10f4 hkmsvc - ok
01:25:44.0375 0x10f4 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
01:25:44.0432 0x10f4 HomeGroupListener - ok
01:25:44.0479 0x10f4 [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
01:25:44.0509 0x10f4 HomeGroupProvider - ok
01:25:44.0532 0x10f4 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
01:25:44.0541 0x10f4 HpSAMD - ok
01:25:44.0563 0x10f4 [ 4E9CAE3200A46135DE01CE22BAF832BE, 722A14BEB3FC6BBD5700CE6901FA0C47305ED61FFB0E9604C369BC9366B1E16C ] HPSIService C:\Windows\system32\HPSIsvc.exe
01:25:45.0046 0x10f4 HPSIService - ok
01:25:45.0104 0x10f4 [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
01:25:45.0154 0x10f4 HTTP - ok
01:25:45.0184 0x10f4 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
01:25:45.0191 0x10f4 hwpolicy - ok
01:25:45.0234 0x10f4 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
01:25:45.0295 0x10f4 hyperkbd - ok
01:25:45.0329 0x10f4 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
01:25:45.0379 0x10f4 HyperVideo - ok
01:25:45.0402 0x10f4 [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
01:25:45.0431 0x10f4 i8042prt - ok
01:25:45.0446 0x10f4 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
01:25:45.0451 0x10f4 iaLPSSi_GPIO - ok
01:25:45.0474 0x10f4 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
01:25:45.0481 0x10f4 iaLPSSi_I2C - ok
01:25:45.0519 0x10f4 [ 6C91E425ACE29594BD574DE38AC9B76D, 697784E4C7AF08B1F35662D8AD871E6890CECE22B6E64985B7C1A66C10DA390D ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
01:25:45.0535 0x10f4 iaStorA - ok
01:25:45.0569 0x10f4 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
01:25:45.0599 0x10f4 iaStorAV - ok
01:25:45.0620 0x10f4 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
01:25:45.0636 0x10f4 iaStorV - ok
01:25:45.0702 0x10f4 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
01:25:45.0710 0x10f4 ICCS - ok
01:25:45.0794 0x10f4 [ ACD1812E8A531E1CEA09BA3991371E48, 87CAE32D26A36B0AEF8EC884CDFE3E6A572C9330206E004BD63423ED00BB5A62 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
01:25:45.0863 0x10f4 IconMan_R - ok
01:25:45.0870 0x10f4 IEEtwCollectorService - ok
01:25:46.0063 0x10f4 [ 16D939A13CFB82DEE0B9DB12E45C7B4E, D09C57DE3EF7F6BEDD354FEEDB46260FDCF9F9A0F2D096FFD518509AD041AAC5 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
01:25:46.0296 0x10f4 igfx - ok
01:25:46.0346 0x10f4 [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT C:\WINDOWS\System32\ikeext.dll
01:25:46.0406 0x10f4 IKEEXT - ok
01:25:46.0447 0x10f4 [ DB65573521AB51941F4FA799D0968136, 418F5E3FE725B7B114F3DAEBDCEBCE7F4AD8ECAAFF572C02BA9ACCE86D55BFD8 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
01:25:46.0452 0x10f4 intaud_WaveExtensible - ok
01:25:46.0562 0x10f4 [ 6C7970A8E0546A4D9466E0045C7DB199, 70F2D58514C8E1A1E10B833236213F87F34AEB06ACC0D4C0DF61FCD69F8F1E07 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
01:25:46.0669 0x10f4 IntcAzAudAddService - ok
01:25:46.0716 0x10f4 [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
01:25:46.0758 0x10f4 IntcDAud - ok
01:25:46.0861 0x10f4 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
01:25:48.0046 0x10f4 Intel(R) Capability Licensing Service Interface - ok
01:25:48.0085 0x10f4 [ 9656F8E29F6C3161A3E99BCD3A472FF9, 30AD00B53CCB2E4121508729F3471D3C0568F1C32324C398382C97E8BC43ECF0 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
01:25:48.0092 0x10f4 Intel(R) ME Service - ok
01:25:48.0107 0x10f4 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
01:25:48.0114 0x10f4 intelide - ok
01:25:48.0156 0x10f4 [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
01:25:48.0163 0x10f4 intelpep - ok
01:25:48.0181 0x10f4 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
01:25:48.0203 0x10f4 intelppm - ok
01:25:48.0229 0x10f4 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
01:25:48.0265 0x10f4 IpFilterDriver - ok
01:25:48.0327 0x10f4 [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
01:25:48.0390 0x10f4 iphlpsvc - ok
01:25:48.0414 0x10f4 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
01:25:48.0469 0x10f4 IPMIDRV - ok
01:25:48.0491 0x10f4 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
01:25:48.0536 0x10f4 IPNAT - ok
01:25:48.0574 0x10f4 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
01:25:48.0599 0x10f4 IRENUM - ok
01:25:48.0639 0x10f4 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
01:25:48.0646 0x10f4 isapnp - ok
01:25:48.0681 0x10f4 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
01:25:48.0696 0x10f4 iScsiPrt - ok
01:25:48.0728 0x10f4 [ 2C04ACF9070282AC9AA837C52CA3C128, 2C68FE2E876E5089F27021038E868E21288F694F3ED0390AED5B4712CC7567EC ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
01:25:48.0733 0x10f4 iwdbus - ok
01:25:48.0767 0x10f4 [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
01:25:48.0775 0x10f4 jhi_service - ok
01:25:48.0802 0x10f4 [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
01:25:48.0812 0x10f4 kbdclass - ok
01:25:48.0826 0x10f4 [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
01:25:48.0841 0x10f4 kbdhid - ok
01:25:48.0872 0x10f4 [ A8080BEBCDB7A16495CE1205921DCAC5, D4B0EF97B75BF75934A0BEEE48CACD20E8F505600C3A07243DF7627680EE8552 ] kbfiltr C:\WINDOWS\System32\drivers\kbfiltr.sys
01:25:48.0877 0x10f4 kbfiltr - ok
01:25:48.0880 0x10f4 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
01:25:48.0944 0x10f4 kdnic - ok
01:25:48.0954 0x10f4 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\WINDOWS\system32\lsass.exe
01:25:48.0962 0x10f4 KeyIso - ok
01:25:49.0001 0x10f4 [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
01:25:49.0009 0x10f4 KSecDD - ok
01:25:49.0031 0x10f4 [ 6D2EE96150E35B9EA49F2B481DE0369A, AC5915219FD81D89E444F6E86D71F7C495108FC35E7BD683321FC7006161AFE1 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
01:25:49.0043 0x10f4 KSecPkg - ok
01:25:49.0062 0x10f4 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
01:25:49.0070 0x10f4 ksthunk - ok
01:25:49.0099 0x10f4 [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
01:25:49.0133 0x10f4 KtmRm - ok
01:25:49.0169 0x10f4 [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
01:25:49.0310 0x10f4 LanmanServer - ok
01:25:49.0373 0x10f4 [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
01:25:49.0402 0x10f4 LanmanWorkstation - ok
01:25:49.0464 0x10f4 [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
01:25:49.0507 0x10f4 lfsvc - ok
01:25:49.0539 0x10f4 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
01:25:49.0561 0x10f4 lltdio - ok
01:25:49.0591 0x10f4 [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
01:25:49.0606 0x10f4 lltdsvc - ok
01:25:49.0623 0x10f4 [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
01:25:49.0655 0x10f4 lmhosts - ok
01:25:49.0673 0x10f4 [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
01:25:49.0684 0x10f4 LMS - ok
01:25:49.0714 0x10f4 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
01:25:49.0723 0x10f4 LSI_SAS - ok
01:25:49.0735 0x10f4 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
01:25:49.0744 0x10f4 LSI_SAS2 - ok
01:25:49.0752 0x10f4 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
01:25:49.0761 0x10f4 LSI_SAS3 - ok
01:25:49.0779 0x10f4 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
01:25:49.0787 0x10f4 LSI_SSS - ok
01:25:49.0876 0x10f4 [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM C:\WINDOWS\System32\lsm.dll
01:25:50.0008 0x10f4 LSM - ok
01:25:50.0042 0x10f4 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
01:25:50.0051 0x10f4 luafv - ok
01:25:50.0086 0x10f4 [ D50F2167243297C7F8E522132FBBD6C3, 49D778D601D815F4A0CE5AA2E835CD98F6F1D831D49555CA3256C8E44F779D41 ] MAUSBMICRO C:\WINDOWS\system32\DRIVERS\MAudioMicro.sys
01:25:50.0095 0x10f4 MAUSBMICRO - ok
01:25:50.0109 0x10f4 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
01:25:50.0117 0x10f4 megasas - ok
01:25:50.0148 0x10f4 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
01:25:50.0174 0x10f4 megasr - ok
01:25:50.0208 0x10f4 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
01:25:50.0239 0x10f4 MEIx64 - ok
01:25:50.0279 0x10f4 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\WINDOWS\system32\mmcss.dll
01:25:50.0367 0x10f4 MMCSS - ok
01:25:50.0398 0x10f4 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
01:25:50.0428 0x10f4 Modem - ok
01:25:50.0445 0x10f4 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
01:25:50.0506 0x10f4 monitor - ok
01:25:50.0536 0x10f4 [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
01:25:50.0546 0x10f4 mouclass - ok
01:25:50.0562 0x10f4 [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
01:25:50.0587 0x10f4 mouhid - ok
01:25:50.0607 0x10f4 [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
01:25:50.0616 0x10f4 mountmgr - ok
01:25:50.0631 0x10f4 [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
01:25:50.0652 0x10f4 mpsdrv - ok
01:25:50.0696 0x10f4 [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
01:25:50.0758 0x10f4 MpsSvc - ok
01:25:50.0793 0x10f4 [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
01:25:50.0825 0x10f4 MRxDAV - ok
01:25:50.0857 0x10f4 [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
01:25:50.0887 0x10f4 mrxsmb - ok
01:25:50.0912 0x10f4 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
01:25:50.0962 0x10f4 mrxsmb10 - ok
01:25:50.0991 0x10f4 [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
01:25:51.0046 0x10f4 mrxsmb20 - ok
01:25:51.0065 0x10f4 [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
01:25:51.0120 0x10f4 MsBridge - ok
01:25:51.0148 0x10f4 [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\WINDOWS\System32\msdtc.exe
01:25:51.0159 0x10f4 MSDTC - ok
01:25:51.0171 0x10f4 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
01:25:51.0190 0x10f4 Msfs - ok
01:25:51.0223 0x10f4 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
01:25:51.0273 0x10f4 msgpiowin32 - ok
01:25:51.0312 0x10f4 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
01:25:51.0375 0x10f4 mshidkmdf - ok
01:25:51.0387 0x10f4 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
01:25:51.0413 0x10f4 mshidumdf - ok
01:25:51.0441 0x10f4 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
01:25:51.0448 0x10f4 msisadrv - ok
01:25:51.0474 0x10f4 [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
01:25:51.0485 0x10f4 MSiSCSI - ok
01:25:51.0489 0x10f4 msiserver - ok
01:25:51.0512 0x10f4 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
01:25:51.0532 0x10f4 MSKSSRV - ok
01:25:51.0565 0x10f4 [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
01:25:51.0609 0x10f4 MsLldp - ok
01:25:51.0623 0x10f4 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
01:25:51.0648 0x10f4 MSPCLOCK - ok
01:25:51.0676 0x10f4 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
01:25:51.0701 0x10f4 MSPQM - ok
01:25:51.0724 0x10f4 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
01:25:51.0741 0x10f4 MsRPC - ok
01:25:51.0754 0x10f4 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
01:25:51.0761 0x10f4 mssmbios - ok
01:25:51.0770 0x10f4 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
01:25:51.0794 0x10f4 MSTEE - ok
01:25:51.0804 0x10f4 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
01:25:51.0825 0x10f4 MTConfig - ok
01:25:51.0884 0x10f4 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
01:25:51.0929 0x10f4 Mup - ok
01:25:51.0956 0x10f4 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
01:25:51.0984 0x10f4 mvumis - ok
01:25:52.0007 0x10f4 [ 705E9675014EB688BEDD967B1ABECF19, 7FA4B0A5120DD415C5D3F3BE56C69455647029332DC2E9B4E9874AF3C34F89AD ] mvusbews C:\WINDOWS\System32\Drivers\mvusbews.sys
01:25:52.0048 0x10f4 mvusbews - ok
01:25:52.0083 0x10f4 [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\WINDOWS\system32\qagentRT.dll
01:25:52.0117 0x10f4 napagent - ok
01:25:52.0151 0x10f4 [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
01:25:52.0188 0x10f4 NativeWifiP - ok
01:25:52.0243 0x10f4 [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
01:25:52.0315 0x10f4 NcaSvc - ok
01:25:52.0354 0x10f4 [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\WINDOWS\System32\ncbservice.dll
01:25:52.0416 0x10f4 NcbService - ok
01:25:52.0436 0x10f4 [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
01:25:52.0477 0x10f4 NcdAutoSetup - ok
01:25:52.0526 0x10f4 [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
01:25:52.0574 0x10f4 NDIS - ok
01:25:52.0608 0x10f4 [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
01:25:52.0627 0x10f4 NdisCap - ok
01:25:52.0652 0x10f4 [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
01:25:52.0697 0x10f4 NdisImPlatform - ok
01:25:52.0709 0x10f4 [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
01:25:52.0736 0x10f4 NdisTapi - ok
01:25:52.0774 0x10f4 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
01:25:52.0798 0x10f4 Ndisuio - ok
01:25:52.0817 0x10f4 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
01:25:52.0843 0x10f4 NdisVirtualBus - ok
01:25:52.0869 0x10f4 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
01:25:52.0900 0x10f4 NdisWan - ok
01:25:52.0906 0x10f4 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
01:25:52.0918 0x10f4 NdisWanLegacy - ok
01:25:52.0942 0x10f4 [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
01:25:52.0952 0x10f4 NDProxy - ok
01:25:52.0964 0x10f4 [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
01:25:52.0986 0x10f4 Ndu - ok
01:25:53.0016 0x10f4 [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
01:25:53.0037 0x10f4 NetBIOS - ok
01:25:53.0058 0x10f4 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
01:25:53.0113 0x10f4 NetBT - ok
01:25:53.0133 0x10f4 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\WINDOWS\system32\lsass.exe
01:25:53.0142 0x10f4 Netlogon - ok
01:25:53.0165 0x10f4 [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\WINDOWS\System32\netman.dll
01:25:53.0198 0x10f4 Netman - ok
01:25:53.0281 0x10f4 [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
01:25:53.0366 0x10f4 netprofm - ok
01:25:53.0408 0x10f4 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:25:53.0417 0x10f4 NetTcpPortSharing - ok
01:25:53.0434 0x10f4 [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys
01:25:53.0462 0x10f4 netvsc - ok
01:25:53.0503 0x10f4 [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
01:25:53.0519 0x10f4 NlaSvc - ok
01:25:53.0537 0x10f4 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
01:25:53.0558 0x10f4 Npfs - ok
01:25:53.0591 0x10f4 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
01:25:53.0629 0x10f4 npsvctrig - ok
01:25:53.0652 0x10f4 [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\WINDOWS\system32\nsisvc.dll
01:25:53.0673 0x10f4 nsi - ok
01:25:53.0696 0x10f4 [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
01:25:53.0704 0x10f4 nsiproxy - ok
01:25:53.0788 0x10f4 [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
01:25:53.0865 0x10f4 Ntfs - ok
01:25:53.0905 0x10f4 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
01:25:53.0979 0x10f4 Null - ok
01:25:54.0306 0x10f4 [ E71E299FF15390E585BACF2C18F55078, 7A51D989DA55349B1761839DEAFD593B6E6F88C433B132E7B027467E050FBA67 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
01:25:54.0658 0x10f4 nvlddmkm - ok
01:25:54.0696 0x10f4 [ FCC3A3F875C8CF258F71BE2F2CAA2355, BD174C47329F0A15D821E51997E4CDAA68FB9BFD72A89A2F2A85A8603625EB18 ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
01:25:54.0701 0x10f4 nvpciflt - ok
01:25:54.0726 0x10f4 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
01:25:54.0737 0x10f4 nvraid - ok
01:25:54.0750 0x10f4 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
01:25:54.0761 0x10f4 nvstor - ok
01:25:54.0803 0x10f4 [ 9661A7615FAFFC253458B17FA849DA5A, 386BE2E45D27B36E79491C8E7CB1DA977BC253751ADDC6A18DCF75459A33D05F ] nvsvc C:\Windows\system32\nvvsvc.exe
01:25:54.0845 0x10f4 nvsvc - ok
01:25:54.0938 0x10f4 [ A9AFE5B0648C8D7A411A72D8222F7F6E, A58AF8C615D97C769DA778D56F7E6999AAEB577C82C65455D3B2A8ED5B742777 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
01:25:54.0993 0x10f4 nvUpdatusService - ok
01:25:55.0017 0x10f4 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
01:25:55.0053 0x10f4 nv_agp - ok
01:25:55.0157 0x10f4 [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
01:25:55.0170 0x10f4 odserv - ok
01:25:55.0186 0x10f4 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:25:55.0194 0x10f4 ose - ok
01:25:55.0264 0x10f4 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
01:25:55.0386 0x10f4 p2pimsvc - ok
01:25:55.0420 0x10f4 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
01:25:55.0490 0x10f4 p2psvc - ok
01:25:55.0518 0x10f4 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
01:25:55.0537 0x10f4 Parport - ok
01:25:55.0557 0x10f4 [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
01:25:55.0565 0x10f4 partmgr - ok
01:25:55.0594 0x10f4 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
01:25:55.0656 0x10f4 PcaSvc - ok
01:25:55.0684 0x10f4 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
01:25:55.0698 0x10f4 pci - ok
01:25:55.0721 0x10f4 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
01:25:55.0728 0x10f4 pciide - ok
01:25:55.0764 0x10f4 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
01:25:55.0773 0x10f4 pcmcia - ok
01:25:55.0795 0x10f4 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
01:25:55.0802 0x10f4 pcw - ok
01:25:55.0813 0x10f4 [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
01:25:55.0821 0x10f4 pdc - ok
01:25:55.0863 0x10f4 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
01:25:55.0934 0x10f4 PEAUTH - ok
01:25:55.0993 0x10f4 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
01:25:56.0036 0x10f4 PerfHost - ok
01:25:56.0085 0x10f4 [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\WINDOWS\system32\pla.dll
01:25:56.0146 0x10f4 pla - ok
01:25:56.0181 0x10f4 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
01:25:56.0191 0x10f4 PlugPlay - ok
01:25:56.0202 0x10f4 [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
01:25:56.0226 0x10f4 PNRPAutoReg - ok
01:25:56.0272 0x10f4 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
01:25:56.0286 0x10f4 PNRPsvc - ok
01:25:56.0350 0x10f4 [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
01:25:56.0397 0x10f4 PolicyAgent - ok
01:25:56.0438 0x10f4 [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\WINDOWS\system32\umpo.dll
01:25:56.0483 0x10f4 Power - ok
01:25:56.0606 0x10f4 [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
01:25:57.0234 0x10f4 PrintNotify - ok
01:25:57.0302 0x10f4 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
01:25:57.0311 0x10f4 Processor - ok
01:25:57.0358 0x10f4 [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
01:25:57.0405 0x10f4 ProfSvc - ok
01:25:57.0443 0x10f4 [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
01:25:57.0455 0x10f4 Psched - ok
01:25:57.0476 0x10f4 [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\WINDOWS\system32\qwave.dll
01:25:57.0512 0x10f4 QWAVE - ok
01:25:57.0531 0x10f4 [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
01:25:57.0553 0x10f4 QWAVEdrv - ok
01:25:57.0583 0x10f4 [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
01:25:57.0592 0x10f4 RasAcd - ok
01:25:57.0617 0x10f4 [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
01:25:57.0646 0x10f4 RasAuto - ok
01:25:57.0682 0x10f4 [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\WINDOWS\System32\rasmans.dll
01:25:57.0753 0x10f4 RasMan - ok
01:25:57.0785 0x10f4 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
01:25:57.0811 0x10f4 RasPppoe - ok
01:25:57.0853 0x10f4 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
01:25:57.0936 0x10f4 rdbss - ok
01:25:57.0948 0x10f4 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
01:25:57.0994 0x10f4 rdpbus - ok
01:25:58.0038 0x10f4 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
01:25:58.0103 0x10f4 RDPDR - ok
01:25:58.0141 0x10f4 [ 9F08A6608F98B5407E7DDBCF306573EF, 92812F97CFDB2EC128BC48143DE215B7D012B15D3FB4D2199222AD8C31DA5016 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
01:25:58.0148 0x10f4 RdpVideoMiniport - ok
01:25:58.0182 0x10f4 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
01:25:58.0195 0x10f4 rdyboost - ok
01:25:58.0251 0x10f4 [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
01:25:58.0308 0x10f4 ReFS - ok
01:25:58.0403 0x10f4 [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
01:25:58.0417 0x10f4 RemoteAccess - ok
01:25:58.0432 0x10f4 [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
01:25:58.0462 0x10f4 RemoteRegistry - ok
01:25:58.0527 0x10f4 [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
01:25:58.0558 0x10f4 RFCOMM - ok
01:25:58.0591 0x10f4 [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
01:25:58.0614 0x10f4 RpcEptMapper - ok
01:25:58.0650 0x10f4 [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\WINDOWS\system32\locator.exe
01:25:58.0670 0x10f4 RpcLocator - ok
01:25:58.0725 0x10f4 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\WINDOWS\system32\rpcss.dll
01:25:58.0745 0x10f4 RpcSs - ok
01:25:58.0779 0x10f4 [ C648C1FC380D17CB1D6CEEBA168CB15F, 88BC4626353D54D1A2ABC144585DD7E6EDF24BBAF7677C27E6CFAA477329E83E ] RSBASTOR C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys
01:25:58.0789 0x10f4 RSBASTOR - ok
01:25:58.0817 0x10f4 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
01:25:58.0891 0x10f4 rspndr - ok
01:25:58.0985 0x10f4 [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
01:25:59.0026 0x10f4 RTL8168 - ok
01:25:59.0052 0x10f4 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
01:25:59.0074 0x10f4 s3cap - ok
01:25:59.0100 0x10f4 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\WINDOWS\system32\lsass.exe
01:25:59.0108 0x10f4 SamSs - ok
01:25:59.0130 0x10f4 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port

??? · #23 Příspěvek od **???** » 27 lis 2014 08:19

C:\WINDOWS\system32\drivers\sbp2port.sys
01:25:59.0140 0x10f4 sbp2port - ok
01:25:59.0177 0x10f4 [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
01:25:59.0210 0x10f4 SCardSvr - ok
01:25:59.0233 0x10f4 [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
01:25:59.0248 0x10f4 ScDeviceEnum - ok
01:25:59.0282 0x10f4 [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
01:25:59.0345 0x10f4 scfilter - ok
01:25:59.0438 0x10f4 [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule C:\WINDOWS\system32\schedsvc.dll
01:25:59.0520 0x10f4 Schedule - ok
01:25:59.0550 0x10f4 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
01:25:59.0561 0x10f4 SCPolicySvc - ok
01:25:59.0600 0x10f4 [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
01:25:59.0613 0x10f4 sdbus - ok
01:25:59.0648 0x10f4 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
01:25:59.0657 0x10f4 sdstor - ok
01:25:59.0681 0x10f4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
01:25:59.0709 0x10f4 secdrv - ok
01:25:59.0734 0x10f4 [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\WINDOWS\system32\seclogon.dll
01:25:59.0765 0x10f4 seclogon - ok
01:25:59.0791 0x10f4 [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\WINDOWS\System32\sens.dll
01:25:59.0825 0x10f4 SENS - ok
01:25:59.0877 0x10f4 [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
01:26:00.0031 0x10f4 SensrSvc - ok
01:26:00.0060 0x10f4 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
01:26:00.0068 0x10f4 SerCx - ok
01:26:00.0103 0x10f4 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
01:26:00.0113 0x10f4 SerCx2 - ok
01:26:00.0131 0x10f4 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
01:26:00.0147 0x10f4 Serenum - ok
01:26:00.0152 0x10f4 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
01:26:00.0168 0x10f4 Serial - ok
01:26:00.0194 0x10f4 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
01:26:00.0201 0x10f4 sermouse - ok
01:26:00.0240 0x10f4 [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
01:26:00.0334 0x10f4 SessionEnv - ok
01:26:00.0362 0x10f4 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
01:26:00.0424 0x10f4 sfloppy - ok
01:26:00.0469 0x10f4 [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
01:26:00.0540 0x10f4 SharedAccess - ok
01:26:00.0596 0x10f4 [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
01:26:00.0632 0x10f4 ShellHWDetection - ok
01:26:00.0659 0x10f4 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
01:26:00.0667 0x10f4 SiSRaid2 - ok
01:26:00.0686 0x10f4 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
01:26:00.0695 0x10f4 SiSRaid4 - ok
01:26:00.0765 0x10f4 [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
01:26:00.0778 0x10f4 SkypeUpdate - ok
01:26:00.0808 0x10f4 [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\WINDOWS\System32\smphost.dll
01:26:00.0962 0x10f4 smphost - ok
01:26:00.0995 0x10f4 [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
01:26:01.0020 0x10f4 SNMPTRAP - ok
01:26:01.0051 0x10f4 [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
01:26:01.0069 0x10f4 spaceport - ok
01:26:01.0087 0x10f4 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
01:26:01.0096 0x10f4 SpbCx - ok
01:26:01.0130 0x10f4 [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler C:\WINDOWS\System32\spoolsv.exe
01:26:01.0175 0x10f4 Spooler - ok
01:26:01.0439 0x10f4 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
01:26:01.0659 0x10f4 sppsvc - ok
01:26:01.0702 0x10f4 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
01:26:01.0730 0x10f4 srv - ok
01:26:01.0761 0x10f4 [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
01:26:01.0810 0x10f4 srv2 - ok
01:26:01.0842 0x10f4 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
01:26:01.0873 0x10f4 srvnet - ok
01:26:01.0915 0x10f4 [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
01:26:01.0929 0x10f4 SSDPSRV - ok
01:26:01.0967 0x10f4 [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
01:26:01.0980 0x10f4 SstpSvc - ok
01:26:02.0026 0x10f4 [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
01:26:02.0056 0x10f4 Steam Client Service - ok
01:26:02.0078 0x10f4 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
01:26:02.0087 0x10f4 stexstor - ok
01:26:02.0129 0x10f4 [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\WINDOWS\System32\wiaservc.dll
01:26:02.0209 0x10f4 stisvc - ok
01:26:02.0229 0x10f4 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
01:26:02.0239 0x10f4 storahci - ok
01:26:02.0254 0x10f4 [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
01:26:02.0262 0x10f4 storflt - ok
01:26:02.0320 0x10f4 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
01:26:02.0363 0x10f4 stornvme - ok
01:26:02.0379 0x10f4 [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\WINDOWS\system32\storsvc.dll
01:26:02.0486 0x10f4 StorSvc - ok
01:26:02.0518 0x10f4 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
01:26:02.0525 0x10f4 storvsc - ok
01:26:02.0555 0x10f4 [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\WINDOWS\system32\svsvc.dll
01:26:02.0567 0x10f4 svsvc - ok
01:26:02.0580 0x10f4 [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
01:26:02.0587 0x10f4 swenum - ok
01:26:02.0628 0x10f4 [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv C:\WINDOWS\System32\swprv.dll
01:26:02.0679 0x10f4 swprv - ok
01:26:02.0746 0x10f4 [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain C:\WINDOWS\system32\sysmain.dll
01:26:02.0819 0x10f4 SysMain - ok
01:26:02.0899 0x10f4 [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
01:26:02.0959 0x10f4 SystemEventsBroker - ok
01:26:02.0986 0x10f4 [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
01:26:02.0997 0x10f4 TabletInputService - ok
01:26:03.0012 0x10f4 [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
01:26:03.0067 0x10f4 TapiSrv - ok
01:26:03.0150 0x10f4 [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
01:26:03.0241 0x10f4 Tcpip - ok
01:26:03.0467 0x10f4 [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
01:26:03.0524 0x10f4 TCPIP6 - ok
01:26:03.0548 0x10f4 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
01:26:03.0614 0x10f4 tcpipreg - ok
01:26:03.0635 0x10f4 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
01:26:03.0661 0x10f4 tdx - ok
01:26:03.0688 0x10f4 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
01:26:03.0695 0x10f4 terminpt - ok
01:26:03.0754 0x10f4 [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService C:\WINDOWS\System32\termsrv.dll
01:26:03.0799 0x10f4 TermService - ok
01:26:03.0829 0x10f4 [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\WINDOWS\system32\themeservice.dll
01:26:03.0861 0x10f4 Themes - ok
01:26:03.0891 0x10f4 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
01:26:03.0900 0x10f4 THREADORDER - ok
01:26:03.0914 0x10f4 [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
01:26:03.0931 0x10f4 TimeBroker - ok
01:26:03.0951 0x10f4 [ C676B0F52F2B6483AFB88F79CABB011E, 8F10C7C91B47F87C3E29785BDACA49831857849F688C34A1F097C9D6593003AA ] Tpkd C:\WINDOWS\system32\drivers\Tpkd.sys
01:26:04.0006 0x10f4 Tpkd - ok
01:26:04.0080 0x10f4 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys
01:26:04.0091 0x10f4 TPM - ok
01:26:04.0116 0x10f4 [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\WINDOWS\System32\trkwks.dll
01:26:04.0144 0x10f4 TrkWks - ok
01:26:04.0197 0x10f4 [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
01:26:04.0276 0x10f4 TrustedInstaller - ok
01:26:04.0301 0x10f4 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
01:26:04.0431 0x10f4 TsUsbFlt - ok
01:26:04.0454 0x10f4 [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
01:26:04.0462 0x10f4 TsUsbGD - ok
01:26:04.0506 0x10f4 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
01:26:04.0534 0x10f4 tunnel - ok
01:26:04.0549 0x10f4 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
01:26:04.0557 0x10f4 uagp35 - ok
01:26:04.0590 0x10f4 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
01:26:04.0598 0x10f4 UASPStor - ok
01:26:04.0632 0x10f4 [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
01:26:04.0645 0x10f4 UCX01000 - ok
01:26:04.0660 0x10f4 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
01:26:04.0676 0x10f4 udfs - ok
01:26:04.0681 0x10f4 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
01:26:04.0688 0x10f4 UEFI - ok
01:26:04.0725 0x10f4 [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
01:26:04.0754 0x10f4 UI0Detect - ok
01:26:04.0773 0x10f4 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
01:26:04.0781 0x10f4 uliagpkx - ok
01:26:04.0810 0x10f4 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
01:26:04.0834 0x10f4 umbus - ok
01:26:04.0852 0x10f4 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
01:26:04.0860 0x10f4 UmPass - ok
01:26:04.0895 0x10f4 [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
01:26:04.0919 0x10f4 UmRdpService - ok
01:26:05.0010 0x10f4 [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
01:26:05.0021 0x10f4 UNS - ok
01:26:05.0062 0x10f4 [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\WINDOWS\System32\upnphost.dll
01:26:05.0095 0x10f4 upnphost - ok
01:26:05.0128 0x10f4 [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
01:26:05.0177 0x10f4 usbaudio - ok
01:26:05.0207 0x10f4 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
01:26:05.0218 0x10f4 usbccgp - ok
01:26:05.0259 0x10f4 [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
01:26:05.0288 0x10f4 usbcir - ok
01:26:05.0368 0x10f4 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
01:26:05.0378 0x10f4 usbehci - ok
01:26:05.0433 0x10f4 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
01:26:05.0453 0x10f4 usbhub - ok
01:26:05.0487 0x10f4 [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
01:26:05.0506 0x10f4 USBHUB3 - ok
01:26:05.0553 0x10f4 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
01:26:05.0610 0x10f4 usbohci - ok
01:26:05.0635 0x10f4 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
01:26:05.0688 0x10f4 usbprint - ok
01:26:05.0712 0x10f4 [ F04D164C4168701A4E7835607722E5F1, 6F743CF2CF73945B4A4B1C4402744BC2FE1624F1346C194493AD2F7110F9EB35 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
01:26:05.0741 0x10f4 usbscan - ok
01:26:05.0771 0x10f4 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
01:26:05.0783 0x10f4 USBSTOR - ok
01:26:05.0801 0x10f4 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
01:26:05.0871 0x10f4 usbuhci - ok
01:26:05.0993 0x10f4 [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
01:26:06.0016 0x10f4 usbvideo - ok
01:26:06.0053 0x10f4 [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
01:26:06.0069 0x10f4 USBXHCI - ok
01:26:06.0078 0x10f4 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\WINDOWS\system32\lsass.exe
01:26:06.0087 0x10f4 VaultSvc - ok
01:26:06.0110 0x10f4 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
01:26:06.0118 0x10f4 vdrvroot - ok
01:26:06.0181 0x10f4 [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\WINDOWS\System32\vds.exe
01:26:06.0236 0x10f4 vds - ok
01:26:06.0283 0x10f4 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
01:26:06.0293 0x10f4 VerifierExt - ok
01:26:06.0397 0x10f4 [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
01:26:06.0419 0x10f4 vhdmp - ok
01:26:06.0438 0x10f4 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
01:26:06.0445 0x10f4 viaide - ok
01:26:06.0464 0x10f4 [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
01:26:06.0473 0x10f4 vmbus - ok
01:26:06.0487 0x10f4 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
01:26:06.0514 0x10f4 VMBusHID - ok
01:26:06.0552 0x10f4 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
01:26:06.0582 0x10f4 vmicguestinterface - ok
01:26:06.0607 0x10f4 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
01:26:06.0623 0x10f4 vmicheartbeat - ok
01:26:06.0641 0x10f4 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
01:26:06.0657 0x10f4 vmickvpexchange - ok
01:26:06.0674 0x10f4 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
01:26:06.0690 0x10f4 vmicrdv - ok
01:26:06.0707 0x10f4 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
01:26:06.0723 0x10f4 vmicshutdown - ok
01:26:06.0742 0x10f4 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
01:26:06.0758 0x10f4 vmictimesync - ok
01:26:06.0774 0x10f4 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
01:26:06.0790 0x10f4 vmicvss - ok
01:26:06.0811 0x10f4 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
01:26:06.0821 0x10f4 volmgr - ok
01:26:06.0850 0x10f4 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
01:26:06.0865 0x10f4 volmgrx - ok
01:26:06.0902 0x10f4 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
01:26:06.0917 0x10f4 volsnap - ok
01:26:06.0964 0x10f4 [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
01:26:06.0973 0x10f4 vpci - ok
01:26:07.0001 0x10f4 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
01:26:07.0011 0x10f4 vsmraid - ok
01:26:07.0073 0x10f4 [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS C:\WINDOWS\system32\vssvc.exe
01:26:07.0146 0x10f4 VSS - ok
01:26:07.0176 0x10f4 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
01:26:07.0190 0x10f4 VSTXRAID - ok
01:26:07.0265 0x10f4 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
01:26:07.0455 0x10f4 vwifibus - ok
01:26:07.0480 0x10f4 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
01:26:07.0495 0x10f4 vwififlt - ok
01:26:07.0507 0x10f4 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
01:26:07.0527 0x10f4 vwifimp - ok
01:26:07.0567 0x10f4 [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\WINDOWS\system32\w32time.dll
01:26:07.0585 0x10f4 W32Time - ok
01:26:07.0598 0x10f4 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
01:26:07.0621 0x10f4 WacomPen - ok
01:26:07.0686 0x10f4 [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\WINDOWS\system32\wbengine.exe
01:26:07.0781 0x10f4 wbengine - ok
01:26:07.0840 0x10f4 [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
01:26:07.0929 0x10f4 WbioSrvc - ok
01:26:07.0964 0x10f4 [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
01:26:08.0011 0x10f4 Wcmsvc - ok
01:26:08.0084 0x10f4 [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
01:26:08.0154 0x10f4 wcncsvc - ok
01:26:08.0167 0x10f4 [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
01:26:08.0213 0x10f4 WcsPlugInService - ok
01:26:08.0232 0x10f4 [ 0359607177E5E9F6041136CC0A5CB0B6, 16687BE2639648CF46E8768BA1798030472C525612C629BF134D053240E2195B ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
01:26:08.0242 0x10f4 WdBoot - ok
01:26:08.0282 0x10f4 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
01:26:08.0314 0x10f4 Wdf01000 - ok
01:26:08.0371 0x10f4 [ DE8D12B4C3F55FA2C5E9774314F6C58A, C3E835DC066A94E1431BCDC90D7EA27AAC6F82826F4A5527B37D865241D7A366 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
01:26:08.0390 0x10f4 WdFilter - ok
01:26:08.0421 0x10f4 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
01:26:08.0453 0x10f4 WdiServiceHost - ok
01:26:08.0457 0x10f4 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
01:26:08.0470 0x10f4 WdiSystemHost - ok
01:26:08.0498 0x10f4 [ 4AD874CDC812EC156265E451B6B09DAB, 6E3E05B8301841425E9BB0D54B35EF386B78EEB307B5A6153FD1F366D30F23FA ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
01:26:08.0507 0x10f4 WdNisDrv - ok
01:26:08.0523 0x10f4 WdNisSvc - ok
01:26:08.0551 0x10f4 [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient C:\WINDOWS\System32\webclnt.dll
01:26:08.0567 0x10f4 WebClient - ok
01:26:08.0601 0x10f4 [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
01:26:08.0615 0x10f4 Wecsvc - ok
01:26:08.0630 0x10f4 [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
01:26:08.0641 0x10f4 WEPHOSTSVC - ok
01:26:08.0677 0x10f4 [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
01:26:08.0713 0x10f4 wercplsupport - ok
01:26:08.0732 0x10f4 [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
01:26:08.0763 0x10f4 WerSvc - ok
01:26:08.0794 0x10f4 [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
01:26:08.0804 0x10f4 WFPLWFS - ok
01:26:08.0829 0x10f4 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
01:26:08.0840 0x10f4 WiaRpc - ok
01:26:08.0864 0x10f4 [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
01:26:08.0872 0x10f4 WIMMount - ok
01:26:08.0874 0x10f4 WinDefend - ok
01:26:08.0923 0x10f4 [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
01:26:08.0956 0x10f4 WinHttpAutoProxySvc - ok
01:26:08.0995 0x10f4 [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
01:26:09.0024 0x10f4 Winmgmt - ok
01:26:09.0103 0x10f4 [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
01:26:09.0230 0x10f4 WinRM - ok
01:26:09.0289 0x10f4 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys
01:26:09.0317 0x10f4 WinUsb - ok
01:26:09.0497 0x10f4 [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
01:26:09.0545 0x10f4 WlanSvc - ok
01:26:09.0605 0x10f4 [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
01:26:09.0669 0x10f4 wlidsvc - ok
01:26:09.0695 0x10f4 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
01:26:09.0715 0x10f4 WmiAcpi - ok
01:26:09.0756 0x10f4 [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
01:26:09.0794 0x10f4 wmiApSrv - ok
01:26:09.0821 0x10f4 WMPNetworkSvc - ok
01:26:09.0883 0x10f4 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
01:26:09.0922 0x10f4 Wof - ok
01:26:10.0022 0x10f4 [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
01:26:10.0126 0x10f4 workfolderssvc - ok
01:26:10.0158 0x10f4 [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
01:26:10.0166 0x10f4 wpcfltr - ok
01:26:10.0192 0x10f4 [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
01:26:10.0231 0x10f4 WPCSvc - ok
01:26:10.0264 0x10f4 [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
01:26:10.0319 0x10f4 WPDBusEnum - ok
01:26:10.0379 0x10f4 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
01:26:10.0418 0x10f4 WpdUpFltr - ok
01:26:10.0439 0x10f4 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
01:26:10.0494 0x10f4 ws2ifsl - ok
01:26:10.0534 0x10f4 [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc C:\WINDOWS\System32\wscsvc.dll
01:26:10.0581 0x10f4 wscsvc - ok
01:26:10.0584 0x10f4 WSearch - ok
01:26:10.0698 0x10f4 [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\WINDOWS\System32\WSService.dll
01:26:10.0820 0x10f4 WSService - ok
01:26:10.0914 0x10f4 [ DCD090318EC800CF6275C6835900B0C6, 9E72762EEE46CC0606B909850E6D22E9C8E5C88E82F7C974B2B7C1E5160BEBA7 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
01:26:11.0071 0x10f4 wuauserv - ok
01:26:11.0094 0x10f4 [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
01:26:11.0117 0x10f4 WudfPf - ok
01:26:11.0135 0x10f4 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
01:26:11.0146 0x10f4 WUDFRd - ok
01:26:11.0152 0x10f4 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP C:\WINDOWS\System32\drivers\WUDFRd.sys
01:26:11.0162 0x10f4 WUDFSensorLP - ok
01:26:11.0183 0x10f4 [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
01:26:11.0204 0x10f4 wudfsvc - ok
01:26:11.0211 0x10f4 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
01:26:11.0221 0x10f4 WUDFWpdFs - ok
01:26:11.0227 0x10f4 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
01:26:11.0239 0x10f4 WUDFWpdMtp - ok
01:26:11.0282 0x10f4 [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
01:26:11.0302 0x10f4 WwanSvc - ok
01:26:11.0416 0x10f4 [ 86B8B1F5C1189D68B07666784BE882FE, 0DD8C627F3DDBDB61B1910540C465C0D62C9F8D84C7CBB6C80782DB02D535AF0 ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
01:26:11.0442 0x10f4 ZAtheros Bt and Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
01:26:14.0032 0x10f4 Detect skipped due to KSN trusted
01:26:14.0032 0x10f4 ZAtheros Bt and Wlan Coex Agent - ok
01:26:14.0042 0x10f4 ================ Scan global ===============================
01:26:14.0066 0x10f4 [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
01:26:14.0102 0x10f4 [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
01:26:14.0129 0x10f4 [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
01:26:14.0161 0x10f4 [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe
01:26:14.0168 0x10f4 [ Global ] - ok
01:26:14.0169 0x10f4 ================ Scan MBR ==================================
01:26:14.0178 0x10f4 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
01:26:14.0241 0x10f4 \Device\Harddisk0\DR0 - ok
01:26:14.0241 0x10f4 ================ Scan VBR ==================================
01:26:14.0264 0x10f4 [ C5BFC093D8F4379E5B6BC4CEC8F7296A ] \Device\Harddisk0\DR0\Partition1
01:26:14.0278 0x10f4 \Device\Harddisk0\DR0\Partition1 - ok
01:26:14.0294 0x10f4 [ 27687AD731BCB2337FA9957D1C72BD31 ] \Device\Harddisk0\DR0\Partition2
01:26:14.0306 0x10f4 \Device\Harddisk0\DR0\Partition2 - ok
01:26:14.0323 0x10f4 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
01:26:14.0323 0x10f4 \Device\Harddisk0\DR0\Partition3 - ok
01:26:14.0336 0x10f4 [ 9DFBD06643E7AF82D0B16772B15AD0CC ] \Device\Harddisk0\DR0\Partition4
01:26:14.0375 0x10f4 \Device\Harddisk0\DR0\Partition4 - ok
01:26:14.0415 0x10f4 [ 9C4143AEDB5FA3560EBD1442E5B12B60 ] \Device\Harddisk0\DR0\Partition5
01:26:14.0457 0x10f4 \Device\Harddisk0\DR0\Partition5 - ok
01:26:14.0499 0x10f4 [ 80A78D450634917E4BF71AFF11082FA9 ] \Device\Harddisk0\DR0\Partition6
01:26:14.0505 0x10f4 \Device\Harddisk0\DR0\Partition6 - ok
01:26:14.0531 0x10f4 [ 1FB63B3098817A0B6D5945E3531C9420 ] \Device\Harddisk0\DR0\Partition7
01:26:14.0541 0x10f4 \Device\Harddisk0\DR0\Partition7 - ok
01:26:14.0542 0x10f4 ================ Scan generic autorun ======================
01:26:14.0594 0x10f4 [ CFF4C979AA720C73EC93918D9730B9E9, 0DC04ACD258DD5FC4A7EA81AC3F8876675424EC35F7ECB996B7C132BAB430A33 ] C:\WINDOWS\system32\igfxtray.exe
01:26:14.0607 0x10f4 IgfxTray - ok
01:26:14.0638 0x10f4 [ 4B9D449ED9880477DEFBA85D512E05F9, B50C589A1F8953617FAD961363CA3538F6C0539FA06D7FAA2EA88320410C7F43 ] C:\WINDOWS\system32\hkcmd.exe
01:26:14.0667 0x10f4 HotKeysCmds - ok
01:26:14.0703 0x10f4 [ 2498449B5CA65A640125164EE0019B14, F4EF4EA34A656984C83DB3BFCD8390ACD76C922A1C253335104C31D371EEDA17 ] C:\WINDOWS\system32\igfxpers.exe
01:26:14.0731 0x10f4 Persistence - ok
01:26:15.0267 0x10f4 [ 637C513A8A3FFBB3AA05FAFAC3F9174D, 5BFE633BE091A1BCED55AB2E99A6FEB92B7166921249BFB4B05386EA3856B735 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
01:26:15.0631 0x10f4 RTHDVCPL - ok
01:26:15.0740 0x10f4 [ F66CE44D86EA704B31BED2BF2BEDDF75, EC0B3AB0B2011B718299BFF743A28117A3436E9431B6F31CF34416D68AAF1B56 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
01:26:15.0780 0x10f4 RtHDVBg - ok
01:26:15.0901 0x10f4 [ 2362B857693DA580E04ECE28F7D67E7E, EABF4B6502A06B94D07E25D78D8CEF8862B7FE5D117F7F145268B95688A02E62 ] C:\Program Files (x86)\ASUS\APRP\APRP.EXE
01:26:15.0996 0x10f4 ASUSPRP - ok
01:26:16.0099 0x10f4 [ B15880A58755DA0FADB15923013A7957, 4090342AF93538C5F3157605164CF5EC051B6D767B1B7FCCF3265F1D426E88AA ] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe
01:26:16.0204 0x10f4 ASUSWebStorage - ok
01:26:16.0243 0x10f4 [ B7995C675014EEBE77A0BEB7AFCCFC08, 41D186C63273301CF0A1C1EE7B6EB0BB75A251DD441532C5CEB7A4095FB103CD ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
01:26:16.0249 0x10f4 RemoteControl10 - ok
01:26:16.0272 0x10f4 [ EBC0E8C0A4DDA2C32A7D5863462A321A, 2F410138DB66D0219254339F1F098E401CEDAA032596F1F67BC54F394256FC68 ] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
01:26:16.0276 0x10f4 amd_dc_opt - detected UnsignedFile.Multi.Generic ( 1 )
01:26:18.0885 0x10f4 Detect skipped due to KSN trusted
01:26:18.0885 0x10f4 amd_dc_opt - ok
01:26:19.0196 0x10f4 [ 2BE5A08628802F3E4AD7D43FF3927045, 7D6789E3E0A88E1EB54D2668A61CB9FF97394E8243FBA0D29CBFAA7F96E4C882 ] C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
01:26:19.0465 0x10f4 GarenaPlus - ok
01:26:19.0573 0x10f4 [ 05DD0C6B983F7C2E9B4BF1B91AFC3545, C130179DAA1F06915556E802DBB6576694C36A459EADE70D52A85ED00D3CF2D4 ] C:\Program Files (x86)\Steam\steam.exe
01:26:19.0639 0x10f4 Steam - ok
01:26:19.0695 0x10f4 [ 2A65AE735E0C439762072787AD61FA07, 19E4A96924BBD51F45DD5D34D18B16D614779F508B3DF5895DF2218043BEF0E0 ] C:\Program Files (x86)\Windows Mail\wab.exe
01:26:19.0772 0x10f4 WAB Migrate - ok
01:26:19.0772 0x10f4 Waiting for KSN requests completion. In queue: 146
01:26:20.0773 0x10f4 Waiting for KSN requests completion. In queue: 146
01:26:21.0774 0x10f4 Waiting for KSN requests completion. In queue: 3
01:26:22.0775 0x10f4 Waiting for KSN requests completion. In queue: 3
01:26:23.0817 0x10f4 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x61100 ( enabled : updated )
01:26:23.0819 0x10f4 Win FW state via NFP2: enabled
01:26:26.0376 0x10f4 ============================================================
01:26:26.0376 0x10f4 Scan finished
01:26:26.0376 0x10f4 ============================================================
01:26:26.0382 0x143c Detected object count: 0
01:26:26.0382 0x143c Actual detected object count: 0
01:27:38.0577 0x0db8 Deinitialize success

#24 Příspěvek od **altrok** » 28 lis 2014 02:22

Nekolikrat jsem radek po radku projizdel vsechny logy a jedinou moznou souvislot vidim se Steamem... Neupravoval jste nejakym zpusobem tuto aplikaci (crack na hru, ktera vyzaduje steam etc.)? Na zkousku ji odinstalujte a vycistete registry pomoci CCleaneru. Co jste instaloval pred tim nez se problemy objevily?

??? · #25 Příspěvek od **???** » 28 lis 2014 10:35

So steamom som nic nerobil, mám tam nainstalovanu cez neho len jednu bezplatnu hru, to je vsetko.
Ono mi tie reklami zacali nabehavat ked som sa pripojil na net na private kde docasne byvam. Nie je mozne ze by bol nejakym sposobom napadnuty router?

#26 Příspěvek od **altrok** » 28 lis 2014 11:37

Vyloucit to nelze. Maji i ostatni spolubydlici tento problem? Pripojte se na jine pripojeni.

??? · #27 Příspěvek od **???** » 28 lis 2014 11:42

No byvam v dome kde je jeden modem a dva routre (spodne a vrchne podlazie). Problem ma stym spolubyvajuci, ti co byvaju nadomnou nie. A este, aby toho nebolo malo sa mi to aj na android dostalo :/

??? · #28 Příspěvek od **???** » 28 lis 2014 11:45

Este dodatok, aj ked sa pripojim na ine pripojenie tak napr. smartfonom na hocijakej wifi (mesto, skola) - je uz napadnuty a tie stranky mi tam vyskakuju stale.

#29 Příspěvek od **altrok** » 28 lis 2014 21:50

O jaky konkretni model routeru se jedna? Resetujte ho do tovarniho nastaveni.

??? · #30 Příspěvek od **???** » 29 lis 2014 01:12

To Vam prave teraz neviem povedat, pretoze som na vikend doma - kde mi to na notase vyhadzovalo tiez, tak som skusil ccleanerom vycistit chrome a zmizlo to (taktiez na smartfone pomohlo vycistenie chromu). Vyzera to teda ze problem je naozaj v tom routeri, takze uz sa asi len porozpravat so spravcom nech to da do poriadku.
Dakujem za Vas cas a rady

VIRY.CZ

Otravné reklami

Re: Otravné reklami

Re: Otravné reklami

Re: Otravné reklami

Re: Otravné reklami

Re: Otravné reklami

Re: Otravné reklami

Re: Otravné reklami

Re: Otravné reklami

Re: Otravné reklami

Re: Otravné reklami

Re: Otravné reklami

Re: Otravné reklami

Re: Otravné reklami

Re: Otravné reklami

Re: Otravné reklami