OTL logfile created on: 20. 8. 2015 19:30:22 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\KoulovaA\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17937)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy
3,89 Gb Total Physical Memory | 2,43 Gb Available Physical Memory | 62,53% Memory free
4,64 Gb Paging File | 3,09 Gb Available in Paging File | 66,55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448,18 Gb Total Space | 123,80 Gb Free Space | 27,62% Space Free | Partition Type: NTFS
Drive D: | 16,56 Gb Total Space | 1,51 Gb Free Space | 9,09% Space Free | Partition Type: NTFS
Drive E: | 3,56 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: PC-AJANEK | User Name: KoulovaA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2015/08/20 19:28:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\KoulovaA\Desktop\OTL.exe
PRC - [2015/08/14 20:33:25 | 000,377,000 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2015/08/14 19:27:06 | 006,109,776 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2015/08/14 19:27:01 | 000,146,600 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2015/08/11 22:41:20 | 003,423,944 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
PRC - [2015/04/08 00:04:12 | 002,324,216 | ---- | M] (PS Media s.r.o.) -- C:\Windows\SysWOW64\ssins.exe
PRC - [2015/01/02 15:30:09 | 000,107,832 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2014/12/23 00:07:49 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2014/05/27 14:58:30 | 002,139,328 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
PRC - [2014/03/07 10:02:08 | 000,267,224 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
PRC - [2013/10/08 11:41:36 | 001,045,304 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
PRC - [2013/10/08 11:41:28 | 001,039,160 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
PRC - [2013/08/05 09:49:42 | 000,111,576 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
========== Modules (No Company Name) ==========
MOD - [2015/08/14 19:27:05 | 000,102,864 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2015/08/14 19:27:03 | 000,123,976 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2015/08/11 22:41:19 | 017,482,952 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
MOD - [2015/04/07 19:11:18 | 040,540,672 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/08/05 15:48:08 | 000,016,856 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2013/08/05 09:49:47 | 000,627,672 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
========== Services (SafeList) ==========
SRV:
64bit: - [2015/08/14 19:27:01 | 000,146,600 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:
64bit: - [2015/07/07 11:39:32 | 000,366,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:
64bit: - [2015/07/07 11:39:32 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:
64bit: - [2015/05/30 21:36:24 | 000,230,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:
64bit: - [2015/05/25 15:07:50 | 001,430,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:
64bit: - [2015/05/12 15:19:37 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:
64bit: - [2015/05/07 17:21:51 | 000,522,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:
64bit: - [2015/02/21 01:49:18 | 000,780,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:
64bit: - [2014/10/31 06:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:
64bit: - [2014/10/29 05:59:51 | 003,460,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:
64bit: - [2014/10/29 05:50:12 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:
64bit: - [2014/10/29 04:42:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:
64bit: - [2014/10/29 04:42:03 | 000,041,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:
64bit: - [2014/10/29 04:34:51 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:
64bit: - [2014/10/29 04:33:55 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:
64bit: - [2014/10/29 04:29:22 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:
64bit: - [2014/10/29 03:57:05 | 000,324,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:
64bit: - [2014/10/29 03:48:20 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:
64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:
64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:
64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:
64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:
64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:
64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:
64bit: - [2014/10/29 03:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:
64bit: - [2014/10/29 03:27:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:
64bit: - [2014/10/29 03:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:
64bit: - [2014/10/29 03:24:37 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:
64bit: - [2014/10/29 03:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:
64bit: - [2014/10/29 03:20:03 | 000,262,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:
64bit: - [2014/10/29 03:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:
64bit: - [2014/10/29 03:16:17 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:
64bit: - [2014/10/29 03:13:24 | 000,374,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:
64bit: - [2014/10/29 03:13:02 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:
64bit: - [2014/10/29 03:12:36 | 000,407,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:
64bit: - [2014/10/29 03:12:22 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:
64bit: - [2014/10/29 03:11:10 | 001,639,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:
64bit: - [2014/10/29 03:05:09 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:
64bit: - [2014/10/29 02:57:18 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:
64bit: - [2014/10/29 02:48:52 | 000,562,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:
64bit: - [2014/10/29 02:46:48 | 001,348,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:
64bit: - [2014/10/29 02:35:51 | 001,668,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:
64bit: - [2014/04/02 11:52:00 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV:
64bit: - [2014/03/28 13:39:10 | 000,088,064 | ---- | M] (Softex Inc.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe -- (omniserv)
SRV:
64bit: - [2014/01/09 00:12:48 | 000,290,520 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV:
64bit: - [2013/07/01 20:08:48 | 000,822,232 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe -- (Intel(R)
SRV:
64bit: - [2013/07/01 20:08:32 | 000,733,696 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe -- (Intel(R)
SRV:
64bit: - [2009/11/18 04:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2015/08/14 20:33:20 | 000,149,160 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/07/07 20:28:25 | 002,004,488 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2015/05/07 17:05:40 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2015/04/08 00:04:12 | 002,324,216 | ---- | M] (PS Media s.r.o.) [Auto | Running] -- C:\Windows\SysWOW64\ssins.exe -- (ssinstall)
SRV - [2015/01/02 15:30:09 | 000,107,832 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2014/12/23 00:07:49 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014/10/29 05:50:12 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/10/29 03:51:55 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2014/10/29 03:04:45 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2014/05/27 14:58:30 | 002,139,328 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2014/04/02 11:52:00 | 000,475,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2014/04/02 11:52:00 | 000,066,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV - [2014/04/02 11:52:00 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2014/02/18 01:10:18 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/01/13 08:02:24 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013/10/08 11:41:28 | 001,039,160 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe -- (HPWMISVC)
SRV - [2012/04/24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
========== Driver Services (SafeList) ==========
DRV:
64bit: - [2015/08/14 19:27:33 | 001,048,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:
64bit: - [2015/08/14 19:27:10 | 000,447,944 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:
64bit: - [2015/08/14 19:27:10 | 000,274,808 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:
64bit: - [2015/08/14 19:27:10 | 000,150,672 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:
64bit: - [2015/08/14 19:27:10 | 000,090,968 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:
64bit: - [2015/08/14 19:27:10 | 000,065,224 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:
64bit: - [2015/08/14 19:27:10 | 000,028,656 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:
64bit: - [2015/08/14 19:27:09 | 000,093,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:
64bit: - [2015/07/07 11:40:12 | 000,044,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:
64bit: - [2015/07/07 11:40:05 | 000,270,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:
64bit: - [2015/07/07 11:40:05 | 000,114,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:
64bit: - [2015/04/30 00:01:06 | 000,023,200 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:
64bit: - [2015/04/16 08:17:07 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:
64bit: - [2015/03/20 03:56:10 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:
64bit: - [2015/03/17 19:26:06 | 000,467,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:
64bit: - [2015/03/13 06:03:31 | 000,239,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:
64bit: - [2015/03/09 04:02:51 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:
64bit: - [2015/03/04 12:25:11 | 000,377,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:
64bit: - [2014/10/29 05:59:47 | 000,415,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:
64bit: - [2014/10/29 05:59:12 | 000,136,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:
64bit: - [2014/10/29 05:57:42 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:
64bit: - [2014/10/29 05:56:04 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:
64bit: - [2014/10/29 04:46:43 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:
64bit: - [2014/10/29 04:46:09 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:
64bit: - [2014/10/29 04:45:54 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:
64bit: - [2014/10/29 04:45:39 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:
64bit: - [2014/10/29 04:45:16 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:
64bit: - [2014/10/15 10:32:36 | 000,921,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:
64bit: - [2014/10/13 04:43:17 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:
64bit: - [2014/10/13 04:43:17 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:
64bit: - [2014/10/07 08:54:45 | 000,189,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:
64bit: - [2014/10/07 08:44:39 | 000,069,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:
64bit: - [2014/08/15 02:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:
64bit: - [2014/04/26 16:13:17 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
DRV:
64bit: - [2014/03/22 07:07:48 | 003,379,416 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtwlane.sys -- (RTWlanE)
DRV:
64bit: - [2014/03/18 11:54:51 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:
64bit: - [2014/03/18 11:54:39 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:
64bit: - [2014/03/18 11:54:39 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:
64bit: - [2014/03/18 11:54:38 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:
64bit: - [2014/03/18 11:54:38 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:
64bit: - [2014/03/18 11:37:54 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:
64bit: - [2014/02/18 01:09:48 | 004,222,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2014/02/18 01:09:14 | 000,450,520 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:
64bit: - [2014/01/28 05:58:37 | 000,041,704 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:
64bit: - [2014/01/28 01:33:20 | 000,839,896 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:
64bit: - [2014/01/23 20:51:08 | 000,029,464 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\MBI.sys -- (MBI)
DRV:
64bit: - [2014/01/22 09:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(
www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:
64bit: - [2014/01/22 09:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(
www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:
64bit: - [2014/01/15 14:21:46 | 000,088,592 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TXEIx64.sys -- (TXEIx64)
DRV:
64bit: - [2014/01/04 02:08:00 | 000,291,544 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:
64bit: - [2013/12/27 01:30:20 | 000,038,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:
64bit: - [2013/12/27 01:30:20 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:
64bit: - [2013/12/13 07:03:00 | 000,542,448 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:
64bit: - [2013/12/13 07:02:56 | 000,031,472 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:
64bit: - [2013/12/13 07:02:56 | 000,029,936 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:
64bit: - [2013/11/11 19:54:30 | 000,031,232 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iaiogpioe.sys -- (GPIO)
DRV:
64bit: - [2013/11/06 17:12:26 | 000,632,168 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:
64bit: - [2013/08/22 15:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:
64bit: - [2013/08/22 15:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2013/08/22 14:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:
64bit: - [2013/08/22 14:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:
64bit: - [2013/08/22 14:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:
64bit: - [2013/08/22 14:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:
64bit: - [2013/08/22 14:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:
64bit: - [2013/08/22 14:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2013/08/22 14:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2013/08/22 14:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:
64bit: - [2013/08/22 14:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2013/08/22 14:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:
64bit: - [2013/08/22 14:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:
64bit: - [2013/08/22 14:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2013/08/22 14:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2013/08/22 14:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:
64bit: - [2013/08/22 14:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2013/08/22 14:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:
64bit: - [2013/08/22 14:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:
64bit: - [2013/08/22 14:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2013/08/22 14:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:
64bit: - [2013/08/22 14:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:
64bit: - [2013/08/22 14:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2013/08/22 14:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:
64bit: - [2013/08/22 14:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:
64bit: - [2013/08/22 14:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:
64bit: - [2013/08/22 14:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:
64bit: - [2013/08/22 14:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:
64bit: - [2013/08/22 13:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:
64bit: - [2013/08/22 13:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:
64bit: - [2013/08/22 13:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:
64bit: - [2013/08/22 13:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:
64bit: - [2013/08/22 13:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:
64bit: - [2013/08/22 13:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:
64bit: - [2013/08/22 13:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:
64bit: - [2013/08/22 13:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:
64bit: - [2013/08/22 13:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:
64bit: - [2013/08/22 13:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:
64bit: - [2013/08/22 13:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:
64bit: - [2013/08/22 13:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:
64bit: - [2013/08/22 13:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2013/08/22 13:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:
64bit: - [2013/08/22 13:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:
64bit: - [2013/08/22 13:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:
64bit: - [2013/08/22 10:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:
64bit: - [2013/08/13 01:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:
64bit: - [2013/08/10 02:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:
64bit: - [2013/07/30 20:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:
64bit: - [2013/07/25 21:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:
64bit: - [2013/07/22 16:45:58 | 000,020,800 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WirelessButtonDriver64.sys -- (WirelessButtonDriver)
DRV:
64bit: - [2013/06/18 16:45:02 | 003,680,256 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr)
DRV:
64bit: - [2013/03/05 12:01:42 | 000,091,712 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:
64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2592885859-3292131433-3858698835-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com
IE - HKU\S-1-5-21-2592885859-3292131433-3858698835-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2592885859-3292131433-3858698835-1001\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" =
http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-2592885859-3292131433-3858698835-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2592885859-3292131433-3858698835-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:40.0.2
FF - user.js - File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015/08/14 19:26:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2015/07/06 11:34:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KoulovaA\AppData\Roaming\Mozilla\Extensions
[2015/08/20 17:56:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KoulovaA\AppData\Roaming\Mozilla\Firefox\Profiles\j0b6p7mp.default\extensions
[2015/08/14 20:32:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/08/14 20:33:27 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
CHR - Extension: No name found = C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: No name found = C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\10.2.0.190_0\
CHR - Extension: No name found = C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.611.10417_0\
CHR - Extension: No name found = C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\
CHR - Extension: No name found = C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\
CHR - Extension: No name found = C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
O1 HOSTS File: ([2015/08/20 17:34:34 | 000,000,035 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:
64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:
64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O4:
64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [OPBHOBroker] C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe (Hewlett-Packard)
O4:
64bit: - HKLM..\Run: [OPBHOBrokerDesktop] C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe (Hewlett-Packard)
O4:
64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:
64bit: - HKLM..\Run: [SimplePass] C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe (Hewlett-Packard)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8:
64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O9:
64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:
64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15:
64bit: - ..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{30E1B1AE-59C3-4294-937C-04EAAACFA530}: DhcpNameServer = 10.98.231.66 10.98.0.227
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D134968B-B3C4-4016-8BA4-C5BFB74013D3}: DhcpNameServer = 192.168.0.1
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/11/08 12:49:36 | 001,702,728 | R--- | M] () - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2011/11/08 12:49:36 | 000,000,065 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:
64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:
64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:
64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:
64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
Drivers32:
64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.iac2 - C:\Windows\SysWOW64\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: VIDC.IV41 - C:\Windows\SysWow64\ir41_32.ax (Microsoft Corporation)
Drivers32: vidc.iv50 - C:\Windows\SysWOW64\ir50_32original.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2015/08/20 19:28:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\KoulovaA\Desktop\OTL.exe
[2015/08/20 14:50:55 | 000,112,640 | ---- | C] (forum.viry.cz) -- C:\Users\KoulovaA\Desktop\FRSTLauncher.exe
[2015/08/20 14:49:29 | 002,173,952 | ---- | C] (Farbar) -- C:\Users\KoulovaA\Desktop\FRST64.exe
[2015/08/20 14:47:12 | 000,000,000 | ---D | C] -- C:\Users\KoulovaA\AppData\Local\Diagnostics
[2015/08/19 19:51:24 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/08/19 19:47:33 | 000,000,000 | ---D | C] -- C:\Users\KoulovaA\Desktop\Smart
[2015/08/19 19:47:17 | 001,149,912 | ---- | C] (Crystal Dew World) -- C:\Users\KoulovaA\Desktop\DiskInfo.exe
[2015/08/19 18:06:45 | 000,000,000 | ---D | C] -- C:\Users\KoulovaA\AppData\Roaming\LibreOffice
[2015/08/19 17:43:41 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2015/08/19 17:43:40 | 000,000,000 | ---D | C] -- C:\rsit
[2015/08/19 17:40:12 | 000,000,000 | ---D | C] -- C:\Users\KoulovaA\AppData\Local\GWX
[2015/08/16 19:22:21 | 000,124,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2015/08/16 19:22:21 | 000,103,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2015/08/14 20:32:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015/08/14 19:27:13 | 000,378,880 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2015/08/14 19:27:05 | 000,043,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2015/08/12 20:09:21 | 018,823,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Xaml.dll
[2015/08/12 20:09:19 | 015,159,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Xaml.dll
[2015/08/12 20:09:12 | 000,270,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdFilter.sys
[2015/08/12 20:09:09 | 000,114,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdNisDrv.sys
[2015/08/12 20:09:09 | 000,044,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdBoot.sys
[2015/08/12 20:09:04 | 001,116,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015/08/12 20:09:04 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015/08/12 20:09:04 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015/08/12 20:09:03 | 001,148,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015/08/12 20:09:03 | 000,437,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015/08/12 20:09:03 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015/08/12 20:09:03 | 000,025,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2015/08/12 20:09:01 | 000,487,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcfgx.dll
[2015/08/12 20:09:01 | 000,393,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcfgx.dll
[2015/08/12 20:08:50 | 000,428,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2015/08/12 19:45:26 | 002,228,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015/08/12 19:45:26 | 000,891,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015/08/12 19:45:26 | 000,721,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015/08/12 19:45:26 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2015/08/12 19:45:26 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015/08/12 19:45:26 | 000,136,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015/08/12 19:45:26 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015/08/12 19:45:26 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015/08/12 19:45:25 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015/08/12 19:45:25 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015/08/12 19:45:25 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015/08/12 19:44:31 | 005,923,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015/08/12 19:44:28 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015/08/12 19:44:27 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015/08/12 19:44:26 | 002,880,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
[2015/08/12 19:44:25 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015/08/12 19:44:25 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015/08/12 19:44:25 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015/08/12 19:44:24 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015/08/12 19:44:23 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2015/08/12 19:44:23 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015/08/12 19:44:23 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015/08/12 19:44:23 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2015/08/12 19:44:22 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015/08/12 19:44:22 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2015/08/12 19:43:16 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2015/08/12 19:43:11 | 007,458,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015/08/12 19:43:11 | 001,735,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2015/08/12 19:42:45 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2015/08/12 19:42:44 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\basesrv.dll
[2015/08/12 19:42:42 | 000,536,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcupdate_GenuineIntel.dll
[2015/08/12 19:42:42 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\notepad.exe
[2015/08/12 19:42:41 | 007,032,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2015/08/12 19:42:41 | 006,213,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2015/08/12 19:42:40 | 001,101,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdvidcrl.dll
[2015/08/12 19:42:40 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdvidcrl.dll
[2015/08/12 19:42:39 | 001,994,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2015/08/12 19:42:39 | 000,358,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2015/08/12 19:42:39 | 000,301,568 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2015/08/12 19:42:39 | 000,044,032 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2015/08/12 19:42:39 | 000,035,840 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
========== Files - Modified Within 30 Days ==========
[2015/08/20 19:33:41 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/08/20 19:28:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\KoulovaA\Desktop\OTL.exe
[2015/08/20 17:44:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/08/20 17:42:43 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015/08/20 17:42:40 | 3342,241,792 | -HS- | M] () -- C:\hiberfil.sys
[2015/08/20 17:34:34 | 000,000,035 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2015/08/20 14:59:23 | 000,005,925 | ---- | M] () -- C:\Users\KoulovaA\Desktop\Addition.zip
[2015/08/20 14:51:04 | 000,112,640 | ---- | M] (forum.viry.cz) -- C:\Users\KoulovaA\Desktop\FRSTLauncher.exe
[2015/08/20 14:49:32 | 002,173,952 | ---- | M] (Farbar) -- C:\Users\KoulovaA\Desktop\FRST64.exe
[2015/08/19 19:50:43 | 001,585,664 | ---- | M] () -- C:\Users\KoulovaA\Desktop\adwcleaner_5.002.exe
[2015/08/19 19:48:24 | 000,000,194 | ---- | M] () -- C:\Users\KoulovaA\Desktop\DiskInfo.ini
[2015/08/19 19:38:15 | 001,496,172 | ---- | M] () -- C:\Users\KoulovaA\Desktop\CrystalDiskInfo5_0_0.zip
[2015/08/19 18:28:48 | 000,001,093 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2015/08/19 17:43:09 | 001,222,144 | ---- | M] () -- C:\Users\KoulovaA\Desktop\RSITx64.exe
[2015/08/14 19:27:33 | 001,048,344 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsnx.sys
[2015/08/14 19:27:10 | 000,447,944 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2015/08/14 19:27:10 | 000,378,880 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2015/08/14 19:27:10 | 000,274,808 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswVmm.sys
[2015/08/14 19:27:10 | 000,150,672 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2015/08/14 19:27:10 | 000,090,968 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2015/08/14 19:27:10 | 000,065,224 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2015/08/14 19:27:10 | 000,028,656 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys
[2015/08/14 19:27:09 | 000,093,528 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2015/08/14 19:27:05 | 000,043,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2015/08/13 21:07:43 | 001,883,040 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/08/13 21:07:43 | 000,786,952 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/08/13 21:07:43 | 000,768,392 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2015/08/13 21:07:43 | 000,166,490 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2015/08/13 21:07:43 | 000,161,212 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/08/13 21:00:14 | 000,405,824 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/08/12 19:59:12 | 000,002,210 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/08/08 15:55:08 | 000,794,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015/08/08 15:55:08 | 000,179,688 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015/07/30 16:04:44 | 000,124,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2015/07/30 15:48:07 | 000,103,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2015/07/29 16:37:35 | 001,994,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2015/07/29 01:24:29 | 000,025,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2015/07/28 16:24:34 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015/07/28 16:24:33 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015/07/28 16:24:33 | 000,437,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015/07/28 16:24:32 | 001,148,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015/07/28 16:24:32 | 001,116,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015/07/28 16:24:30 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015/07/24 20:57:19 | 000,358,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2015/07/24 20:52:19 | 000,044,032 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2015/07/24 19:27:10 | 000,301,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2015/07/24 19:23:00 | 000,035,840 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
========== Files Created - No Company Name ==========
[2015/08/20 19:33:41 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015/08/19 19:50:35 | 001,585,664 | ---- | C] () -- C:\Users\KoulovaA\Desktop\adwcleaner_5.002.exe
[2015/08/19 19:47:28 | 000,000,194 | ---- | C] () -- C:\Users\KoulovaA\Desktop\DiskInfo.ini
[2015/08/19 19:38:04 | 001,496,172 | ---- | C] () -- C:\Users\KoulovaA\Desktop\CrystalDiskInfo5_0_0.zip
[2015/08/19 17:43:07 | 001,222,144 | ---- | C] () -- C:\Users\KoulovaA\Desktop\RSITx64.exe
[2015/08/12 20:09:23 | 000,411,133 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2015/04/23 10:47:29 | 000,107,008 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2015/04/23 10:43:11 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2014/12/25 17:08:23 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll
[2014/12/23 00:07:54 | 000,107,832 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014/12/23 00:07:49 | 002,250,024 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2014/12/23 00:07:49 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014/09/16 16:23:31 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2014/04/02 11:52:15 | 000,931,872 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/03/18 11:55:05 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2014/02/18 01:09:48 | 000,299,520 | ---- | C] () -- C:\Windows\SysWow64\igdmd32.dll
[2014/02/18 01:09:40 | 000,182,272 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2014/02/18 01:09:40 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
[2013/08/22 17:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013/08/22 17:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013/08/22 16:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013/08/22 09:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013/08/22 01:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/08/22 01:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== ZeroAccess Check ==========
[2014/04/26 07:00:04 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/05/07 19:50:50 | 022,292,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/05/07 18:53:12 | 019,734,960 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/10/29 03:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/10/29 02:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/10/29 03:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/12/26 16:21:54 | 000,000,000 | ---D | M] -- C:\Users\ajajan\AppData\Roaming\AVG
[2014/12/23 10:26:55 | 000,000,000 | ---D | M] -- C:\Users\ajajan\AppData\Roaming\Synaptics
[2015/04/07 19:21:54 | 000,000,000 | ---D | M] -- C:\Users\Kotyna\AppData\Roaming\AVAST Software
[2014/12/24 10:04:10 | 000,000,000 | ---D | M] -- C:\Users\Kotyna\AppData\Roaming\AVG
[2015/04/08 00:17:01 | 000,000,000 | ---D | M] -- C:\Users\Kotyna\AppData\Roaming\Dropbox
[2014/12/24 09:53:17 | 000,000,000 | ---D | M] -- C:\Users\Kotyna\AppData\Roaming\DVDVideoSoft
[2014/12/30 21:54:25 | 000,000,000 | ---D | M] -- C:\Users\Kotyna\AppData\Roaming\Kalypso Media
[2015/04/08 00:33:30 | 000,000,000 | ---D | M] -- C:\Users\Kotyna\AppData\Roaming\LibreOffice
[2014/12/31 20:21:20 | 000,000,000 | ---D | M] -- C:\Users\Kotyna\AppData\Roaming\Origin
[2015/04/08 15:41:43 | 000,000,000 | ---D | M] -- C:\Users\Kotyna\AppData\Roaming\RyijyApp
[2015/08/20 13:32:53 | 000,000,000 | ---D | M] -- C:\Users\Kotyna\AppData\Roaming\Seznam.cz
[2014/12/20 21:39:05 | 000,000,000 | ---D | M] -- C:\Users\Kotyna\AppData\Roaming\Synaptics
[2015/08/17 18:14:58 | 000,000,000 | ---D | M] -- C:\Users\Kotyna\AppData\Roaming\Tropico 4
[2015/07/06 11:34:11 | 000,000,000 | ---D | M] -- C:\Users\KoulovaA\AppData\Roaming\AVAST Software
[2014/12/24 09:58:25 | 000,000,000 | ---D | M] -- C:\Users\KoulovaA\AppData\Roaming\AVG
[2014/12/19 21:09:29 | 000,000,000 | ---D | M] -- C:\Users\KoulovaA\AppData\Roaming\Battle.net
[2015/04/07 19:37:11 | 000,000,000 | ---D | M] -- C:\Users\KoulovaA\AppData\Roaming\Dropbox
[2014/12/24 09:51:35 | 000,000,000 | ---D | M] -- C:\Users\KoulovaA\AppData\Roaming\DVDVideoSoft
[2015/02/11 23:37:41 | 000,000,000 | ---D | M] -- C:\Users\KoulovaA\AppData\Roaming\Kalypso Media
[2015/08/19 18:06:45 | 000,000,000 | ---D | M] -- C:\Users\KoulovaA\AppData\Roaming\LibreOffice
[2014/12/18 22:45:27 | 000,000,000 | ---D | M] -- C:\Users\KoulovaA\AppData\Roaming\Origin
[2015/07/07 21:06:51 | 000,000,000 | ---D | M] -- C:\Users\KoulovaA\AppData\Roaming\Seznam.cz
[2014/12/18 13:56:24 | 000,000,000 | ---D | M] -- C:\Users\KoulovaA\AppData\Roaming\Synaptics
========== Purity Check ==========
========== Custom Scans ==========
< >
[2013/08/22 16:45:54 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
< >
< MD5 for: AGP440.SYS >
[2013/08/22 14:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\Windows\SysNative\drivers\AGP440.sys
[2013/08/22 14:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_36be84f8fc597ea3\AGP440.sys
[2013/08/22 14:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17238_none_ab0b455c927bd60f\AGP440.sys
[2014/12/31 18:44:16 | 000,000,012 | ---- | M] () MD5=AC26F500DB64617F336315BB5A0FDBE1 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\AGP440.sys
[2015/07/10 12:30:50 | 000,063,328 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\AGP440.sys
[2015/07/10 12:30:50 | 000,063,328 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_c357541563097b98\AGP440.sys
[2015/07/10 12:30:50 | 000,063,328 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_10.0.10240.16384_none_c2135eea595e241e\AGP440.sys
< MD5 for: ATAPI.SYS >
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\SysNative\drivers\atapi.sys
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_64aa4354da84c2df\atapi.sys
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.3.9600.16384_none_cdf68824f580d510\atapi.sys
[2015/07/10 12:30:51 | 000,028,512 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\atapi.sys
[2015/07/10 12:30:51 | 000,028,512 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_5689072091519d03\atapi.sys
[2015/07/10 12:30:51 | 000,028,512 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_10.0.10240.16384_none_e53899c8bc371940\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2014/03/18 11:55:05 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\SysWOW64\autochk.exe
[2014/03/18 11:55:05 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_76c6a414dd35029f\autochk.exe
[2014/03/18 11:54:49 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\Windows\SysNative\autochk.exe
[2014/03/18 11:54:49 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_d2e53f98959273d5\autochk.exe
[2015/07/10 12:30:55 | 000,944,640 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\autochk.exe
[2015/07/10 12:30:55 | 000,944,640 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_10.0.10240.16384_none_e9f45ef85c6e6d93\autochk.exe
< MD5 for: CDROM.SYS >
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\SysNative\drivers\cdrom.sys
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_42e9c29f0affc440\cdrom.sys
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.3.9600.16384_none_5067bbed77be70be\cdrom.sys
[2015/07/10 12:30:51 | 000,174,080 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\cdrom.sys
[2015/07/10 12:30:51 | 000,174,080 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\DriverStore\FileRepository\cdrom.inf_amd64_db01c84a794e67f7\cdrom.sys
[2015/07/10 12:30:51 | 000,174,080 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_10.0.10240.16384_none_67a9cd913e74b4ee\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2015/06/05 23:21:44 | 000,018,016 | ---- | M] () MD5=14E1348B6D5DD39C23C2F8FE569B52E0 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.3.9600.16384_none_66bdf96f6ec6545d\cryptsvc.dll
[2014/10/29 03:27:24 | 000,131,584 | ---- | M] (Microsoft Corporation) MD5=6324F0D18FB52833BA64BC828E29054C -- C:\Windows\SysNative\cryptsvc.dll
[2014/10/29 03:27:24 | 000,131,584 | ---- | M] (Microsoft Corporation) MD5=6324F0D18FB52833BA64BC828E29054C -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.3.9600.17415_none_670a944b6e8cc0e5\cryptsvc.dll
[2015/07/10 12:30:56 | 000,077,312 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\cryptsvc.dll
[2015/07/10 12:30:56 | 000,077,312 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_10.0.10240.16384_none_7e000b13357c988d\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2014/12/31 19:09:37 | 000,270,770 | ---- | M] () MD5=0A8F3AFA8E72812FB15A57CA4B9D9DB4 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_42a5f9614d8dbfa5\explorer.exe
[2015/06/05 23:38:06 | 000,087,190 | ---- | M] () MD5=1BF154F7BFAE2B9E0545FB09946C1817 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17415_none_42bfa1f94d79e1bb\explorer.exe
[2014/12/31 19:09:54 | 000,270,774 | ---- | M] () MD5=2195687491E604BA42961470EDA7660E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_42acff334d876b54\explorer.exe
[2014/12/31 22:08:24 | 000,220,250 | ---- | M] () MD5=286928E00AD34E9F88EB5BFA52660A70 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_4d01a98581e82d4f\explorer.exe
[2015/04/04 13:09:32 | 000,396,313 | ---- | M] () MD5=426AEABD8DD389A65A8EE92AB5936153 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4272ee6f4db391ad\explorer.exe
[2015/06/06 12:27:02 | 000,107,122 | ---- | M] () MD5=52063502D4A2E28FEBEA781D0EE5C453 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17415_none_4d144c4b81daa3b6\explorer.exe
[2014/12/31 19:09:44 | 000,271,249 | ---- | M] () MD5=667BC926C7CB889BF276A5FEA316CAEE -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_42adfbb14d868a5d\explorer.exe
[2015/01/28 01:41:17 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=91E24273FCA076EA9E65DAFA98901225 -- C:\Windows\SysWOW64\explorer.exe
[2015/01/28 01:41:17 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=91E24273FCA076EA9E65DAFA98901225 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17667_none_4ce0410f82015c67\explorer.exe
[2014/12/31 22:07:58 | 000,208,578 | ---- | M] () MD5=BDF28F96CE885D001769AAA04D5C7A0B -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_4cfaa3b381ee81a0\explorer.exe
[2015/01/28 01:47:12 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=C10A66189DC8C090E7C84873EDCEBC88 -- C:\Windows\explorer.exe
[2015/01/28 01:47:12 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=C10A66189DC8C090E7C84873EDCEBC88 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17667_none_428b96bd4da09a6c\explorer.exe
[2014/12/31 22:08:10 | 000,208,662 | ---- | M] () MD5=C131BC6F12417306A9C8469CA49110B1 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_4d02a60381e74c58\explorer.exe
[2015/04/04 14:23:41 | 000,338,943 | ---- | M] () MD5=E4FD740C3316F1D1C8322471553466C7 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4cc798c1821453a8\explorer.exe
< MD5 for: HAL.DLL >
[2014/06/02 04:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\Windows\SysNative\hal.dll
[2014/06/02 04:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17196_none_9bde68c32da7abbb\hal.dll
[2014/12/31 19:14:10 | 000,024,467 | ---- | M] () MD5=2635F50EAF3E1B4A8D32B21E1203E130 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17031_none_9c1a44f32d7b883b\hal.dll
[2015/07/10 12:30:57 | 000,425,824 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\hal.dll
[2015/07/10 12:30:57 | 000,425,824 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_10.0.10240.16384_none_b3296452f45781f9\hal.dll
< MD5 for: IASTORV.SYS >
[2013/08/22 14:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2013/08/22 14:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_5069105fb236ae4b\iaStorV.sys
[2013/08/22 14:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_6.3.9600.16384_none_9fcfb2835bbf0103\iaStorV.sys
[2015/07/10 12:30:50 | 000,412,000 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\iaStorV.sys
[2015/07/10 12:30:50 | 000,412,000 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\DriverStore\FileRepository\iastorv.inf_amd64_5069105fb236ae4b\iaStorV.sys
[2015/07/10 12:30:50 | 000,412,000 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_10.0.10240.16384_none_b711c42722754533\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2013/08/22 14:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\Windows\SysNative\drivers\isapnp.sys
[2013/08/22 14:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_36be84f8fc597ea3\isapnp.sys
[2013/08/22 14:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17238_none_ab0b455c927bd60f\isapnp.sys
[2014/12/31 18:44:17 | 000,000,012 | ---- | M] () MD5=AC26F500DB64617F336315BB5A0FDBE1 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\isapnp.sys
[2015/07/10 12:30:50 | 000,022,368 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\isapnp.sys
[2015/07/10 12:30:50 | 000,022,368 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_c357541563097b98\isapnp.sys
[2015/07/10 12:30:50 | 000,022,368 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_10.0.10240.16384_none_c2135eea595e241e\isapnp.sys
< MD5 for: LSASS.EXE >
[2014/10/29 05:51:48 | 000,047,024 | ---- | M] (Microsoft Corporation) MD5=382100E75B6F4668AEAEF228C6CEFFAD -- C:\Windows\SysNative\lsass.exe
[2014/10/29 05:51:48 | 000,047,024 | ---- | M] (Microsoft Corporation) MD5=382100E75B6F4668AEAEF228C6CEFFAD -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.17415_none_2e769c84660bda1b\lsass.exe
[2015/06/05 23:54:13 | 000,008,089 | ---- | M] () MD5=3FFB8CD649DEDA6497FD97550BE82357 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.16408_none_2e8484166600f08e\lsass.exe
[2015/07/10 12:30:57 | 000,056,344 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\lsass.exe
[2015/07/10 12:30:57 | 000,056,344 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_10.0.10240.16384_none_456c134c2cfbb1c3\lsass.exe
< MD5 for: NDIS.SYS >
[2015/02/05 22:24:44 | 001,113,920 | ---- | M] (Microsoft Corporation) MD5=6D3A2565E01B3E4B0F1BEDB0D4B00B3F -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17673_none_4a1d9ccbfbfbedff\ndis.sys
[2015/07/14 23:59:47 | 001,113,944 | ---- | M] (Microsoft Corporation) MD5=97DC5967F65503213FD1F1B3E4A6F983 -- C:\Windows\SysNative\drivers\ndis.sys
[2015/07/14 23:59:47 | 001,113,944 | ---- | M] (Microsoft Corporation) MD5=97DC5967F65503213FD1F1B3E4A6F983 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17933_none_4a48e22dfbdb75b0\ndis.sys
[2015/06/06 00:06:11 | 000,080,695 | ---- | M] () MD5=9C48968B0344AD63559D0D080DA66103 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17399_none_4a0df8fdfc06c676\ndis.sys
[2014/12/31 19:48:39 | 000,025,682 | ---- | M] () MD5=D2D6A481A75207BF24E9D48C61B7F012 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17031_none_4a46d083fbdd5ca3\ndis.sys
[2015/04/04 13:24:18 | 000,164,370 | ---- | M] () MD5=ED85CDFC3CB84F6619D2AF6D6E736BC1 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17199_none_4a0df531fc06cc28\ndis.sys
[2015/07/10 12:30:57 | 001,168,736 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\ndis.sys
[2015/07/10 12:30:57 | 001,168,736 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_10.0.10240.16384_none_6155efe3c2b95661\ndis.sys
< MD5 for: NETLOGON.DLL >
[2014/10/29 03:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) MD5=02D117FC638B768BD1A15F8000B83EAE -- C:\Windows\SysNative\netlogon.dll
[2014/10/29 03:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) MD5=02D117FC638B768BD1A15F8000B83EAE -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17415_none_eec2b22a0bb75b53\netlogon.dll
[2014/12/31 22:47:52 | 000,058,552 | ---- | M] () MD5=35048C9600694C3BF01D644D1AAE62BE -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_f8cac1a04051b0c6\netlogon.dll
[2015/06/06 00:18:59 | 000,125,384 | ---- | M] () MD5=45C2C2EA335BD7FF360C7F006B915766 -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_ee9e39a60bd3552e\netlogon.dll
[2015/06/06 12:56:49 | 000,105,907 | ---- | M] () MD5=B25E2DE4078511EB1747FA0BDB6E4FC5 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_f8f2e3f840341729\netlogon.dll
[2014/10/29 03:02:34 | 000,695,296 | ---- | M] (Microsoft Corporation) MD5=CCEC6CB98A00ECE7F5AFB9C0FC9427B3 -- C:\Windows\SysWOW64\netlogon.dll
[2014/10/29 03:02:34 | 000,695,296 | ---- | M] (Microsoft Corporation) MD5=CCEC6CB98A00ECE7F5AFB9C0FC9427B3 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17415_none_f9175c7c40181d4e\netlogon.dll
[2014/12/31 20:03:52 | 000,108,975 | ---- | M] () MD5=D817ED82C2A0E1CED9B396826F52F7CB -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_ee76174e0bf0eecb\netlogon.dll
[2015/07/10 12:30:56 | 000,836,096 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\netlogon.dll
[2015/07/10 12:30:56 | 000,836,096 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_10.0.10240.16384_none_05b828f1d2a732fb\netlogon.dll
< MD5 for: NVRAID.SYS >
[2013/08/22 14:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\Windows\SysNative\drivers\nvraid.sys
[2013/08/22 14:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvraid.sys
[2013/08/22 14:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvraid.sys
[2015/07/10 12:30:51 | 000,150,368 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\nvraid.sys
[2015/07/10 12:30:51 | 000,150,368 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_3ee6d81b22b3ea66\nvraid.sys
[2015/07/10 12:30:51 | 000,150,368 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_10.0.10240.16384_none_41db34d659abef0b\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2013/08/22 14:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\Windows\SysNative\drivers\nvstor.sys
[2013/08/22 14:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvstor.sys
[2013/08/22 14:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvstor.sys
[2015/07/10 12:30:51 | 000,166,240 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\nvstor.sys
[2015/07/10 12:30:51 | 000,166,240 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_3ee6d81b22b3ea66\nvstor.sys
[2015/07/10 12:30:51 | 000,166,240 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_10.0.10240.16384_none_41db34d659abef0b\nvstor.sys
< MD5 for: SCECLI.DLL >
[2015/06/06 12:53:16 | 000,042,572 | ---- | M] () MD5=22CDB04B964A8D34C42BB7ED150784F8 -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_3320ecb8e1733781\scecli.dll
[2015/06/06 00:16:47 | 000,045,911 | ---- | M] () MD5=878EBE290BED3EE6AC21BF4EE1458F67 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_28cc4266ad127586\scecli.dll
[2014/10/29 03:23:16 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=9A475B8F19A15BFDE8DF84E40ECAE8AA -- C:\Windows\SysNative\scecli.dll
[2014/10/29 03:23:16 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=9A475B8F19A15BFDE8DF84E40ECAE8AA -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.17415_none_2918dd42acd8e20e\scecli.dll
[2014/10/29 03:01:41 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=FB740FE549197E7B08021EF30327921D -- C:\Windows\SysWOW64\scecli.dll
[2014/10/29 03:01:41 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=FB740FE549197E7B08021EF30327921D -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.17415_none_336d8794e139a409\scecli.dll
[2015/07/10 12:30:56 | 000,284,672 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\scecli.dll
[2015/07/10 12:30:56 | 000,284,672 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_10.0.10240.16384_none_400e540a73c8b9b6\scecli.dll
< MD5 for: SMSS.EXE >
[2014/03/18 11:54:39 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\Windows\SysNative\smss.exe
[2014/03/18 11:54:39 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.17031_none_6f522891bc9cbe45\smss.exe
[2015/07/10 12:30:56 | 000,134,832 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\smss.exe
[2015/07/10 12:30:56 | 000,134,832 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_10.0.10240.16384_none_866147f18378b803\smss.exe
< MD5 for: SVCHOST.EXE >
[2015/06/06 13:48:11 | 000,007,517 | ---- | M] () MD5=73AA583D4FB0F05C313B38C091D94804 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_4a5b1e2820e75323\svchost.exe
[2015/06/06 00:19:22 | 000,007,559 | ---- | M] () MD5=CFE97816CBBEF783FD8634109F1877D2 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459\svchost.exe
[2014/10/29 05:17:51 | 000,033,088 | ---- | M] (Microsoft Corporation) MD5=D0ABC231C0B3E88C6B612B28ABBF734D -- C:\Windows\SysWOW64\svchost.exe
[2014/10/29 05:17:51 | 000,033,088 | ---- | M] (Microsoft Corporation) MD5=D0ABC231C0B3E88C6B612B28ABBF734D -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.17415_none_4aa7b90420adbfab\svchost.exe
[2014/10/29 06:11:20 | 000,038,792 | ---- | M] (Microsoft Corporation) MD5=E3A2AD05E24105B35E986CF9CB38EC47 -- C:\Windows\SysNative\svchost.exe
[2014/10/29 06:11:20 | 000,038,792 | ---- | M] (Microsoft Corporation) MD5=E3A2AD05E24105B35E986CF9CB38EC47 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.17415_none_a6c65487d90b30e1\svchost.exe
[2015/07/10 12:30:56 | 000,039,856 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\svchost.exe
[2015/07/10 12:30:56 | 000,039,856 | ---- | M] ()
Unable to obtain MD5 -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_10.0.10240.16384_none_bdbbcb4f9ffb0889\svchost.exe
Ale vim ze to zpomaluje a nevadi mi to 
Nekteri uzivatele tam maji i 200GB.
Stahnete OTL 
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce) 
a to jsem se mohla ukostičkovat 
... takže jako "těžký IT specialista" se chci zeptat, jestli je dobrý kostičkovat nějak pravidelně??.. vím, že CCleaner je dobré použivat ..ehm, vím to, ale realizace vázne
.... to s tím ccleanerem a it bankovnictvím je dobrý nápad, budu využívat ... jen někdy si nechávám některý stránky v historii schválně, abych je pak znovu našla, nějak nejsem schopná si je dát třeba do oblíbených .... Takže děkuju moc za záchranu/pomoc 
všichni co nám tu na těchto stránkách pomáháte jste opravdu machři 
No a kdyby neco, staci se ozvat.
