FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll
17:00:58.0368 0x169c p2psvc - ok
17:00:58.0399 0x169c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\windows\system32\DRIVERS\parport.sys
17:00:58.0414 0x169c Parport - ok
17:00:58.0436 0x169c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys
17:00:58.0448 0x169c partmgr - ok
17:00:58.0464 0x169c [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\windows\System32\pcasvc.dll
17:00:58.0480 0x169c PcaSvc - ok
17:00:58.0527 0x169c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys
17:00:58.0574 0x169c pci - ok
17:00:58.0605 0x169c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\windows\system32\drivers\pciide.sys
17:00:58.0620 0x169c pciide - ok
17:00:58.0652 0x169c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
17:00:58.0683 0x169c pcmcia - ok
17:00:58.0709 0x169c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys
17:00:58.0719 0x169c pcw - ok
17:00:58.0736 0x169c pdfcDispatcher - ok
17:00:58.0768 0x169c [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\windows\system32\drivers\peauth.sys
17:00:58.0812 0x169c PEAUTH - ok
17:00:58.0906 0x169c [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\windows\system32\peerdistsvc.dll
17:00:58.0953 0x169c PeerDistSvc - ok
17:00:59.0030 0x169c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe
17:00:59.0045 0x169c PerfHost - ok
17:00:59.0159 0x169c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll
17:00:59.0237 0x169c pla - ok
17:00:59.0293 0x169c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll
17:00:59.0315 0x169c PlugPlay - ok
17:00:59.0332 0x169c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
17:00:59.0332 0x169c PNRPAutoReg - ok
17:00:59.0347 0x169c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
17:00:59.0381 0x169c PNRPsvc - ok
17:00:59.0459 0x169c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
17:00:59.0506 0x169c PolicyAgent - ok
17:00:59.0521 0x169c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\windows\system32\umpo.dll
17:00:59.0569 0x169c Power - ok
17:00:59.0611 0x169c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
17:00:59.0633 0x169c PptpMiniport - ok
17:00:59.0669 0x169c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\windows\system32\DRIVERS\processr.sys
17:00:59.0682 0x169c Processor - ok
17:00:59.0698 0x169c [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\windows\system32\profsvc.dll
17:00:59.0713 0x169c ProfSvc - ok
17:00:59.0744 0x169c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\windows\system32\lsass.exe
17:00:59.0744 0x169c ProtectedStorage - ok
17:00:59.0797 0x169c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys
17:00:59.0859 0x169c Psched - ok
17:00:59.0890 0x169c [ A6A7AD767BF5141665F5C675F671B3E1, 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
17:00:59.0902 0x169c PSI_SVC_2 - ok
17:00:59.0972 0x169c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
17:01:00.0013 0x169c ql2300 - ok
17:01:00.0028 0x169c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
17:01:00.0044 0x169c ql40xx - ok
17:01:00.0083 0x169c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll
17:01:00.0130 0x169c QWAVE - ok
17:01:00.0161 0x169c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
17:01:00.0177 0x169c QWAVEdrv - ok
17:01:00.0208 0x169c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
17:01:00.0247 0x169c RasAcd - ok
17:01:00.0278 0x169c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
17:01:00.0309 0x169c RasAgileVpn - ok
17:01:00.0325 0x169c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll
17:01:00.0372 0x169c RasAuto - ok
17:01:00.0403 0x169c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
17:01:00.0434 0x169c Rasl2tp - ok
17:01:00.0497 0x169c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll
17:01:00.0552 0x169c RasMan - ok
17:01:00.0583 0x169c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
17:01:00.0614 0x169c RasPppoe - ok
17:01:00.0630 0x169c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
17:01:00.0661 0x169c RasSstp - ok
17:01:00.0708 0x169c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
17:01:00.0770 0x169c rdbss - ok
17:01:00.0801 0x169c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
17:01:00.0801 0x169c rdpbus - ok
17:01:00.0829 0x169c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
17:01:00.0847 0x169c RDPCDD - ok
17:01:00.0893 0x169c [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\windows\system32\drivers\rdpdr.sys
17:01:00.0909 0x169c RDPDR - ok
17:01:00.0925 0x169c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
17:01:00.0956 0x169c RDPENCDD - ok
17:01:00.0971 0x169c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
17:01:01.0003 0x169c RDPREFMP - ok
17:01:01.0034 0x169c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\windows\system32\drivers\RDPWD.sys
17:01:01.0049 0x169c RDPWD - ok
17:01:01.0089 0x169c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
17:01:01.0104 0x169c rdyboost - ok
17:01:01.0114 0x169c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll
17:01:01.0145 0x169c RemoteAccess - ok
17:01:01.0176 0x169c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
17:01:01.0208 0x169c RemoteRegistry - ok
17:01:01.0239 0x169c [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
17:01:01.0254 0x169c RFCOMM - ok
17:01:01.0281 0x169c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
17:01:01.0312 0x169c RpcEptMapper - ok
17:01:01.0328 0x169c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe
17:01:01.0343 0x169c RpcLocator - ok
17:01:01.0408 0x169c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\windows\system32\rpcss.dll
17:01:01.0442 0x169c RpcSs - ok
17:01:01.0474 0x169c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
17:01:01.0505 0x169c rspndr - ok
17:01:01.0536 0x169c [ 3CEEE53BBF8BA284FF44585CEC0162FE, 5725A47BE8B7A9116983895FCB82CB2808B7B9C57BC285F3DFD7352E72DBC1FE ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
17:01:01.0552 0x169c RSUSBSTOR - ok
17:01:01.0567 0x169c [ AC2BF5EE4EB57685B6ECB066AB0B0EF6, EA1440E574BF79FBC19E315F552EE91A8D963DBB216ECA972AD44E7818BC1691 ] RsvLock C:\windows\system32\drivers\RsvLock.sys
17:01:01.0567 0x169c RsvLock - ok
17:01:01.0598 0x169c [ FD978B2BF8A9B2390DCBEF435E9C1F9F, 52CFFE354006CCF087D3651D9D2AF201FD8A8FE8FB7D9CAAC8A527E91838ACE6 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
17:01:01.0630 0x169c RTL8167 - ok
17:01:01.0975 0x169c [ A45A1D896ACE7CE1FA7166C7482D71E6, 24F8E778B5936BFC77D9374DFE0EB8B6AE22DF5B438F4EE367096CE36E205E34 ] rtsuvc C:\windows\system32\DRIVERS\rtsuvc.sys
17:01:02.0185 0x169c rtsuvc - ok
17:01:02.0248 0x169c [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\windows\system32\drivers\vms3cap.sys
17:01:02.0279 0x169c s3cap - ok
17:01:02.0295 0x169c [ 17D9FB7665247C4094E707BD68044EC3, 222464E62965961555ABD1D83F66B64211F4189DE55002AA050916D5414D9D8B ] SafeBoot C:\windows\system32\drivers\SafeBoot.sys
17:01:02.0295 0x169c Suspicious file ( NoAccess ): C:\windows\system32\drivers\SafeBoot.sys. md5: 17D9FB7665247C4094E707BD68044EC3, sha256: 222464E62965961555ABD1D83F66B64211F4189DE55002AA050916D5414D9D8B
17:01:02.0295 0x169c SafeBoot - detected LockedFile.Multi.Generic ( 1 )
17:01:02.0295 0x169c Detect skipped due to KSN trusted
17:01:02.0295 0x169c SafeBoot - ok
17:01:02.0319 0x169c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\windows\system32\lsass.exe
17:01:02.0331 0x169c SamSs - ok
17:01:02.0347 0x169c [ FD8714A36C4646DE22DDC7E36F6D09EF, DA91F0360B7869897D1BC9F24A3473D429B3C6E4605CBD675CDC96F30661C7C5 ] SbAlg C:\windows\system32\drivers\SbAlg.sys
17:01:02.0362 0x169c SbAlg - ok
17:01:02.0378 0x169c [ 3DFF91CD782C299806690AD37EE14C73, 8A10EBE4854E9DA720C02B3E64BA83E6559E42D697AB5713F9AC07BBE291D5AD ] SbFsLock C:\windows\system32\drivers\SbFsLock.sys
17:01:02.0394 0x169c SbFsLock - ok
17:01:02.0440 0x169c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
17:01:02.0456 0x169c sbp2port - ok
17:01:02.0487 0x169c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll
17:01:02.0518 0x169c SCardSvr - ok
17:01:02.0550 0x169c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
17:01:02.0565 0x169c scfilter - ok
17:01:02.0638 0x169c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\windows\system32\schedsvc.dll
17:01:02.0699 0x169c Schedule - ok
17:01:02.0730 0x169c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll
17:01:02.0793 0x169c SCPolicySvc - ok
17:01:02.0824 0x169c [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\windows\system32\drivers\sdbus.sys
17:01:02.0876 0x169c sdbus - ok
17:01:02.0914 0x169c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll
17:01:02.0918 0x169c SDRSVC - ok
17:01:02.0949 0x169c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
17:01:02.0984 0x169c secdrv - ok
17:01:03.0015 0x169c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\windows\system32\seclogon.dll
17:01:03.0082 0x169c seclogon - ok
17:01:03.0098 0x169c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\system32\sens.dll
17:01:03.0129 0x169c SENS - ok
17:01:03.0145 0x169c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll
17:01:03.0164 0x169c SensrSvc - ok
17:01:03.0188 0x169c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
17:01:03.0199 0x169c Serenum - ok
17:01:03.0213 0x169c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\windows\system32\DRIVERS\serial.sys
17:01:03.0220 0x169c Serial - ok
17:01:03.0270 0x169c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
17:01:03.0296 0x169c sermouse - ok
17:01:03.0343 0x169c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll
17:01:03.0374 0x169c SessionEnv - ok
17:01:03.0421 0x169c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
17:01:03.0436 0x169c sffdisk - ok
17:01:03.0436 0x169c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
17:01:03.0452 0x169c sffp_mmc - ok
17:01:03.0452 0x169c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
17:01:03.0481 0x169c sffp_sd - ok
17:01:03.0491 0x169c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
17:01:03.0503 0x169c sfloppy - ok
17:01:03.0546 0x169c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll
17:01:03.0580 0x169c SharedAccess - ok
17:01:03.0612 0x169c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
17:01:03.0658 0x169c ShellHWDetection - ok
17:01:03.0674 0x169c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
17:01:03.0690 0x169c SiSRaid2 - ok
17:01:03.0705 0x169c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
17:01:03.0705 0x169c SiSRaid4 - ok
17:01:03.0736 0x169c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys
17:01:03.0774 0x169c Smb - ok
17:01:03.0791 0x169c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe
17:01:03.0817 0x169c SNMPTRAP - ok
17:01:03.0827 0x169c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys
17:01:03.0837 0x169c spldr - ok
17:01:03.0880 0x169c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe
17:01:03.0911 0x169c Spooler - ok
17:01:04.0067 0x169c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe
17:01:04.0226 0x169c sppsvc - ok
17:01:04.0257 0x169c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll
17:01:04.0289 0x169c sppuinotify - ok
17:01:04.0351 0x169c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\windows\system32\DRIVERS\srv.sys
17:01:04.0375 0x169c srv - ok
17:01:04.0398 0x169c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
17:01:04.0425 0x169c srv2 - ok
17:01:04.0453 0x169c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
17:01:04.0470 0x169c srvnet - ok
17:01:04.0481 0x169c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
17:01:04.0527 0x169c SSDPSRV - ok
17:01:04.0543 0x169c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll
17:01:04.0581 0x169c SstpSvc - ok
17:01:04.0669 0x169c [ D632AA8F172287C7391FB95889D1C05A, 447FDA22506F275D5FE604FC9603269AD8D05110A6CB44ABEA6911E896E3BDA8 ] STacSV C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe
17:01:04.0689 0x169c STacSV - ok
17:01:04.0718 0x169c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
17:01:04.0733 0x169c stexstor - ok
17:01:04.0767 0x169c [ C962F5C90BDBEFB6446B5B252C70FE33, 276351A2C60D60271AADC98DF115F3BEFAC21BA79873EC3AC5B68B1794B28879 ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys
17:01:04.0781 0x169c STHDA - ok
17:01:04.0863 0x169c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll
17:01:04.0898 0x169c stisvc - ok
17:01:04.0929 0x169c [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\windows\system32\drivers\vmstorfl.sys
17:01:04.0945 0x169c storflt - ok
17:01:04.0960 0x169c [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\windows\system32\storsvc.dll
17:01:04.0976 0x169c StorSvc - ok
17:01:05.0015 0x169c [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\windows\system32\drivers\storvsc.sys
17:01:05.0015 0x169c storvsc - ok
17:01:05.0031 0x169c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\windows\system32\drivers\swenum.sys
17:01:05.0046 0x169c swenum - ok
17:01:05.0077 0x169c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll
17:01:05.0124 0x169c swprv - ok
17:01:05.0233 0x169c [ D268D2A0DB2A2BBE963E688D0B039267, DBEF7A1E1E015825E4C2BD80FE3D468E8A6840A44027381CDD4B96605D2FC12A ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
17:01:05.0265 0x169c SynTP - ok
17:01:05.0408 0x169c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\windows\system32\sysmain.dll
17:01:05.0471 0x169c SysMain - ok
17:01:05.0518 0x169c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
17:01:05.0580 0x169c TabletInputService - ok
17:01:05.0596 0x169c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll17:01:05.0630 0x169c TapiSrv - ok
17:01:05.0661 0x169c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\windows\System32\tbssvc.dll
17:01:05.0693 0x169c TBS - ok
17:01:05.0870 0x169c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\windows\system32\drivers\tcpip.sys
17:01:05.0914 0x169c Tcpip - ok
17:01:05.0977 0x169c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
17:01:06.0023 0x169c TCPIP6 - ok
17:01:06.0074 0x169c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
17:01:06.0098 0x169c tcpipreg - ok
17:01:06.0129 0x169c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
17:01:06.0145 0x169c TDPIPE - ok
17:01:06.0176 0x169c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
17:01:06.0191 0x169c TDTCP - ok
17:01:06.0246 0x169c [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\windows\system32\DRIVERS\tdx.sys
17:01:06.0309 0x169c tdx - ok
17:01:06.0340 0x169c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\windows\system32\drivers\termdd.sys
17:01:06.0355 0x169c TermDD - ok
17:01:06.0402 0x169c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\windows\System32\termsrv.dll
17:01:06.0433 0x169c TermService - ok
17:01:06.0465 0x169c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll
17:01:06.0480 0x169c Themes - ok
17:01:06.0517 0x169c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll
17:01:06.0550 0x169c THREADORDER - ok
17:01:06.0564 0x169c [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\windows\system32\drivers\tpm.sys
17:01:06.0580 0x169c TPM - ok
17:01:06.0596 0x169c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll
17:01:06.0627 0x169c TrkWks - ok
17:01:06.0697 0x169c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
17:01:06.0728 0x169c TrustedInstaller - ok
17:01:06.0760 0x169c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
17:01:06.0791 0x169c tssecsrv - ok
17:01:06.0831 0x169c [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
17:01:06.0847 0x169c TsUsbFlt - ok
17:01:06.0893 0x169c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
17:01:06.0940 0x169c tunnel - ok
17:01:06.0971 0x169c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
17:01:06.0971 0x169c uagp35 - ok
17:01:07.0049 0x169c [ 9EEA84226ED2A028BC3FDFDDE03FE95C, 5DF9428D0B2078CD0C391B0721117C989D680E78A2B8D54DAA9662B1894F772A ] uArcCapture C:\windows\system\uArcCapture.exe
17:01:07.0081 0x169c uArcCapture - ok
17:01:07.0127 0x169c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys
17:01:07.0208 0x169c udfs - ok
17:01:07.0239 0x169c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe
17:01:07.0255 0x169c UI0Detect - ok
17:01:07.0301 0x169c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
17:01:07.0301 0x169c uliagpkx - ok
17:01:07.0348 0x169c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\windows\system32\drivers\umbus.sys
17:01:07.0379 0x169c umbus - ok
17:01:07.0421 0x169c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\windows\system32\DRIVERS\umpass.sys
17:01:07.0431 0x169c UmPass - ok
17:01:07.0477 0x169c [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\windows\System32\umrdp.dll
17:01:07.0493 0x169c UmRdpService - ok
17:01:07.0524 0x169c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll
17:01:07.0571 0x169c upnphost - ok
17:01:07.0602 0x169c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
17:01:07.0618 0x169c usbccgp - ok
17:01:07.0633 0x169c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\windows\system32\drivers\usbcir.sys
17:01:07.0649 0x169c usbcir - ok
17:01:07.0682 0x169c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
17:01:07.0694 0x169c usbehci - ok
17:01:07.0715 0x169c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
17:01:07.0730 0x169c usbhub - ok
17:01:07.0746 0x169c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
17:01:07.0770 0x169c usbohci - ok
17:01:07.0780 0x169c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
17:01:07.0796 0x169c usbprint - ok
17:01:07.0827 0x169c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
17:01:07.0843 0x169c USBSTOR - ok
17:01:07.0866 0x169c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
17:01:07.0898 0x169c usbuhci - ok
17:01:07.0929 0x169c [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
17:01:07.0944 0x169c usbvideo - ok
17:01:07.0979 0x169c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll
17:01:08.0011 0x169c UxSms - ok
17:01:08.0014 0x169c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\windows\system32\lsass.exe
17:01:08.0030 0x169c VaultSvc - ok
17:01:08.0158 0x169c [ BBE2B5036D2FF45458C747FB2513591D, 22A2E672E9EF5F39BB9E75D54B6AD83E6C63C5126E3C4D7BD02777F3DE39F505 ] vcsFPService C:\windows\system32\vcsFPService.exe
17:01:08.0220 0x169c vcsFPService - ok
17:01:08.0236 0x169c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
17:01:08.0251 0x169c vdrvroot - ok
17:01:08.0308 0x169c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe
17:01:08.0352 0x169c vds - ok
17:01:08.0379 0x169c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
17:01:08.0380 0x169c vga - ok
17:01:08.0395 0x169c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys
17:01:08.0427 0x169c VgaSave - ok
17:01:08.0473 0x169c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys
17:01:08.0489 0x169c vhdmp - ok
17:01:08.0536 0x169c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys
17:01:08.0571 0x169c viaide - ok
17:01:08.0619 0x169c [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\windows\system32\drivers\vmbus.sys
17:01:08.0645 0x169c vmbus - ok
17:01:08.0662 0x169c [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\windows\system32\drivers\VMBusHID.sys
17:01:08.0672 0x169c VMBusHID - ok
17:01:08.0680 0x169c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys
17:01:08.0696 0x169c volmgr - ok
17:01:08.0742 0x169c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys
17:01:08.0758 0x169c volmgrx - ok
17:01:08.0774 0x169c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\windows\system32\drivers\volsnap.sys
17:01:08.0789 0x169c volsnap - ok
17:01:08.0820 0x169c [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus C:\windows\system32\DRIVERS\vpchbus.sys
17:01:08.0867 0x169c vpcbus - ok
17:01:08.0912 0x169c [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr C:\windows\system32\DRIVERS\vpcnfltr.sys
17:01:08.0925 0x169c vpcnfltr - ok
17:01:08.0936 0x169c [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb C:\windows\system32\DRIVERS\vpcusb.sys
17:01:08.0951 0x169c vpcusb - ok
17:01:08.0995 0x169c [ 207B6539799CC1C112661A9B620DD233, 6B915CC7F77C867516D94865D7BF2E5C815402EF0A4488C3EB2FEF7CFA6C98F6 ] vpcvmm C:\windows\system32\drivers\vpcvmm.sys
17:01:09.0011 0x169c vpcvmm - ok
17:01:09.0042 0x169c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
17:01:09.0042 0x169c vsmraid - ok
17:01:09.0151 0x169c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe
17:01:09.0230 0x169c VSS - ok
17:01:09.0263 0x169c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
17:01:09.0276 0x169c vwifibus - ok
17:01:09.0281 0x169c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
17:01:09.0296 0x169c vwififlt - ok
17:01:09.0328 0x169c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll
17:01:09.0375 0x169c W32Time - ok
17:01:09.0375 0x169c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
17:01:09.0390 0x169c WacomPen - ok
17:01:09.0437 0x169c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
17:01:09.0503 0x169c WANARP - ok
17:01:09.0508 0x169c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
17:01:09.0531 0x169c Wanarpv6 - ok
17:01:09.0611 0x169c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
17:01:09.0643 0x169c WatAdminSvc - ok
17:01:09.0761 0x169c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe
17:01:09.0816 0x169c wbengine - ok
17:01:09.0847 0x169c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll
17:01:09.0862 0x169c WbioSrvc - ok
17:01:09.0940 0x169c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll
17:01:09.0972 0x169c wcncsvc - ok
17:01:09.0987 0x169c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
17:01:10.0003 0x169c WcsPlugInService - ok
17:01:10.0018 0x169c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\windows\system32\DRIVERS\wd.sys
17:01:10.0034 0x169c Wd - ok
17:01:10.0096 0x169c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
17:01:10.0130 0x169c Wdf01000 - ok
17:01:10.0146 0x169c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\windows\system32\wdi.dll
17:01:10.0161 0x169c WdiServiceHost - ok
17:01:10.0161 0x169c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\windows\system32\wdi.dll
17:01:10.0177 0x169c WdiSystemHost - ok
17:01:10.0208 0x169c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\windows\System32\webclnt.dll
17:01:10.0224 0x169c WebClient - ok
17:01:10.0255 0x169c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll
17:01:10.0286 0x169c Wecsvc - ok
17:01:10.0302 0x169c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll
17:01:10.0333 0x169c wercplsupport - ok
17:01:10.0348 0x169c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll
17:01:10.0380 0x169c WerSvc - ok
17:01:10.0414 0x169c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
17:01:10.0442 0x169c WfpLwf - ok
17:01:10.0442 0x169c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys
17:01:10.0457 0x169c WIMMount - ok
17:01:10.0489 0x169c WinDefend - ok
17:01:10.0489 0x169c WinHttpAutoProxySvc - ok
17:01:10.0535 0x169c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
17:01:10.0582 0x169c Winmgmt - ok
17:01:10.0703 0x169c [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\windows\system32\WsmSvc.dll
17:01:10.0781 0x169c WinRM - ok
17:01:10.0828 0x169c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB C:\windows\system32\DRIVERS\WinUSB.sys
17:01:10.0843 0x169c WinUSB - ok
17:01:10.0912 0x169c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll
17:01:10.0959 0x169c Wlansvc - ok
17:01:11.0123 0x169c [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:01:11.0185 0x169c wlidsvc - ok
17:01:11.0232 0x169c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
17:01:11.0248 0x169c WmiAcpi - ok
17:01:11.0263 0x169c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
17:01:11.0295 0x169c wmiApSrv - ok
17:01:11.0316 0x169c WMPNetworkSvc - ok
17:01:11.0334 0x169c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll
17:01:11.0346 0x169c WPCSvc - ok
17:01:11.0379 0x169c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
17:01:11.0410 0x169c WPDBusEnum - ok
17:01:11.0426 0x169c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
17:01:11.0465 0x169c ws2ifsl - ok
17:01:11.0480 0x169c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\system32\wscsvc.dll
17:01:11.0496 0x169c wscsvc - ok
17:01:11.0496 0x169c WSearch - ok
17:01:11.0645 0x169c [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\windows\system32\wuaueng.dll
17:01:11.0708 0x169c wuauserv - ok
17:01:11.0755 0x169c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
17:01:11.0786 0x169c WudfPf - ok
17:01:11.0801 0x169c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
17:01:11.0817 0x169c WUDFRd - ok
17:01:11.0864 0x169c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
17:01:11.0879 0x169c wudfsvc - ok
17:01:11.0931 0x169c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\windows\System32\wwansvc.dll
17:01:11.0962 0x169c WwanSvc - ok
17:01:11.0977 0x169c ================ Scan global ===============================
17:01:12.0009 0x169c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
17:01:12.0040 0x169c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
17:01:12.0055 0x169c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
17:01:12.0071 0x169c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
17:01:12.0102 0x169c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
17:01:12.0102 0x169c [ Global ] - ok
17:01:12.0102 0x169c ================ Scan MBR ==================================
17:01:12.0118 0x169c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:01:12.0578 0x169c \Device\Harddisk0\DR0 - ok
17:01:12.0579 0x169c ================ Scan VBR ==================================
17:01:12.0580 0x169c [ F5E74CCF869E5DEFAD276AA0E8298B33 ] \Device\Harddisk0\DR0\Partition1
17:01:12.0580 0x169c \Device\Harddisk0\DR0\Partition1 - ok
17:01:12.0596 0x169c [ A2F8BD8ED8187459837363F45F2721FB ] \Device\Harddisk0\DR0\Partition2
17:01:12.0596 0x169c \Device\Harddisk0\DR0\Partition2 - ok
17:01:12.0627 0x169c [ 82D5C19929074F18E9EAE0E8F2DE85C1 ] \Device\Harddisk0\DR0\Partition3
17:01:12.0643 0x169c \Device\Harddisk0\DR0\Partition3 - ok
17:01:12.0663 0x169c [ EC0FA710367B4D7AA2DF0BC410C88683 ] \Device\Harddisk0\DR0\Partition4
17:01:12.0664 0x169c \Device\Harddisk0\DR0\Partition4 - ok
17:01:12.0664 0x169c ================ Scan generic autorun ======================
17:01:12.0782 0x169c [ 808E1ADD586431907571CFACFADE50D2, 4A10464C669EF47DC91024D88DDDA29BB9733FD9C6A8043576637036E01D41AC ] C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
17:01:12.0828 0x169c HPPowerAssistant - ok
17:01:12.0828 0x169c SynTPEnh - ok
17:01:12.0844 0x169c [ A0ABBAD8CE99CBF8467D697073B38E87, C71F58580D93F0B78BDA735DA6201A6F1BDA36CC9F72D15B4E6DD62D6C3A43D0 ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
17:01:12.0861 0x169c HPWirelessAssistant - detected UnsignedFile.Multi.Generic ( 1 )
17:01:12.0861 0x169c Detect skipped due to KSN trusted
17:01:12.0861 0x169c HPWirelessAssistant - ok
17:01:12.0927 0x169c [ 85C311AA035A6EC9261C103D9DFA03EC, 11E7B4EBCEDB2B49AC551055B9DBECAF12340F4713E83245195E378EA0523B2C ] C:\Program Files\IDT\WDM\sttray64.exe
17:01:12.0990 0x169c SysTrayApp - ok
17:01:13.0117 0x169c [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
17:01:13.0163 0x169c MSC - ok
17:01:13.0303 0x169c [ DD79A6B15C2F28DE98DF4852AAF6B13B, 0F7E9023E0BA4B40E2DE9A9FA34E85FEAF72B93049AAB3E1D73AD046BB113E05 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
17:01:13.0334 0x169c NCPluginUpdater - ok
17:01:13.0391 0x169c [ 1135BDA26ABCC3033A930D7D473F394E, 6D86BF467EEC6E1C17871FFFAE9FC6C651379F384F73BF028F12B7B7E6F44934 ] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
17:01:13.0407 0x169c QLBController - ok
17:01:13.0445 0x169c [ 8FBE8BDDC2DF1FD5EEDD482DC3BCDEF5, B50EA509663165656C421E789DF0B3E5FF857EB66DA814983A75331976A3DB37 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
17:01:13.0445 0x169c StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
17:01:13.0445 0x169c Detect skipped due to KSN trusted
17:01:13.0445 0x169c StartCCC - ok
17:01:13.0496 0x169c [ A503D486FCE9119E28D368198CF8F146, 149922B52AB977E7CCBFCAB963B21967DBCA1133519B68CF09B15BC13B927080 ] C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe
17:01:13.0512 0x169c 4StoryPrePatch - detected UnsignedFile.Multi.Generic ( 1 )
17:01:13.0512 0x169c Detect skipped due to KSN trusted
17:01:13.0512 0x169c 4StoryPrePatch - ok
17:01:13.0574 0x169c [ 71C6C44922EF7077254BC6648FD69D75, 208C7917D505C9113DF32A44FE24EA0CC8BBEF021BDCD84421FB008AD26820DA ] C:\Program Files (x86)\WebcamMax\wcmmon.exe
17:01:13.0590 0x169c WebcamMaxMoniter - detected UnsignedFile.Multi.Generic ( 1 )
17:01:13.0590 0x169c Detect skipped due to KSN trusted
17:01:13.0590 0x169c WebcamMaxMoniter - ok
17:01:14.0030 0x169c [ D2C487A7B8055F35844135D909D7894C, D0F74D95318BA308EB49461FA3F968DC7278A383FFA76A07D967812A394EB2AA ] c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
17:01:14.0470 0x169c File Sanitizer - detected UnsignedFile.Multi.Generic ( 1 )
17:01:14.0470 0x169c Detect skipped due to KSN trusted
17:01:14.0470 0x169c File Sanitizer - ok
17:01:14.0513 0x169c [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
17:01:14.0545 0x169c RESTART_STICKY_NOTES - ok
17:01:14.0631 0x169c [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
17:01:14.0693 0x169c Sidebar - ok
17:01:14.0849 0x169c [ BDF37B36AC60A7D97161A103B14CEE65, 38DEC2F59AC7C22AD5ADC48076C38A9AC92D3AE4F2EEFBBA408FFDC7A4E1E54A ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
17:01:14.0921 0x169c LightScribe Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
17:01:14.0921 0x169c Detect skipped due to KSN trusted
17:01:14.0921 0x169c LightScribe Control Panel - ok
17:01:14.0926 0x169c AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x60000 ( disabled : updated )
17:01:14.0930 0x169c Win FW state via NFP2: enabled
17:01:17.0341 0x169c ============================================================
17:01:17.0341 0x169c Scan finished
17:01:17.0341 0x169c ============================================================
17:01:17.0358 0x1748 Detected object count: 0
17:01:17.0358 0x1748 Actual detected object count: 0
DRUHÝ LOG, také nic nenašel:
Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org
Database version: v2014.12.07.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17420
Pavel :: PAVELS-HP [administrator]
7.12.2014 17:08:16
mbar-log-2014-12-07 (17-08-16).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 429754
Time elapsed: 22 minute(s), 22 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Totálně zahumusené pc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
funkymusic
- Vzorný návštěvník
- Příspěvky: 402
- Registrován: 07 pro 2004 15:16
Re: Totálně zahumusené pc
Dejte novy log z RSIT
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
funkymusic
- Vzorný návštěvník
- Příspěvky: 402
- Registrován: 07 pro 2004 15:16
Re: Totálně zahumusené pc
Logfile of random's system information tool 1.10 (written by random/random)
Run by Pavel at 2014-12-07 18:00:55
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 121 GB (42%) free of 288 GB
Total RAM: 3830 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:01:01, on 7.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal
Running processes:
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files\trend micro\Pavel.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [4StoryPrePatch] C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe
O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files (x86)\WebcamMax\wcmmon.exe" /a
O4 - HKLM\..\Run: [File Sanitizer] c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = SKOLA.LOCAL
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = SKOLA.LOCAL
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = SKOLA.LOCAL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: DEBridge - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\system\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13051 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe"
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe
C:\windows\system32\Hpservice.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 26056832
\??\C:\windows\system32\conhost.exe "51254736711859503131441375302-11404388531104924571-13674226721211739117-860736121
taskeng.exe {C6E90B9B-C49B-49EA-99F6-2CC44B1DEBFB}
C:\windows\System32\spoolsv.exe
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe"
"c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system\uArcCapture.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2360
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe"
atieclxx
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\windows\Explorer.EXE
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\Users\Pavel\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
HP ProtectTools Security Manager Extension - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2010-01-22 2132232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2010-05-06 117248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
HP ProtectTools Security Manager Extension - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2010-01-22 1471752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2010-08-23 1691192]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 2174760]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-01-27 8192]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-01-29 487424]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 1331288]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-10-21 21720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2010-03-01 256056]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-08-05 98304]
"4StoryPrePatch"=C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe [2013-02-19 327680]
"WebcamMaxMoniter"=C:\Program Files (x86)\WebcamMax\wcmmon.exe [2007-08-01 450048]
"File Sanitizer"=c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2010-05-06 11268096]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2014-12-07 17:08:01 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-12-07 16:57:58 ----A---- C:\TDSSKiller.3.0.0.41_07.12.2014_16.57.58_log.txt
2014-12-07 14:41:50 ----D---- C:\FRST
2014-12-07 11:09:52 ----D---- C:\windows\temp
2014-12-07 11:09:51 ----A---- C:\ComboFix.txt
2014-12-07 11:04:10 ----SHD---- C:\$RECYCLE.BIN
2014-12-06 13:04:45 ----A---- C:\windows\zip.exe
2014-12-06 13:04:45 ----A---- C:\windows\SWREG.exe
2014-12-06 13:04:45 ----A---- C:\windows\PEV.exe
2014-12-06 13:04:45 ----A---- C:\windows\NIRCMD.exe
2014-12-06 13:04:45 ----A---- C:\windows\MBR.exe
2014-12-06 13:04:45 ----A---- C:\windows\grep.exe
2014-12-06 13:04:44 ----A---- C:\windows\SWSC.exe
2014-12-06 13:04:44 ----A---- C:\windows\sed.exe
2014-12-06 13:04:39 ----D---- C:\Qoobox
2014-12-06 13:04:19 ----D---- C:\windows\erdnt
2014-12-06 00:34:58 ----A---- C:\windows\zoek-delete.exe
2014-12-05 23:48:54 ----D---- C:\zoek_backup
2014-12-03 21:30:58 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-03 21:30:06 ----D---- C:\ProgramData\Malwarebytes
2014-12-03 21:30:06 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-03 21:30:06 ----A---- C:\windows\system32\drivers\mwac.sys
2014-12-03 21:30:06 ----A---- C:\windows\system32\drivers\mbamchameleon.sys
2014-12-03 21:30:06 ----A---- C:\windows\system32\drivers\mbam.sys
2014-12-03 21:20:35 ----D---- C:\AdwCleaner
2014-12-03 18:10:41 ----D---- C:\rsit
2014-12-03 18:10:41 ----D---- C:\Program Files\trend micro
2014-11-28 23:19:48 ----A---- C:\windows\SYSWOW64\kerberos.dll
2014-11-28 23:19:48 ----A---- C:\windows\system32\pku2u.dll
2014-11-28 23:19:48 ----A---- C:\windows\system32\kerberos.dll
2014-11-26 20:32:35 ----A---- C:\windows\SYSWOW64\pku2u.dll
2014-11-15 16:55:09 ----A---- C:\windows\system32\termsrv.dll
2014-11-15 16:55:08 ----A---- C:\windows\SYSWOW64\adtschema.dll
2014-11-15 16:55:08 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2014-11-15 16:55:08 ----A---- C:\windows\system32\adtschema.dll
2014-11-15 16:55:07 ----A---- C:\windows\system32\lsasrv.dll
2014-11-15 16:55:06 ----A---- C:\windows\SYSWOW64\sspicli.dll
2014-11-15 16:55:06 ----A---- C:\windows\SYSWOW64\secur32.dll
2014-11-15 16:55:06 ----A---- C:\windows\SYSWOW64\msaudite.dll
2014-11-15 16:55:06 ----A---- C:\windows\system32\msaudite.dll
2014-11-12 15:46:29 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-11-12 15:46:28 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-11-12 15:46:28 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-11-12 15:46:28 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-11-12 15:46:28 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2014-11-12 15:46:28 ----A---- C:\windows\system32\iernonce.dll
2014-11-12 15:46:28 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-11-12 15:46:28 ----A---- C:\windows\system32\ieetwcollector.exe
2014-11-12 15:46:28 ----A---- C:\windows\system32\ie4uinit.exe
2014-11-12 15:46:27 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-12 15:46:26 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-11-12 15:46:26 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-11-12 15:46:26 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-11-12 15:46:26 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 15:46:25 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-11-12 15:46:25 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-11-12 15:46:24 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-11-12 15:46:24 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-11-12 15:46:24 ----A---- C:\windows\system32\urlmon.dll
2014-11-12 15:46:24 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-11-12 15:46:24 ----A---- C:\windows\system32\iedkcs32.dll
2014-11-12 15:46:23 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-11-12 15:46:23 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-11-12 15:46:23 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-11-12 15:46:23 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-11-12 15:46:22 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-11-12 15:46:22 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-11-12 15:46:22 ----A---- C:\windows\system32\msfeeds.dll
2014-11-12 15:46:22 ----A---- C:\windows\system32\dxtrans.dll
2014-11-12 15:46:21 ----A---- C:\windows\system32\iesetup.dll
2014-11-12 15:46:21 ----A---- C:\windows\system32\ieapfltr.dll
2014-11-12 15:46:20 ----A---- C:\windows\system32\iertutil.dll
2014-11-12 15:46:19 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-11-12 15:46:19 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-11-12 15:46:19 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2014-11-12 15:46:19 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-11-12 15:46:19 ----A---- C:\windows\system32\jsproxy.dll
2014-11-12 15:46:18 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-11-12 15:46:18 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2014-11-12 15:46:18 ----A---- C:\windows\system32\ieUnatt.exe
2014-11-12 15:46:18 ----A---- C:\windows\system32\dxtmsft.dll
2014-11-12 15:46:17 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-11-12 15:46:17 ----A---- C:\windows\system32\mshtmled.dll
2014-11-12 15:46:17 ----A---- C:\windows\system32\ieui.dll
2014-11-12 15:46:17 ----A---- C:\windows\system32\ieframe.dll
2014-11-12 15:46:16 ----A---- C:\windows\system32\vbscript.dll
2014-11-12 15:46:16 ----A---- C:\windows\system32\jscript9diag.dll
2014-11-12 15:46:16 ----A---- C:\windows\system32\jscript9.dll
2014-11-12 15:46:15 ----A---- C:\windows\system32\wininet.dll
2014-11-12 15:46:15 ----A---- C:\windows\system32\msrating.dll
2014-11-12 15:46:15 ----A---- C:\windows\system32\MshtmlDac.dll
2014-11-12 15:46:14 ----A---- C:\windows\system32\mshtml.dll
2014-11-12 15:45:20 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2014-11-12 15:45:20 ----A---- C:\windows\system32\oleaut32.dll
2014-11-12 15:45:16 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2014-11-12 15:45:16 ----A---- C:\windows\SYSWOW64\msxml3.dll
2014-11-12 15:45:16 ----A---- C:\windows\system32\msxml3r.dll
2014-11-12 15:45:16 ----A---- C:\windows\system32\msxml3.dll
2014-11-12 15:45:14 ----A---- C:\windows\system32\IMJP10K.DLL
2014-11-12 15:45:13 ----A---- C:\windows\SYSWOW64\IMJP10K.DLL
2014-11-12 15:45:10 ----A---- C:\windows\SYSWOW64\AUDIOKSE.dll
2014-11-12 15:45:10 ----A---- C:\windows\system32\EncDump.dll
2014-11-12 15:45:10 ----A---- C:\windows\system32\audiosrv.dll
2014-11-12 15:45:10 ----A---- C:\windows\system32\AUDIOKSE.dll
2014-11-12 15:45:10 ----A---- C:\windows\system32\AudioEng.dll
2014-11-12 15:45:09 ----A---- C:\windows\SYSWOW64\AudioSes.dll
2014-11-12 15:45:09 ----A---- C:\windows\SYSWOW64\AudioEng.dll
2014-11-12 15:45:09 ----A---- C:\windows\system32\AudioSes.dll
2014-11-12 15:45:05 ----A---- C:\windows\system32\schannel.dll
2014-11-12 15:45:04 ----A---- C:\windows\SYSWOW64\schannel.dll
2014-11-12 15:45:04 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2014-11-12 15:45:04 ----A---- C:\windows\system32\ncrypt.dll
2014-11-12 15:45:02 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2014-11-12 15:45:02 ----A---- C:\windows\system32\wdigest.dll
2014-11-12 15:45:02 ----A---- C:\windows\system32\TSpkg.dll
2014-11-12 15:45:02 ----A---- C:\windows\system32\msv1_0.dll
2014-11-12 15:45:01 ----A---- C:\windows\SYSWOW64\wdigest.dll
2014-11-12 15:45:01 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2014-11-12 15:45:00 ----A---- C:\windows\SYSWOW64\credssp.dll
2014-11-12 15:45:00 ----A---- C:\windows\system32\credssp.dll
2014-11-12 15:44:14 ----A---- C:\windows\SYSWOW64\packager.dll
2014-11-12 15:44:14 ----A---- C:\windows\system32\packager.dll
2014-11-12 15:44:12 ----A---- C:\windows\system32\win32k.sys
2014-11-12 15:44:08 ----A---- C:\windows\system32\msi.dll
2014-11-12 15:44:07 ----A---- C:\windows\SYSWOW64\msi.dll
======List of files/folders modified in the last 1 month======
2014-12-07 17:59:49 ----D---- C:\windows\system32\config
2014-12-07 17:59:49 ----D---- C:\ProgramData\HPQLOG
2014-12-07 17:08:01 ----D---- C:\ProgramData
2014-12-07 16:58:15 ----D---- C:\windows\system32\drivers
2014-12-07 16:57:09 ----D---- C:\windows\System32
2014-12-07 16:57:09 ----D---- C:\windows\inf
2014-12-07 16:57:09 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-12-07 15:41:58 ----SHD---- C:\System Volume Information
2014-12-07 15:34:34 ----SD---- C:\Users\Pavel\AppData\Roaming\Microsoft
2014-12-07 15:24:02 ----A---- C:\windows\ntbtlog.txt
2014-12-07 15:21:01 ----D---- C:\windows\system32\drivers\etc
2014-12-07 14:43:44 ----D---- C:\Windows
2014-12-07 11:04:10 ----A---- C:\windows\system.ini
2014-12-07 11:01:20 ----D---- C:\windows\Tasks
2014-12-07 10:59:15 ----D---- C:\windows\SYSWOW64\drivers
2014-12-07 10:59:15 ----D---- C:\windows\SysWOW64
2014-12-07 10:59:15 ----D---- C:\windows\AppPatch
2014-12-07 10:59:14 ----D---- C:\Program Files (x86)\Common Files
2014-12-06 13:02:57 ----D---- C:\Users\Pavel\AppData\Roaming\Seznam.cz
2014-12-06 12:58:11 ----D---- C:\windows\Prefetch
2014-12-06 00:32:07 ----HD---- C:\windows\system32\GroupPolicy
2014-12-06 00:32:07 ----D---- C:\windows\SYSWOW64\GroupPolicy
2014-12-06 00:32:05 ----RD---- C:\Program Files (x86)
2014-12-05 23:40:45 ----D---- C:\windows\SchCache
2014-12-05 23:40:02 ----D---- C:\Program Files (x86)\PCData
2014-12-05 23:40:02 ----D---- C:\Program Files (x86)\GotClip
2014-12-05 23:40:02 ----D---- C:\Program Files (x86)\DoubleOptMedia
2014-12-04 21:10:58 ----D---- C:\windows\rescache
2014-12-03 21:24:46 ----D---- C:\windows\system32\Tasks
2014-12-03 18:10:41 ----RD---- C:\Program Files
2014-12-03 18:07:58 ----D---- C:\Program Files (x86)\Origin
2014-11-29 13:35:14 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-11-29 13:23:51 ----D---- C:\windows\winsxs
2014-11-28 17:08:35 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2014-11-28 16:57:14 ----D---- C:\windows\system32\catroot2
2014-11-28 16:14:43 ----D---- C:\windows\system32\wfp
2014-11-28 16:14:43 ----D---- C:\windows\system32\DriverStore
2014-11-28 16:14:41 ----D---- C:\windows\system32\wbem
2014-11-28 16:14:40 ----D---- C:\windows\system32\Macromed
2014-11-28 16:14:37 ----D---- C:\windows\registration
2014-11-23 11:30:53 ----D---- C:\ProgramData\Origin
2014-11-22 10:29:59 ----D---- C:\windows\system32\catroot
2014-11-22 10:12:36 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-11-22 10:12:35 ----D---- C:\Program Files (x86)\Electronic Arts
2014-11-21 10:52:19 ----D---- C:\Program Files\Internet Explorer
2014-11-21 10:52:14 ----SHD---- C:\windows\Installer
2014-11-21 10:50:29 ----D---- C:\Program Files (x86)\Games
2014-11-20 16:55:21 ----D---- C:\gencache
2014-11-15 23:52:23 ----D---- C:\windows\SYSWOW64\cs-CZ
2014-11-15 23:52:23 ----D---- C:\windows\system32\cs-CZ
2014-11-15 23:39:48 ----D---- C:\windows\Microsoft.NET
2014-11-15 23:21:36 ----RSD---- C:\windows\assembly
2014-11-15 22:30:32 ----D---- C:\windows\SYSWOW64\en-US
2014-11-15 22:30:32 ----D---- C:\windows\system32\en-US
2014-11-15 22:30:32 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-15 22:30:28 ----D---- C:\windows\system32\CodeIntegrity
2014-11-15 22:30:27 ----RSD---- C:\windows\Fonts
2014-11-15 22:29:11 ----D---- C:\windows\AppCompat
2014-11-15 22:29:06 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-11-13 10:59:49 ----D---- C:\ProgramData\Microsoft Help
2014-11-13 10:53:26 ----D---- C:\windows\system32\MRT
2014-11-13 10:47:23 ----A---- C:\windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\windows\system32\DRIVERS\AtiPcie64.sys [2010-03-09 16440]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2014-07-17 269008]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SafeBoot;SafeBoot; C:\windows\system32\drivers\SafeBoot.sys [2010-01-26 56648]
R0 SbAlg;SbAlg; C:\windows\system32\drivers\SbAlg.sys [2009-06-04 60160]
R0 SbFsLock;SbFsLock; C:\windows\system32\drivers\SbFsLock.sys [2010-01-26 15688]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-04-27 283200]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2010-01-26 58184]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2010-08-05 6859776]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2010-08-04 264192]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2009-12-04 32640]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\windows\system32\drivers\AtiHdmi.sys [2010-08-11 125456]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl664.sys [2011-07-06 3060800]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;Bluetooth AMP USB Filter; C:\windows\system32\drivers\btwampfl.sys [2010-06-10 342056]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-06-10 102952]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2010-06-10 135720]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-06-10 39464]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-06-10 21544]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-16 25912]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 rtsuvc;HP Webcam [2 MP Fixed]; C:\windows\system32\DRIVERS\rtsuvc.sys [2010-12-29 8200296]
R3 STHDA;IDT High Definition Audio CODEC; C:\windows\system32\DRIVERS\stwrt64.sys [2010-01-29 505856]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
R3 WinUSB;WinUSB Service; C:\windows\system32\DRIVERS\WinUSB.sys [2010-11-20 41984]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2009-10-21 40760]
S3 EagleX64;EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys []
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2013-02-05 57840]
S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista; C:\windows\system32\DRIVERS\netr28x.sys [2009-06-10 620544]
S3 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 125584]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2010-02-08 239136]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-01-12 325152]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-06-04 1379376]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2010-08-05 203264]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-06-09 952096]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2010-01-22 462088]
R2 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2010-01-12 36864]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [2010-05-10 90112]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-01-26 281192]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2010-05-06 298496]
R2 hpHotkeyMonitor;HP Hotkey Monitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2011-05-13 30520]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-01-22 73728]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 23784]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-01-12 635416]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 STacSV;Audio Service; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe [2010-01-29 244736]
R2 uArcCapture;ArcCapture; C:\windows\system\uArcCapture.exe [2009-12-04 506472]
R3 DEBridge;DEBridge; c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [2010-01-26 704512]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25 107912]
S2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-08-23 103992]
S2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-01-27 102968]
S2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2010-02-18 2045232]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-28 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2009-12-07 362040]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-02-05 1512448]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-03-30 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-11-06 114688]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 368624]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-11-23 1255736]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Run by Pavel at 2014-12-07 18:00:55
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 121 GB (42%) free of 288 GB
Total RAM: 3830 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:01:01, on 7.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal
Running processes:
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files\trend micro\Pavel.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [4StoryPrePatch] C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe
O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files (x86)\WebcamMax\wcmmon.exe" /a
O4 - HKLM\..\Run: [File Sanitizer] c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = SKOLA.LOCAL
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = SKOLA.LOCAL
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = SKOLA.LOCAL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: DEBridge - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\system\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13051 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe"
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe
C:\windows\system32\Hpservice.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 26056832
\??\C:\windows\system32\conhost.exe "51254736711859503131441375302-11404388531104924571-13674226721211739117-860736121
taskeng.exe {C6E90B9B-C49B-49EA-99F6-2CC44B1DEBFB}
C:\windows\System32\spoolsv.exe
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe"
"c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system\uArcCapture.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2360
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe"
atieclxx
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\windows\Explorer.EXE
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\Users\Pavel\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
HP ProtectTools Security Manager Extension - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2010-01-22 2132232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2010-05-06 117248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
HP ProtectTools Security Manager Extension - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2010-01-22 1471752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2010-08-23 1691192]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 2174760]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-01-27 8192]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-01-29 487424]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 1331288]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-10-21 21720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2010-03-01 256056]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-08-05 98304]
"4StoryPrePatch"=C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe [2013-02-19 327680]
"WebcamMaxMoniter"=C:\Program Files (x86)\WebcamMax\wcmmon.exe [2007-08-01 450048]
"File Sanitizer"=c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2010-05-06 11268096]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2014-12-07 17:08:01 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-12-07 16:57:58 ----A---- C:\TDSSKiller.3.0.0.41_07.12.2014_16.57.58_log.txt
2014-12-07 14:41:50 ----D---- C:\FRST
2014-12-07 11:09:52 ----D---- C:\windows\temp
2014-12-07 11:09:51 ----A---- C:\ComboFix.txt
2014-12-07 11:04:10 ----SHD---- C:\$RECYCLE.BIN
2014-12-06 13:04:45 ----A---- C:\windows\zip.exe
2014-12-06 13:04:45 ----A---- C:\windows\SWREG.exe
2014-12-06 13:04:45 ----A---- C:\windows\PEV.exe
2014-12-06 13:04:45 ----A---- C:\windows\NIRCMD.exe
2014-12-06 13:04:45 ----A---- C:\windows\MBR.exe
2014-12-06 13:04:45 ----A---- C:\windows\grep.exe
2014-12-06 13:04:44 ----A---- C:\windows\SWSC.exe
2014-12-06 13:04:44 ----A---- C:\windows\sed.exe
2014-12-06 13:04:39 ----D---- C:\Qoobox
2014-12-06 13:04:19 ----D---- C:\windows\erdnt
2014-12-06 00:34:58 ----A---- C:\windows\zoek-delete.exe
2014-12-05 23:48:54 ----D---- C:\zoek_backup
2014-12-03 21:30:58 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-03 21:30:06 ----D---- C:\ProgramData\Malwarebytes
2014-12-03 21:30:06 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-03 21:30:06 ----A---- C:\windows\system32\drivers\mwac.sys
2014-12-03 21:30:06 ----A---- C:\windows\system32\drivers\mbamchameleon.sys
2014-12-03 21:30:06 ----A---- C:\windows\system32\drivers\mbam.sys
2014-12-03 21:20:35 ----D---- C:\AdwCleaner
2014-12-03 18:10:41 ----D---- C:\rsit
2014-12-03 18:10:41 ----D---- C:\Program Files\trend micro
2014-11-28 23:19:48 ----A---- C:\windows\SYSWOW64\kerberos.dll
2014-11-28 23:19:48 ----A---- C:\windows\system32\pku2u.dll
2014-11-28 23:19:48 ----A---- C:\windows\system32\kerberos.dll
2014-11-26 20:32:35 ----A---- C:\windows\SYSWOW64\pku2u.dll
2014-11-15 16:55:09 ----A---- C:\windows\system32\termsrv.dll
2014-11-15 16:55:08 ----A---- C:\windows\SYSWOW64\adtschema.dll
2014-11-15 16:55:08 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2014-11-15 16:55:08 ----A---- C:\windows\system32\adtschema.dll
2014-11-15 16:55:07 ----A---- C:\windows\system32\lsasrv.dll
2014-11-15 16:55:06 ----A---- C:\windows\SYSWOW64\sspicli.dll
2014-11-15 16:55:06 ----A---- C:\windows\SYSWOW64\secur32.dll
2014-11-15 16:55:06 ----A---- C:\windows\SYSWOW64\msaudite.dll
2014-11-15 16:55:06 ----A---- C:\windows\system32\msaudite.dll
2014-11-12 15:46:29 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-11-12 15:46:28 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-11-12 15:46:28 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-11-12 15:46:28 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-11-12 15:46:28 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2014-11-12 15:46:28 ----A---- C:\windows\system32\iernonce.dll
2014-11-12 15:46:28 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-11-12 15:46:28 ----A---- C:\windows\system32\ieetwcollector.exe
2014-11-12 15:46:28 ----A---- C:\windows\system32\ie4uinit.exe
2014-11-12 15:46:27 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-12 15:46:26 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-11-12 15:46:26 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-11-12 15:46:26 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-11-12 15:46:26 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 15:46:25 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-11-12 15:46:25 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-11-12 15:46:24 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-11-12 15:46:24 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-11-12 15:46:24 ----A---- C:\windows\system32\urlmon.dll
2014-11-12 15:46:24 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-11-12 15:46:24 ----A---- C:\windows\system32\iedkcs32.dll
2014-11-12 15:46:23 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-11-12 15:46:23 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-11-12 15:46:23 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-11-12 15:46:23 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-11-12 15:46:22 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-11-12 15:46:22 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-11-12 15:46:22 ----A---- C:\windows\system32\msfeeds.dll
2014-11-12 15:46:22 ----A---- C:\windows\system32\dxtrans.dll
2014-11-12 15:46:21 ----A---- C:\windows\system32\iesetup.dll
2014-11-12 15:46:21 ----A---- C:\windows\system32\ieapfltr.dll
2014-11-12 15:46:20 ----A---- C:\windows\system32\iertutil.dll
2014-11-12 15:46:19 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-11-12 15:46:19 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-11-12 15:46:19 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2014-11-12 15:46:19 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-11-12 15:46:19 ----A---- C:\windows\system32\jsproxy.dll
2014-11-12 15:46:18 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-11-12 15:46:18 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2014-11-12 15:46:18 ----A---- C:\windows\system32\ieUnatt.exe
2014-11-12 15:46:18 ----A---- C:\windows\system32\dxtmsft.dll
2014-11-12 15:46:17 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-11-12 15:46:17 ----A---- C:\windows\system32\mshtmled.dll
2014-11-12 15:46:17 ----A---- C:\windows\system32\ieui.dll
2014-11-12 15:46:17 ----A---- C:\windows\system32\ieframe.dll
2014-11-12 15:46:16 ----A---- C:\windows\system32\vbscript.dll
2014-11-12 15:46:16 ----A---- C:\windows\system32\jscript9diag.dll
2014-11-12 15:46:16 ----A---- C:\windows\system32\jscript9.dll
2014-11-12 15:46:15 ----A---- C:\windows\system32\wininet.dll
2014-11-12 15:46:15 ----A---- C:\windows\system32\msrating.dll
2014-11-12 15:46:15 ----A---- C:\windows\system32\MshtmlDac.dll
2014-11-12 15:46:14 ----A---- C:\windows\system32\mshtml.dll
2014-11-12 15:45:20 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2014-11-12 15:45:20 ----A---- C:\windows\system32\oleaut32.dll
2014-11-12 15:45:16 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2014-11-12 15:45:16 ----A---- C:\windows\SYSWOW64\msxml3.dll
2014-11-12 15:45:16 ----A---- C:\windows\system32\msxml3r.dll
2014-11-12 15:45:16 ----A---- C:\windows\system32\msxml3.dll
2014-11-12 15:45:14 ----A---- C:\windows\system32\IMJP10K.DLL
2014-11-12 15:45:13 ----A---- C:\windows\SYSWOW64\IMJP10K.DLL
2014-11-12 15:45:10 ----A---- C:\windows\SYSWOW64\AUDIOKSE.dll
2014-11-12 15:45:10 ----A---- C:\windows\system32\EncDump.dll
2014-11-12 15:45:10 ----A---- C:\windows\system32\audiosrv.dll
2014-11-12 15:45:10 ----A---- C:\windows\system32\AUDIOKSE.dll
2014-11-12 15:45:10 ----A---- C:\windows\system32\AudioEng.dll
2014-11-12 15:45:09 ----A---- C:\windows\SYSWOW64\AudioSes.dll
2014-11-12 15:45:09 ----A---- C:\windows\SYSWOW64\AudioEng.dll
2014-11-12 15:45:09 ----A---- C:\windows\system32\AudioSes.dll
2014-11-12 15:45:05 ----A---- C:\windows\system32\schannel.dll
2014-11-12 15:45:04 ----A---- C:\windows\SYSWOW64\schannel.dll
2014-11-12 15:45:04 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2014-11-12 15:45:04 ----A---- C:\windows\system32\ncrypt.dll
2014-11-12 15:45:02 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2014-11-12 15:45:02 ----A---- C:\windows\system32\wdigest.dll
2014-11-12 15:45:02 ----A---- C:\windows\system32\TSpkg.dll
2014-11-12 15:45:02 ----A---- C:\windows\system32\msv1_0.dll
2014-11-12 15:45:01 ----A---- C:\windows\SYSWOW64\wdigest.dll
2014-11-12 15:45:01 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2014-11-12 15:45:00 ----A---- C:\windows\SYSWOW64\credssp.dll
2014-11-12 15:45:00 ----A---- C:\windows\system32\credssp.dll
2014-11-12 15:44:14 ----A---- C:\windows\SYSWOW64\packager.dll
2014-11-12 15:44:14 ----A---- C:\windows\system32\packager.dll
2014-11-12 15:44:12 ----A---- C:\windows\system32\win32k.sys
2014-11-12 15:44:08 ----A---- C:\windows\system32\msi.dll
2014-11-12 15:44:07 ----A---- C:\windows\SYSWOW64\msi.dll
======List of files/folders modified in the last 1 month======
2014-12-07 17:59:49 ----D---- C:\windows\system32\config
2014-12-07 17:59:49 ----D---- C:\ProgramData\HPQLOG
2014-12-07 17:08:01 ----D---- C:\ProgramData
2014-12-07 16:58:15 ----D---- C:\windows\system32\drivers
2014-12-07 16:57:09 ----D---- C:\windows\System32
2014-12-07 16:57:09 ----D---- C:\windows\inf
2014-12-07 16:57:09 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-12-07 15:41:58 ----SHD---- C:\System Volume Information
2014-12-07 15:34:34 ----SD---- C:\Users\Pavel\AppData\Roaming\Microsoft
2014-12-07 15:24:02 ----A---- C:\windows\ntbtlog.txt
2014-12-07 15:21:01 ----D---- C:\windows\system32\drivers\etc
2014-12-07 14:43:44 ----D---- C:\Windows
2014-12-07 11:04:10 ----A---- C:\windows\system.ini
2014-12-07 11:01:20 ----D---- C:\windows\Tasks
2014-12-07 10:59:15 ----D---- C:\windows\SYSWOW64\drivers
2014-12-07 10:59:15 ----D---- C:\windows\SysWOW64
2014-12-07 10:59:15 ----D---- C:\windows\AppPatch
2014-12-07 10:59:14 ----D---- C:\Program Files (x86)\Common Files
2014-12-06 13:02:57 ----D---- C:\Users\Pavel\AppData\Roaming\Seznam.cz
2014-12-06 12:58:11 ----D---- C:\windows\Prefetch
2014-12-06 00:32:07 ----HD---- C:\windows\system32\GroupPolicy
2014-12-06 00:32:07 ----D---- C:\windows\SYSWOW64\GroupPolicy
2014-12-06 00:32:05 ----RD---- C:\Program Files (x86)
2014-12-05 23:40:45 ----D---- C:\windows\SchCache
2014-12-05 23:40:02 ----D---- C:\Program Files (x86)\PCData
2014-12-05 23:40:02 ----D---- C:\Program Files (x86)\GotClip
2014-12-05 23:40:02 ----D---- C:\Program Files (x86)\DoubleOptMedia
2014-12-04 21:10:58 ----D---- C:\windows\rescache
2014-12-03 21:24:46 ----D---- C:\windows\system32\Tasks
2014-12-03 18:10:41 ----RD---- C:\Program Files
2014-12-03 18:07:58 ----D---- C:\Program Files (x86)\Origin
2014-11-29 13:35:14 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-11-29 13:23:51 ----D---- C:\windows\winsxs
2014-11-28 17:08:35 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2014-11-28 16:57:14 ----D---- C:\windows\system32\catroot2
2014-11-28 16:14:43 ----D---- C:\windows\system32\wfp
2014-11-28 16:14:43 ----D---- C:\windows\system32\DriverStore
2014-11-28 16:14:41 ----D---- C:\windows\system32\wbem
2014-11-28 16:14:40 ----D---- C:\windows\system32\Macromed
2014-11-28 16:14:37 ----D---- C:\windows\registration
2014-11-23 11:30:53 ----D---- C:\ProgramData\Origin
2014-11-22 10:29:59 ----D---- C:\windows\system32\catroot
2014-11-22 10:12:36 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-11-22 10:12:35 ----D---- C:\Program Files (x86)\Electronic Arts
2014-11-21 10:52:19 ----D---- C:\Program Files\Internet Explorer
2014-11-21 10:52:14 ----SHD---- C:\windows\Installer
2014-11-21 10:50:29 ----D---- C:\Program Files (x86)\Games
2014-11-20 16:55:21 ----D---- C:\gencache
2014-11-15 23:52:23 ----D---- C:\windows\SYSWOW64\cs-CZ
2014-11-15 23:52:23 ----D---- C:\windows\system32\cs-CZ
2014-11-15 23:39:48 ----D---- C:\windows\Microsoft.NET
2014-11-15 23:21:36 ----RSD---- C:\windows\assembly
2014-11-15 22:30:32 ----D---- C:\windows\SYSWOW64\en-US
2014-11-15 22:30:32 ----D---- C:\windows\system32\en-US
2014-11-15 22:30:32 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-15 22:30:28 ----D---- C:\windows\system32\CodeIntegrity
2014-11-15 22:30:27 ----RSD---- C:\windows\Fonts
2014-11-15 22:29:11 ----D---- C:\windows\AppCompat
2014-11-15 22:29:06 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-11-13 10:59:49 ----D---- C:\ProgramData\Microsoft Help
2014-11-13 10:53:26 ----D---- C:\windows\system32\MRT
2014-11-13 10:47:23 ----A---- C:\windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\windows\system32\DRIVERS\AtiPcie64.sys [2010-03-09 16440]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2014-07-17 269008]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SafeBoot;SafeBoot; C:\windows\system32\drivers\SafeBoot.sys [2010-01-26 56648]
R0 SbAlg;SbAlg; C:\windows\system32\drivers\SbAlg.sys [2009-06-04 60160]
R0 SbFsLock;SbFsLock; C:\windows\system32\drivers\SbFsLock.sys [2010-01-26 15688]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-04-27 283200]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2010-01-26 58184]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2010-08-05 6859776]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2010-08-04 264192]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2009-12-04 32640]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\windows\system32\drivers\AtiHdmi.sys [2010-08-11 125456]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl664.sys [2011-07-06 3060800]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;Bluetooth AMP USB Filter; C:\windows\system32\drivers\btwampfl.sys [2010-06-10 342056]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-06-10 102952]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2010-06-10 135720]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-06-10 39464]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-06-10 21544]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-16 25912]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 rtsuvc;HP Webcam [2 MP Fixed]; C:\windows\system32\DRIVERS\rtsuvc.sys [2010-12-29 8200296]
R3 STHDA;IDT High Definition Audio CODEC; C:\windows\system32\DRIVERS\stwrt64.sys [2010-01-29 505856]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
R3 WinUSB;WinUSB Service; C:\windows\system32\DRIVERS\WinUSB.sys [2010-11-20 41984]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2009-10-21 40760]
S3 EagleX64;EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys []
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2013-02-05 57840]
S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista; C:\windows\system32\DRIVERS\netr28x.sys [2009-06-10 620544]
S3 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 125584]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2010-02-08 239136]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-01-12 325152]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-06-04 1379376]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2010-08-05 203264]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-06-09 952096]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2010-01-22 462088]
R2 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2010-01-12 36864]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [2010-05-10 90112]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-01-26 281192]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2010-05-06 298496]
R2 hpHotkeyMonitor;HP Hotkey Monitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2011-05-13 30520]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-01-22 73728]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 23784]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-01-12 635416]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 STacSV;Audio Service; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe [2010-01-29 244736]
R2 uArcCapture;ArcCapture; C:\windows\system\uArcCapture.exe [2009-12-04 506472]
R3 DEBridge;DEBridge; c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [2010-01-26 704512]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25 107912]
S2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-08-23 103992]
S2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-01-27 102968]
S2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2010-02-18 2045232]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-28 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2009-12-07 362040]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-02-05 1512448]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-03-30 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-11-06 114688]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 368624]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-11-23 1255736]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Re: Totálně zahumusené pc
Jeste jeden sken a budem mazat.
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
funkymusic
- Vzorný návštěvník
- Příspěvky: 402
- Registrován: 07 pro 2004 15:16
Re: Totálně zahumusené pc
OTL logfile created on: 8.12.2014 18:53:14 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pavel\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17420)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,74 Gb Total Physical Memory | 2,21 Gb Available Physical Memory | 59,03% Memory free
7,48 Gb Paging File | 5,41 Gb Available in Paging File | 72,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 280,80 Gb Total Space | 116,09 Gb Free Space | 41,34% Space Free | Partition Type: NTFS
Drive F: | 1,99 Gb Total Space | 0,01 Gb Free Space | 0,32% Space Free | Partition Type: FAT32
Computer Name: PAVELS-HP | User Name: Pavel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.12.07 18:12:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pavel\Desktop\OTL.exe
PRC - [2014.11.25 07:39:27 | 000,856,904 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013.05.13 20:09:12 | 000,270,624 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010.05.10 08:42:40 | 000,090,112 | ---- | M] (Hewlett-Packard Company) -- c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
PRC - [2010.05.06 01:30:26 | 011,268,096 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
PRC - [2010.05.06 01:30:06 | 000,298,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2010.03.01 19:27:22 | 000,264,248 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
PRC - [2010.01.26 19:32:40 | 000,281,192 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
PRC - [2010.01.26 19:32:10 | 000,704,512 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
PRC - [2010.01.12 21:27:38 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2010.01.12 18:25:26 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) -- c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
PRC - [2009.12.04 13:22:40 | 000,506,472 | ---- | M] (ArcSoft, Inc.) -- C:\Windows\system\uArcCapture.exe
PRC - [2007.07.24 20:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
========== Modules (No Company Name) ==========
MOD - [2014.11.25 07:39:20 | 001,077,064 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
MOD - [2014.11.25 07:39:18 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014.11.06 04:30:08 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014.09.15 23:03:18 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2014.09.15 18:13:38 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2014.08.22 14:14:34 | 000,368,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2014.08.22 14:14:34 | 000,023,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013.05.27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011.05.13 17:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2010.08.23 20:40:40 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service)
SRV:64bit: - [2010.06.09 07:55:14 | 000,952,096 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010.05.10 08:42:40 | 000,090,112 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe -- (HPDayStarterService)
SRV:64bit: - [2010.02.18 22:52:30 | 002,045,232 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2010.01.29 05:15:24 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010.01.27 23:01:04 | 000,102,968 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2010.01.26 19:32:40 | 000,281,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
SRV:64bit: - [2010.01.26 19:32:10 | 000,704,512 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe -- (DEBridge)
SRV:64bit: - [2010.01.22 23:28:48 | 000,462,088 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe -- (DpHost)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.03.03 11:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe -- (AESTFilters)
SRV - [2014.11.28 17:08:36 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.03.20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013.11.04 18:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013.09.11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013.05.13 20:09:12 | 000,270,624 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010.05.06 01:30:06 | 000,298,496 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.03.01 19:27:22 | 000,264,248 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe -- (hpHotkeyMonitor)
SRV - [2010.02.18 22:26:46 | 001,664,304 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2010.01.29 05:15:24 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe -- (STacSV)
SRV - [2010.01.12 21:27:38 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2010.01.12 18:25:26 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2009.12.07 20:36:10 | 000,362,040 | ---- | M] (Hewlett-Packard Ltd) [On_Demand | Stopped] -- c:\Windows\SysWOW64\flcdlock.exe -- (FLCDLOCK)
SRV - [2009.12.04 13:22:40 | 000,506,472 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Windows\system\uArcCapture.exe -- (uArcCapture)
SRV - [2009.03.03 11:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe -- (AESTFilters)
SRV - [2007.07.24 20:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014.09.15 23:26:58 | 016,750,080 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2014.09.15 22:59:06 | 000,576,000 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2014.07.17 17:05:06 | 000,125,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2014.06.21 18:01:22 | 000,094,720 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2014.02.11 17:36:52 | 000,059,616 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.3)
DRV:64bit: - [2013.04.27 21:59:58 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.02.05 22:06:06 | 000,057,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.07.06 08:20:14 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011.05.13 17:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011.05.13 17:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.29 23:47:30 | 008,200,296 | ---- | M] (Realtek Semiconductor Corp.) [2 MP Fixed] [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvc.sys -- (rtsuvc)
DRV:64bit: - [2010.11.20 14:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010.11.20 14:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010.11.20 12:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.08.11 17:43:00 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.06.10 02:24:24 | 000,342,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010.06.10 02:23:34 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.06.10 02:23:34 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.06.10 02:23:32 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.06.10 02:23:32 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.06.04 01:18:56 | 001,379,376 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.03.09 18:03:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV:64bit: - [2010.02.16 21:24:20 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2010.02.08 16:57:00 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.01.29 05:15:24 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010.01.26 19:33:54 | 000,015,688 | ---- | M] (McAfee, Inc.) [File_System | Boot | Running] -- C:\windows\SysNative\drivers\SbFsLock.sys -- (SbFsLock)
DRV:64bit: - [2010.01.26 19:33:52 | 000,058,184 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\windows\SysNative\drivers\RsvLock.sys -- (RsvLock)
DRV:64bit: - [2010.01.26 19:33:52 | 000,056,648 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\SafeBoot.sys -- (SafeBoot)
DRV:64bit: - [2010.01.12 23:37:34 | 000,325,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.12.04 11:48:18 | 000,032,640 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftVCapture.sys -- (ARCVCAM)
DRV:64bit: - [2009.10.21 22:37:52 | 000,040,760 | ---- | M] (Hewlett-Packard Development Company L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DAMDrv64.sys -- (DAMDrv)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.06.10 21:35:35 | 000,620,544 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.04 20:32:52 | 000,060,160 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\SbAlg.sys -- (SbAlg)
DRV:64bit: - [2005.09.23 23:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2010.01.26 19:33:58 | 000,051,800 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysWow64\drivers\SbAlg.sys -- (SbAlg)
DRV - [2010.01.26 19:33:44 | 000,013,256 | ---- | M] (McAfee, Inc.) [File_System | Boot | Running] -- C:\windows\SysWow64\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2010.01.26 19:33:42 | 000,040,088 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\windows\SysWow64\drivers\rsvlock.sys -- (RsvLock)
DRV - [2010.01.26 19:33:40 | 000,110,520 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysWow64\drivers\SafeBoot.sys -- (SafeBoot)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Pavel\Desktop\Barborka\Filmy
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..\SearchScopes\{27E5F2BB-7308-46B7-B726-EBA870CDF2A9}: "URL" = http://www.novinky.cz/hledej?w={searchT ... arch_13906
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..\SearchScopes\{2DD3A5ED-9F28-4615-85EA-A6B94BF37E79}: "URL" = http://encyklopedie.seznam.cz/search?q= ... arch_13906
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..\SearchScopes\{421AACB1-6577-4847-B204-95A15F6C827E}: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_13906
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..\SearchScopes\{63788942-3DD8-4313-BAF2-3F5C223EA2A6}: "URL" = http://search.seznam.cz/?q={searchTerms ... chmodule_2
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..\SearchScopes\{7980C0ED-8DC2-4353-B128-4A6FEA7B2B81}: "URL" = http://www.mapy.cz/?query={searchTerms} ... arch_13906
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..\SearchScopes\{87B5B7B0-6AF1-4C52-8716-3CB5A027F518}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_13906
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..\SearchScopes\{8EA7A4F3-0F4E-4EF3-8059-9ED285FA8FAF}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_13906
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..\SearchScopes\{BEB537AD-8BC5-4E35-B509-6534B3D9DEC8}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_13906
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..\SearchScopes\{D9B595D4-BF07-4D76-96E3-264D01FEBCB9}: "URL" = http://www.firmy.cz/?q={searchTerms}&so ... arch_13906
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..\SearchScopes\{EB6D7220-C2DA-4CD0-AEB9-58B0581CA2FD}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13906
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@gentek.com/thinclient: C:\IGG\twclient_us\npthinclient.dll (Generic Network)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@eximion.com/KalydoPlayer: C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\bin2\npkalydo.dll (Eximion B.V.)
FF - HKCU\Software\MozillaPlugins\@g2.com/iggweb3dupdater: C:\Users\Pavel\AppData\Roaming\IGG\Web3D\1.0.0.38\NPIGGWeb3DUpdater.dll (IGG)
FF - HKCU\Software\MozillaPlugins\@g2.com/joyconnectshell: C:\Users\Pavel\AppData\Roaming\IGG\Web3D\1.0.0.38\NPJoyConnectShell.dll (IGG)
FF - HKCU\Software\MozillaPlugins\@gentek.com/thinclient: C:\IGG\twclient_us\npthinclient.dll (Generic Network)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Pavel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Pavel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2010.12.10 14:31:49 | 000,000,000 | ---D | M]
[2014.12.05 23:40:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions
========== Chrome ==========
CHR - plugin: Error reading preferences file
CHR - Extension: Prezentace Google = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_1\
CHR - Extension: Dokumenty Google = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Disk Google = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: Vyhledávánà Google = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: Tabulky Google = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_1\
CHR - Extension: Peněženka Google = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Gmail = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\
O1 HOSTS File: ([2014.12.07 15:21:01 | 000,000,035 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (HP ProtectTools Security Manager Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (File Sanitizer for HP ProtectTools) - {3134413B-49B4-425C-98A5-893C1F195601} - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (HP ProtectTools Security Manager Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (Reg Error: Value error.) - 10 - Reg Error: Value error. File not found
O4:64bit: - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [4StoryPrePatch] C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe (Zemi Interactive Inc.)
O4 - HKLM..\Run: [File Sanitizer] c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WebcamMaxMoniter] C:\Program Files (x86)\WebcamMax\wcmmon.exe ()
O4 - HKU\S-1-5-21-3435964710-805018482-336169385-1001..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3435964710-805018482-336169385-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3435964710-805018482-336169385-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..Trusted Domains: localhost ([]http in Internet)
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.240.163.170 62.204.224.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = SKOLA.LOCAL
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36AACF35-3353-4A8B-B146-5A48406663C5}: DhcpNameServer = 62.240.163.170 62.204.224.2
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\windows\SysWow64\DeviceNP.dll (Hewlett-Packard Limited)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.mjpg - C:\windows\SysWow64\pvmjpg30.dll (Pegasus Imaging Corporation)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014.12.08 18:50:06 | 000,000,000 | ---D | C] -- C:\Users\Pavel\Desktop\Čištění
[2014.12.08 18:49:18 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\AMD
[2014.12.08 18:48:59 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014.12.08 18:27:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2014.12.08 18:27:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2014.12.08 18:27:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
[2014.12.08 18:26:05 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2014.12.08 18:26:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2014.12.08 18:23:58 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2014.12.08 18:22:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2014.12.08 18:21:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2014.12.08 18:20:40 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2014.12.08 18:19:24 | 000,000,000 | ---D | C] -- C:\AMD
[2014.12.07 18:12:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Pavel\Desktop\OTL.exe
[2014.12.07 17:08:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014.12.07 17:06:45 | 000,000,000 | ---D | C] -- C:\Users\Pavel\Desktop\mbar
[2014.12.07 14:41:50 | 000,000,000 | ---D | C] -- C:\FRST
[2014.12.07 11:09:52 | 000,000,000 | ---D | C] -- C:\windows\temp
[2014.12.07 11:04:10 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014.12.06 13:04:45 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2014.12.06 13:04:45 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2014.12.06 13:04:44 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2014.12.06 13:04:39 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014.12.06 13:04:19 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2014.12.06 00:34:57 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\Temp
[2014.12.05 23:48:54 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2014.12.03 21:30:58 | 000,135,384 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.12.03 21:30:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014.12.03 21:30:06 | 000,096,472 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2014.12.03 21:30:06 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys
[2014.12.03 21:30:06 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2014.12.03 21:30:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014.12.03 21:30:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.12.03 21:20:35 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.12.03 18:10:41 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.12.03 18:10:41 | 000,000,000 | ---D | C] -- C:\rsit
[2014.11.20 16:52:28 | 000,000,000 | -HSD | C] -- C:\Users\Pavel\AppData\Local\EmieBrowserModeList
[2014.11.15 16:55:08 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\adtschema.dll
[2014.11.15 16:55:08 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\adtschema.dll
[2014.11.15 16:55:07 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2014.11.15 16:55:06 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msaudite.dll
[2014.11.15 16:55:06 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msaudite.dll
[2014.11.12 15:46:29 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2014.11.12 15:46:28 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014.11.12 15:46:28 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2014.11.12 15:46:28 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014.11.12 15:46:28 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2014.11.12 15:46:28 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014.11.12 15:46:28 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014.11.12 15:46:27 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2014.11.12 15:46:26 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2014.11.12 15:46:25 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2014.11.12 15:46:25 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014.11.12 15:46:24 | 002,051,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014.11.12 15:46:24 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2014.11.12 15:46:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2014.11.12 15:46:23 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2014.11.12 15:46:23 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014.11.12 15:46:22 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014.11.12 15:46:22 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2014.11.12 15:46:22 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014.11.12 15:46:21 | 000,799,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2014.11.12 15:46:21 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014.11.12 15:46:20 | 002,124,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014.11.12 15:46:19 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2014.11.12 15:46:18 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014.11.12 15:46:18 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014.11.12 15:46:18 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2014.11.12 15:46:18 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2014.11.12 15:46:17 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2014.11.12 15:46:17 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2014.11.12 15:46:17 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014.11.12 15:46:16 | 006,040,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014.11.12 15:46:16 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2014.11.12 15:46:16 | 000,580,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2014.11.12 15:46:15 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014.11.12 15:46:15 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2014.11.12 15:45:20 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleaut32.dll
[2014.11.12 15:45:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3r.dll
[2014.11.12 15:45:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml3r.dll
[2014.11.12 15:45:14 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IMJP10K.DLL
[2014.11.12 15:45:13 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IMJP10K.DLL
[2014.11.12 15:45:10 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AUDIOKSE.dll
[2014.11.12 15:45:10 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AUDIOKSE.dll
[2014.11.12 15:45:10 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioEng.dll
[2014.11.12 15:45:10 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDump.dll
[2014.11.12 15:45:09 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioSes.dll
[2014.11.12 15:45:04 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
[2014.11.12 15:44:14 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\packager.dll
[2014.11.12 15:44:14 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\packager.dll
[2014.11.12 15:44:08 | 003,241,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msi.dll
========== Files - Modified Within 30 Days ==========
[2014.12.08 18:54:40 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.12.08 18:52:32 | 000,020,944 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.12.08 18:52:32 | 000,020,944 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.12.08 18:50:09 | 001,617,818 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014.12.08 18:50:09 | 000,682,058 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2014.12.08 18:50:09 | 000,666,226 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014.12.08 18:50:09 | 000,147,814 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2014.12.08 18:50:09 | 000,127,642 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014.12.08 18:45:03 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014.12.08 18:43:59 | 4016,496,640 | -HS- | M] () -- C:\hiberfil.sys
[2014.12.08 18:34:46 | 370,036,309 | ---- | M] () -- C:\windows\MEMORY.DMP
[2014.12.07 18:12:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pavel\Desktop\OTL.exe
[2014.12.07 17:08:00 | 000,135,384 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.12.07 17:06:49 | 000,096,472 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2014.12.07 15:21:01 | 000,000,035 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2014.12.07 15:20:32 | 000,029,696 | ---- | M] () -- C:\Users\Pavel\AppData\Local\MSGBOX.EXE
[2014.12.07 15:20:32 | 000,015,327 | ---- | M] () -- C:\Users\Pavel\Desktop\LM.bat
[2014.12.06 00:12:41 | 000,024,064 | ---- | M] () -- C:\windows\zoek-delete.exe
[2014.11.28 17:08:35 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2014.11.28 17:08:35 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.11.26 21:05:21 | 000,220,731 | ---- | M] () -- C:\Users\Pavel\Desktop\Damon-Elena-image-damon-and-elena-36327001-1024-768.jpg
[2014.11.26 21:05:08 | 000,505,136 | ---- | M] () -- C:\Users\Pavel\Desktop\Damon-Elena-damon-and-elena-8415331-1440-900.jpg
[2014.11.26 21:05:00 | 000,445,815 | ---- | M] () -- C:\Users\Pavel\Desktop\Damon-Elena-damon-and-elena-8415350-1440-900.jpg
[2014.11.26 21:00:56 | 000,157,565 | ---- | M] () -- C:\Users\Pavel\Desktop\1695918-1366x768-[DesktopNexus.com].jpg
[2014.11.26 20:56:10 | 001,184,091 | ---- | M] () -- C:\Users\Pavel\Desktop\nina-dobrev-23863.jpg
[2014.11.26 20:32:16 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.11.23 09:14:55 | 000,008,727 | ---- | M] () -- C:\Users\Public\Documents\images.jpg
[2014.11.21 06:14:22 | 000,063,704 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys
[2014.11.21 06:14:08 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2014.11.13 15:29:21 | 000,484,248 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
========== Files Created - No Company Name ==========
[2014.12.07 18:15:27 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.12.07 15:20:32 | 000,029,696 | ---- | C] () -- C:\Users\Pavel\AppData\Local\MSGBOX.EXE
[2014.12.07 15:20:32 | 000,015,327 | ---- | C] () -- C:\Users\Pavel\Desktop\LM.bat
[2014.12.06 13:04:45 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2014.12.06 13:04:45 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2014.12.06 13:04:45 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2014.12.06 13:04:45 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2014.12.06 13:04:44 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2014.12.06 00:34:58 | 000,024,064 | ---- | C] () -- C:\windows\zoek-delete.exe
[2014.11.26 21:05:19 | 000,220,731 | ---- | C] () -- C:\Users\Pavel\Desktop\Damon-Elena-image-damon-and-elena-36327001-1024-768.jpg
[2014.11.26 21:05:07 | 000,505,136 | ---- | C] () -- C:\Users\Pavel\Desktop\Damon-Elena-damon-and-elena-8415331-1440-900.jpg
[2014.11.26 21:05:00 | 000,445,815 | ---- | C] () -- C:\Users\Pavel\Desktop\Damon-Elena-damon-and-elena-8415350-1440-900.jpg
[2014.11.26 21:00:56 | 000,157,565 | ---- | C] () -- C:\Users\Pavel\Desktop\1695918-1366x768-[DesktopNexus.com].jpg
[2014.11.26 20:56:08 | 001,184,091 | ---- | C] () -- C:\Users\Pavel\Desktop\nina-dobrev-23863.jpg
[2014.11.23 09:14:52 | 000,008,727 | ---- | C] () -- C:\Users\Public\Documents\images.jpg
[2014.09.15 23:18:02 | 000,995,342 | ---- | C] () -- C:\windows\SysWow64\amdocl_as32.exe
[2014.09.15 23:18:02 | 000,798,734 | ---- | C] () -- C:\windows\SysWow64\amdocl_ld32.exe
[2014.09.15 23:06:34 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat
[2014.09.15 23:06:34 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat
[2014.09.15 18:19:58 | 000,038,912 | ---- | C] () -- C:\windows\SysWow64\kdbsdk32.dll
[2013.03.28 08:35:12 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.06.25 03:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 02:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.04.27 22:28:36 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\DAEMON Tools Lite
[2011.11.16 17:39:02 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\DigitalPersona
[2013.03.28 17:47:05 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\HellSpy.cz Download Manager
[2014.01.01 16:38:55 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\ICQ
[2013.11.23 20:06:40 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\IGG
[2013.02.18 11:39:46 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Jane s Hotel 3
[2012.11.25 19:38:08 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Kalydo
[2014.02.26 11:42:23 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Origin
[2014.12.06 13:02:57 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Seznam.cz
[2012.11.23 21:08:44 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Stellarium
[2014.01.17 18:20:53 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Unity
[2014.03.09 13:37:07 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Webcammax
[2011.11.22 13:46:13 | 000,000,000 | ---D | M] -- C:\Users\stasa\AppData\Roaming\DigitalPersona
[2012.03.22 12:40:40 | 000,000,000 | ---D | M] -- C:\Users\strnad\AppData\Roaming\DigitalPersona
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,568 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
< >
< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16552_none_394a8c733b252fb9\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16593_none_39204d0d3b44b8d4\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20669_none_39d05b5854449cd5\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20713_none_3a006b1e5421763d\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.10.01 08:17:00 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=2632B7125E0730E019532CFCFFFFBFC0 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.20538_none_e28cf2983c0715a1\autochk.exe
[2009.10.01 08:42:15 | 000,777,216 | ---- | M] (Microsoft Corporation) MD5=3AE12EC776AB9830462E8197FB5C88CF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.20538_none_3eab8e1bf46486d7\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\erdnt\cache86\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\erdnt\cache64\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2012.06.02 05:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012.04.24 05:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010.11.20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012.04.24 05:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2013.05.10 05:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013.05.13 05:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013.07.09 15:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2012.06.02 06:32:25 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=456107D69D4EE850A559434F19EFEE65 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_d2beeccacd6d6c07\cryptsvc.dll
[2012.04.24 06:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2013.10.05 03:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2012.04.24 05:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2013.07.09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\erdnt\cache64\cryptsvc.dll
[2013.07.09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\windows\SysNative\cryptsvc.dll
[2013.07.09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013.07.09 14:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013.07.09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\erdnt\cache86\cryptsvc.dll
[2013.07.09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013.07.09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2012.06.04 08:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2013.05.10 06:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013.05.11 06:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2009.07.14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2012.06.02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 06:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 05:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2012.04.24 06:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2012.06.02 06:25:12 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=BAF19B633933A9FB4883D27D66C39E9A -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_d22a7e2db457eb07\cryptsvc.dll
[2013.05.10 06:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2012.04.24 06:36:46 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=CE8BF1423AEE47DA5275FBC8AD3BD642 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_d2773c98cda297d3\cryptsvc.dll
[2013.05.13 06:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013.05.10 06:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2012.06.02 05:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2012.04.24 06:59:45 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=F02786B66375292E58C8777082D4396D -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_d24deecfb43ce339\cryptsvc.dll
[2013.10.05 02:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll
[2012.06.02 05:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll
[2012.04.24 05:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010.12.10 14:43:38 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.12.10 14:34:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.12.10 14:43:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010.12.10 14:34:07 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010.12.10 14:43:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010.12.10 14:34:07 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010.12.10 14:43:38 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010.12.10 14:34:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.09.01 07:34:28 | 000,263,256 | ---- | M] (Microsoft Corporation) MD5=01B586A0B8C8D860457892F80B85A5CD -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16416_none_076a95ef732190e3\hal.dll
[2009.09.01 08:03:17 | 000,263,240 | ---- | M] (Microsoft Corporation) MD5=514D418248FECD24D96E7219162BDFDD -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.20519_none_07f733988c3c7cb2\hal.dll
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: IASTORV.SYS >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2010.05.12 09:37:57 | 000,410,504 | ---- | M] (Intel Corporation) MD5=513DC087CFED7D2BB82F005385D3531F -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16592_none_0af87721a183cb70\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
[2010.05.12 09:50:37 | 000,410,496 | ---- | M] (Intel Corporation) MD5=E353CF970C5D4D6A092911E15FB78C07 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20712_none_0bd89532ba6088d9\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\drivers\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
< MD5 for: LSASS.EXE >
[2014.05.30 09:00:12 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=04F6C08B30C599D301CE8530A6F6A703 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22705_none_0505e8508c7f766f\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 07:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2011.11.17 08:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe
[2011.11.17 08:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_02756f8b7653d554\lsass.exe
[2014.04.12 03:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\erdnt\cache64\lsass.exe
[2014.04.12 03:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\windows\SysNative\lsass.exe
[2014.04.12 03:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_044f07757384196d\lsass.exe
[2014.04.12 03:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18496_none_041bf8b773a9f127\lsass.exe
[2014.04.12 03:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18526_none_0467aa1173712ab7\lsass.exe
[2014.04.12 03:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18637_none_045ddc5573785d26\lsass.exe
[2014.09.19 10:42:18 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=341655B216721D89CADE9DEA2F33872F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18606_none_047d4bcf7360effc\lsass.exe
[2013.09.25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_042b9307739f26ed\lsass.exe
[2014.04.12 03:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_04cdd63a8ca9d24f\lsass.exe
[2014.04.12 03:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22712_none_04f817868c8a465b\lsass.exe
[2014.04.12 03:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22736_none_04e678d68c96e399\lsass.exe
[2014.04.12 03:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22807_none_0507eaca8c7da644\lsass.exe
[2014.04.12 03:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22843_none_04d8a9f28ca1b0ac\lsass.exe
[2012.08.24 18:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012.06.04 08:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2014.09.19 10:47:37 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=B84317193B6A29F5F5DCF538C34FDCED -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22814_none_04fa1a008c887630\lsass.exe
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pavel\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17420)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,74 Gb Total Physical Memory | 2,21 Gb Available Physical Memory | 59,03% Memory free
7,48 Gb Paging File | 5,41 Gb Available in Paging File | 72,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 280,80 Gb Total Space | 116,09 Gb Free Space | 41,34% Space Free | Partition Type: NTFS
Drive F: | 1,99 Gb Total Space | 0,01 Gb Free Space | 0,32% Space Free | Partition Type: FAT32
Computer Name: PAVELS-HP | User Name: Pavel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.12.07 18:12:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pavel\Desktop\OTL.exe
PRC - [2014.11.25 07:39:27 | 000,856,904 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013.05.13 20:09:12 | 000,270,624 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010.05.10 08:42:40 | 000,090,112 | ---- | M] (Hewlett-Packard Company) -- c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
PRC - [2010.05.06 01:30:26 | 011,268,096 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
PRC - [2010.05.06 01:30:06 | 000,298,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2010.03.01 19:27:22 | 000,264,248 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
PRC - [2010.01.26 19:32:40 | 000,281,192 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
PRC - [2010.01.26 19:32:10 | 000,704,512 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
PRC - [2010.01.12 21:27:38 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2010.01.12 18:25:26 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) -- c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
PRC - [2009.12.04 13:22:40 | 000,506,472 | ---- | M] (ArcSoft, Inc.) -- C:\Windows\system\uArcCapture.exe
PRC - [2007.07.24 20:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
========== Modules (No Company Name) ==========
MOD - [2014.11.25 07:39:20 | 001,077,064 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
MOD - [2014.11.25 07:39:18 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014.11.06 04:30:08 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014.09.15 23:03:18 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2014.09.15 18:13:38 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2014.08.22 14:14:34 | 000,368,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2014.08.22 14:14:34 | 000,023,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013.05.27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011.05.13 17:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2010.08.23 20:40:40 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service)
SRV:64bit: - [2010.06.09 07:55:14 | 000,952,096 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010.05.10 08:42:40 | 000,090,112 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe -- (HPDayStarterService)
SRV:64bit: - [2010.02.18 22:52:30 | 002,045,232 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2010.01.29 05:15:24 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010.01.27 23:01:04 | 000,102,968 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2010.01.26 19:32:40 | 000,281,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
SRV:64bit: - [2010.01.26 19:32:10 | 000,704,512 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe -- (DEBridge)
SRV:64bit: - [2010.01.22 23:28:48 | 000,462,088 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe -- (DpHost)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.03.03 11:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe -- (AESTFilters)
SRV - [2014.11.28 17:08:36 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.03.20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013.11.04 18:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013.09.11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013.05.13 20:09:12 | 000,270,624 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010.05.06 01:30:06 | 000,298,496 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.03.01 19:27:22 | 000,264,248 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe -- (hpHotkeyMonitor)
SRV - [2010.02.18 22:26:46 | 001,664,304 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2010.01.29 05:15:24 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe -- (STacSV)
SRV - [2010.01.12 21:27:38 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2010.01.12 18:25:26 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2009.12.07 20:36:10 | 000,362,040 | ---- | M] (Hewlett-Packard Ltd) [On_Demand | Stopped] -- c:\Windows\SysWOW64\flcdlock.exe -- (FLCDLOCK)
SRV - [2009.12.04 13:22:40 | 000,506,472 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Windows\system\uArcCapture.exe -- (uArcCapture)
SRV - [2009.03.03 11:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe -- (AESTFilters)
SRV - [2007.07.24 20:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014.09.15 23:26:58 | 016,750,080 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2014.09.15 22:59:06 | 000,576,000 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2014.07.17 17:05:06 | 000,125,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2014.06.21 18:01:22 | 000,094,720 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2014.02.11 17:36:52 | 000,059,616 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.3)
DRV:64bit: - [2013.04.27 21:59:58 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.02.05 22:06:06 | 000,057,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.07.06 08:20:14 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011.05.13 17:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011.05.13 17:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.29 23:47:30 | 008,200,296 | ---- | M] (Realtek Semiconductor Corp.) [2 MP Fixed] [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvc.sys -- (rtsuvc)
DRV:64bit: - [2010.11.20 14:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010.11.20 14:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010.11.20 12:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.08.11 17:43:00 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.06.10 02:24:24 | 000,342,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010.06.10 02:23:34 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.06.10 02:23:34 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.06.10 02:23:32 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.06.10 02:23:32 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.06.04 01:18:56 | 001,379,376 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.03.09 18:03:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV:64bit: - [2010.02.16 21:24:20 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2010.02.08 16:57:00 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.01.29 05:15:24 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010.01.26 19:33:54 | 000,015,688 | ---- | M] (McAfee, Inc.) [File_System | Boot | Running] -- C:\windows\SysNative\drivers\SbFsLock.sys -- (SbFsLock)
DRV:64bit: - [2010.01.26 19:33:52 | 000,058,184 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\windows\SysNative\drivers\RsvLock.sys -- (RsvLock)
DRV:64bit: - [2010.01.26 19:33:52 | 000,056,648 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\SafeBoot.sys -- (SafeBoot)
DRV:64bit: - [2010.01.12 23:37:34 | 000,325,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.12.04 11:48:18 | 000,032,640 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftVCapture.sys -- (ARCVCAM)
DRV:64bit: - [2009.10.21 22:37:52 | 000,040,760 | ---- | M] (Hewlett-Packard Development Company L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DAMDrv64.sys -- (DAMDrv)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.06.10 21:35:35 | 000,620,544 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.04 20:32:52 | 000,060,160 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\SbAlg.sys -- (SbAlg)
DRV:64bit: - [2005.09.23 23:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2010.01.26 19:33:58 | 000,051,800 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysWow64\drivers\SbAlg.sys -- (SbAlg)
DRV - [2010.01.26 19:33:44 | 000,013,256 | ---- | M] (McAfee, Inc.) [File_System | Boot | Running] -- C:\windows\SysWow64\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2010.01.26 19:33:42 | 000,040,088 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\windows\SysWow64\drivers\rsvlock.sys -- (RsvLock)
DRV - [2010.01.26 19:33:40 | 000,110,520 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysWow64\drivers\SafeBoot.sys -- (SafeBoot)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Pavel\Desktop\Barborka\Filmy
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..\SearchScopes\{27E5F2BB-7308-46B7-B726-EBA870CDF2A9}: "URL" = http://www.novinky.cz/hledej?w={searchT ... arch_13906
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..\SearchScopes\{2DD3A5ED-9F28-4615-85EA-A6B94BF37E79}: "URL" = http://encyklopedie.seznam.cz/search?q= ... arch_13906
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..\SearchScopes\{421AACB1-6577-4847-B204-95A15F6C827E}: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_13906
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..\SearchScopes\{63788942-3DD8-4313-BAF2-3F5C223EA2A6}: "URL" = http://search.seznam.cz/?q={searchTerms ... chmodule_2
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..\SearchScopes\{7980C0ED-8DC2-4353-B128-4A6FEA7B2B81}: "URL" = http://www.mapy.cz/?query={searchTerms} ... arch_13906
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..\SearchScopes\{87B5B7B0-6AF1-4C52-8716-3CB5A027F518}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_13906
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..\SearchScopes\{8EA7A4F3-0F4E-4EF3-8059-9ED285FA8FAF}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_13906
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..\SearchScopes\{BEB537AD-8BC5-4E35-B509-6534B3D9DEC8}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_13906
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..\SearchScopes\{D9B595D4-BF07-4D76-96E3-264D01FEBCB9}: "URL" = http://www.firmy.cz/?q={searchTerms}&so ... arch_13906
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..\SearchScopes\{EB6D7220-C2DA-4CD0-AEB9-58B0581CA2FD}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13906
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@gentek.com/thinclient: C:\IGG\twclient_us\npthinclient.dll (Generic Network)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@eximion.com/KalydoPlayer: C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\bin2\npkalydo.dll (Eximion B.V.)
FF - HKCU\Software\MozillaPlugins\@g2.com/iggweb3dupdater: C:\Users\Pavel\AppData\Roaming\IGG\Web3D\1.0.0.38\NPIGGWeb3DUpdater.dll (IGG)
FF - HKCU\Software\MozillaPlugins\@g2.com/joyconnectshell: C:\Users\Pavel\AppData\Roaming\IGG\Web3D\1.0.0.38\NPJoyConnectShell.dll (IGG)
FF - HKCU\Software\MozillaPlugins\@gentek.com/thinclient: C:\IGG\twclient_us\npthinclient.dll (Generic Network)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Pavel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Pavel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2010.12.10 14:31:49 | 000,000,000 | ---D | M]
[2014.12.05 23:40:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions
========== Chrome ==========
CHR - plugin: Error reading preferences file
CHR - Extension: Prezentace Google = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_1\
CHR - Extension: Dokumenty Google = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Disk Google = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: Vyhledávánà Google = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: Tabulky Google = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_1\
CHR - Extension: Peněženka Google = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Gmail = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\
O1 HOSTS File: ([2014.12.07 15:21:01 | 000,000,035 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (HP ProtectTools Security Manager Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (File Sanitizer for HP ProtectTools) - {3134413B-49B4-425C-98A5-893C1F195601} - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (HP ProtectTools Security Manager Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (Reg Error: Value error.) - 10 - Reg Error: Value error. File not found
O4:64bit: - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [4StoryPrePatch] C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe (Zemi Interactive Inc.)
O4 - HKLM..\Run: [File Sanitizer] c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WebcamMaxMoniter] C:\Program Files (x86)\WebcamMax\wcmmon.exe ()
O4 - HKU\S-1-5-21-3435964710-805018482-336169385-1001..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3435964710-805018482-336169385-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3435964710-805018482-336169385-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..Trusted Domains: localhost ([]http in Internet)
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.240.163.170 62.204.224.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = SKOLA.LOCAL
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36AACF35-3353-4A8B-B146-5A48406663C5}: DhcpNameServer = 62.240.163.170 62.204.224.2
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\windows\SysWow64\DeviceNP.dll (Hewlett-Packard Limited)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.mjpg - C:\windows\SysWow64\pvmjpg30.dll (Pegasus Imaging Corporation)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014.12.08 18:50:06 | 000,000,000 | ---D | C] -- C:\Users\Pavel\Desktop\Čištění
[2014.12.08 18:49:18 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\AMD
[2014.12.08 18:48:59 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014.12.08 18:27:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2014.12.08 18:27:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2014.12.08 18:27:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
[2014.12.08 18:26:05 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2014.12.08 18:26:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2014.12.08 18:23:58 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2014.12.08 18:22:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2014.12.08 18:21:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2014.12.08 18:20:40 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2014.12.08 18:19:24 | 000,000,000 | ---D | C] -- C:\AMD
[2014.12.07 18:12:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Pavel\Desktop\OTL.exe
[2014.12.07 17:08:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014.12.07 17:06:45 | 000,000,000 | ---D | C] -- C:\Users\Pavel\Desktop\mbar
[2014.12.07 14:41:50 | 000,000,000 | ---D | C] -- C:\FRST
[2014.12.07 11:09:52 | 000,000,000 | ---D | C] -- C:\windows\temp
[2014.12.07 11:04:10 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014.12.06 13:04:45 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2014.12.06 13:04:45 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2014.12.06 13:04:44 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2014.12.06 13:04:39 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014.12.06 13:04:19 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2014.12.06 00:34:57 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\Temp
[2014.12.05 23:48:54 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2014.12.03 21:30:58 | 000,135,384 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.12.03 21:30:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014.12.03 21:30:06 | 000,096,472 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2014.12.03 21:30:06 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys
[2014.12.03 21:30:06 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2014.12.03 21:30:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014.12.03 21:30:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.12.03 21:20:35 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.12.03 18:10:41 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.12.03 18:10:41 | 000,000,000 | ---D | C] -- C:\rsit
[2014.11.20 16:52:28 | 000,000,000 | -HSD | C] -- C:\Users\Pavel\AppData\Local\EmieBrowserModeList
[2014.11.15 16:55:08 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\adtschema.dll
[2014.11.15 16:55:08 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\adtschema.dll
[2014.11.15 16:55:07 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2014.11.15 16:55:06 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msaudite.dll
[2014.11.15 16:55:06 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msaudite.dll
[2014.11.12 15:46:29 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2014.11.12 15:46:28 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014.11.12 15:46:28 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2014.11.12 15:46:28 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014.11.12 15:46:28 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2014.11.12 15:46:28 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014.11.12 15:46:28 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014.11.12 15:46:27 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2014.11.12 15:46:26 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2014.11.12 15:46:25 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2014.11.12 15:46:25 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014.11.12 15:46:24 | 002,051,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014.11.12 15:46:24 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2014.11.12 15:46:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2014.11.12 15:46:23 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2014.11.12 15:46:23 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014.11.12 15:46:22 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014.11.12 15:46:22 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2014.11.12 15:46:22 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014.11.12 15:46:21 | 000,799,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2014.11.12 15:46:21 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014.11.12 15:46:20 | 002,124,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014.11.12 15:46:19 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2014.11.12 15:46:18 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014.11.12 15:46:18 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014.11.12 15:46:18 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2014.11.12 15:46:18 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2014.11.12 15:46:17 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2014.11.12 15:46:17 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2014.11.12 15:46:17 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014.11.12 15:46:16 | 006,040,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014.11.12 15:46:16 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2014.11.12 15:46:16 | 000,580,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2014.11.12 15:46:15 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014.11.12 15:46:15 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2014.11.12 15:45:20 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleaut32.dll
[2014.11.12 15:45:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3r.dll
[2014.11.12 15:45:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml3r.dll
[2014.11.12 15:45:14 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IMJP10K.DLL
[2014.11.12 15:45:13 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IMJP10K.DLL
[2014.11.12 15:45:10 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AUDIOKSE.dll
[2014.11.12 15:45:10 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AUDIOKSE.dll
[2014.11.12 15:45:10 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioEng.dll
[2014.11.12 15:45:10 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDump.dll
[2014.11.12 15:45:09 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioSes.dll
[2014.11.12 15:45:04 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
[2014.11.12 15:44:14 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\packager.dll
[2014.11.12 15:44:14 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\packager.dll
[2014.11.12 15:44:08 | 003,241,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msi.dll
========== Files - Modified Within 30 Days ==========
[2014.12.08 18:54:40 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.12.08 18:52:32 | 000,020,944 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.12.08 18:52:32 | 000,020,944 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.12.08 18:50:09 | 001,617,818 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014.12.08 18:50:09 | 000,682,058 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2014.12.08 18:50:09 | 000,666,226 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014.12.08 18:50:09 | 000,147,814 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2014.12.08 18:50:09 | 000,127,642 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014.12.08 18:45:03 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014.12.08 18:43:59 | 4016,496,640 | -HS- | M] () -- C:\hiberfil.sys
[2014.12.08 18:34:46 | 370,036,309 | ---- | M] () -- C:\windows\MEMORY.DMP
[2014.12.07 18:12:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pavel\Desktop\OTL.exe
[2014.12.07 17:08:00 | 000,135,384 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.12.07 17:06:49 | 000,096,472 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2014.12.07 15:21:01 | 000,000,035 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2014.12.07 15:20:32 | 000,029,696 | ---- | M] () -- C:\Users\Pavel\AppData\Local\MSGBOX.EXE
[2014.12.07 15:20:32 | 000,015,327 | ---- | M] () -- C:\Users\Pavel\Desktop\LM.bat
[2014.12.06 00:12:41 | 000,024,064 | ---- | M] () -- C:\windows\zoek-delete.exe
[2014.11.28 17:08:35 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2014.11.28 17:08:35 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.11.26 21:05:21 | 000,220,731 | ---- | M] () -- C:\Users\Pavel\Desktop\Damon-Elena-image-damon-and-elena-36327001-1024-768.jpg
[2014.11.26 21:05:08 | 000,505,136 | ---- | M] () -- C:\Users\Pavel\Desktop\Damon-Elena-damon-and-elena-8415331-1440-900.jpg
[2014.11.26 21:05:00 | 000,445,815 | ---- | M] () -- C:\Users\Pavel\Desktop\Damon-Elena-damon-and-elena-8415350-1440-900.jpg
[2014.11.26 21:00:56 | 000,157,565 | ---- | M] () -- C:\Users\Pavel\Desktop\1695918-1366x768-[DesktopNexus.com].jpg
[2014.11.26 20:56:10 | 001,184,091 | ---- | M] () -- C:\Users\Pavel\Desktop\nina-dobrev-23863.jpg
[2014.11.26 20:32:16 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.11.23 09:14:55 | 000,008,727 | ---- | M] () -- C:\Users\Public\Documents\images.jpg
[2014.11.21 06:14:22 | 000,063,704 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys
[2014.11.21 06:14:08 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2014.11.13 15:29:21 | 000,484,248 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
========== Files Created - No Company Name ==========
[2014.12.07 18:15:27 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.12.07 15:20:32 | 000,029,696 | ---- | C] () -- C:\Users\Pavel\AppData\Local\MSGBOX.EXE
[2014.12.07 15:20:32 | 000,015,327 | ---- | C] () -- C:\Users\Pavel\Desktop\LM.bat
[2014.12.06 13:04:45 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2014.12.06 13:04:45 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2014.12.06 13:04:45 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2014.12.06 13:04:45 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2014.12.06 13:04:44 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2014.12.06 00:34:58 | 000,024,064 | ---- | C] () -- C:\windows\zoek-delete.exe
[2014.11.26 21:05:19 | 000,220,731 | ---- | C] () -- C:\Users\Pavel\Desktop\Damon-Elena-image-damon-and-elena-36327001-1024-768.jpg
[2014.11.26 21:05:07 | 000,505,136 | ---- | C] () -- C:\Users\Pavel\Desktop\Damon-Elena-damon-and-elena-8415331-1440-900.jpg
[2014.11.26 21:05:00 | 000,445,815 | ---- | C] () -- C:\Users\Pavel\Desktop\Damon-Elena-damon-and-elena-8415350-1440-900.jpg
[2014.11.26 21:00:56 | 000,157,565 | ---- | C] () -- C:\Users\Pavel\Desktop\1695918-1366x768-[DesktopNexus.com].jpg
[2014.11.26 20:56:08 | 001,184,091 | ---- | C] () -- C:\Users\Pavel\Desktop\nina-dobrev-23863.jpg
[2014.11.23 09:14:52 | 000,008,727 | ---- | C] () -- C:\Users\Public\Documents\images.jpg
[2014.09.15 23:18:02 | 000,995,342 | ---- | C] () -- C:\windows\SysWow64\amdocl_as32.exe
[2014.09.15 23:18:02 | 000,798,734 | ---- | C] () -- C:\windows\SysWow64\amdocl_ld32.exe
[2014.09.15 23:06:34 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat
[2014.09.15 23:06:34 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat
[2014.09.15 18:19:58 | 000,038,912 | ---- | C] () -- C:\windows\SysWow64\kdbsdk32.dll
[2013.03.28 08:35:12 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.06.25 03:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 02:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.04.27 22:28:36 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\DAEMON Tools Lite
[2011.11.16 17:39:02 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\DigitalPersona
[2013.03.28 17:47:05 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\HellSpy.cz Download Manager
[2014.01.01 16:38:55 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\ICQ
[2013.11.23 20:06:40 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\IGG
[2013.02.18 11:39:46 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Jane s Hotel 3
[2012.11.25 19:38:08 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Kalydo
[2014.02.26 11:42:23 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Origin
[2014.12.06 13:02:57 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Seznam.cz
[2012.11.23 21:08:44 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Stellarium
[2014.01.17 18:20:53 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Unity
[2014.03.09 13:37:07 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Webcammax
[2011.11.22 13:46:13 | 000,000,000 | ---D | M] -- C:\Users\stasa\AppData\Roaming\DigitalPersona
[2012.03.22 12:40:40 | 000,000,000 | ---D | M] -- C:\Users\strnad\AppData\Roaming\DigitalPersona
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,568 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
< >
< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16552_none_394a8c733b252fb9\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16593_none_39204d0d3b44b8d4\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20669_none_39d05b5854449cd5\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20713_none_3a006b1e5421763d\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.10.01 08:17:00 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=2632B7125E0730E019532CFCFFFFBFC0 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.20538_none_e28cf2983c0715a1\autochk.exe
[2009.10.01 08:42:15 | 000,777,216 | ---- | M] (Microsoft Corporation) MD5=3AE12EC776AB9830462E8197FB5C88CF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.20538_none_3eab8e1bf46486d7\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\erdnt\cache86\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\erdnt\cache64\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2012.06.02 05:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012.04.24 05:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010.11.20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012.04.24 05:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2013.05.10 05:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013.05.13 05:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013.07.09 15:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2012.06.02 06:32:25 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=456107D69D4EE850A559434F19EFEE65 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_d2beeccacd6d6c07\cryptsvc.dll
[2012.04.24 06:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2013.10.05 03:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2012.04.24 05:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2013.07.09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\erdnt\cache64\cryptsvc.dll
[2013.07.09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\windows\SysNative\cryptsvc.dll
[2013.07.09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013.07.09 14:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013.07.09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\erdnt\cache86\cryptsvc.dll
[2013.07.09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013.07.09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2012.06.04 08:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2013.05.10 06:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013.05.11 06:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2009.07.14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2012.06.02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 06:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 05:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2012.04.24 06:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2012.06.02 06:25:12 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=BAF19B633933A9FB4883D27D66C39E9A -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_d22a7e2db457eb07\cryptsvc.dll
[2013.05.10 06:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2012.04.24 06:36:46 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=CE8BF1423AEE47DA5275FBC8AD3BD642 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_d2773c98cda297d3\cryptsvc.dll
[2013.05.13 06:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013.05.10 06:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2012.06.02 05:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2012.04.24 06:59:45 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=F02786B66375292E58C8777082D4396D -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_d24deecfb43ce339\cryptsvc.dll
[2013.10.05 02:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll
[2012.06.02 05:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll
[2012.04.24 05:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010.12.10 14:43:38 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.12.10 14:34:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.12.10 14:43:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010.12.10 14:34:07 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010.12.10 14:43:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010.12.10 14:34:07 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010.12.10 14:43:38 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010.12.10 14:34:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.09.01 07:34:28 | 000,263,256 | ---- | M] (Microsoft Corporation) MD5=01B586A0B8C8D860457892F80B85A5CD -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16416_none_076a95ef732190e3\hal.dll
[2009.09.01 08:03:17 | 000,263,240 | ---- | M] (Microsoft Corporation) MD5=514D418248FECD24D96E7219162BDFDD -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.20519_none_07f733988c3c7cb2\hal.dll
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: IASTORV.SYS >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2010.05.12 09:37:57 | 000,410,504 | ---- | M] (Intel Corporation) MD5=513DC087CFED7D2BB82F005385D3531F -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16592_none_0af87721a183cb70\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
[2010.05.12 09:50:37 | 000,410,496 | ---- | M] (Intel Corporation) MD5=E353CF970C5D4D6A092911E15FB78C07 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20712_none_0bd89532ba6088d9\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\drivers\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
< MD5 for: LSASS.EXE >
[2014.05.30 09:00:12 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=04F6C08B30C599D301CE8530A6F6A703 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22705_none_0505e8508c7f766f\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 07:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2011.11.17 08:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe
[2011.11.17 08:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_02756f8b7653d554\lsass.exe
[2014.04.12 03:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\erdnt\cache64\lsass.exe
[2014.04.12 03:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\windows\SysNative\lsass.exe
[2014.04.12 03:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_044f07757384196d\lsass.exe
[2014.04.12 03:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18496_none_041bf8b773a9f127\lsass.exe
[2014.04.12 03:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18526_none_0467aa1173712ab7\lsass.exe
[2014.04.12 03:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18637_none_045ddc5573785d26\lsass.exe
[2014.09.19 10:42:18 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=341655B216721D89CADE9DEA2F33872F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18606_none_047d4bcf7360effc\lsass.exe
[2013.09.25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_042b9307739f26ed\lsass.exe
[2014.04.12 03:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_04cdd63a8ca9d24f\lsass.exe
[2014.04.12 03:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22712_none_04f817868c8a465b\lsass.exe
[2014.04.12 03:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22736_none_04e678d68c96e399\lsass.exe
[2014.04.12 03:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22807_none_0507eaca8c7da644\lsass.exe
[2014.04.12 03:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22843_none_04d8a9f28ca1b0ac\lsass.exe
[2012.08.24 18:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012.06.04 08:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2014.09.19 10:47:37 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=B84317193B6A29F5F5DCF538C34FDCED -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22814_none_04fa1a008c887630\lsass.exe
-
funkymusic
- Vzorný návštěvník
- Příspěvky: 402
- Registrován: 07 pro 2004 15:16
Re: Totálně zahumusené pc
[2012.06.02 06:30:31 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=BF63CE11A25F3509129888710D5111FC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_0309de288f695654\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2011.11.17 07:42:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D21BD47E528CD62E79311FB5DF0150E6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe
[2013.09.25 02:08:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=F021DAFB1F87616FCEBA159C2ED7042F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_04c503168cb026a0\lsass.exe
[2014.05.30 09:07:57 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=F23812F9F7B130854E4BC0389F7C688C -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18489_none_0429c981739f213b\lsass.exe
< MD5 for: NDIS.SYS >
[2012.08.22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\erdnt\cache64\ndis.sys
[2012.08.22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\windows\SysNative\drivers\ndis.sys
[2012.08.22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\erdnt\cache64\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\windows\SysNative\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\erdnt\cache86\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVRAID.SYS >
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\drivers\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.05.12 09:50:49 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=491E3CF1A4F0869E32197E34603B9BE1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_96a205e1f19732b1\nvraid.sys
[2010.11.20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 07:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 07:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 07:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys
[2010.05.12 09:38:10 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=DEAB10231CBDB0881FC25428EBE11506 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_95c1e7d0d8ba7548\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2010.05.12 09:38:10 | 000,166,280 | ---- | M] (NVIDIA Corporation) MD5=0AF7B8136794E23E87BE138992880E64 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_95c1e7d0d8ba7548\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2010.05.12 09:50:49 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=CE76755AF933E728CEBA6C7A970838A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_96a205e1f19732b1\nvstor.sys
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2014.04.12 03:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_0abdf375491039d3\smss.exe
[2013.03.19 03:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013.03.19 04:20:12 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=7180204786A9DED8723B2D8CF3CDD388 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.21490_none_08a94e494c0cfd0a\smss.exe
[2013.08.29 02:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2013.08.02 06:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013.07.08 03:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=E65601CF4BC0CF3718AFBE56A9AD846F -- C:\Windows\SoftwareDistribution\Download\063027e6e7f854ca44e857370ed18923\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22379_none_0aae4fa7491b124a\smss.exe
[2013.03.19 04:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013.08.02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\windows\SysNative\smss.exe
[2013.08.02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe
[2013.03.19 04:19:03 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=FA64733BD65F52712F0545F56FDB4BE6 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.17273_none_0838504e32dc743c\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2014.11.21 06:12:42 | 000,761,656 | ---- | M] (MalwareBytes) MD5=625BB08813743947985B0DEEFC35ED12 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2014.04.05 03:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\erdnt\cache64\tcpip.sys
[2014.04.05 03:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\windows\SysNative\drivers\tcpip.sys
[2014.04.05 03:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2011.04.25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013.05.08 07:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 03:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2010.12.10 15:00:44 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2013.01.04 06:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2012.03.30 11:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 12:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2013.01.03 06:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2013.09.07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.08.22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2010.04.09 12:06:28 | 001,898,376 | ---- | M] (Microsoft Corporation) MD5=7FC877A25796D8ADF539E64703FCA7E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_0f2ca8c580036f65\tcpip.sys
[2012.03.30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010.12.10 15:00:44 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2013.05.08 07:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2010.04.09 08:56:29 | 001,892,232 | ---- | M] (Microsoft Corporation) MD5=A9C0F786AC1F736891D05CE0A1D29DEB -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_0f9ea52499331463\tcpip.sys
[2011.09.29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.07.06 06:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013.01.04 06:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 07:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2011.09.29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2013.11.26 12:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2014.11.21 06:12:42 | 000,761,656 | ---- | M] (MalwareBytes) MD5=625BB08813743947985B0DEEFC35ED12 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2014.03.04 12:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 10:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\erdnt\cache64\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\windows\SysNative\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 04:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
[2010.12.10 14:43:38 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010.12.10 14:43:38 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\erdnt\cache64\ws2_32.dll
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\windows\SysNative\ws2_32.dll
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\erdnt\cache86\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[11 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[16 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[3 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.08.27 09:37:39 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Adobe
[2014.07.22 13:36:16 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\ArcSoft
[2011.11.16 17:50:15 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\ATI
[2013.03.28 08:35:14 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Corel
[2014.06.20 12:07:45 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\CorelHomeOffice
[2013.04.27 22:28:36 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\DAEMON Tools Lite
[2011.11.16 17:39:02 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\DigitalPersona
[2013.03.28 17:47:05 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\HellSpy.cz Download Manager
[2014.08.18 12:31:05 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Hewlett-Packard
[2014.08.20 18:51:02 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\hpqLog
[2014.01.01 16:38:55 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\ICQ
[2011.11.16 17:48:52 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Identities
[2013.11.23 20:06:40 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\IGG
[2013.02.18 11:39:46 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Jane s Hotel 3
[2012.11.25 19:38:08 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Kalydo
[2012.08.27 09:37:40 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Macromedia
[2014.12.07 15:34:34 | 000,000,000 | --SD | M] -- C:\Users\Pavel\AppData\Roaming\Microsoft
[2014.05.10 14:50:10 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Mozilla
[2014.02.26 11:42:23 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Origin
[2014.12.06 13:02:57 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Seznam.cz
[2014.10.17 12:58:07 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Skype
[2012.11.23 21:08:44 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Stellarium
[2014.01.17 18:20:53 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Unity
[2014.03.09 13:37:07 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Webcammax
[2013.01.10 13:32:02 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2012.04.19 10:05:26 | 000,128,888 | ---- | M] (IGG) -- C:\Users\Pavel\AppData\Roaming\IGG\Web3D\1.0.0.38\IGGWeb3DMan.exe
[2013.11.23 20:06:39 | 000,726,814 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\IGG\Web3D\1.0.0.38\unins000.exe
[2014.03.12 17:47:58 | 000,156,920 | ---- | M] (Eximion B.V.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\bin2\appinstall.exe
[2014.03.12 17:47:59 | 000,102,960 | ---- | M] (Eximion B.V.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\bin2\appuninstall.exe
[2014.03.12 17:47:57 | 000,379,232 | ---- | M] (Eximion B.V.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\bin2\kalELLaunch.exe
[2014.03.12 17:47:57 | 002,404,704 | ---- | M] (Eximion B.V.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\bin2\kalydoloader.exe
[2014.03.12 17:47:59 | 000,140,880 | ---- | M] (Eximion B.V.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\bin2\uninstall.exe
[2014.03.12 17:48:43 | 005,185,392 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\Bin\krfreadworker.exe
[2014.03.12 17:48:44 | 003,817,240 | ---- | M] (Zemi Interactive Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\Bin\tclient.exe
[2012.12.05 09:54:00 | 000,815,448 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\HShield\ahnrpt.exe
[2012.10.17 12:28:00 | 000,114,096 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\HShield\hslogmgr.exe
[2013.02.23 06:42:00 | 000,159,592 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\HShield\hsupdate.exe
[2013.01.09 06:45:00 | 000,265,368 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\HShield\update\autoup.exe
[2014.03.12 17:48:23 | 001,131,776 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\HSOrg\ahnrpt.exe
[2014.03.12 17:48:23 | 000,113,344 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\HSOrg\hslogmgr.exe
[2014.03.12 17:48:23 | 000,159,592 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\HSOrg\hsupdate.exe
[2014.03.12 17:48:23 | 000,256,112 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\HSOrg\update\autoup.exe
[2013.04.19 17:41:44 | 003,647,336 | ---- | M] (Zemi Interactive Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4story_cycle\Bin\tclient.exe
[2012.12.05 09:54:00 | 000,815,448 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4story_cycle\HShield\ahnrpt.exe
[2012.10.17 12:28:00 | 000,114,096 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4story_cycle\HShield\hslogmgr.exe
[2013.02.23 06:42:00 | 000,159,592 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4story_cycle\HShield\hsupdate.exe
[2013.01.09 06:45:00 | 000,265,368 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4story_cycle\HShield\update\autoup.exe
[2013.06.11 16:06:44 | 001,131,776 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4story_cycle\HSOrg\ahnrpt.exe
[2013.06.11 16:06:45 | 000,113,344 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4story_cycle\HSOrg\hslogmgr.exe
[2013.06.11 16:06:45 | 000,159,592 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4story_cycle\HSOrg\hsupdate.exe
[2013.06.11 16:06:45 | 000,256,112 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4story_cycle\HSOrg\update\autoup.exe
[2012.10.24 14:50:32 | 000,010,134 | R--- | M] () -- C:\Users\Pavel\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2013.05.16 14:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\Seznam.cz\szninstall.exe
[2013.05.16 14:26:24 | 002,589,256 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013.04.29 11:53:34 | 000,045,560 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2013.04.12 09:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2013.04.12 09:10:22 | 000,092,664 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2013.04.16 12:52:34 | 000,055,808 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\Seznam.cz\data\ffinstall\ffkill.exe
[2011.12.19 10:04:28 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Users\Pavel\AppData\Roaming\Seznam.cz\data\ffinstall\reg.exe
[2013.04.16 12:52:36 | 000,077,824 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\Seznam.cz\data\ffinstall\regctrl.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014.12.08 18:27:42 | 000,061,664 | ---- | M] () -- C:\windows\system32\CCCInstall_201412081827425174.log
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"RESTART_STICKY_NOTES" = C:\Windows\System32\StikyNot.exe
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.12.08 18:54:40 | 000,000,512 | ---- | M] () MD5=BC9F79E51371A0279C06C56563AFD9A2 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2001.10.01 12:50:54 | 000,012,968 | ---- | M] () -- \Hry\Stronghold\gm\cracks.gm1
[2012.11.13 10:24:47 | 087,894,187 | ---- | M] () -- \Users\Pavel\Documents\Pavel\Taťkovy věci\Instalace her\Farm Frenzy\Farm Frenzy Gone Fishing\FarmFrenzyGoneFishingCs_6-(crack-a-hra-je-v-ÄŤeštinÄ›).rar
[2012.09.28 11:24:28 | 224,015,465 | ---- | M] () -- \Users\Pavel\Documents\Pavel\Taťkovy věci\Instalace her\FishBone Games\Dragon Keeper 2\Dragon-Keeper-2---Full-PreCracked---Foxy-Games.exe
[2012.09.26 21:01:08 | 146,563,564 | ---- | M] () -- \Users\Pavel\Documents\Pavel\Taťkovy věci\Instalace her\FishBone Games\Dragon Keeper\Dragon-Keeper---Full-PreCracked.exe
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2014.04.17 09:30:07 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Pavel\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\dark_rounded\loader.gif.vir
[2014.04.17 09:30:08 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Pavel\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\dark_square\loader.gif.vir
[2014.04.17 09:30:08 | 000,006,331 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Pavel\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\default\loader.gif.vir
[2014.04.17 09:30:08 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Pavel\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\facebook\loader.gif.vir
[2014.04.17 09:30:09 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Pavel\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\light_rounded\loader.gif.vir
[2014.04.17 09:30:09 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Pavel\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\light_square\loader.gif.vir
[2012.06.29 10:55:34 | 000,000,331 | ---- | M] () -- \gencache\twclient_us\script\client\exam\theme_loader.le
[2007.03.16 16:56:16 | 000,019,968 | ---- | M] () -- \Hry\Bulánci\busdriver\Bus Driver\lib\loaders.dll
[2012.09.18 08:47:14 | 000,049,032 | ---- | M] () -- \IGG\twclient_us\gameloader.exe
[2009.11.19 03:40:08 | 000,076,288 | ---- | M] () -- \Program Files (x86)\Arcsoft\TotalMedia Suite\Label Maker\uACM_Loader.dll
[2009.11.27 16:22:00 | 000,084,480 | ---- | M] () -- \Program Files (x86)\Arcsoft\TotalMedia Suite\WebCam Companion 3\ASDownloader.exe
[2009.11.27 16:23:00 | 000,338,432 | ---- | M] () -- \Program Files (x86)\Arcsoft\TotalMedia Suite\WebCam Companion 3\SnapFishUploader.dll
[2013.03.09 08:17:04 | 000,268,440 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2013.03.09 08:17:04 | 000,019,080 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013.02.19 13:35:18 | 000,032,768 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\TLoader.exe
[2014.08.07 13:02:36 | 000,192,896 | ---- | M] () -- \Program Files (x86)\GameforgeLive\MultiHTTPDownloader.exe
[2014.10.21 21:02:18 | 000,032,056 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPResignFileLoader.exe
[2010.09.07 17:06:48 | 000,053,248 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe
[2010.09.07 16:52:54 | 000,005,974 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe.config
[2013.04.04 19:50:16 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2013.04.04 19:50:17 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2013.04.04 19:50:16 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.04.20 10:29:39 | 000,002,886 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2012.04.20 10:29:39 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\profile_lightboxs\preloader.html
[2013.04.04 20:03:56 | 000,003,830 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\rps\preloader02.swf
[2013.04.05 18:39:48 | 000,003,830 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\slide-a-lama\preloader02.swf
[2012.04.20 10:29:39 | 000,003,830 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\warsheep\preloader02.swf
[2012.04.20 10:29:39 | 000,003,830 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\zoopaloola\preloader02.swf
[2013.11.18 01:56:38 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.3.132.0\apps\facebook\7.3.132\js\downloader.js
[2013.11.18 01:56:38 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.3.132.0\apps\facebooklike\7.3.132\js\downloader.js
[2013.11.18 01:56:38 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.3.132.0\apps\fbsharedservices\7.3.132\js\downloader.js
[2013.11.18 01:56:38 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.3.132.0\apps\featured\7.3.132\js\downloader.js
[2013.11.18 01:56:38 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.3.132.0\apps\chat\7.3.132\js\downloader.js
[2013.11.18 01:56:38 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.3.132.0\scripts\io\downloader.js
[2012.11.13 15:40:02 | 000,030,608 | ---- | M] () -- \Program Files (x86)\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2013.03.09 08:52:18 | 000,364,168 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2013.03.09 08:52:18 | 000,019,080 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2009.12.12 15:11:16 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2013.06.19 14:59:00 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.06.19 14:59:00 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.11.11 14:39:40 | 000,006,012 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.11.11 14:39:40 | 000,021,956 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.06.19 14:59:00 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.06.19 14:59:00 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.06.19 14:59:00 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.11.11 14:39:40 | 000,006,012 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.11.11 14:39:40 | 000,021,956 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.06.19 14:59:00 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2011.10.12 14:04:18 | 000,006,643 | ---- | M] () -- \Users\Pavel\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.1.403\js\downloader.js
[2012.01.31 15:16:24 | 000,006,643 | ---- | M] () -- \Users\Pavel\AppData\Local\Microsoft\BingBar\Apps\FacebookLike_08e57417866d4faa981702780b0d36c4\7.1.361\js\downloader.js
[2012.01.31 15:16:24 | 000,006,643 | ---- | M] () -- \Users\Pavel\AppData\Local\Microsoft\BingBar\Apps\fbsharedservices_bb9c6e8b961d477e9ec95f9698bde610\7.1.361\js\downloader.js
[2012.01.31 15:16:24 | 000,006,643 | ---- | M] () -- \Users\Pavel\AppData\Local\Microsoft\BingBar\Apps\Featured_ce53daa069a4a3ad2e3d7d81081f340d\7.1.361\js\downloader.js
[2012.01.31 15:16:24 | 000,006,643 | ---- | M] () -- \Users\Pavel\AppData\Local\Microsoft\BingBar\Apps\Chat_cf57b0088a3b4f61a0bfaad0ba784240\7.1.361\js\downloader.js
[2010.06.25 04:08:04 | 000,005,273 | ---- | M] () -- \Users\Pavel\AppData\Local\Microsoft\Toolbar\Applications\loader.xap
[2014.03.12 17:47:57 | 002,404,704 | ---- | M] () -- \Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\bin2\kalydoloader.exe
[2013.03.29 12:37:34 | 000,059,384 | ---- | M] () -- \Users\Pavel\AppData\Roaming\Seznam.cz\bin\24184libfoxloader.dll
[2013.04.15 12:32:10 | 000,060,416 | ---- | M] () -- \Users\Pavel\AppData\Roaming\Seznam.cz\bin\24187libfoxloader-x64.dll
[2013.12.18 18:36:55 | 000,000,165 | ---- | M] () -- \Users\Pavel\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013.04.23 15:35:56 | 000,031,516 | ---- | M] () -- \Users\Pavel\AppData\Roaming\Seznam.cz\install\cz.seznam.software.libfoxloader-3.1.2-win32.zip
[2013.03.25 15:27:20 | 000,000,665 | ---- | M] () -- \Users\Pavel\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.install.bat
[2013.03.25 15:27:26 | 000,000,117 | ---- | M] () -- \Users\Pavel\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.uninstall.bat
[2014.12.08 18:10:52 | 000,891,224 | ---- | M] () -- \Users\Pavel\Downloads\amddriverdownloader.exe
[2010.06.25 04:08:04 | 000,005,273 | ---- | M] () -- \Users\stasa\AppData\Local\Microsoft\Toolbar\Applications\loader.xap
[2010.03.24 20:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.10.07 04:36:40 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.03.24 20:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.10.07 04:36:40 | 000,265,552 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2013.03.09 08:17:04 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.7015\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013.03.09 08:17:04 | 000,268,440 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.7015\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2014.12.08 18:11:07 | 000,026,650 | ---- | M] () -- \Windows\Prefetch\AMDDRIVERDOWNLOADER.EXE-2EA4096D.pf
[2013.07.08 06:11:20 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\063027e6e7f854ca44e857370ed18923\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 05:59:24 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\063027e6e7f854ca44e857370ed18923\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.03.15 06:17:34 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2013.03.15 06:17:34 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 16:22:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:26:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:46:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 15:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 03:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2010.12.10 14:26:17 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.12.10 14:26:17 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2010.12.10 14:26:17 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2010.12.10 14:26:17 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2010.12.10 14:26:17 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.09.26 20:29:04 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.09.26 20:29:04 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012.09.26 20:29:05 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012.09.26 20:29:05 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012.09.26 20:29:06 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2010.12.10 14:22:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 05:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 12:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 02:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 11:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 03:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
[2013.02.19 13:40:48 | 003,630,556 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000104.pnd
[2013.02.19 13:40:50 | 000,000,012 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000105.pnd
[2014.10.04 14:50:34 | 002,700,208 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000203.pnd
[2013.02.19 13:41:14 | 031,199,740 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000204.pnd
[2014.10.04 14:50:34 | 006,222,132 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000205.pnd
[2013.02.19 13:40:52 | 004,104,204 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000206.pnd
[2014.10.04 14:50:35 | 000,456,546 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000300.pnd
[2013.02.19 13:40:52 | 007,640,636 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000303.pnd
[2013.02.19 13:41:00 | 010,718,952 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000304.pnd
[2013.02.19 13:40:52 | 001,810,798 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000305.pnd
[2013.02.19 13:40:54 | 014,978,964 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000306.pnd
[2013.02.19 13:40:58 | 004,181,034 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000403.pnd
[2013.02.19 13:41:00 | 005,259,664 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000404.pnd
[2013.02.19 13:40:54 | 007,835,574 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000405.pnd
[2013.02.19 13:41:00 | 007,445,116 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000406.pnd
[2013.02.19 13:40:58 | 005,278,730 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000503.pnd
[2013.02.19 13:41:02 | 011,320,248 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000504.pnd
[2013.02.19 13:40:56 | 003,878,382 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000505.pnd
[2013.02.19 13:40:56 | 001,331,126 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000506.pnd
[2013.02.19 13:40:56 | 001,349,330 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000604.pnd
[2013.02.19 13:41:00 | 007,015,342 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000605.pnd
[2013.02.19 13:40:58 | 004,409,612 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000606.pnd
[2013.02.19 13:40:58 | 000,710,892 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00030000.pnd
[2013.02.19 13:40:58 | 000,140,032 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00040000.pnd
[2013.02.19 13:40:58 | 000,082,414 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00060000.pnd
[2013.02.19 13:40:58 | 000,300,098 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00070000.pnd
[2013.02.19 13:40:58 | 000,068,330 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00080000.pnd
[2013.02.19 13:41:00 | 000,704,098 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00090000.pnd
[2013.02.19 13:41:00 | 000,098,074 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE000A0000.pnd
[2013.02.19 13:41:00 | 000,164,852 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE000B0000.pnd
[2013.02.19 13:41:00 | 000,720,828 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE000C0000.pnd
[2013.02.19 13:41:00 | 000,176,712 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE000D0000.pnd
[2013.02.19 13:41:00 | 000,510,394 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE000E0000.pnd
[2013.02.19 13:41:00 | 001,034,688 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE000F0000.pnd
[2013.02.19 13:41:00 | 000,247,718 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00100000.pnd
[2013.02.19 13:41:00 | 000,449,482 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00110000.pnd
[2013.02.19 13:41:00 | 000,005,844 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE01F50000.pnd
[2013.02.19 13:41:00 | 000,007,368 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02590000.pnd
[2013.02.19 13:41:00 | 000,593,686 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02BC0000.pnd
[2013.02.19 13:41:04 | 004,409,612 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02BD0000.pnd
[2013.02.19 13:41:10 | 010,718,952 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02BE0000.pnd
[2013.02.19 13:41:02 | 001,316,090 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02BF0000.pnd
[2013.02.19 13:41:00 | 001,043,802 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02C00000.pnd
[2013.02.19 13:41:04 | 005,278,730 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02C20000.pnd
[2013.02.19 13:41:04 | 004,181,034 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02C40000.pnd
[2013.02.19 13:41:02 | 002,131,730 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02C60000.pnd
[2013.02.19 13:41:08 | 007,445,116 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02C80000.pnd
[2014.10.04 14:50:35 | 000,593,686 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02D10000.pnd
[2014.10.04 14:50:35 | 010,718,952 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02D20000.pnd
[2014.10.04 14:50:35 | 001,043,802 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02D30000.pnd
[2014.10.04 14:50:35 | 005,278,730 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02D40000.pnd
[2014.10.04 14:50:36 | 004,181,034 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02D50000.pnd
[2014.10.04 14:50:36 | 002,131,730 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02D60000.pnd
[2014.10.04 14:50:36 | 000,593,686 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02DB0000.pnd
[2014.10.04 14:50:36 | 010,718,952 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02DC0000.pnd
[2014.10.04 14:50:36 | 001,043,802 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02DD0000.pnd
[2014.10.04 14:50:36 | 005,278,730 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02DE0000.pnd
[2014.10.04 14:50:37 | 004,181,034 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02DF0000.pnd
[2014.10.04 14:50:37 | 002,131,730 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02E00000.pnd
[2013.02.19 13:41:02 | 000,330,866 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE03210000.pnd
[2013.02.19 13:41:02 | 000,177,878 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE03220000.pnd
[2013.02.19 13:41:02 | 000,177,878 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE03230000.pnd
[2013.02.19 13:41:02 | 000,330,866 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE03240000.pnd
[2013.02.19 13:41:04 | 003,004,110 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE038B0000.pnd
[2013.02.19 13:41:04 | 003,004,110 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE038C0000.pnd
[2013.02.19 13:41:08 | 005,200,352 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE038D0000.pnd
[2013.02.19 13:41:08 | 005,200,352 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE038E0000.pnd
[2013.02.19 13:41:04 | 000,081,832 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE038F0000.pnd
[2013.02.19 13:41:04 | 000,032,212 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE07DA0000.pnd
[2013.02.19 13:41:04 | 000,011,222 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE08340000.pnd
[2013.02.19 13:41:06 | 001,374,438 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE08980000.pnd
[2013.02.19 13:41:08 | 002,468,646 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE08990000.pnd
[2013.02.19 13:41:06 | 001,374,438 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE089A0000.pnd
[2014.10.04 16:11:39 | 000,000,242 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Tcd\TNODE.tcd
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2014.05.13 22:17:02 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014.08.21 10:52:11 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2014.07.10 23:24:10 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2010.08.23 20:40:40 | 000,267,832 | ---- | M] () -- \Program Files\Hewlett-Packard\HP Power Assistant\HPCommon.XmlSerializers.dll
[2010.08.23 20:40:40 | 000,000,256 | ---- | M] () -- \Program Files\Hewlett-Packard\HP Power Assistant\HPCommon.XmlSerializers.dll.hpsign
[2010.01.27 23:01:04 | 000,267,832 | ---- | M] () -- \Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
[2010.01.27 23:01:08 | 000,000,256 | ---- | M] () -- \Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll.hpsign
[2014.05.13 22:48:16 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014.08.21 10:52:44 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2014.07.10 23:24:01 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2008.04.15 11:20:56 | 000,079,120 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\HfxSerial.exe
[2008.04.15 11:39:48 | 000,010,000 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-CHS.dll
[2008.04.15 11:39:48 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-DEU.dll
[2008.04.15 11:39:48 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-ESP.dll
[2008.04.15 11:39:48 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-FRA.dll
[2008.04.15 11:39:48 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-ITA.dll
[2008.04.15 11:39:48 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-JPN.dll
[2008.04.15 11:39:48 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-KOR.dll
[2008.04.15 11:39:48 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-NLD.dll
[2013.07.08 13:43:52 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.06.24 00:43:20 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2014.07.10 23:24:10 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.10.17 13:27:00 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\91eb4f41130c65ef17f0fee1d3ab48fb\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.10.17 13:53:47 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\b1e0939384cc320d6ac7b8921ccc2877\System.Runtime.Serialization.ni.dll
[2014.10.17 13:20:49 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\2a07bf9a29a64827bf06e7853214fc0f\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.10.17 14:36:31 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\5015b90fbd31c9ba4fff989b2c79711b\System.Runtime.Serialization.ni.dll
[2014.09.12 14:04:54 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\e67230bbca0858b6ff4caccfb4595fa8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.09.12 14:04:54 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\e67230bbca0858b6ff4caccfb4595fa8\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.10.17 13:12:15 | 002,822,144 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll
[2014.10.17 13:12:15 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll.aux
[2014.03.01 12:46:44 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll
[2014.03.01 12:46:44 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll.aux
[2014.09.12 14:22:07 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\10cfe6422504c1beb7abe4f8f26aa6a8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.09.12 14:22:07 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\10cfe6422504c1beb7abe4f8f26aa6a8\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.10.17 16:33:34 | 003,638,272 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\6d9b2d977435904b70f2e1571f7cf026\System.Runtime.Serialization.ni.dll
[2014.10.17 16:33:34 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\6d9b2d977435904b70f2e1571f7cf026\System.Runtime.Serialization.ni.dll.aux
[2014.03.01 15:50:55 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll
[2014.03.01 15:50:55 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll.aux
[2013.09.11 22:33:38 | 001,052,320 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\BE4EBED704B66673BB53C5BB3C58AD73\4.5.50938\System.Runtime.Serialization.dll.amd64
[2013.09.11 22:33:38 | 001,052,320 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\BE4EBED704B66673BB53C5BB3C58AD73\4.5.50938\System.Runtime.Serialization.dll.x86
[2013.09.11 22:33:38 | 001,052,320 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\BE4EBED704B66673BB53C5BB3C58AD73\4.5.50938\System.Runtime.Serialization.dll_gac_x86
[2013.09.11 22:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013.09.11 22:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2014.07.23 00:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2014.06.24 00:43:20 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.07.10 23:24:11 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014.07.23 00:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 22:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 22:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2014.06.24 00:43:09 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2014.07.10 23:24:02 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014.07.23 00:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 20:32:16 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 20:32:16 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2010.12.10 14:25:13 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2010.12.10 14:25:13 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2010.12.10 14:25:25 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_1e468964c1feb99a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.22731_cs-cz_1ec35795db263fce\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.12.10 14:25:31 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2010.12.10 14:25:46 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_bb8e310269277fd7\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.22733_cs-cz_bc0cffc7824d38b9\System.RunTime.Serialization.Resources.dll
[2010.12.10 14:25:34 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:43:09 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.18523_none_a9a7e561157d82e9\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:43:05 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.22733_none_92db3ec72f23fc97\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 21:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2010.11.05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2014.03.09 22:48:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18523_none_5919d8d674e2f3ff\System.Runtime.Serialization.dll
[2014.07.10 23:24:02 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18532_none_591aefe874e1f3b5\System.Runtime.Serialization.dll
[2012.10.05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2014.03.17 15:38:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22733_none_424d323c8e896dad\System.Runtime.Serialization.dll
[2014.07.08 00:36:29 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22743_none_424e32868e888704\System.Runtime.Serialization.dll
[2009.06.10 21:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2010.11.05 02:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2011.11.17 07:42:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D21BD47E528CD62E79311FB5DF0150E6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe
[2013.09.25 02:08:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=F021DAFB1F87616FCEBA159C2ED7042F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_04c503168cb026a0\lsass.exe
[2014.05.30 09:07:57 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=F23812F9F7B130854E4BC0389F7C688C -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18489_none_0429c981739f213b\lsass.exe
< MD5 for: NDIS.SYS >
[2012.08.22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\erdnt\cache64\ndis.sys
[2012.08.22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\windows\SysNative\drivers\ndis.sys
[2012.08.22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\erdnt\cache64\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\windows\SysNative\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\erdnt\cache86\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVRAID.SYS >
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\drivers\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.05.12 09:50:49 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=491E3CF1A4F0869E32197E34603B9BE1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_96a205e1f19732b1\nvraid.sys
[2010.11.20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 07:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 07:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 07:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys
[2010.05.12 09:38:10 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=DEAB10231CBDB0881FC25428EBE11506 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_95c1e7d0d8ba7548\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2010.05.12 09:38:10 | 000,166,280 | ---- | M] (NVIDIA Corporation) MD5=0AF7B8136794E23E87BE138992880E64 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_95c1e7d0d8ba7548\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2010.05.12 09:50:49 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=CE76755AF933E728CEBA6C7A970838A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_96a205e1f19732b1\nvstor.sys
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2014.04.12 03:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_0abdf375491039d3\smss.exe
[2013.03.19 03:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013.03.19 04:20:12 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=7180204786A9DED8723B2D8CF3CDD388 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.21490_none_08a94e494c0cfd0a\smss.exe
[2013.08.29 02:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2013.08.02 06:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013.07.08 03:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=E65601CF4BC0CF3718AFBE56A9AD846F -- C:\Windows\SoftwareDistribution\Download\063027e6e7f854ca44e857370ed18923\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22379_none_0aae4fa7491b124a\smss.exe
[2013.03.19 04:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013.08.02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\windows\SysNative\smss.exe
[2013.08.02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe
[2013.03.19 04:19:03 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=FA64733BD65F52712F0545F56FDB4BE6 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.17273_none_0838504e32dc743c\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2014.11.21 06:12:42 | 000,761,656 | ---- | M] (MalwareBytes) MD5=625BB08813743947985B0DEEFC35ED12 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2014.04.05 03:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\erdnt\cache64\tcpip.sys
[2014.04.05 03:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\windows\SysNative\drivers\tcpip.sys
[2014.04.05 03:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2011.04.25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013.05.08 07:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 03:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2010.12.10 15:00:44 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2013.01.04 06:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2012.03.30 11:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 12:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2013.01.03 06:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2013.09.07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.08.22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2010.04.09 12:06:28 | 001,898,376 | ---- | M] (Microsoft Corporation) MD5=7FC877A25796D8ADF539E64703FCA7E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_0f2ca8c580036f65\tcpip.sys
[2012.03.30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010.12.10 15:00:44 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2013.05.08 07:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2010.04.09 08:56:29 | 001,892,232 | ---- | M] (Microsoft Corporation) MD5=A9C0F786AC1F736891D05CE0A1D29DEB -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_0f9ea52499331463\tcpip.sys
[2011.09.29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.07.06 06:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013.01.04 06:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 07:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2011.09.29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2013.11.26 12:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2014.11.21 06:12:42 | 000,761,656 | ---- | M] (MalwareBytes) MD5=625BB08813743947985B0DEEFC35ED12 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2014.03.04 12:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 10:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\erdnt\cache64\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\windows\SysNative\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 04:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
[2010.12.10 14:43:38 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010.12.10 14:43:38 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\erdnt\cache64\ws2_32.dll
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\windows\SysNative\ws2_32.dll
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\erdnt\cache86\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[11 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[16 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[3 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.08.27 09:37:39 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Adobe
[2014.07.22 13:36:16 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\ArcSoft
[2011.11.16 17:50:15 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\ATI
[2013.03.28 08:35:14 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Corel
[2014.06.20 12:07:45 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\CorelHomeOffice
[2013.04.27 22:28:36 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\DAEMON Tools Lite
[2011.11.16 17:39:02 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\DigitalPersona
[2013.03.28 17:47:05 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\HellSpy.cz Download Manager
[2014.08.18 12:31:05 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Hewlett-Packard
[2014.08.20 18:51:02 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\hpqLog
[2014.01.01 16:38:55 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\ICQ
[2011.11.16 17:48:52 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Identities
[2013.11.23 20:06:40 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\IGG
[2013.02.18 11:39:46 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Jane s Hotel 3
[2012.11.25 19:38:08 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Kalydo
[2012.08.27 09:37:40 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Macromedia
[2014.12.07 15:34:34 | 000,000,000 | --SD | M] -- C:\Users\Pavel\AppData\Roaming\Microsoft
[2014.05.10 14:50:10 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Mozilla
[2014.02.26 11:42:23 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Origin
[2014.12.06 13:02:57 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Seznam.cz
[2014.10.17 12:58:07 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Skype
[2012.11.23 21:08:44 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Stellarium
[2014.01.17 18:20:53 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Unity
[2014.03.09 13:37:07 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Webcammax
[2013.01.10 13:32:02 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2012.04.19 10:05:26 | 000,128,888 | ---- | M] (IGG) -- C:\Users\Pavel\AppData\Roaming\IGG\Web3D\1.0.0.38\IGGWeb3DMan.exe
[2013.11.23 20:06:39 | 000,726,814 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\IGG\Web3D\1.0.0.38\unins000.exe
[2014.03.12 17:47:58 | 000,156,920 | ---- | M] (Eximion B.V.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\bin2\appinstall.exe
[2014.03.12 17:47:59 | 000,102,960 | ---- | M] (Eximion B.V.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\bin2\appuninstall.exe
[2014.03.12 17:47:57 | 000,379,232 | ---- | M] (Eximion B.V.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\bin2\kalELLaunch.exe
[2014.03.12 17:47:57 | 002,404,704 | ---- | M] (Eximion B.V.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\bin2\kalydoloader.exe
[2014.03.12 17:47:59 | 000,140,880 | ---- | M] (Eximion B.V.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\bin2\uninstall.exe
[2014.03.12 17:48:43 | 005,185,392 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\Bin\krfreadworker.exe
[2014.03.12 17:48:44 | 003,817,240 | ---- | M] (Zemi Interactive Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\Bin\tclient.exe
[2012.12.05 09:54:00 | 000,815,448 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\HShield\ahnrpt.exe
[2012.10.17 12:28:00 | 000,114,096 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\HShield\hslogmgr.exe
[2013.02.23 06:42:00 | 000,159,592 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\HShield\hsupdate.exe
[2013.01.09 06:45:00 | 000,265,368 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\HShield\update\autoup.exe
[2014.03.12 17:48:23 | 001,131,776 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\HSOrg\ahnrpt.exe
[2014.03.12 17:48:23 | 000,113,344 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\HSOrg\hslogmgr.exe
[2014.03.12 17:48:23 | 000,159,592 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\HSOrg\hsupdate.exe
[2014.03.12 17:48:23 | 000,256,112 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4Story\HSOrg\update\autoup.exe
[2013.04.19 17:41:44 | 003,647,336 | ---- | M] (Zemi Interactive Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4story_cycle\Bin\tclient.exe
[2012.12.05 09:54:00 | 000,815,448 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4story_cycle\HShield\ahnrpt.exe
[2012.10.17 12:28:00 | 000,114,096 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4story_cycle\HShield\hslogmgr.exe
[2013.02.23 06:42:00 | 000,159,592 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4story_cycle\HShield\hsupdate.exe
[2013.01.09 06:45:00 | 000,265,368 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4story_cycle\HShield\update\autoup.exe
[2013.06.11 16:06:44 | 001,131,776 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4story_cycle\HSOrg\ahnrpt.exe
[2013.06.11 16:06:45 | 000,113,344 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4story_cycle\HSOrg\hslogmgr.exe
[2013.06.11 16:06:45 | 000,159,592 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4story_cycle\HSOrg\hsupdate.exe
[2013.06.11 16:06:45 | 000,256,112 | ---- | M] (AhnLab, Inc.) -- C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\content\apps\4story_cycle\HSOrg\update\autoup.exe
[2012.10.24 14:50:32 | 000,010,134 | R--- | M] () -- C:\Users\Pavel\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2013.05.16 14:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\Seznam.cz\szninstall.exe
[2013.05.16 14:26:24 | 002,589,256 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013.04.29 11:53:34 | 000,045,560 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2013.04.12 09:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2013.04.12 09:10:22 | 000,092,664 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2013.04.16 12:52:34 | 000,055,808 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\Seznam.cz\data\ffinstall\ffkill.exe
[2011.12.19 10:04:28 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Users\Pavel\AppData\Roaming\Seznam.cz\data\ffinstall\reg.exe
[2013.04.16 12:52:36 | 000,077,824 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\Seznam.cz\data\ffinstall\regctrl.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014.12.08 18:27:42 | 000,061,664 | ---- | M] () -- C:\windows\system32\CCCInstall_201412081827425174.log
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"RESTART_STICKY_NOTES" = C:\Windows\System32\StikyNot.exe
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.12.08 18:54:40 | 000,000,512 | ---- | M] () MD5=BC9F79E51371A0279C06C56563AFD9A2 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2001.10.01 12:50:54 | 000,012,968 | ---- | M] () -- \Hry\Stronghold\gm\cracks.gm1
[2012.11.13 10:24:47 | 087,894,187 | ---- | M] () -- \Users\Pavel\Documents\Pavel\Taťkovy věci\Instalace her\Farm Frenzy\Farm Frenzy Gone Fishing\FarmFrenzyGoneFishingCs_6-(crack-a-hra-je-v-ÄŤeštinÄ›).rar
[2012.09.28 11:24:28 | 224,015,465 | ---- | M] () -- \Users\Pavel\Documents\Pavel\Taťkovy věci\Instalace her\FishBone Games\Dragon Keeper 2\Dragon-Keeper-2---Full-PreCracked---Foxy-Games.exe
[2012.09.26 21:01:08 | 146,563,564 | ---- | M] () -- \Users\Pavel\Documents\Pavel\Taťkovy věci\Instalace her\FishBone Games\Dragon Keeper\Dragon-Keeper---Full-PreCracked.exe
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2014.04.17 09:30:07 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Pavel\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\dark_rounded\loader.gif.vir
[2014.04.17 09:30:08 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Pavel\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\dark_square\loader.gif.vir
[2014.04.17 09:30:08 | 000,006,331 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Pavel\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\default\loader.gif.vir
[2014.04.17 09:30:08 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Pavel\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\facebook\loader.gif.vir
[2014.04.17 09:30:09 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Pavel\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\light_rounded\loader.gif.vir
[2014.04.17 09:30:09 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Pavel\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\light_square\loader.gif.vir
[2012.06.29 10:55:34 | 000,000,331 | ---- | M] () -- \gencache\twclient_us\script\client\exam\theme_loader.le
[2007.03.16 16:56:16 | 000,019,968 | ---- | M] () -- \Hry\Bulánci\busdriver\Bus Driver\lib\loaders.dll
[2012.09.18 08:47:14 | 000,049,032 | ---- | M] () -- \IGG\twclient_us\gameloader.exe
[2009.11.19 03:40:08 | 000,076,288 | ---- | M] () -- \Program Files (x86)\Arcsoft\TotalMedia Suite\Label Maker\uACM_Loader.dll
[2009.11.27 16:22:00 | 000,084,480 | ---- | M] () -- \Program Files (x86)\Arcsoft\TotalMedia Suite\WebCam Companion 3\ASDownloader.exe
[2009.11.27 16:23:00 | 000,338,432 | ---- | M] () -- \Program Files (x86)\Arcsoft\TotalMedia Suite\WebCam Companion 3\SnapFishUploader.dll
[2013.03.09 08:17:04 | 000,268,440 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2013.03.09 08:17:04 | 000,019,080 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013.02.19 13:35:18 | 000,032,768 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\TLoader.exe
[2014.08.07 13:02:36 | 000,192,896 | ---- | M] () -- \Program Files (x86)\GameforgeLive\MultiHTTPDownloader.exe
[2014.10.21 21:02:18 | 000,032,056 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPResignFileLoader.exe
[2010.09.07 17:06:48 | 000,053,248 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe
[2010.09.07 16:52:54 | 000,005,974 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe.config
[2013.04.04 19:50:16 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2013.04.04 19:50:17 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2013.04.04 19:50:16 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.04.20 10:29:39 | 000,002,886 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2012.04.20 10:29:39 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\profile_lightboxs\preloader.html
[2013.04.04 20:03:56 | 000,003,830 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\rps\preloader02.swf
[2013.04.05 18:39:48 | 000,003,830 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\slide-a-lama\preloader02.swf
[2012.04.20 10:29:39 | 000,003,830 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\warsheep\preloader02.swf
[2012.04.20 10:29:39 | 000,003,830 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\zoopaloola\preloader02.swf
[2013.11.18 01:56:38 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.3.132.0\apps\facebook\7.3.132\js\downloader.js
[2013.11.18 01:56:38 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.3.132.0\apps\facebooklike\7.3.132\js\downloader.js
[2013.11.18 01:56:38 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.3.132.0\apps\fbsharedservices\7.3.132\js\downloader.js
[2013.11.18 01:56:38 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.3.132.0\apps\featured\7.3.132\js\downloader.js
[2013.11.18 01:56:38 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.3.132.0\apps\chat\7.3.132\js\downloader.js
[2013.11.18 01:56:38 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.3.132.0\scripts\io\downloader.js
[2012.11.13 15:40:02 | 000,030,608 | ---- | M] () -- \Program Files (x86)\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2013.03.09 08:52:18 | 000,364,168 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2013.03.09 08:52:18 | 000,019,080 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2009.12.12 15:11:16 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2013.06.19 14:59:00 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.06.19 14:59:00 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.11.11 14:39:40 | 000,006,012 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.11.11 14:39:40 | 000,021,956 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.06.19 14:59:00 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.06.19 14:59:00 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.06.19 14:59:00 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.11.11 14:39:40 | 000,006,012 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.11.11 14:39:40 | 000,021,956 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.06.19 14:59:00 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2011.10.12 14:04:18 | 000,006,643 | ---- | M] () -- \Users\Pavel\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.1.403\js\downloader.js
[2012.01.31 15:16:24 | 000,006,643 | ---- | M] () -- \Users\Pavel\AppData\Local\Microsoft\BingBar\Apps\FacebookLike_08e57417866d4faa981702780b0d36c4\7.1.361\js\downloader.js
[2012.01.31 15:16:24 | 000,006,643 | ---- | M] () -- \Users\Pavel\AppData\Local\Microsoft\BingBar\Apps\fbsharedservices_bb9c6e8b961d477e9ec95f9698bde610\7.1.361\js\downloader.js
[2012.01.31 15:16:24 | 000,006,643 | ---- | M] () -- \Users\Pavel\AppData\Local\Microsoft\BingBar\Apps\Featured_ce53daa069a4a3ad2e3d7d81081f340d\7.1.361\js\downloader.js
[2012.01.31 15:16:24 | 000,006,643 | ---- | M] () -- \Users\Pavel\AppData\Local\Microsoft\BingBar\Apps\Chat_cf57b0088a3b4f61a0bfaad0ba784240\7.1.361\js\downloader.js
[2010.06.25 04:08:04 | 000,005,273 | ---- | M] () -- \Users\Pavel\AppData\Local\Microsoft\Toolbar\Applications\loader.xap
[2014.03.12 17:47:57 | 002,404,704 | ---- | M] () -- \Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\bin2\kalydoloader.exe
[2013.03.29 12:37:34 | 000,059,384 | ---- | M] () -- \Users\Pavel\AppData\Roaming\Seznam.cz\bin\24184libfoxloader.dll
[2013.04.15 12:32:10 | 000,060,416 | ---- | M] () -- \Users\Pavel\AppData\Roaming\Seznam.cz\bin\24187libfoxloader-x64.dll
[2013.12.18 18:36:55 | 000,000,165 | ---- | M] () -- \Users\Pavel\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013.04.23 15:35:56 | 000,031,516 | ---- | M] () -- \Users\Pavel\AppData\Roaming\Seznam.cz\install\cz.seznam.software.libfoxloader-3.1.2-win32.zip
[2013.03.25 15:27:20 | 000,000,665 | ---- | M] () -- \Users\Pavel\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.install.bat
[2013.03.25 15:27:26 | 000,000,117 | ---- | M] () -- \Users\Pavel\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.uninstall.bat
[2014.12.08 18:10:52 | 000,891,224 | ---- | M] () -- \Users\Pavel\Downloads\amddriverdownloader.exe
[2010.06.25 04:08:04 | 000,005,273 | ---- | M] () -- \Users\stasa\AppData\Local\Microsoft\Toolbar\Applications\loader.xap
[2010.03.24 20:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.10.07 04:36:40 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.03.24 20:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.10.07 04:36:40 | 000,265,552 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2013.03.09 08:17:04 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.7015\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013.03.09 08:17:04 | 000,268,440 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.7015\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2014.12.08 18:11:07 | 000,026,650 | ---- | M] () -- \Windows\Prefetch\AMDDRIVERDOWNLOADER.EXE-2EA4096D.pf
[2013.07.08 06:11:20 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\063027e6e7f854ca44e857370ed18923\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 05:59:24 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\063027e6e7f854ca44e857370ed18923\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.03.15 06:17:34 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2013.03.15 06:17:34 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 16:22:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:26:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:46:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 15:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 03:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2010.12.10 14:26:17 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.12.10 14:26:17 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2010.12.10 14:26:17 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2010.12.10 14:26:17 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2010.12.10 14:26:17 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.09.26 20:29:04 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.09.26 20:29:04 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012.09.26 20:29:05 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012.09.26 20:29:05 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012.09.26 20:29:06 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2010.12.10 14:22:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 05:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 12:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 02:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 11:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 03:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
[2013.02.19 13:40:48 | 003,630,556 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000104.pnd
[2013.02.19 13:40:50 | 000,000,012 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000105.pnd
[2014.10.04 14:50:34 | 002,700,208 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000203.pnd
[2013.02.19 13:41:14 | 031,199,740 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000204.pnd
[2014.10.04 14:50:34 | 006,222,132 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000205.pnd
[2013.02.19 13:40:52 | 004,104,204 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000206.pnd
[2014.10.04 14:50:35 | 000,456,546 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000300.pnd
[2013.02.19 13:40:52 | 007,640,636 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000303.pnd
[2013.02.19 13:41:00 | 010,718,952 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000304.pnd
[2013.02.19 13:40:52 | 001,810,798 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000305.pnd
[2013.02.19 13:40:54 | 014,978,964 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000306.pnd
[2013.02.19 13:40:58 | 004,181,034 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000403.pnd
[2013.02.19 13:41:00 | 005,259,664 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000404.pnd
[2013.02.19 13:40:54 | 007,835,574 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000405.pnd
[2013.02.19 13:41:00 | 007,445,116 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000406.pnd
[2013.02.19 13:40:58 | 005,278,730 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000503.pnd
[2013.02.19 13:41:02 | 011,320,248 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000504.pnd
[2013.02.19 13:40:56 | 003,878,382 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000505.pnd
[2013.02.19 13:40:56 | 001,331,126 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000506.pnd
[2013.02.19 13:40:56 | 001,349,330 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000604.pnd
[2013.02.19 13:41:00 | 007,015,342 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000605.pnd
[2013.02.19 13:40:58 | 004,409,612 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00000606.pnd
[2013.02.19 13:40:58 | 000,710,892 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00030000.pnd
[2013.02.19 13:40:58 | 000,140,032 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00040000.pnd
[2013.02.19 13:40:58 | 000,082,414 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00060000.pnd
[2013.02.19 13:40:58 | 000,300,098 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00070000.pnd
[2013.02.19 13:40:58 | 000,068,330 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00080000.pnd
[2013.02.19 13:41:00 | 000,704,098 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00090000.pnd
[2013.02.19 13:41:00 | 000,098,074 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE000A0000.pnd
[2013.02.19 13:41:00 | 000,164,852 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE000B0000.pnd
[2013.02.19 13:41:00 | 000,720,828 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE000C0000.pnd
[2013.02.19 13:41:00 | 000,176,712 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE000D0000.pnd
[2013.02.19 13:41:00 | 000,510,394 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE000E0000.pnd
[2013.02.19 13:41:00 | 001,034,688 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE000F0000.pnd
[2013.02.19 13:41:00 | 000,247,718 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00100000.pnd
[2013.02.19 13:41:00 | 000,449,482 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE00110000.pnd
[2013.02.19 13:41:00 | 000,005,844 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE01F50000.pnd
[2013.02.19 13:41:00 | 000,007,368 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02590000.pnd
[2013.02.19 13:41:00 | 000,593,686 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02BC0000.pnd
[2013.02.19 13:41:04 | 004,409,612 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02BD0000.pnd
[2013.02.19 13:41:10 | 010,718,952 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02BE0000.pnd
[2013.02.19 13:41:02 | 001,316,090 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02BF0000.pnd
[2013.02.19 13:41:00 | 001,043,802 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02C00000.pnd
[2013.02.19 13:41:04 | 005,278,730 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02C20000.pnd
[2013.02.19 13:41:04 | 004,181,034 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02C40000.pnd
[2013.02.19 13:41:02 | 002,131,730 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02C60000.pnd
[2013.02.19 13:41:08 | 007,445,116 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02C80000.pnd
[2014.10.04 14:50:35 | 000,593,686 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02D10000.pnd
[2014.10.04 14:50:35 | 010,718,952 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02D20000.pnd
[2014.10.04 14:50:35 | 001,043,802 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02D30000.pnd
[2014.10.04 14:50:35 | 005,278,730 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02D40000.pnd
[2014.10.04 14:50:36 | 004,181,034 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02D50000.pnd
[2014.10.04 14:50:36 | 002,131,730 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02D60000.pnd
[2014.10.04 14:50:36 | 000,593,686 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02DB0000.pnd
[2014.10.04 14:50:36 | 010,718,952 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02DC0000.pnd
[2014.10.04 14:50:36 | 001,043,802 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02DD0000.pnd
[2014.10.04 14:50:36 | 005,278,730 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02DE0000.pnd
[2014.10.04 14:50:37 | 004,181,034 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02DF0000.pnd
[2014.10.04 14:50:37 | 002,131,730 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE02E00000.pnd
[2013.02.19 13:41:02 | 000,330,866 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE03210000.pnd
[2013.02.19 13:41:02 | 000,177,878 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE03220000.pnd
[2013.02.19 13:41:02 | 000,177,878 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE03230000.pnd
[2013.02.19 13:41:02 | 000,330,866 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE03240000.pnd
[2013.02.19 13:41:04 | 003,004,110 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE038B0000.pnd
[2013.02.19 13:41:04 | 003,004,110 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE038C0000.pnd
[2013.02.19 13:41:08 | 005,200,352 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE038D0000.pnd
[2013.02.19 13:41:08 | 005,200,352 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE038E0000.pnd
[2013.02.19 13:41:04 | 000,081,832 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE038F0000.pnd
[2013.02.19 13:41:04 | 000,032,212 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE07DA0000.pnd
[2013.02.19 13:41:04 | 000,011,222 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE08340000.pnd
[2013.02.19 13:41:06 | 001,374,438 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE08980000.pnd
[2013.02.19 13:41:08 | 002,468,646 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE08990000.pnd
[2013.02.19 13:41:06 | 001,374,438 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Node\TNODE089A0000.pnd
[2014.10.04 16:11:39 | 000,000,242 | ---- | M] () -- \Program Files (x86)\Gameforge4D\4Story_CZ\Tcd\TNODE.tcd
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2014.05.13 22:17:02 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014.08.21 10:52:11 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2014.07.10 23:24:10 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2010.08.23 20:40:40 | 000,267,832 | ---- | M] () -- \Program Files\Hewlett-Packard\HP Power Assistant\HPCommon.XmlSerializers.dll
[2010.08.23 20:40:40 | 000,000,256 | ---- | M] () -- \Program Files\Hewlett-Packard\HP Power Assistant\HPCommon.XmlSerializers.dll.hpsign
[2010.01.27 23:01:04 | 000,267,832 | ---- | M] () -- \Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
[2010.01.27 23:01:08 | 000,000,256 | ---- | M] () -- \Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll.hpsign
[2014.05.13 22:48:16 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014.08.21 10:52:44 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2014.07.10 23:24:01 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2008.04.15 11:20:56 | 000,079,120 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\HfxSerial.exe
[2008.04.15 11:39:48 | 000,010,000 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-CHS.dll
[2008.04.15 11:39:48 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-DEU.dll
[2008.04.15 11:39:48 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-ESP.dll
[2008.04.15 11:39:48 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-FRA.dll
[2008.04.15 11:39:48 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-ITA.dll
[2008.04.15 11:39:48 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-JPN.dll
[2008.04.15 11:39:48 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-KOR.dll
[2008.04.15 11:39:48 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-NLD.dll
[2013.07.08 13:43:52 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.06.24 00:43:20 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2014.07.10 23:24:10 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.10.17 13:27:00 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\91eb4f41130c65ef17f0fee1d3ab48fb\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.10.17 13:53:47 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\b1e0939384cc320d6ac7b8921ccc2877\System.Runtime.Serialization.ni.dll
[2014.10.17 13:20:49 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\2a07bf9a29a64827bf06e7853214fc0f\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.10.17 14:36:31 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\5015b90fbd31c9ba4fff989b2c79711b\System.Runtime.Serialization.ni.dll
[2014.09.12 14:04:54 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\e67230bbca0858b6ff4caccfb4595fa8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.09.12 14:04:54 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\e67230bbca0858b6ff4caccfb4595fa8\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.10.17 13:12:15 | 002,822,144 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll
[2014.10.17 13:12:15 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll.aux
[2014.03.01 12:46:44 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll
[2014.03.01 12:46:44 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll.aux
[2014.09.12 14:22:07 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\10cfe6422504c1beb7abe4f8f26aa6a8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.09.12 14:22:07 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\10cfe6422504c1beb7abe4f8f26aa6a8\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.10.17 16:33:34 | 003,638,272 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\6d9b2d977435904b70f2e1571f7cf026\System.Runtime.Serialization.ni.dll
[2014.10.17 16:33:34 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\6d9b2d977435904b70f2e1571f7cf026\System.Runtime.Serialization.ni.dll.aux
[2014.03.01 15:50:55 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll
[2014.03.01 15:50:55 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll.aux
[2013.09.11 22:33:38 | 001,052,320 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\BE4EBED704B66673BB53C5BB3C58AD73\4.5.50938\System.Runtime.Serialization.dll.amd64
[2013.09.11 22:33:38 | 001,052,320 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\BE4EBED704B66673BB53C5BB3C58AD73\4.5.50938\System.Runtime.Serialization.dll.x86
[2013.09.11 22:33:38 | 001,052,320 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\BE4EBED704B66673BB53C5BB3C58AD73\4.5.50938\System.Runtime.Serialization.dll_gac_x86
[2013.09.11 22:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013.09.11 22:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2014.07.23 00:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2014.06.24 00:43:20 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.07.10 23:24:11 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014.07.23 00:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 22:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 22:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2014.06.24 00:43:09 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2014.07.10 23:24:02 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014.07.23 00:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 20:32:16 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 20:32:16 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2010.12.10 14:25:13 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2010.12.10 14:25:13 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2010.12.10 14:25:25 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_1e468964c1feb99a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.22731_cs-cz_1ec35795db263fce\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.12.10 14:25:31 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2010.12.10 14:25:46 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_bb8e310269277fd7\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.22733_cs-cz_bc0cffc7824d38b9\System.RunTime.Serialization.Resources.dll
[2010.12.10 14:25:34 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:43:09 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.18523_none_a9a7e561157d82e9\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:43:05 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.22733_none_92db3ec72f23fc97\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 21:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2010.11.05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2014.03.09 22:48:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18523_none_5919d8d674e2f3ff\System.Runtime.Serialization.dll
[2014.07.10 23:24:02 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18532_none_591aefe874e1f3b5\System.Runtime.Serialization.dll
[2012.10.05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2014.03.17 15:38:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22733_none_424d323c8e896dad\System.Runtime.Serialization.dll
[2014.07.08 00:36:29 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22743_none_424e32868e888704\System.Runtime.Serialization.dll
[2009.06.10 21:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2010.11.05 02:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
-
funkymusic
- Vzorný návštěvník
- Příspěvky: 402
- Registrován: 07 pro 2004 15:16
Re: Totálně zahumusené pc
[2012.10.05 11:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2014.03.09 22:48:50 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_93f0e5a0c8daee98\System.Runtime.Serialization.dll
[2014.07.10 23:24:01 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_93f1fcb2c8d9ee4e\System.Runtime.Serialization.dll
[2012.10.05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2014.03.17 15:38:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_7d243f06e2816846\System.Runtime.Serialization.dll
[2014.07.08 00:36:29 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_7d253f50e280819d\System.Runtime.Serialization.dll
[2012.09.26 20:27:08 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2012.09.26 20:27:08 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2010.12.10 14:26:17 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2010.12.10 14:26:22 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 14:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 14:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 03:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2010.11.20 05:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 19:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2014.07.02 07:30:52 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18523_none_5919d8d674e2f3ff.manifest
[2014.07.14 03:24:48 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18532_none_591aefe874e1f3b5.manifest
[2012.10.05 19:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2014.07.02 07:30:44 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22733_none_424d323c8e896dad.manifest
[2014.07.14 03:13:57 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22743_none_424e32868e888704.manifest
[2009.07.14 03:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2010.11.20 05:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 19:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2014.07.02 07:31:00 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_93f0e5a0c8daee98.manifest
[2014.07.14 03:24:58 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_93f1fcb2c8d9ee4e.manifest
[2012.10.05 19:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2014.07.02 07:30:53 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_7d243f06e2816846.manifest
[2014.07.14 03:14:06 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_7d253f50e280819d.manifest
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 04:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2014.07.02 06:57:49 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29.manifest
[2014.07.14 03:04:09 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf.manifest
[2012.10.05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2014.07.02 07:07:46 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7.manifest
[2014.07.14 03:04:27 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e.manifest
[2010.12.10 14:24:02 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 21:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2014.07.02 08:46:46 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_cs-cz_342b81c984259c43.manifest
[2014.07.14 05:02:27 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_cs-cz_342c98db84249bf9.manifest
[2012.10.05 20:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2014.07.02 09:08:13 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_cs-cz_1d5edb2f9dcc15f1.manifest
[2014.07.14 05:06:58 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_cs-cz_1d5fdb799dcb2f48.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 04:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2014.07.02 07:00:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c.manifest
[2014.07.14 03:06:40 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12.manifest
[2012.10.05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2014.07.02 07:10:04 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a.manifest
[2014.07.14 03:06:53 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 04:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2014.07.02 06:58:58 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e.manifest
[2014.07.14 03:05:25 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754.manifest
[2012.10.05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2014.07.02 07:08:55 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c.manifest
[2014.07.14 03:05:41 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:43:20 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.18523_none_1c70653de072abde\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:43:36 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.22733_none_05a3bea3fa19258c\System.Runtime.Serialization.Formatters.Soap.dll
[2010.12.10 14:25:28 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.07.08 13:43:52 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7601.18523_cs-cz_d5997ba9da0ab4d7\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2014.03.09 22:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29\System.Runtime.Serialization.dll
[2014.07.10 23:24:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf\System.Runtime.Serialization.dll
[2012.10.05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2014.03.17 15:38:28 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7\System.Runtime.Serialization.dll
[2014.07.08 00:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e\System.Runtime.Serialization.dll
[2010.12.10 14:25:46 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_cs-cz_342b81c984259c43\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_cs-cz_342c98db84249bf9\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_cs-cz_1d5edb2f9dcc15f1\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_cs-cz_1d5fdb799dcb2f48\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2014.03.09 22:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c\System.Runtime.Serialization.dll
[2014.07.10 23:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2014.03.17 15:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a\System.Runtime.Serialization.dll
[2014.07.08 00:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061\System.Runtime.Serialization.dll
[2010.12.10 14:25:31 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_289b33b6f65f7b95\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.22731_cs-cz_291801e80f8701c9\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.12.10 14:25:13 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010.12.10 14:25:46 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_5f6f957eb0ca0ea1\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.22733_cs-cz_5fee6443c9efc783\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2014.03.09 22:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e\System.Runtime.Serialization.dll
[2014.07.10 23:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
[2014.03.17 15:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c\System.Runtime.Serialization.dll
[2014.07.08 00:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3\System.Runtime.Serialization.dll
< *w7lxe* /s >
< End of report >
[2014.03.09 22:48:50 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_93f0e5a0c8daee98\System.Runtime.Serialization.dll
[2014.07.10 23:24:01 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_93f1fcb2c8d9ee4e\System.Runtime.Serialization.dll
[2012.10.05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2014.03.17 15:38:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_7d243f06e2816846\System.Runtime.Serialization.dll
[2014.07.08 00:36:29 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_7d253f50e280819d\System.Runtime.Serialization.dll
[2012.09.26 20:27:08 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2012.09.26 20:27:08 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2010.12.10 14:26:17 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2010.12.10 14:26:22 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 14:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 14:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 03:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2010.11.20 05:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 19:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2014.07.02 07:30:52 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18523_none_5919d8d674e2f3ff.manifest
[2014.07.14 03:24:48 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18532_none_591aefe874e1f3b5.manifest
[2012.10.05 19:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2014.07.02 07:30:44 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22733_none_424d323c8e896dad.manifest
[2014.07.14 03:13:57 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22743_none_424e32868e888704.manifest
[2009.07.14 03:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2010.11.20 05:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 19:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2014.07.02 07:31:00 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_93f0e5a0c8daee98.manifest
[2014.07.14 03:24:58 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_93f1fcb2c8d9ee4e.manifest
[2012.10.05 19:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2014.07.02 07:30:53 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_7d243f06e2816846.manifest
[2014.07.14 03:14:06 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_7d253f50e280819d.manifest
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 04:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2014.07.02 06:57:49 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29.manifest
[2014.07.14 03:04:09 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf.manifest
[2012.10.05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2014.07.02 07:07:46 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7.manifest
[2014.07.14 03:04:27 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e.manifest
[2010.12.10 14:24:02 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 21:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2014.07.02 08:46:46 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_cs-cz_342b81c984259c43.manifest
[2014.07.14 05:02:27 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_cs-cz_342c98db84249bf9.manifest
[2012.10.05 20:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2014.07.02 09:08:13 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_cs-cz_1d5edb2f9dcc15f1.manifest
[2014.07.14 05:06:58 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_cs-cz_1d5fdb799dcb2f48.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 04:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2014.07.02 07:00:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c.manifest
[2014.07.14 03:06:40 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12.manifest
[2012.10.05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2014.07.02 07:10:04 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a.manifest
[2014.07.14 03:06:53 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 04:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2014.07.02 06:58:58 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e.manifest
[2014.07.14 03:05:25 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754.manifest
[2012.10.05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2014.07.02 07:08:55 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c.manifest
[2014.07.14 03:05:41 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:43:20 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.18523_none_1c70653de072abde\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:43:36 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.22733_none_05a3bea3fa19258c\System.Runtime.Serialization.Formatters.Soap.dll
[2010.12.10 14:25:28 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.07.08 13:43:52 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7601.18523_cs-cz_d5997ba9da0ab4d7\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2014.03.09 22:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29\System.Runtime.Serialization.dll
[2014.07.10 23:24:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf\System.Runtime.Serialization.dll
[2012.10.05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2014.03.17 15:38:28 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7\System.Runtime.Serialization.dll
[2014.07.08 00:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e\System.Runtime.Serialization.dll
[2010.12.10 14:25:46 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_cs-cz_342b81c984259c43\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_cs-cz_342c98db84249bf9\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_cs-cz_1d5edb2f9dcc15f1\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_cs-cz_1d5fdb799dcb2f48\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2014.03.09 22:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c\System.Runtime.Serialization.dll
[2014.07.10 23:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2014.03.17 15:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a\System.Runtime.Serialization.dll
[2014.07.08 00:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061\System.Runtime.Serialization.dll
[2010.12.10 14:25:31 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_289b33b6f65f7b95\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.22731_cs-cz_291801e80f8701c9\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.12.10 14:25:13 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010.12.10 14:25:46 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_5f6f957eb0ca0ea1\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.22733_cs-cz_5fee6443c9efc783\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2014.03.09 22:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e\System.Runtime.Serialization.dll
[2014.07.10 23:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
[2014.03.17 15:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c\System.Runtime.Serialization.dll
[2014.07.08 00:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3\System.Runtime.Serialization.dll
< *w7lxe* /s >
< End of report >
-
funkymusic
- Vzorný návštěvník
- Příspěvky: 402
- Registrován: 07 pro 2004 15:16
Re: Totálně zahumusené pc
Fuj toho je 
OTL Extras logfile created on: 8.12.2014 18:53:14 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pavel\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17420)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,74 Gb Total Physical Memory | 2,21 Gb Available Physical Memory | 59,03% Memory free
7,48 Gb Paging File | 5,41 Gb Available in Paging File | 72,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 280,80 Gb Total Space | 116,09 Gb Free Space | 41,34% Space Free | Partition Type: NTFS
Drive F: | 1,99 Gb Total Space | 0,01 Gb Free Space | 0,32% Space Free | Partition Type: FAT32
Computer Name: PAVELS-HP | User Name: Pavel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-3435964710-805018482-336169385-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3F3084DF-6585-4685-9079-045A1C1C1187}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{BA8888E8-F293-458E-A23C-DE2C7444F6D0}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{DF61681B-FB2D-4BD6-9344-AF2A894F209A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F353A35D-4DCC-4D22-9860-AF25CEE0C58C}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{043B27D7-4E7E-43ED-84BB-EACB5D1247A3}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\studio.exe |
"{1CCE62C3-33BA-438A-B4A0-12BCB156C1AF}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\rm.exe |
"{28DC0182-6DBD-47E4-A29C-370CDB375313}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{345EB73F-DFD3-4D8D-8382-C2CD62EEED39}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{3FBFFE17-5F99-4672-A643-D3E01013A8AE}" = protocol=6 | dir=in | app=c:\program files (x86)\movies toolbar\datamngr\srtool~1\ie\dtuser.exe |
"{4EB405F8-E783-4C90-B5D6-99707CB35D21}" = dir=in | app=c:\users\pavel\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{558838BA-0069-4981-B10C-BE9AB4F12989}" = dir=in | app=c:\users\pavel\appdata\local\microsoft\skydrive\skydrive.exe |
"{58E87C2E-3A86-438C-A423-C92A905A5641}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\rm.exe |
"{644B1AEB-2C9E-4C3C-AA20-524AD72F9C9D}" = protocol=17 | dir=in | app=c:\program files (x86)\pcdata\minerd.exe |
"{669B46C1-DB1A-4935-BA45-0AA52B23F984}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{6DBEE798-6DE4-413E-94A2-8F669AC9FB64}" = protocol=6 | dir=in | app=c:\program files (x86)\pcdata\cgminer.exe |
"{71CCB4AB-67CF-42F3-B148-F13F5F2F43CF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{7DC24E5B-B3E9-4D83-B464-C467F5206330}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{81A599D0-C26B-4773-83AB-1F7171DDD859}" = protocol=17 | dir=in | app=c:\program files (x86)\pcdata\cgminer.exe |
"{82C54E71-CC2B-4D1C-A426-B70218639F3E}" = protocol=6 | dir=in | app=c:\program files (x86)\pcdata\minerd.exe |
"{88CD16C7-8E0F-4C8D-9148-686112A1C2DC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8A58ABF5-E072-4185-8E39-2ED8323A93BE}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\umi.exe |
"{A1571F96-4F3F-4974-BED4-FDED2E5E0165}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{AF7AB9A2-2197-4411-B5A0-CA87DA4E0B6D}" = protocol=6 | dir=in | app=c:\program files (x86)\gameforgelive\gfl_client.exe |
"{B30D24C0-C2F1-4342-BC46-BE54B68C3C31}" = protocol=17 | dir=in | app=c:\program files (x86)\movies toolbar\datamngr\srtool~1\ie\dtuser.exe |
"{B4086CB8-7CA4-4B0F-A85A-8178EC70B96D}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\studio.exe |
"{B957AA1F-EA27-4760-AD42-AD4554D135F0}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\umi.exe |
"{CAC5E467-C1E1-471C-8202-113D920B71FC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{CB0EB5B5-86BA-4F6F-981B-D290B154AAD3}" = protocol=6 | dir=in | app=c:\users\pavel\appdata\local\ilivid\ilivid.exe |
"{D5681AEF-B722-45F3-9426-1D7FEA638101}" = protocol=17 | dir=in | app=c:\users\pavel\appdata\local\ilivid\ilivid.exe |
"{E6313CF4-236E-42B6-A50E-4385F5EC0C66}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"TCP Query User{2994BA7D-F0C0-4764-BAD5-7C2BB0791727}C:\program files (x86)\gameforgelive\games\gbr_eng\aion\nclauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gameforgelive\games\gbr_eng\aion\nclauncher.exe |
"TCP Query User{2D5BEB55-1CF1-462C-BA28-010C457BC05D}C:\program files (x86)\aion free-to-play\nclauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\aion free-to-play\nclauncher.exe |
"TCP Query User{5758349E-1DDB-40A0-B1FC-7F35DDBF38C4}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"TCP Query User{8AA1EEB4-2942-4C18-A4E6-B63F75BA3551}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"TCP Query User{976BF4B4-7FF4-4C1E-9308-25161DC59E33}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{9BCAFE3F-9C2B-4E2F-9AA8-9BFD5606C15A}C:\program files (x86)\gameforgelive\games\cze_ces\aion\nclauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gameforgelive\games\cze_ces\aion\nclauncher.exe |
"TCP Query User{CD1E3675-A95D-410B-AEAB-150FDE22FE92}C:\program files (x86)\icq7.7\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"UDP Query User{10C2A0BC-E8CD-4D98-8B40-C83237C52942}C:\program files (x86)\gameforgelive\games\cze_ces\aion\nclauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gameforgelive\games\cze_ces\aion\nclauncher.exe |
"UDP Query User{3AF4E4B3-FF39-412B-B5D3-B56F71E92251}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{5F4AD083-3864-4018-B2DA-9BA9DC62CA5E}C:\program files (x86)\gameforgelive\games\gbr_eng\aion\nclauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gameforgelive\games\gbr_eng\aion\nclauncher.exe |
"UDP Query User{60379A85-0A17-4C23-85BD-EDE6500D3B2A}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"UDP Query User{7B6FE778-399B-411D-9BA3-EC679B113DC4}C:\program files (x86)\icq7.7\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"UDP Query User{D5ECC5D8-CBD7-43DB-B7F3-E9EE7CC136F4}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"UDP Query User{E1ADB20D-CF57-4835-A6AF-235FAE158E67}C:\program files (x86)\aion free-to-play\nclauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\aion free-to-play\nclauncher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04255D34-6C6D-4F63-A218-EE8FD2D13AF0}" = Privacy Manager for HP ProtectTools
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{1C292266-E054-4090-84D5-869649E4F9C7}" = HP Power Data
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23F2C78C-E131-4CA0-8F84-3473FB7728BA}" = Microsoft Security Client
"{299625B9-6C69-462C-9CEA-8E06D878B1C5}" = HP 3D DriveGuard
"{2FD0FA0A-7A21-4C4A-B268-1142B54E035E}" = Windows Live Family Safety
"{3513DD3C-7680-4C7C-BF18-BA375D5F4132}" = Pre-Boot Security for HP ProtectTools
"{3B392D0A-F3F6-41EA-8DDB-D657ABA70168}" = HP QuickLook
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Broadcom 2070 Bluetooth 3.0
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BBA5224-C5B1-4B8C-AAA4-68DA6654B9C1}" = HP HotKey Support
"{50813B8C-FCBB-3C61-8039-EAAA93029066}" = Microsoft .NET Framework 4.5.1 (CSY)
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{59B9AACC-6E81-4582-9BDC-9EB9F631EE1F}" = Drive Encryption for HP ProtectTools
"{5EB90C06-964F-4195-B83E-BD7E55C88415}" = Ovladače videa společnosti Pinnacle
"{5EEC477F-8E9B-4420-8829-16E7426227DB}" = Windows Live MIME IFilter
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{65A9248D-196D-41AD-1C66-5C9A23454DAA}" = AMD Fuel
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C1F5F9B-649F-C65F-D65F-9EC0459C2304}" = ccc-utility64
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A1DC4DF6-7493-45B2-B8AA-0A8805866CB9}" = HP ProtectTools Security Manager
"{A2AC0D43-9788-B1BD-B2A8-EFC758916BB1}" = AMD Drag and Drop Transcoding
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C16CD4C0-48EE-0F40-C9FD-0778EAF73FBD}" = AMD Wireless Display v3.0
"{C2956908-53A3-88FC-B795-B16508296FC4}" = AMD Catalyst Install Manager
"{C823942A-A0B4-4412-B935-6A2DC7CC1B4D}" = HP Power Assistant
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client CS-CZ Language Pack
"{DD966CEF-5EA9-4BA2-B210-490FEBC27EA7}" = Validity Fingerprint Driver
"{E6BC696E-5E96-4C1B-9371-379AF3A46B6B}" = HP Wireless Assistant
"{E793990C-90BE-4B69-AC29-BF5E8FD4ED54}" = Face Recognition for HP ProtectTools
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F7CD07B2-565B-D770-0388-9C16A8FA5B1D}" = AMD Accelerated Video Transcoding
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CCleaner" = CCleaner
"HPProtectTools" = HP ProtectTools Security Manager
"Microsoft Security Client" = Microsoft Security Essentials
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}" = Corel Home Office
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{04801E42-B1A6-4C52-9F3D-CADB5A050433}" = HP Software Setup
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B2187A6-8ACC-4012-9817-9221211EF407}" = Corel Home Office - IPM
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{151AE945-AA23-3834-D5C7-C60832B71B15}" = CCC Help Czech
"{15F16DD9-670C-4B8F-9F92-BC358AB814BD}" = Windows Live Family Safety
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}" = ArcSoft Webcam Sharing Manager
"{1A1E33D2-9824-454A-B8CB-50072118635A}" = Corel Home Office - CS Templates
"{1D11E96F-0405-4B99-8356-5750B1D9FAE9}" = Corel Home Office - JP Templates
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{21385719-E020-4ED8-A3D4-6B46D0E5DAB1}" = ArcSoft TotalMedia
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23AAEBF8-12B1-43EA-B75D-CDC613CA6CB4}" = Photo Common
"{25A3B953-1423-3F15-640E-B620DD0F419A}" = Catalyst Control Center - Branding
"{26D19512-874B-4EDA-B7F1-779850B2AD5A}" = Corel Home Office - CT Templates
"{2DA697D7-FED3-4DE2-A174-92A2A12F9688}" = HP SoftPaq Download Manager
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{3365E735-48A6-4194-9988-CE59AC5AE503}" = Bing Bar
"{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}" = Theft Recovery
"{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}" = Corel Home Office
"{379A0618-EF50-423C-9637-EEB2D25A4BB4}" = Movie Maker
"{3DE92282-CB49-434F-81BF-94E5B380E889}" = The Sims™ 3 Roční období
"{44A6C11C-D744-6B2C-D5A1-E32CB1DB0088}" = AMD Catalyst Control Center
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Po setmění
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{4DC7C1AB-4389-B736-082D-1BFA6BC10293}" = CCC Help Greek
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{5017D60D-C0A5-4CC8-8D2F-0BDA1ADF39D0}" = Corel Home Office - Templates1
"{51307F85-BD05-1938-8440-E88FD13585CA}" = CCC Help Chinese Traditional
"{553E24F0-09FD-4BCB-9CF0-4FC0F6DB95D1}_is1" = HellSpy Klient verze 0.8.0
"{5565E164-9928-CEDD-5011-9EE073D797B9}" = CCC Help Japanese
"{5746E4F9-77C6-47E8-A737-A5975A57B4AA}" = Corel Home Office - KR Templates
"{5947D004-A315-F50D-D24F-4C9D5B8413A5}" = CCC Help Spanish
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{5AAF27C9-51C1-DEF1-230F-9F348E2DF885}" = CCC Help Russian
"{5BBF2F0E-8891-0E74-83D3-0DBDB750EDC6}" = CCC Help Norwegian
"{5BF8E079-D6E2-4323-B794-75152371122A}" = Windows 7 Default Setting
"{5C89D6B4-C8C4-08B9-4381-4E6C9BA3C094}" = CCC Help Italian
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{64A47A55-1E5E-82F1-26A6-8157D34739A4}" = CCC Help Chinese Standard
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}" = File Sanitizer For HP ProtectTools
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{755C6015-01B7-475D-448A-CE4D35E68F38}" = CCC Help Dutch
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77C135AC-6695-F444-75ED-14413408E51D}" = Catalyst Control Center InstallProxy
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{7861911B-4270-498A-8F7A-FCF0570F486B}" = HP QuickWeb
"{80A6DF3F-FB3D-48CB-BF1B-686E3D08C8F6}" = HP Software Framework
"{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1" = AION Free-to-Play
"{86CF0325-7921-55A6-16B2-254E77C40FE4}" = CCC Help French
"{877AB8B2-9D11-D640-7B11-730699E0C9A2}" = CCC Help Swedish
"{88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}" = Razer Game Booster
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90140000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Povolání snů
"{95140000-007A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9976E0BD-56A6-4A32-8597-B80FCE62063A}" = Windows Live Essentials
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A974568-D4D5-EED2-1976-132C28211A82}" = CCC Help Korean
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1" = Gameforge Live 2.0.5
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}" = The Sims™ 3 Do Budoucnosti
"{A0ED9B46-5B37-616A-FDCC-3F713BC2972D}" = CCC Help German
"{A11D86BF-B950-759B-3DBF-1575B76BF974}" = CCC Help Polish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA14530E-3EF6-92AB-B39F-DB96F852BBBC}" = CCC Help Portuguese
"{AAA94EAA-40A4-458C-9D86-D1DA765B51D5}" = Windows Live Writer
"{ABAD2544-D794-E1B1-2763-55A9BB811D5A}" = CCC Help Thai
"{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}" = Fotogalerie
"{B286BAC3-CBE6-4854-BF68-EB72A34CEA56}" = Windows Live Messenger
"{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}" = The Sims™ 3 Obludárium
"{B3BE2947-BB03-6079-60DD-41B388BBC74A}" = Catalyst Control Center Graphics Previews Common
"{B6FF40EA-AEF2-46FF-9516-9A6512901B97}" = Windows Live Mail
"{B89357B0-C12E-F21E-7E8D-CA13BFED19C7}" = CCC Help Hungarian
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 Cestovní horečka
"{BADEEBDE-ABAF-4650-9149-51614651A1A0}" = Windows Live Writer Resources
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C1212AE3-DBB9-4365-8473-F8ABC7B06BBB}" = Pinnacle Instant DVD Recorder
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Domácí mazlíčci
"{C5BE5386-0A43-32DD-9F2B-934B8CCCAC41}" = Catalyst Control Center Localization All
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{C70E8FBB-10F3-1DFF-E35F-6D62264D7A80}" = CCC Help Finnish
"{C82E0493-CDCF-4583-8DAE-59CC7EC4B2FE}" = Windows Live Messenger
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{D041EB9E-890A-4098-8F94-51DA194AC72A}" = Pinnacle Studio 12
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D21160A2-8B5F-409C-99C8-03582F5324B7}" = HP Documentation
"{D310DD60-9EF2-4C9C-AD66-A58185A1C7CB}" = Windows Live UX Platform Language Pack
"{D604900F-A275-416C-AF9D-CDEDF58B72DB}" = Windows Live Mail
"{D9989A13-B173-4048-B8A5-93C204DCB1B3}" = HP ESU for Microsoft Windows 7
"{DB21639E-FE55-432C-BCA2-0C5249E3F79E}" = The Sims™ 3 Tropický ráj
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}" = HP Webcam Driver
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}" = HP Support Assistant
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5603D65-60FC-47A6-AAC3-D5448227E963}" = Windows Live Writer
"{E74EA3B1-7192-489D-9A57-0AE918FEC001}" = Corel Home Office - Launcher
"{E7C34ED4-BBB6-4C57-9FBD-B29CA5878051}" = HP Setup
"{EC43C902-EF4F-0BF6-FA5F-897D2E450858}" = CCC Help Turkish
"{EFBCA571-617D-484A-9ECA-E301BB6D0750}" = Windows Live Writer
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F1410C34-CCC7-4443-B698-7E9FF42F4FA3}" = Corel Home Office
"{F2AB797F-31A3-A376-736B-9E0533BAB530}" = CCC Help English
"{F3220B5E-9395-F557-8DB9-1E0F29D32026}" = CCC Help Danish
"{F45048A1-12C4-4B08-A3EB-32D88033368A}" = Corel Home Office - Templates RU
"{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}" = Junk Mail filter update
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{FA8BFB25-BF48-4F8B-8859-B30810745190}" = LightScribe System Software
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"4Story_CZ_is1" = 4Story CZ 4.1.98
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"ArcSoft TotalMedia" = ArcSoft TotalMedia
"DAEMON Tools Lite" = DAEMON Tools Lite
"DoubleOptMedia11.041.44" = DoubleOptMedia
"Drive Encryption" = Drive Encryption for HP ProtectTools
"Google Chrome" = Google Chrome
"Guard.Mail.ru" = Guard.ICQ
"InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}" = Theft Recovery
"Janes Hotel Mania 1.00" = Janes Hotel Mania 1.00
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.0.4.1028
"Metin2_is1" = Metin2
"Office14.STANDARD" = Microsoft Office Standard 2010
"Origin" = Origin
"PCData App" = PC Data App
"PDF Complete" = PDF Complete Special Edition
"SymSilent" = SymSilent
"WebcamMax" = WebcamMax
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3435964710-805018482-336169385-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"IGG Web3D Player_is1" = IGG Web3D Player version 1.0.0.38
"Kalydo App 4Story" = 4Story
"Kalydo App 4story_cycle" = 4story_cycle
"KalydoPlayer" = Kalydo Player 6.00.00
"SeznamInstall" = Seznam Software
"SkyDriveSetup.exe" = Microsoft SkyDrive
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 22.2.2014 12:23:19 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = System Restore | ID = 8193
Description =
Error - 28.2.2014 1:45:25 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = System Restore | ID = 8193
Description =
Error - 1.3.2014 20:18:00 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Application Error | ID = 1000
Description = Název chybující aplikace: hpqwmiex.exe, verze: 4.0.32.1, časové razítko:
0x4c180cdc Název chybujícího modulu: OLEAUT32.dll, verze: 6.1.7601.17676, časové
razítko: 0x4e58702a Kód výjimky: 0xc0000005 Posun chyby: 0x00004660 ID chybujícího
procesu: 0xb24 Čas spuštění chybující aplikace: 0x01cf353ffafdb719 Cesta k chybující
aplikaci: C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe Cesta k chybujícímu
modulu: C:\windows\syswow64\OLEAUT32.dll ID zprávy: 1c911fa2-a1a0-11e3-9585-cc52afa2cbff
Error - 2.3.2014 12:23:43 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Application Error | ID = 1000
Description = Název chybující aplikace: DpHostW.exe, verze: 5.0.4.527, časové razítko:
0x4b5a0cca Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247, časové razítko:
0x521eaf24 Kód výjimky: 0xc0000005 Posun chyby: 0x000000000001926d ID chybujícího
procesu: 0x6d0 Čas spuštění chybující aplikace: 0x01cf353fef7735ab Cesta k chybující
aplikaci: c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
Cesta
k chybujícímu modulu: C:\windows\SYSTEM32\ntdll.dll ID zprávy: 055e7ba5-a227-11e3-9585-cc52afa2cbff
Error - 5.3.2014 1:38:51 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Application Error | ID = 1000
Description = Název chybující aplikace: hpqwmiex.exe, verze: 4.0.32.1, časové razítko:
0x4c180cdc Název chybujícího modulu: OLEAUT32.dll, verze: 6.1.7601.17676, časové
razítko: 0x4e58702a Kód výjimky: 0xc0000005 Posun chyby: 0x00004660 ID chybujícího
procesu: 0xcb0 Čas spuštění chybující aplikace: 0x01cf371c66333482 Cesta k chybující
aplikaci: C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe Cesta k chybujícímu
modulu: C:\windows\syswow64\OLEAUT32.dll ID zprávy: 6de4db7f-a428-11e3-9697-cc52afa2cbff
Error - 9.3.2014 8:29:45 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Google Update | ID = 20
Description =
Error - 9.3.2014 9:27:05 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Google Update | ID = 20
Description =
Error - 9.3.2014 14:54:49 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Stronghold.exe, verze: 0.0.0.0, časové razítko:
0x21544c46 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x00001364 ID chybujícího procesu: 0x1364 Čas spuštění
chybující aplikace: 0x01cf3b96baf7c099 Cesta k chybující aplikaci: C:\Hry\Stronghold\Stronghold.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: 49a9c717-a7bc-11e3-bdc2-cc52afa2cbff
Error - 12.3.2014 12:42:14 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Application Error | ID = 1000
Description = Název chybující aplikace: szndesktop.exe, verze: 0.0.0.0, časové razítko:
0x5167c21b Název chybujícího modulu: lightspeed.dll, verze: 0.0.0.0, časové razítko:
0x515061b5 Kód výjimky: 0xc0000005 Posun chyby: 0x0007c6c8 ID chybujícího procesu:
0x10d0 Čas spuštění chybující aplikace: 0x01cf3ca174d59533 Cesta k chybující aplikaci:
C:\Users\Pavel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe Cesta k chybujícímu
modulu: C:\Users\Pavel\AppData\Roaming\Seznam.cz\bin\lightspeed.dll ID zprávy: 43506dd5-aa05-11e3-bcc3-cc52afa2cbff
Error - 12.3.2014 15:32:56 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Application Error | ID = 1000
Description = Název chybující aplikace: hpqwmiex.exe, verze: 4.0.32.1, časové razítko:
0x4c180cdc Název chybujícího modulu: OLEAUT32.dll, verze: 6.1.7601.17676, časové
razítko: 0x4e58702a Kód výjimky: 0xc0000005 Posun chyby: 0x00004660 ID chybujícího
procesu: 0xd44 Čas spuštění chybující aplikace: 0x01cf3ca16a2e0928 Cesta k chybující
aplikaci: C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe Cesta k chybujícímu
modulu: C:\windows\syswow64\OLEAUT32.dll ID zprávy: 1c391c3a-aa1d-11e3-bcc3-cc52afa2cbff
[ Hewlett-Packard Events ]
Error - 15.3.2014 11:29:59 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Část cesty C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201403151629.xml
nebyla nalezena. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamWriter.CreateFile(String
path, Boolean append) v System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding, Int32 bufferSize) v System.IO.StreamWriter..ctor(String path,
Boolean append, Encoding encoding) v System.IO.File.WriteAllText(String path,
String contents, Encoding encoding) v HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 22.3.2014 8:03:53 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Část cesty C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201403221303.xml
nebyla nalezena. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamWriter.CreateFile(String
path, Boolean append) v System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding, Int32 bufferSize) v System.IO.StreamWriter..ctor(String path,
Boolean append, Encoding encoding) v System.IO.File.WriteAllText(String path,
String contents, Encoding encoding) v HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 29.3.2014 8:49:16 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Část cesty C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201403291349.xml
nebyla nalezena. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamWriter.CreateFile(String
path, Boolean append) v System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding, Int32 bufferSize) v System.IO.StreamWriter..ctor(String path,
Boolean append, Encoding encoding) v System.IO.File.WriteAllText(String path,
String contents, Encoding encoding) v HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 5.4.2014 7:09:57 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Část cesty C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201404051309.xml
nebyla nalezena. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamWriter.CreateFile(String
path, Boolean append) v System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding, Int32 bufferSize) v System.IO.StreamWriter..ctor(String path,
Boolean append, Encoding encoding) v System.IO.File.WriteAllText(String path,
String contents, Encoding encoding) v HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 12.4.2014 8:31:47 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Část cesty C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201404121431.xml
nebyla nalezena. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamWriter.CreateFile(String
path, Boolean append) v System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding, Int32 bufferSize) v System.IO.StreamWriter..ctor(String path,
Boolean append, Encoding encoding) v System.IO.File.WriteAllText(String path,
String contents, Encoding encoding) v HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 19.4.2014 8:09:04 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Část cesty C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201404191409.xml
nebyla nalezena. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamWriter.CreateFile(String
path, Boolean append) v System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding, Int32 bufferSize) v System.IO.StreamWriter..ctor(String path,
Boolean append, Encoding encoding) v System.IO.File.WriteAllText(String path,
String contents, Encoding encoding) v HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 30.4.2014 7:06:52 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Část cesty C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201404301306.xml
nebyla nalezena. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamWriter.CreateFile(String
path, Boolean append) v System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding, Int32 bufferSize) v System.IO.StreamWriter..ctor(String path,
Boolean append, Encoding encoding) v System.IO.File.WriteAllText(String path,
String contents, Encoding encoding) v HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 3.5.2014 7:25:26 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Část cesty C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201405031325.xml
nebyla nalezena. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamWriter.CreateFile(String
path, Boolean append) v System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding, Int32 bufferSize) v System.IO.StreamWriter..ctor(String path,
Boolean append, Encoding encoding) v System.IO.File.WriteAllText(String path,
String contents, Encoding encoding) v HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 3.5.2014 7:29:03 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Část cesty C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201405031329.xml
nebyla nalezena. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamWriter.CreateFile(String
path, Boolean append) v System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding, Int32 bufferSize) v System.IO.StreamWriter..ctor(String path,
Boolean append, Encoding encoding) v System.IO.File.WriteAllText(String path,
String contents, Encoding encoding) v HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 10.5.2014 9:29:23 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Část cesty C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201405101529.xml
nebyla nalezena. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamWriter.CreateFile(String
path, Boolean append) v System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding, Int32 bufferSize) v System.IO.StreamWriter..ctor(String path,
Boolean append, Encoding encoding) v System.IO.File.WriteAllText(String path,
String contents, Encoding encoding) v HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
[ HP Power Assistant Events ]
Error - 3.8.2014 12:10:22 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.
Error - 4.8.2014 5:39:22 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.
Error - 5.8.2014 10:54:27 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.
Error - 6.8.2014 13:30:43 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.
Error - 6.8.2014 13:51:20 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.
Error - 7.8.2014 15:41:05 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.
Error - 7.8.2014 16:37:29 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.
Error - 9.8.2014 10:47:12 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.
Error - 10.8.2014 9:23:23 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.
Error - 10.8.2014 12:38:21 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.
[ HP Wireless Assistant Events ]
Error - 4.7.2014 12:57:28 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported v System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) v System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
v HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 4.7.2014 12:57:29 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported v System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) v System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
v HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 5.7.2014 14:10:59 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported v System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) v System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
v HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 5.7.2014 14:11:01 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported v System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) v System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
v HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 5.7.2014 14:45:25 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported v System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) v System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
v HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 5.7.2014 14:45:25 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported v System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) v System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
v HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 13.7.2014 14:55:39 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported v System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) v System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
v HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 13.7.2014 14:55:40 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported v System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) v System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
v HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 22.8.2014 14:54:08 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 v HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) v HPPA_Service.CurrentConfiguration.ReloadRadioList()
Error - 1.9.2014 3:00:30 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Filtr zpráv volání zrušil.
(Výjimka na základě hodnoty HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementObjectSearcher.Initialize()
v System.Management.ManagementObjectSearcher.Get() v HPPA_Service.CurrentConfiguration.FindDevice(String
hostPath, String portName) v HPPA_Service.CurrentConfiguration.<ApplyFriendlyNames>b__23(RadioHardware
radio) v System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() v System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
v HPPA_Service.CurrentConfiguration.ApplyFriendlyNames() v HPPA_Service.CurrentConfiguration.ReloadRadioList()
[ System Events ]
Error - 8.12.2014 13:02:47 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = DCOM | ID = 10005
Description =
Error - 8.12.2014 13:02:50 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = DCOM | ID = 10005
Description =
Error - 8.12.2014 13:02:50 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = DCOM | ID = 10005
Description =
Error - 8.12.2014 13:02:50 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068
Error - 8.12.2014 13:02:50 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068
Error - 8.12.2014 13:02:50 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1068
Error - 8.12.2014 13:04:47 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = NETLOGON | ID = 5719
Description = Tento počítač nemohl nastavit zabezpečenou relaci s řadičem domény
v doméně SKOLA z následujícího důvodu: %%1311 To může vést k potížím při ověřování.
Přesvědčte se, zda je tento počítač připojen k síti. Pokud potíže trvají, obraťte
se na správce domény. DALŠÍ INFORMACE Pokud je tento počítač řadičem domény pro určenou
doménu, nastaví zabezpečenou relaci s emulátorem primárního řadiče domény v určené
doméně.
V opačném případě tento počítač nastaví zabezpečenou relaci s libovolným řadičem
domény v určené doméně.
Error - 8.12.2014 13:05:18 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = Zpracování zásad skupiny selhalo v důsledku toho, že se nebylo v síti
možné připojit k řadiči domény. Může se jednat o přechodný stav. Po připojení počítače
k řadiči domény a úspěšném zpracování zásad skupiny bude odeslána zpráva o úspěšné
provedení těchto akcí. Pokud se tato zpráva nezobrazí během několika hodin, obraťte
se na správce.
Error - 8.12.2014 13:45:15 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = NETLOGON | ID = 5719
Description = Tento počítač nemohl nastavit zabezpečenou relaci s řadičem domény
v doméně SKOLA z následujícího důvodu: %%1311 To může vést k potížím při ověřování.
Přesvědčte se, zda je tento počítač připojen k síti. Pokud potíže trvají, obraťte
se na správce domény. DALŠÍ INFORMACE Pokud je tento počítač řadičem domény pro určenou
doménu, nastaví zabezpečenou relaci s emulátorem primárního řadiče domény v určené
doméně.
V opačném případě tento počítač nastaví zabezpečenou relaci s libovolným řadičem
domény v určené doméně.
Error - 8.12.2014 13:45:46 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = Zpracování zásad skupiny selhalo v důsledku toho, že se nebylo v síti
možné připojit k řadiči domény. Může se jednat o přechodný stav. Po připojení počítače
k řadiči domény a úspěšném zpracování zásad skupiny bude odeslána zpráva o úspěšné
provedení těchto akcí. Pokud se tato zpráva nezobrazí během několika hodin, obraťte
se na správce.
< End of report >
OTL Extras logfile created on: 8.12.2014 18:53:14 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pavel\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17420)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,74 Gb Total Physical Memory | 2,21 Gb Available Physical Memory | 59,03% Memory free
7,48 Gb Paging File | 5,41 Gb Available in Paging File | 72,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 280,80 Gb Total Space | 116,09 Gb Free Space | 41,34% Space Free | Partition Type: NTFS
Drive F: | 1,99 Gb Total Space | 0,01 Gb Free Space | 0,32% Space Free | Partition Type: FAT32
Computer Name: PAVELS-HP | User Name: Pavel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-3435964710-805018482-336169385-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3F3084DF-6585-4685-9079-045A1C1C1187}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{BA8888E8-F293-458E-A23C-DE2C7444F6D0}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{DF61681B-FB2D-4BD6-9344-AF2A894F209A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F353A35D-4DCC-4D22-9860-AF25CEE0C58C}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{043B27D7-4E7E-43ED-84BB-EACB5D1247A3}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\studio.exe |
"{1CCE62C3-33BA-438A-B4A0-12BCB156C1AF}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\rm.exe |
"{28DC0182-6DBD-47E4-A29C-370CDB375313}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{345EB73F-DFD3-4D8D-8382-C2CD62EEED39}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{3FBFFE17-5F99-4672-A643-D3E01013A8AE}" = protocol=6 | dir=in | app=c:\program files (x86)\movies toolbar\datamngr\srtool~1\ie\dtuser.exe |
"{4EB405F8-E783-4C90-B5D6-99707CB35D21}" = dir=in | app=c:\users\pavel\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{558838BA-0069-4981-B10C-BE9AB4F12989}" = dir=in | app=c:\users\pavel\appdata\local\microsoft\skydrive\skydrive.exe |
"{58E87C2E-3A86-438C-A423-C92A905A5641}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\rm.exe |
"{644B1AEB-2C9E-4C3C-AA20-524AD72F9C9D}" = protocol=17 | dir=in | app=c:\program files (x86)\pcdata\minerd.exe |
"{669B46C1-DB1A-4935-BA45-0AA52B23F984}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{6DBEE798-6DE4-413E-94A2-8F669AC9FB64}" = protocol=6 | dir=in | app=c:\program files (x86)\pcdata\cgminer.exe |
"{71CCB4AB-67CF-42F3-B148-F13F5F2F43CF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{7DC24E5B-B3E9-4D83-B464-C467F5206330}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{81A599D0-C26B-4773-83AB-1F7171DDD859}" = protocol=17 | dir=in | app=c:\program files (x86)\pcdata\cgminer.exe |
"{82C54E71-CC2B-4D1C-A426-B70218639F3E}" = protocol=6 | dir=in | app=c:\program files (x86)\pcdata\minerd.exe |
"{88CD16C7-8E0F-4C8D-9148-686112A1C2DC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8A58ABF5-E072-4185-8E39-2ED8323A93BE}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\umi.exe |
"{A1571F96-4F3F-4974-BED4-FDED2E5E0165}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{AF7AB9A2-2197-4411-B5A0-CA87DA4E0B6D}" = protocol=6 | dir=in | app=c:\program files (x86)\gameforgelive\gfl_client.exe |
"{B30D24C0-C2F1-4342-BC46-BE54B68C3C31}" = protocol=17 | dir=in | app=c:\program files (x86)\movies toolbar\datamngr\srtool~1\ie\dtuser.exe |
"{B4086CB8-7CA4-4B0F-A85A-8178EC70B96D}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\studio.exe |
"{B957AA1F-EA27-4760-AD42-AD4554D135F0}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\umi.exe |
"{CAC5E467-C1E1-471C-8202-113D920B71FC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{CB0EB5B5-86BA-4F6F-981B-D290B154AAD3}" = protocol=6 | dir=in | app=c:\users\pavel\appdata\local\ilivid\ilivid.exe |
"{D5681AEF-B722-45F3-9426-1D7FEA638101}" = protocol=17 | dir=in | app=c:\users\pavel\appdata\local\ilivid\ilivid.exe |
"{E6313CF4-236E-42B6-A50E-4385F5EC0C66}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"TCP Query User{2994BA7D-F0C0-4764-BAD5-7C2BB0791727}C:\program files (x86)\gameforgelive\games\gbr_eng\aion\nclauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gameforgelive\games\gbr_eng\aion\nclauncher.exe |
"TCP Query User{2D5BEB55-1CF1-462C-BA28-010C457BC05D}C:\program files (x86)\aion free-to-play\nclauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\aion free-to-play\nclauncher.exe |
"TCP Query User{5758349E-1DDB-40A0-B1FC-7F35DDBF38C4}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"TCP Query User{8AA1EEB4-2942-4C18-A4E6-B63F75BA3551}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"TCP Query User{976BF4B4-7FF4-4C1E-9308-25161DC59E33}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{9BCAFE3F-9C2B-4E2F-9AA8-9BFD5606C15A}C:\program files (x86)\gameforgelive\games\cze_ces\aion\nclauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gameforgelive\games\cze_ces\aion\nclauncher.exe |
"TCP Query User{CD1E3675-A95D-410B-AEAB-150FDE22FE92}C:\program files (x86)\icq7.7\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"UDP Query User{10C2A0BC-E8CD-4D98-8B40-C83237C52942}C:\program files (x86)\gameforgelive\games\cze_ces\aion\nclauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gameforgelive\games\cze_ces\aion\nclauncher.exe |
"UDP Query User{3AF4E4B3-FF39-412B-B5D3-B56F71E92251}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{5F4AD083-3864-4018-B2DA-9BA9DC62CA5E}C:\program files (x86)\gameforgelive\games\gbr_eng\aion\nclauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gameforgelive\games\gbr_eng\aion\nclauncher.exe |
"UDP Query User{60379A85-0A17-4C23-85BD-EDE6500D3B2A}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"UDP Query User{7B6FE778-399B-411D-9BA3-EC679B113DC4}C:\program files (x86)\icq7.7\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"UDP Query User{D5ECC5D8-CBD7-43DB-B7F3-E9EE7CC136F4}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"UDP Query User{E1ADB20D-CF57-4835-A6AF-235FAE158E67}C:\program files (x86)\aion free-to-play\nclauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\aion free-to-play\nclauncher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04255D34-6C6D-4F63-A218-EE8FD2D13AF0}" = Privacy Manager for HP ProtectTools
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{1C292266-E054-4090-84D5-869649E4F9C7}" = HP Power Data
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23F2C78C-E131-4CA0-8F84-3473FB7728BA}" = Microsoft Security Client
"{299625B9-6C69-462C-9CEA-8E06D878B1C5}" = HP 3D DriveGuard
"{2FD0FA0A-7A21-4C4A-B268-1142B54E035E}" = Windows Live Family Safety
"{3513DD3C-7680-4C7C-BF18-BA375D5F4132}" = Pre-Boot Security for HP ProtectTools
"{3B392D0A-F3F6-41EA-8DDB-D657ABA70168}" = HP QuickLook
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Broadcom 2070 Bluetooth 3.0
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BBA5224-C5B1-4B8C-AAA4-68DA6654B9C1}" = HP HotKey Support
"{50813B8C-FCBB-3C61-8039-EAAA93029066}" = Microsoft .NET Framework 4.5.1 (CSY)
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{59B9AACC-6E81-4582-9BDC-9EB9F631EE1F}" = Drive Encryption for HP ProtectTools
"{5EB90C06-964F-4195-B83E-BD7E55C88415}" = Ovladače videa společnosti Pinnacle
"{5EEC477F-8E9B-4420-8829-16E7426227DB}" = Windows Live MIME IFilter
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{65A9248D-196D-41AD-1C66-5C9A23454DAA}" = AMD Fuel
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C1F5F9B-649F-C65F-D65F-9EC0459C2304}" = ccc-utility64
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A1DC4DF6-7493-45B2-B8AA-0A8805866CB9}" = HP ProtectTools Security Manager
"{A2AC0D43-9788-B1BD-B2A8-EFC758916BB1}" = AMD Drag and Drop Transcoding
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C16CD4C0-48EE-0F40-C9FD-0778EAF73FBD}" = AMD Wireless Display v3.0
"{C2956908-53A3-88FC-B795-B16508296FC4}" = AMD Catalyst Install Manager
"{C823942A-A0B4-4412-B935-6A2DC7CC1B4D}" = HP Power Assistant
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client CS-CZ Language Pack
"{DD966CEF-5EA9-4BA2-B210-490FEBC27EA7}" = Validity Fingerprint Driver
"{E6BC696E-5E96-4C1B-9371-379AF3A46B6B}" = HP Wireless Assistant
"{E793990C-90BE-4B69-AC29-BF5E8FD4ED54}" = Face Recognition for HP ProtectTools
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F7CD07B2-565B-D770-0388-9C16A8FA5B1D}" = AMD Accelerated Video Transcoding
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CCleaner" = CCleaner
"HPProtectTools" = HP ProtectTools Security Manager
"Microsoft Security Client" = Microsoft Security Essentials
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}" = Corel Home Office
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{04801E42-B1A6-4C52-9F3D-CADB5A050433}" = HP Software Setup
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B2187A6-8ACC-4012-9817-9221211EF407}" = Corel Home Office - IPM
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{151AE945-AA23-3834-D5C7-C60832B71B15}" = CCC Help Czech
"{15F16DD9-670C-4B8F-9F92-BC358AB814BD}" = Windows Live Family Safety
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}" = ArcSoft Webcam Sharing Manager
"{1A1E33D2-9824-454A-B8CB-50072118635A}" = Corel Home Office - CS Templates
"{1D11E96F-0405-4B99-8356-5750B1D9FAE9}" = Corel Home Office - JP Templates
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{21385719-E020-4ED8-A3D4-6B46D0E5DAB1}" = ArcSoft TotalMedia
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23AAEBF8-12B1-43EA-B75D-CDC613CA6CB4}" = Photo Common
"{25A3B953-1423-3F15-640E-B620DD0F419A}" = Catalyst Control Center - Branding
"{26D19512-874B-4EDA-B7F1-779850B2AD5A}" = Corel Home Office - CT Templates
"{2DA697D7-FED3-4DE2-A174-92A2A12F9688}" = HP SoftPaq Download Manager
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{3365E735-48A6-4194-9988-CE59AC5AE503}" = Bing Bar
"{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}" = Theft Recovery
"{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}" = Corel Home Office
"{379A0618-EF50-423C-9637-EEB2D25A4BB4}" = Movie Maker
"{3DE92282-CB49-434F-81BF-94E5B380E889}" = The Sims™ 3 Roční období
"{44A6C11C-D744-6B2C-D5A1-E32CB1DB0088}" = AMD Catalyst Control Center
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Po setmění
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{4DC7C1AB-4389-B736-082D-1BFA6BC10293}" = CCC Help Greek
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{5017D60D-C0A5-4CC8-8D2F-0BDA1ADF39D0}" = Corel Home Office - Templates1
"{51307F85-BD05-1938-8440-E88FD13585CA}" = CCC Help Chinese Traditional
"{553E24F0-09FD-4BCB-9CF0-4FC0F6DB95D1}_is1" = HellSpy Klient verze 0.8.0
"{5565E164-9928-CEDD-5011-9EE073D797B9}" = CCC Help Japanese
"{5746E4F9-77C6-47E8-A737-A5975A57B4AA}" = Corel Home Office - KR Templates
"{5947D004-A315-F50D-D24F-4C9D5B8413A5}" = CCC Help Spanish
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{5AAF27C9-51C1-DEF1-230F-9F348E2DF885}" = CCC Help Russian
"{5BBF2F0E-8891-0E74-83D3-0DBDB750EDC6}" = CCC Help Norwegian
"{5BF8E079-D6E2-4323-B794-75152371122A}" = Windows 7 Default Setting
"{5C89D6B4-C8C4-08B9-4381-4E6C9BA3C094}" = CCC Help Italian
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{64A47A55-1E5E-82F1-26A6-8157D34739A4}" = CCC Help Chinese Standard
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}" = File Sanitizer For HP ProtectTools
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{755C6015-01B7-475D-448A-CE4D35E68F38}" = CCC Help Dutch
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77C135AC-6695-F444-75ED-14413408E51D}" = Catalyst Control Center InstallProxy
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{7861911B-4270-498A-8F7A-FCF0570F486B}" = HP QuickWeb
"{80A6DF3F-FB3D-48CB-BF1B-686E3D08C8F6}" = HP Software Framework
"{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1" = AION Free-to-Play
"{86CF0325-7921-55A6-16B2-254E77C40FE4}" = CCC Help French
"{877AB8B2-9D11-D640-7B11-730699E0C9A2}" = CCC Help Swedish
"{88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}" = Razer Game Booster
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90140000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Povolání snů
"{95140000-007A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9976E0BD-56A6-4A32-8597-B80FCE62063A}" = Windows Live Essentials
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A974568-D4D5-EED2-1976-132C28211A82}" = CCC Help Korean
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1" = Gameforge Live 2.0.5
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}" = The Sims™ 3 Do Budoucnosti
"{A0ED9B46-5B37-616A-FDCC-3F713BC2972D}" = CCC Help German
"{A11D86BF-B950-759B-3DBF-1575B76BF974}" = CCC Help Polish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA14530E-3EF6-92AB-B39F-DB96F852BBBC}" = CCC Help Portuguese
"{AAA94EAA-40A4-458C-9D86-D1DA765B51D5}" = Windows Live Writer
"{ABAD2544-D794-E1B1-2763-55A9BB811D5A}" = CCC Help Thai
"{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}" = Fotogalerie
"{B286BAC3-CBE6-4854-BF68-EB72A34CEA56}" = Windows Live Messenger
"{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}" = The Sims™ 3 Obludárium
"{B3BE2947-BB03-6079-60DD-41B388BBC74A}" = Catalyst Control Center Graphics Previews Common
"{B6FF40EA-AEF2-46FF-9516-9A6512901B97}" = Windows Live Mail
"{B89357B0-C12E-F21E-7E8D-CA13BFED19C7}" = CCC Help Hungarian
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 Cestovní horečka
"{BADEEBDE-ABAF-4650-9149-51614651A1A0}" = Windows Live Writer Resources
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C1212AE3-DBB9-4365-8473-F8ABC7B06BBB}" = Pinnacle Instant DVD Recorder
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Domácí mazlíčci
"{C5BE5386-0A43-32DD-9F2B-934B8CCCAC41}" = Catalyst Control Center Localization All
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{C70E8FBB-10F3-1DFF-E35F-6D62264D7A80}" = CCC Help Finnish
"{C82E0493-CDCF-4583-8DAE-59CC7EC4B2FE}" = Windows Live Messenger
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{D041EB9E-890A-4098-8F94-51DA194AC72A}" = Pinnacle Studio 12
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D21160A2-8B5F-409C-99C8-03582F5324B7}" = HP Documentation
"{D310DD60-9EF2-4C9C-AD66-A58185A1C7CB}" = Windows Live UX Platform Language Pack
"{D604900F-A275-416C-AF9D-CDEDF58B72DB}" = Windows Live Mail
"{D9989A13-B173-4048-B8A5-93C204DCB1B3}" = HP ESU for Microsoft Windows 7
"{DB21639E-FE55-432C-BCA2-0C5249E3F79E}" = The Sims™ 3 Tropický ráj
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}" = HP Webcam Driver
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}" = HP Support Assistant
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5603D65-60FC-47A6-AAC3-D5448227E963}" = Windows Live Writer
"{E74EA3B1-7192-489D-9A57-0AE918FEC001}" = Corel Home Office - Launcher
"{E7C34ED4-BBB6-4C57-9FBD-B29CA5878051}" = HP Setup
"{EC43C902-EF4F-0BF6-FA5F-897D2E450858}" = CCC Help Turkish
"{EFBCA571-617D-484A-9ECA-E301BB6D0750}" = Windows Live Writer
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F1410C34-CCC7-4443-B698-7E9FF42F4FA3}" = Corel Home Office
"{F2AB797F-31A3-A376-736B-9E0533BAB530}" = CCC Help English
"{F3220B5E-9395-F557-8DB9-1E0F29D32026}" = CCC Help Danish
"{F45048A1-12C4-4B08-A3EB-32D88033368A}" = Corel Home Office - Templates RU
"{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}" = Junk Mail filter update
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{FA8BFB25-BF48-4F8B-8859-B30810745190}" = LightScribe System Software
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"4Story_CZ_is1" = 4Story CZ 4.1.98
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"ArcSoft TotalMedia" = ArcSoft TotalMedia
"DAEMON Tools Lite" = DAEMON Tools Lite
"DoubleOptMedia11.041.44" = DoubleOptMedia
"Drive Encryption" = Drive Encryption for HP ProtectTools
"Google Chrome" = Google Chrome
"Guard.Mail.ru" = Guard.ICQ
"InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}" = Theft Recovery
"Janes Hotel Mania 1.00" = Janes Hotel Mania 1.00
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.0.4.1028
"Metin2_is1" = Metin2
"Office14.STANDARD" = Microsoft Office Standard 2010
"Origin" = Origin
"PCData App" = PC Data App
"PDF Complete" = PDF Complete Special Edition
"SymSilent" = SymSilent
"WebcamMax" = WebcamMax
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3435964710-805018482-336169385-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"IGG Web3D Player_is1" = IGG Web3D Player version 1.0.0.38
"Kalydo App 4Story" = 4Story
"Kalydo App 4story_cycle" = 4story_cycle
"KalydoPlayer" = Kalydo Player 6.00.00
"SeznamInstall" = Seznam Software
"SkyDriveSetup.exe" = Microsoft SkyDrive
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 22.2.2014 12:23:19 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = System Restore | ID = 8193
Description =
Error - 28.2.2014 1:45:25 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = System Restore | ID = 8193
Description =
Error - 1.3.2014 20:18:00 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Application Error | ID = 1000
Description = Název chybující aplikace: hpqwmiex.exe, verze: 4.0.32.1, časové razítko:
0x4c180cdc Název chybujícího modulu: OLEAUT32.dll, verze: 6.1.7601.17676, časové
razítko: 0x4e58702a Kód výjimky: 0xc0000005 Posun chyby: 0x00004660 ID chybujícího
procesu: 0xb24 Čas spuštění chybující aplikace: 0x01cf353ffafdb719 Cesta k chybující
aplikaci: C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe Cesta k chybujícímu
modulu: C:\windows\syswow64\OLEAUT32.dll ID zprávy: 1c911fa2-a1a0-11e3-9585-cc52afa2cbff
Error - 2.3.2014 12:23:43 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Application Error | ID = 1000
Description = Název chybující aplikace: DpHostW.exe, verze: 5.0.4.527, časové razítko:
0x4b5a0cca Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247, časové razítko:
0x521eaf24 Kód výjimky: 0xc0000005 Posun chyby: 0x000000000001926d ID chybujícího
procesu: 0x6d0 Čas spuštění chybující aplikace: 0x01cf353fef7735ab Cesta k chybující
aplikaci: c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
Cesta
k chybujícímu modulu: C:\windows\SYSTEM32\ntdll.dll ID zprávy: 055e7ba5-a227-11e3-9585-cc52afa2cbff
Error - 5.3.2014 1:38:51 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Application Error | ID = 1000
Description = Název chybující aplikace: hpqwmiex.exe, verze: 4.0.32.1, časové razítko:
0x4c180cdc Název chybujícího modulu: OLEAUT32.dll, verze: 6.1.7601.17676, časové
razítko: 0x4e58702a Kód výjimky: 0xc0000005 Posun chyby: 0x00004660 ID chybujícího
procesu: 0xcb0 Čas spuštění chybující aplikace: 0x01cf371c66333482 Cesta k chybující
aplikaci: C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe Cesta k chybujícímu
modulu: C:\windows\syswow64\OLEAUT32.dll ID zprávy: 6de4db7f-a428-11e3-9697-cc52afa2cbff
Error - 9.3.2014 8:29:45 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Google Update | ID = 20
Description =
Error - 9.3.2014 9:27:05 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Google Update | ID = 20
Description =
Error - 9.3.2014 14:54:49 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Stronghold.exe, verze: 0.0.0.0, časové razítko:
0x21544c46 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x00001364 ID chybujícího procesu: 0x1364 Čas spuštění
chybující aplikace: 0x01cf3b96baf7c099 Cesta k chybující aplikaci: C:\Hry\Stronghold\Stronghold.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: 49a9c717-a7bc-11e3-bdc2-cc52afa2cbff
Error - 12.3.2014 12:42:14 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Application Error | ID = 1000
Description = Název chybující aplikace: szndesktop.exe, verze: 0.0.0.0, časové razítko:
0x5167c21b Název chybujícího modulu: lightspeed.dll, verze: 0.0.0.0, časové razítko:
0x515061b5 Kód výjimky: 0xc0000005 Posun chyby: 0x0007c6c8 ID chybujícího procesu:
0x10d0 Čas spuštění chybující aplikace: 0x01cf3ca174d59533 Cesta k chybující aplikaci:
C:\Users\Pavel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe Cesta k chybujícímu
modulu: C:\Users\Pavel\AppData\Roaming\Seznam.cz\bin\lightspeed.dll ID zprávy: 43506dd5-aa05-11e3-bcc3-cc52afa2cbff
Error - 12.3.2014 15:32:56 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Application Error | ID = 1000
Description = Název chybující aplikace: hpqwmiex.exe, verze: 4.0.32.1, časové razítko:
0x4c180cdc Název chybujícího modulu: OLEAUT32.dll, verze: 6.1.7601.17676, časové
razítko: 0x4e58702a Kód výjimky: 0xc0000005 Posun chyby: 0x00004660 ID chybujícího
procesu: 0xd44 Čas spuštění chybující aplikace: 0x01cf3ca16a2e0928 Cesta k chybující
aplikaci: C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe Cesta k chybujícímu
modulu: C:\windows\syswow64\OLEAUT32.dll ID zprávy: 1c391c3a-aa1d-11e3-bcc3-cc52afa2cbff
[ Hewlett-Packard Events ]
Error - 15.3.2014 11:29:59 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Část cesty C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201403151629.xml
nebyla nalezena. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamWriter.CreateFile(String
path, Boolean append) v System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding, Int32 bufferSize) v System.IO.StreamWriter..ctor(String path,
Boolean append, Encoding encoding) v System.IO.File.WriteAllText(String path,
String contents, Encoding encoding) v HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 22.3.2014 8:03:53 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Část cesty C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201403221303.xml
nebyla nalezena. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamWriter.CreateFile(String
path, Boolean append) v System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding, Int32 bufferSize) v System.IO.StreamWriter..ctor(String path,
Boolean append, Encoding encoding) v System.IO.File.WriteAllText(String path,
String contents, Encoding encoding) v HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 29.3.2014 8:49:16 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Část cesty C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201403291349.xml
nebyla nalezena. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamWriter.CreateFile(String
path, Boolean append) v System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding, Int32 bufferSize) v System.IO.StreamWriter..ctor(String path,
Boolean append, Encoding encoding) v System.IO.File.WriteAllText(String path,
String contents, Encoding encoding) v HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 5.4.2014 7:09:57 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Část cesty C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201404051309.xml
nebyla nalezena. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamWriter.CreateFile(String
path, Boolean append) v System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding, Int32 bufferSize) v System.IO.StreamWriter..ctor(String path,
Boolean append, Encoding encoding) v System.IO.File.WriteAllText(String path,
String contents, Encoding encoding) v HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 12.4.2014 8:31:47 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Část cesty C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201404121431.xml
nebyla nalezena. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamWriter.CreateFile(String
path, Boolean append) v System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding, Int32 bufferSize) v System.IO.StreamWriter..ctor(String path,
Boolean append, Encoding encoding) v System.IO.File.WriteAllText(String path,
String contents, Encoding encoding) v HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 19.4.2014 8:09:04 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Část cesty C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201404191409.xml
nebyla nalezena. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamWriter.CreateFile(String
path, Boolean append) v System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding, Int32 bufferSize) v System.IO.StreamWriter..ctor(String path,
Boolean append, Encoding encoding) v System.IO.File.WriteAllText(String path,
String contents, Encoding encoding) v HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 30.4.2014 7:06:52 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Část cesty C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201404301306.xml
nebyla nalezena. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamWriter.CreateFile(String
path, Boolean append) v System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding, Int32 bufferSize) v System.IO.StreamWriter..ctor(String path,
Boolean append, Encoding encoding) v System.IO.File.WriteAllText(String path,
String contents, Encoding encoding) v HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 3.5.2014 7:25:26 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Část cesty C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201405031325.xml
nebyla nalezena. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamWriter.CreateFile(String
path, Boolean append) v System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding, Int32 bufferSize) v System.IO.StreamWriter..ctor(String path,
Boolean append, Encoding encoding) v System.IO.File.WriteAllText(String path,
String contents, Encoding encoding) v HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 3.5.2014 7:29:03 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Část cesty C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201405031329.xml
nebyla nalezena. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamWriter.CreateFile(String
path, Boolean append) v System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding, Int32 bufferSize) v System.IO.StreamWriter..ctor(String path,
Boolean append, Encoding encoding) v System.IO.File.WriteAllText(String path,
String contents, Encoding encoding) v HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 10.5.2014 9:29:23 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Část cesty C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA\HPSASession_201405101529.xml
nebyla nalezena. mscorlib v System.IO.__Error.WinIOError(Int32 errorCode, String
maybeFullPath) v System.IO.FileStream.Init(String path, FileMode mode, FileAccess
access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions
options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) v
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare
share, Int32 bufferSize, FileOptions options) v System.IO.StreamWriter.CreateFile(String
path, Boolean append) v System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding, Int32 bufferSize) v System.IO.StreamWriter..ctor(String path,
Boolean append, Encoding encoding) v System.IO.File.WriteAllText(String path,
String contents, Encoding encoding) v HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
[ HP Power Assistant Events ]
Error - 3.8.2014 12:10:22 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.
Error - 4.8.2014 5:39:22 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.
Error - 5.8.2014 10:54:27 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.
Error - 6.8.2014 13:30:43 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.
Error - 6.8.2014 13:51:20 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.
Error - 7.8.2014 15:41:05 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.
Error - 7.8.2014 16:37:29 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.
Error - 9.8.2014 10:47:12 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.
Error - 10.8.2014 9:23:23 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.
Error - 10.8.2014 12:38:21 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.
[ HP Wireless Assistant Events ]
Error - 4.7.2014 12:57:28 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported v System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) v System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
v HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 4.7.2014 12:57:29 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported v System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) v System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
v HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 5.7.2014 14:10:59 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported v System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) v System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
v HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 5.7.2014 14:11:01 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported v System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) v System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
v HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 5.7.2014 14:45:25 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported v System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) v System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
v HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 5.7.2014 14:45:25 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported v System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) v System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
v HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 13.7.2014 14:55:39 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported v System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) v System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
v HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 13.7.2014 14:55:40 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported v System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) v System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
v HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()
Error - 22.8.2014 14:54:08 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 v HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) v HPPA_Service.CurrentConfiguration.ReloadRadioList()
Error - 1.9.2014 3:00:30 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Filtr zpráv volání zrušil.
(Výjimka na základě hodnoty HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementObjectSearcher.Initialize()
v System.Management.ManagementObjectSearcher.Get() v HPPA_Service.CurrentConfiguration.FindDevice(String
hostPath, String portName) v HPPA_Service.CurrentConfiguration.<ApplyFriendlyNames>b__23(RadioHardware
radio) v System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() v System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
v HPPA_Service.CurrentConfiguration.ApplyFriendlyNames() v HPPA_Service.CurrentConfiguration.ReloadRadioList()
[ System Events ]
Error - 8.12.2014 13:02:47 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = DCOM | ID = 10005
Description =
Error - 8.12.2014 13:02:50 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = DCOM | ID = 10005
Description =
Error - 8.12.2014 13:02:50 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = DCOM | ID = 10005
Description =
Error - 8.12.2014 13:02:50 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068
Error - 8.12.2014 13:02:50 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068
Error - 8.12.2014 13:02:50 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1068
Error - 8.12.2014 13:04:47 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = NETLOGON | ID = 5719
Description = Tento počítač nemohl nastavit zabezpečenou relaci s řadičem domény
v doméně SKOLA z následujícího důvodu: %%1311 To může vést k potížím při ověřování.
Přesvědčte se, zda je tento počítač připojen k síti. Pokud potíže trvají, obraťte
se na správce domény. DALŠÍ INFORMACE Pokud je tento počítač řadičem domény pro určenou
doménu, nastaví zabezpečenou relaci s emulátorem primárního řadiče domény v určené
doméně.
V opačném případě tento počítač nastaví zabezpečenou relaci s libovolným řadičem
domény v určené doméně.
Error - 8.12.2014 13:05:18 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = Zpracování zásad skupiny selhalo v důsledku toho, že se nebylo v síti
možné připojit k řadiči domény. Může se jednat o přechodný stav. Po připojení počítače
k řadiči domény a úspěšném zpracování zásad skupiny bude odeslána zpráva o úspěšné
provedení těchto akcí. Pokud se tato zpráva nezobrazí během několika hodin, obraťte
se na správce.
Error - 8.12.2014 13:45:15 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = NETLOGON | ID = 5719
Description = Tento počítač nemohl nastavit zabezpečenou relaci s řadičem domény
v doméně SKOLA z následujícího důvodu: %%1311 To může vést k potížím při ověřování.
Přesvědčte se, zda je tento počítač připojen k síti. Pokud potíže trvají, obraťte
se na správce domény. DALŠÍ INFORMACE Pokud je tento počítač řadičem domény pro určenou
doménu, nastaví zabezpečenou relaci s emulátorem primárního řadiče domény v určené
doméně.
V opačném případě tento počítač nastaví zabezpečenou relaci s libovolným řadičem
domény v určené doméně.
Error - 8.12.2014 13:45:46 | Computer Name = PavelS-HP.SKOLA.LOCAL | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = Zpracování zásad skupiny selhalo v důsledku toho, že se nebylo v síti
možné připojit k řadiči domény. Může se jednat o přechodný stav. Po připojení počítače
k řadiči domény a úspěšném zpracování zásad skupiny bude odeslána zpráva o úspěšné
provedení těchto akcí. Pokud se tato zpráva nezobrazí během několika hodin, obraťte
se na správce.
< End of report >
-
funkymusic
- Vzorný návštěvník
- Příspěvky: 402
- Registrován: 07 pro 2004 15:16
Re: Totálně zahumusené pc
Abych to popsal, jak na tom pc momentálně je:
Zdá se, že chodí bez problémů, až na ten proklatý start. Do nouzáku se dostanu bez problémů, ovšem normální režim je problém - objeví se logo Widlí, poté černá obrazovka, pc je stále zaplé ale nic se neděje, musí se natvrdo vypnout, pustit znova. Spustit se ho pak podaří tak na 3. - 5. pokus. Nějaké nápady? Zkusil jsem přeinstalovat ovladač grafiky (ATI Mobility Radeon HD 5470), bez výsledků.
Jo a ještě bych měl jednu otázku, je tu hozený Windows Deffender - co si o něm, jakožto odborník, myslíte? Můj názor je, že je kvalitní asi stejně jako všechno ostatní od Microsoftu
Nejradši bych ho nahradil Avastem (free), můžu se zeptat na Váš názor něm?
Díky moc, kdyby fakt nešlo s tim startem nic dělat, tak vrátím majiteli s tím, že buď reinstall, nebo má smůlu.
Díky!
Zdá se, že chodí bez problémů, až na ten proklatý start. Do nouzáku se dostanu bez problémů, ovšem normální režim je problém - objeví se logo Widlí, poté černá obrazovka, pc je stále zaplé ale nic se neděje, musí se natvrdo vypnout, pustit znova. Spustit se ho pak podaří tak na 3. - 5. pokus. Nějaké nápady? Zkusil jsem přeinstalovat ovladač grafiky (ATI Mobility Radeon HD 5470), bez výsledků.
Jo a ještě bych měl jednu otázku, je tu hozený Windows Deffender - co si o něm, jakožto odborník, myslíte? Můj názor je, že je kvalitní asi stejně jako všechno ostatní od Microsoftu
Nejradši bych ho nahradil Avastem (free), můžu se zeptat na Váš názor něm?Díky moc, kdyby fakt nešlo s tim startem nic dělat, tak vrátím majiteli s tím, že buď reinstall, nebo má smůlu.
Díky!
Re: Totálně zahumusené pc
Vypnete antivir, at nebrani programu v praci. Znovu spustte OTL jako spravceDo spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)
Kód: Vybrat vše
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]
:services
gupdate
AdobeFlashPlayerUpdateSvc
gupdatem
gusvc
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
:otl
IE - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
O3 - HKLM\..\Toolbar: (Reg Error: Value error.) - 10 - Reg Error: Value error. File not found
O15 - HKU\S-1-5-21-3435964710-805018482-336169385-1001\..Trusted Domains: localhost ([]http in Internet)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[11 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[16 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[3 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] /64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Totálně zahumusené pc
Nejdrive to komplet docistime a pak se uvidi.funkymusic píše:Zdá se, že chodí bez problémů, až na ten proklatý start. Do nouzáku se dostanu bez problémů, ovšem normální režim je problém - objeví se logo Widlí, poté černá obrazovka, pc je stále zaplé ale nic se neděje, musí se natvrdo vypnout, pustit znova. Spustit se ho pak podaří tak na 3. - 5. pokus. Nějaké nápady?
Jako antivir tam bezi MSE. Defender se jmenuje antivir az ve Win8. Do sedmicek je to pouze antispyware. Jeho kvalita je slaba. Avast je dobra volba, sam jej pouzivam uz radu let. Jen je treba tedy Defender vypnout a MSE odinstalovat.funkymusic píše:Jo a ještě bych měl jednu otázku, je tu hozený Windows Deffender - co si o něm, jakožto odborník, myslíte? Můj názor je, že je kvalitní asi stejně jako všechno ostatní od Microsoftu
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
funkymusic
- Vzorný návštěvník
- Příspěvky: 402
- Registrován: 07 pro 2004 15:16
Re: Totálně zahumusené pc
Ano, myslel jsem MSE, sám na Win nejedu, tak si tyhle názvy nepamatuju 
Dobře, dám Avast, MSE vyhodím.
Zde je log, změna ohledně startu pc nenastala.
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Pavel
->Temp folder emptied: 287426549 bytes
->Temporary Internet Files folder emptied: 5402075 bytes
->Google Chrome cache emptied: 8338716 bytes
->Flash cache emptied: 2862 bytes
User: Public
->Temp folder emptied: 0 bytes
User: stasa
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: strnad
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 45706 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 287,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Pavel
->Flash cache emptied: 0 bytes
User: Public
User: stasa
->Flash cache emptied: 0 bytes
User: strnad
Total Flash Files Cleaned = 0,00 mb
Unable to start System Restore Service. Error code 1084
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service gusvc stopped successfully!
Service gusvc deleted successfully!
========== FILES ==========
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-3435964710-805018482-336169385-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3435964710-805018482-336169385-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP485.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP50FC.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E26.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP908C.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9877.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAD20.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB6C7.tmp\WindowsLiveWriter.exe deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB6C7.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB76D.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE204.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE3F8.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2B67.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP30F3.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP450B.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP476D.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5D0D.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP60E4.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7CA1.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP9B08.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPAD00.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB04C.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPCE56.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD3B2.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE71.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEB01.tmp folder deleted successfully.
C:\windows\Installer\MSI2EEF.tmp deleted successfully.
C:\windows\Installer\MSICCA2.tmp deleted successfully.
C:\windows\Installer\MSIE2B8.tmp deleted successfully.
========== REGISTRY ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 12092014_171131
Files\Folders moved on Reboot...
File move failed. C:\Users\Pavel\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Dobře, dám Avast, MSE vyhodím. Zde je log, změna ohledně startu pc nenastala.
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Pavel
->Temp folder emptied: 287426549 bytes
->Temporary Internet Files folder emptied: 5402075 bytes
->Google Chrome cache emptied: 8338716 bytes
->Flash cache emptied: 2862 bytes
User: Public
->Temp folder emptied: 0 bytes
User: stasa
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: strnad
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 45706 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 287,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Pavel
->Flash cache emptied: 0 bytes
User: Public
User: stasa
->Flash cache emptied: 0 bytes
User: strnad
Total Flash Files Cleaned = 0,00 mb
Unable to start System Restore Service. Error code 1084
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service gusvc stopped successfully!
Service gusvc deleted successfully!
========== FILES ==========
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-3435964710-805018482-336169385-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3435964710-805018482-336169385-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP485.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP50FC.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E26.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP908C.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9877.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAD20.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB6C7.tmp\WindowsLiveWriter.exe deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB6C7.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB76D.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE204.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE3F8.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2B67.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP30F3.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP450B.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP476D.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5D0D.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP60E4.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7CA1.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP9B08.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPAD00.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB04C.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPCE56.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD3B2.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE71.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEB01.tmp folder deleted successfully.
C:\windows\Installer\MSI2EEF.tmp deleted successfully.
C:\windows\Installer\MSICCA2.tmp deleted successfully.
C:\windows\Installer\MSIE2B8.tmp deleted successfully.
========== REGISTRY ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 12092014_171131
Files\Folders moved on Reboot...
File move failed. C:\Users\Pavel\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
-
funkymusic
- Vzorný návštěvník
- Příspěvky: 402
- Registrován: 07 pro 2004 15:16
Re: Totálně zahumusené pc
Heuréka, byl to skutečně po***aný ovladač grafické karty, odinstaloval jsem původní, nainstaloval jsem nový - stále nic. Odinstaloval jsem i tenhle nový a ejhle - Windows začaly psát, že byl ovladač nainstalován a že chtějí restart - restartoval jsem a už bez problémů 
Tak ještě prosím doklidíme tu havěť a bude od toho pokoj
Díky moc!
Tak ještě prosím doklidíme tu havěť a bude od toho pokoj
Díky moc!
Re: Totálně zahumusené pc
Super, konecne dobra zprava 
Jinak krom vyhozeni MSE zkontrolujte, zda je vypnuty ten Defender.
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)
Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.
Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)
Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak je na tom pc.
Jinak krom vyhozeni MSE zkontrolujte, zda je vypnuty ten Defender.
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce) vyosek píše:
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.
Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)
Defragmentujte disk(y) (SSD Disky ne!)Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak je na tom pc.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
funkymusic
- Vzorný návštěvník
- Příspěvky: 402
- Registrován: 07 pro 2004 15:16
Re: Totálně zahumusené pc
Vypadá dobře, resp. jako předtím. Co je horší, než jste napsal, tak jsem nechal pc +- 2 hodinky vypnuté a potíže se startem se objevily znovu 
ne tak hrozně jako předtim, musel jsem jen 3x restartovat a pak už normálně šlo, ale i tak 
Všiml jsem si, že při chybném startu bliká stavová diodka u HDD tak nějak podivně, oproti tomu, když se start povede. Teď, když PC restartuju, tak zas normálně jde, takže mi to přijde už jako nějaká HW chyba... Co vy na to?
ne tak hrozně jako předtim, musel jsem jen 3x restartovat a pak už normálně šlo, ale i tak Všiml jsem si, že při chybném startu bliká stavová diodka u HDD tak nějak podivně, oproti tomu, když se start povede. Teď, když PC restartuju, tak zas normálně jde, takže mi to přijde už jako nějaká HW chyba... Co vy na to?
Přispějete na provoz fóra?
