OTL logfile created on: 13.11.2015 12:40:34 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18098)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,89 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 34,73% Memory free
6,26 Gb Paging File | 3,13 Gb Available in Paging File | 50,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 423,30 Gb Total Space | 301,55 Gb Free Space | 71,24% Space Free | Partition Type: NTFS
Drive D: | 25,00 Gb Total Space | 22,60 Gb Free Space | 90,39% Space Free | Partition Type: NTFS
Computer Name: LENOVO-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2015.11.13 12:39:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
PRC - [2015.11.07 05:36:36 | 000,811,848 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2015.10.21 11:36:16 | 000,349,968 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
PRC - [2015.10.21 11:36:06 | 000,060,688 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2015.10.21 11:35:30 | 000,103,696 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
PRC - [2015.10.13 04:46:06 | 000,060,688 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2015.10.01 21:23:07 | 000,270,848 | ---- | M] (
www.logos.cz) -- C:\Program Files (x86)\eLiska4\eLiska.exe
PRC - [2015.10.01 14:54:18 | 000,245,576 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
PRC - [2015.06.26 04:24:08 | 000,851,752 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe
PRC - [2014.10.29 02:05:25 | 000,315,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe
PRC - [2014.08.12 07:07:57 | 000,154,896 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe
PRC - [2014.08.12 07:07:57 | 000,153,872 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe
PRC - [2014.08.12 06:59:32 | 000,294,672 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
PRC - [2014.08.12 06:59:32 | 000,109,328 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
PRC - [2014.05.22 02:29:04 | 000,584,960 | ---- | M] (LENOVO INCORPORATED.) -- C:\Program Files\Lenovo\iMController\SystemAgentService.exe
PRC - [2014.03.06 19:40:28 | 001,150,024 | ---- | M] (Lenovo(beijing) Limited) -- C:\Program Files (x86)\Lenovo\Lenovo Updates\LU.exe
PRC - [2014.02.26 05:50:24 | 000,323,584 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2014.02.26 04:13:00 | 000,053,248 | ---- | M] () -- C:\Windows\SysWOW64\UMonit64.exe
PRC - [2014.02.18 05:47:34 | 000,038,896 | ---- | M] (Lenovo(beijing) Limited) -- C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
PRC - [2013.10.10 00:08:04 | 000,381,440 | -H-- | M] () -- C:\Model\cmssservice\cmssservice.exe
PRC - [2013.08.27 06:50:36 | 000,175,016 | -H-- | M] (Oracle Corporation) -- C:\Model\java\bin\java.exe
========== Modules (No Company Name) ==========
MOD - [2015.11.07 05:36:33 | 001,532,744 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libglesv2.dll
MOD - [2015.11.07 05:36:32 | 000,081,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libegl.dll
MOD - [2015.10.13 04:46:12 | 001,040,144 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2015.10.13 04:45:48 | 000,237,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
MOD - [2015.05.15 15:27:10 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014.08.12 07:07:57 | 000,101,648 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LUpdatePackage.dll
MOD - [2014.08.12 06:59:32 | 000,294,672 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
MOD - [2014.08.12 06:59:32 | 000,109,328 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
MOD - [2014.08.12 06:59:32 | 000,105,744 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Lenovo Transition\Config\1366\TransitionLib.dll
MOD - [2014.08.12 06:59:32 | 000,102,160 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Lenovo Transition\LUpdatePackage.dll
MOD - [2014.02.26 04:13:00 | 000,053,248 | ---- | M] () -- C:\Windows\SysWOW64\UMonit64.exe
MOD - [2013.10.10 00:08:04 | 000,381,440 | -H-- | M] () -- C:\Model\cmssservice\cmssservice.exe
MOD - [2013.09.04 23:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
========== Services (SafeList) ==========
SRV:
64bit: - [2015.07.22 14:52:08 | 001,633,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:
64bit: - [2015.07.16 19:58:34 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:
64bit: - [2015.07.07 10:39:32 | 000,366,552 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:
64bit: - [2015.07.07 10:39:32 | 000,023,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:
64bit: - [2015.05.30 20:36:24 | 000,230,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:
64bit: - [2015.05.12 14:19:37 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:
64bit: - [2015.05.07 16:21:51 | 000,522,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:
64bit: - [2015.02.21 00:49:18 | 000,780,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:
64bit: - [2014.10.31 05:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:
64bit: - [2014.10.29 04:59:51 | 003,460,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:
64bit: - [2014.10.29 03:42:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:
64bit: - [2014.10.29 03:42:03 | 000,041,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:
64bit: - [2014.10.29 03:34:51 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:
64bit: - [2014.10.29 03:33:55 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:
64bit: - [2014.10.29 03:29:22 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:
64bit: - [2014.10.29 02:57:05 | 000,324,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:
64bit: - [2014.10.29 02:48:20 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:
64bit: - [2014.10.29 02:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:
64bit: - [2014.10.29 02:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:
64bit: - [2014.10.29 02:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:
64bit: - [2014.10.29 02:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:
64bit: - [2014.10.29 02:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:
64bit: - [2014.10.29 02:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:
64bit: - [2014.10.29 02:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:
64bit: - [2014.10.29 02:27:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:
64bit: - [2014.10.29 02:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:
64bit: - [2014.10.29 02:24:37 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:
64bit: - [2014.10.29 02:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:
64bit: - [2014.10.29 02:20:03 | 000,262,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:
64bit: - [2014.10.29 02:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:
64bit: - [2014.10.29 02:16:17 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:
64bit: - [2014.10.29 02:13:24 | 000,374,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:
64bit: - [2014.10.29 02:13:02 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:
64bit: - [2014.10.29 02:12:36 | 000,407,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:
64bit: - [2014.10.29 02:12:22 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:
64bit: - [2014.10.29 02:11:10 | 001,639,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:
64bit: - [2014.10.29 02:05:09 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:
64bit: - [2014.10.29 01:48:52 | 000,562,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:
64bit: - [2014.10.29 01:46:48 | 001,348,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:
64bit: - [2014.10.29 01:35:51 | 001,668,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:
64bit: - [2014.08.12 07:15:40 | 000,198,192 | ---- | M] (Lenovo(beijing) Limited) [Auto | Running] -- C:\Windows\SysNative\LenovoWiFiHotspotSvr.exe -- (LenovoWiFiHotspotSvr)
SRV:
64bit: - [2014.08.12 07:13:15 | 000,104,696 | ---- | M] (Lenovo) [On_Demand | Stopped] -- c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe -- (TESHelper)
SRV:
64bit: - [2014.08.12 07:08:32 | 000,308,720 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe -- (PhoneCompanionVap)
SRV:
64bit: - [2014.08.12 07:08:32 | 000,288,240 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe -- (PhoneCompanionPusher)
SRV:
64bit: - [2014.05.22 02:29:04 | 000,584,960 | ---- | M] (LENOVO INCORPORATED.) [Auto | Running] -- C:\Program Files\Lenovo\iMController\SystemAgentService.exe -- (Lenovo System Agent Service)
SRV:
64bit: - [2014.03.12 02:16:02 | 000,282,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:
64bit: - [2013.08.22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:
64bit: - [2013.07.02 04:08:48 | 000,822,232 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe -- (Intel(R)
SRV:
64bit: - [2013.07.02 04:08:32 | 000,733,696 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe -- (Intel(R)
SRV:
64bit: - [2012.04.24 11:43:50 | 000,390,632 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV - [2015.10.05 09:48:46 | 001,135,416 | ---- | M] (Malwarebytes) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2015.05.07 16:05:40 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2015.03.29 23:54:24 | 062,382,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files (x86)\eLiska4\MSSQL10_50.ELISKA4CLIENT\MSSQL\Binn\sqlservr.exe -- (MSSQL$ELISKA4CLIENT)
SRV - [2015.03.29 23:53:36 | 000,442,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files (x86)\eLiska4\MSSQL10_50.ELISKA4CLIENT\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$ELISKA4CLIENT)
SRV - [2014.10.29 02:51:55 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2014.10.29 02:04:45 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2014.08.12 07:07:57 | 000,070,416 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe -- (LsvUIService)
SRV - [2014.08.12 06:59:32 | 000,033,040 | ---- | M] (Lenovo) [Auto | Running] -- C:\ProgramData\LenovoTransition\Server\x64\ymc.exe -- (ymc)
SRV - [2014.03.12 02:16:06 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014.02.26 06:17:38 | 000,319,104 | ---- | M] (Windows (R) Win 7 DDK provider) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2014.02.26 05:50:24 | 000,323,584 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent)
SRV - [2014.02.18 05:47:34 | 000,038,896 | ---- | M] (Lenovo(beijing) Limited) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe -- (LUService)
SRV - [2014.01.10 02:27:52 | 000,019,440 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Lenovo\Lenovo Recommends\Service\x64\LenovoRecommends.AppService.exe -- (LenovoRecommends.AppService)
SRV - [2013.08.22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012.04.24 22:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
========== Driver Services (SafeList) ==========
DRV:
64bit: - [2015.10.05 09:50:22 | 000,064,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:
64bit: - [2015.10.05 09:50:06 | 000,025,816 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:
64bit: - [2015.09.29 13:24:42 | 000,155,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:
64bit: - [2015.07.07 10:40:12 | 000,044,560 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:
64bit: - [2015.07.07 10:40:05 | 000,270,168 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:
64bit: - [2015.07.07 10:40:05 | 000,114,520 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:
64bit: - [2015.06.10 22:08:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:
64bit: - [2015.04.16 07:17:07 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:
64bit: - [2015.03.29 23:53:16 | 000,322,736 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0153.sys -- (RsFx0153)
DRV:
64bit: - [2015.03.20 02:56:10 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:
64bit: - [2015.03.17 18:26:06 | 000,467,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:
64bit: - [2015.03.13 05:03:31 | 000,239,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:
64bit: - [2015.03.09 03:02:51 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:
64bit: - [2015.03.04 11:25:11 | 000,377,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:
64bit: - [2014.11.10 19:06:59 | 000,136,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:
64bit: - [2014.10.29 04:59:47 | 000,415,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:
64bit: - [2014.10.29 04:57:42 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:
64bit: - [2014.10.29 04:56:04 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:
64bit: - [2014.10.29 03:46:43 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:
64bit: - [2014.10.29 03:46:09 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:
64bit: - [2014.10.29 03:45:54 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:
64bit: - [2014.10.29 03:45:39 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:
64bit: - [2014.10.29 03:45:16 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:
64bit: - [2014.10.15 09:32:36 | 000,921,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:
64bit: - [2014.10.13 03:43:17 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:
64bit: - [2014.10.13 03:43:17 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:
64bit: - [2014.10.07 07:54:45 | 000,189,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:
64bit: - [2014.10.07 07:44:39 | 000,069,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:
64bit: - [2014.08.15 01:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:
64bit: - [2014.08.12 07:16:41 | 000,035,576 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:
64bit: - [2014.04.17 09:38:36 | 000,111,336 | ---- | M] (GenesysLogic) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GeneStor.sys -- (GeneStor)
DRV:
64bit: - [2014.03.18 10:54:54 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:
64bit: - [2014.03.18 10:54:43 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:
64bit: - [2014.03.18 10:54:42 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:
64bit: - [2014.03.18 10:54:42 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:
64bit: - [2014.03.18 10:54:42 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:
64bit: - [2014.03.18 10:54:42 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:
64bit: - [2014.03.18 10:38:02 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:
64bit: - [2014.03.13 13:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\windows\SysNative\drivers\wof.sys -- (Wof)
DRV:
64bit: - [2014.03.07 17:26:44 | 000,450,520 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:
64bit: - [2014.03.07 17:18:24 | 003,729,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2014.03.07 06:53:16 | 003,892,224 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athwbx.sys -- (athr)
DRV:
64bit: - [2014.03.01 21:32:31 | 000,038,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:
64bit: - [2014.03.01 21:32:31 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:
64bit: - [2014.02.26 05:53:02 | 000,598,216 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:
64bit: - [2014.02.26 05:53:02 | 000,355,528 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:
64bit: - [2014.02.26 05:53:02 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:
64bit: - [2014.02.26 05:53:02 | 000,137,928 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:
64bit: - [2014.02.26 05:53:02 | 000,118,984 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:
64bit: - [2014.02.26 05:53:02 | 000,089,800 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:
64bit: - [2014.02.26 05:53:02 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:
64bit: - [2014.02.26 05:53:02 | 000,035,016 | ---- | M] (Qualcomm Atheros) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:
64bit: - [2014.02.25 08:55:48 | 000,532,720 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:
64bit: - [2014.02.25 08:55:46 | 000,034,544 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:
64bit: - [2014.01.21 12:10:06 | 009,105,624 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvc.sys -- (rtsuvc)
DRV:
64bit: - [2014.01.15 22:21:46 | 000,088,592 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TXEIx64.sys -- (TXEIx64)
DRV:
64bit: - [2013.12.18 04:35:22 | 000,839,896 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:
64bit: - [2013.08.22 14:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:
64bit: - [2013.08.22 14:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2013.08.22 13:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:
64bit: - [2013.08.22 13:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:
64bit: - [2013.08.22 13:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:
64bit: - [2013.08.22 13:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:
64bit: - [2013.08.22 13:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2013.08.22 13:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2013.08.22 13:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:
64bit: - [2013.08.22 13:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2013.08.22 13:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:
64bit: - [2013.08.22 13:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:
64bit: - [2013.08.22 13:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2013.08.22 13:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2013.08.22 13:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:
64bit: - [2013.08.22 13:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2013.08.22 13:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:
64bit: - [2013.08.22 13:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:
64bit: - [2013.08.22 13:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2013.08.22 13:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:
64bit: - [2013.08.22 13:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:
64bit: - [2013.08.22 13:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2013.08.22 13:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:
64bit: - [2013.08.22 13:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:
64bit: - [2013.08.22 13:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:
64bit: - [2013.08.22 13:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:
64bit: - [2013.08.22 13:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:
64bit: - [2013.08.22 12:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:
64bit: - [2013.08.22 12:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:
64bit: - [2013.08.22 12:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:
64bit: - [2013.08.22 12:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:
64bit: - [2013.08.22 12:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:
64bit: - [2013.08.22 12:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:
64bit: - [2013.08.22 12:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:
64bit: - [2013.08.22 12:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:
64bit: - [2013.08.22 12:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:
64bit: - [2013.08.22 12:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:
64bit: - [2013.08.22 12:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:
64bit: - [2013.08.22 12:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2013.08.22 12:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:
64bit: - [2013.08.22 12:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:
64bit: - [2013.08.22 12:36:31 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BTHPRINT.SYS -- (BTHprint)
DRV:
64bit: - [2013.08.22 12:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:
64bit: - [2013.08.22 09:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:
64bit: - [2013.08.13 00:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:
64bit: - [2013.08.10 01:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:
64bit: - [2013.07.30 19:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:
64bit: - [2013.07.25 20:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:
64bit: - [2013.06.18 15:45:43 | 004,649,440 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETwew02.sys -- (NETwNe64)
DRV:
64bit: - [2013.06.18 15:45:26 | 000,460,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1i63x64.sys -- (e1iexpress)
DRV:
64bit: - [2013.04.10 21:19:19 | 000,251,128 | ---- | M] (Pismo Technic Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pfmfs_853.sys -- (pfmfs_853)
DRV:
64bit: - [2012.06.14 01:10:32 | 000,102,376 | ---- | M] ("CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {1A699E11-5CDA-4037-861D-7A23910CAF09}
IE:
64bit: - HKLM\..\SearchScopes\{1A699E11-5CDA-4037-861D-7A23910CAF09}: "URL" =
http://www.bing.com/search?q={searchTer ... TR&pc=LCJB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {1A699E11-5CDA-4037-861D-7A23910CAF09}
IE - HKLM\..\SearchScopes\{1A699E11-5CDA-4037-861D-7A23910CAF09}: "URL" =
http://www.bing.com/search?q={searchTer ... TR&pc=LCJB
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-789525210-3307182626-2393355962-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-789525210-3307182626-2393355962-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
========== Chrome ==========
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah\1.4.20_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_1\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
O1 HOSTS File: ([2015.11.12 17:57:58 | 000,000,035 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:
64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O2:
64bit: - BHO: (ClassicIEBHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (ClassicIEBHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
O3:
64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O3:
64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:
64bit: - HKLM..\Run: [AutoStartTransition] C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe ()
O4:
64bit: - HKLM..\Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe (IvoSoft)
O4:
64bit: - HKLM..\Run: [Energy Manager] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo(beijing) Limited)
O4:
64bit: - HKLM..\Run: [Lenovo Utility] C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (Lenovo(beijing) Limited)
O4:
64bit: - HKLM..\Run: [PhoneCompanion] C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe (Lenovo)
O4:
64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:
64bit: - HKLM..\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:
64bit: - HKLM..\Run: [RtHDVBg_LENOVO_MICPKEY] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:
64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:
64bit: - HKLM..\Run: [RtsFT] C:\windows\RTFTrack.exe (Realtek semiconductor)
O4 - HKLM..\Run: [Lenovo Recommends] C:\Program Files (x86)\Lenovo\Lenovo Recommends\Lenovo Recommends.exe (Lenovo)
O4 - HKU\S-1-5-21-789525210-3307182626-2393355962-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-789525210-3307182626-2393355962-1001..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (Apple Inc.)
O4 - HKU\S-1-5-21-789525210-3307182626-2393355962-1001..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe (Apple Inc.)
O4 - HKU\S-1-5-21-789525210-3307182626-2393355962-1001..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\S-1-5-21-789525210-3307182626-2393355962-1001..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Qualcomm®Atheros®)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O9:
64bit: - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O9:
64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-789525210-3307182626-2393355962-1001\..Trusted Domains: csobpoj.cz ([app2] https in Trusted sites)
O15 - HKU\S-1-5-21-789525210-3307182626-2393355962-1001\..Trusted Domains:
http://127.0.0.1 ([]* in Trusted sites)
O15 - HKU\S-1-5-21-789525210-3307182626-2393355962-1001\..Trusted Domains:
http://localhost ([]* in Trusted sites)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}
http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9CE42EDD-626A-4BE9-B5A7-038A7B2EA4E1}: DhcpNameServer = 172.168.130.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C29E1424-C679-425D-844F-C8D9D838B717}: DhcpNameServer = 192.168.1.1
O18:
64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:
64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:
64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:
64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:
64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
Drivers32:
64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3acm - C:\windows\SysWow64\AC3ACM.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\windows\SysWow64\alf2cd.acm (NCT Company)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lame - C:\windows\SysWow64\lame.ax ()
Drivers32: msacm.scg726 - C:\windows\SysWow64\Scg726.acm (SHARP Corporation)
Drivers32: msacm.voxacm160 - C:\windows\SysWow64\vct3216.acm (Voxware, Inc.)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\windows\SysWow64\divx.dll (DivXNetworks, Inc.)
Drivers32: vidc.dvsd - C:\windows\SysWow64\mcdvd_32.dll (MainConcept)
Drivers32: vidc.LAGS - C:\windows\SysWow64\Lagarith.dll ( )
Drivers32: vidc.mp42 - C:\windows\SysWow64\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mp43 - C:\windows\SysWow64\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mpg4 - C:\windows\SysWow64\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.VP60 - C:\windows\SysWow64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\windows\SysWow64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP62 - C:\windows\SysWow64\vp6vfw.dll (On2.com)
Drivers32: vidc.xvid - C:\windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2015.11.13 12:39:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2015.11.13 08:52:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CMSSModel
[2015.11.13 08:52:43 | 000,000,000 | -H-D | C] -- C:\Model
[2015.11.12 19:25:00 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2015.11.12 19:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015.11.12 19:14:32 | 004,532,776 | ---- | C] (Piriform Ltd) -- C:\Users\User\Desktop\dfsetup219.exe
[2015.11.12 19:14:12 | 006,762,072 | ---- | C] (Piriform Ltd) -- C:\Users\User\Desktop\ccsetup511.exe
[2015.11.11 15:53:56 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Viry
[2015.11.11 05:41:46 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2015.11.11 05:41:45 | 000,397,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcryptprimitives.dll
[2015.11.11 05:41:45 | 000,137,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
[2015.11.11 05:41:45 | 000,106,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncryptsslp.dll
[2015.11.11 05:41:45 | 000,091,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncryptsslp.dll
[2015.11.11 05:41:44 | 000,445,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certcli.dll
[2015.11.11 05:41:44 | 000,340,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\bcryptprimitives.dll
[2015.11.11 05:41:43 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certcli.dll
[2015.11.11 05:41:26 | 000,183,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AuthHost.exe
[2015.11.11 05:41:25 | 007,455,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2015.11.11 05:41:25 | 001,659,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.efi
[2015.11.11 05:41:25 | 001,519,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.exe
[2015.11.11 05:41:25 | 001,487,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.efi
[2015.11.11 05:41:25 | 001,355,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.exe
[2015.11.11 05:41:22 | 000,136,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2015.11.11 05:41:21 | 002,243,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2015.11.11 05:41:21 | 000,891,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2015.11.11 05:41:21 | 000,721,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll
[2015.11.11 05:41:21 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUSettingsProvider.dll
[2015.11.11 05:41:21 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2015.11.11 05:41:21 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll
[2015.11.11 05:41:21 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2015.11.11 05:41:21 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll
[2015.11.11 05:41:21 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2015.11.11 05:41:21 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe
[2015.11.11 05:41:17 | 000,558,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\untfs.dll
[2015.11.11 05:41:17 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\untfs.dll
[2015.11.11 05:41:16 | 001,091,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localspl.dll
[2015.11.11 05:41:15 | 000,477,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\puiobj.dll
[2015.11.11 05:41:15 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\puiobj.dll
[2015.11.11 05:41:15 | 000,155,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\tpm.sys
[2015.11.11 05:41:14 | 001,380,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll
[2015.11.11 05:41:03 | 005,990,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2015.11.11 05:41:02 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2015.11.11 05:41:02 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2015.11.11 05:41:01 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2015.11.11 05:41:01 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2015.11.11 05:41:01 | 000,585,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2015.11.11 05:41:00 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2015.11.11 05:41:00 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2015.11.11 05:40:52 | 000,713,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nshwfp.dll
[2015.11.11 05:40:52 | 000,561,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nshwfp.dll
[2015.11.11 05:40:52 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FWPUCLNT.DLL
[2015.11.11 05:40:52 | 000,272,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FWPUCLNT.DLL
[2015.11.11 05:40:52 | 000,136,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\wfplwfs.sys
[2015.11.10 21:09:06 | 000,192,216 | ---- | C] (Malwarebytes) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2015.11.10 21:08:38 | 000,109,272 | ---- | C] (Malwarebytes) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2015.11.10 21:08:38 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys
[2015.11.10 21:08:38 | 000,025,816 | ---- | C] (Malwarebytes) -- C:\windows\SysNative\drivers\mbam.sys
[2015.11.10 21:08:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2015.11.10 21:08:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015.11.10 19:56:28 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2015.11.10 13:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2015.11.10 13:07:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2015.11.10 13:07:19 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2015.11.10 11:06:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2015.11.09 21:53:18 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\AVG
[2015.11.09 21:51:38 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\TuneUp Software
[2015.11.09 21:51:14 | 000,000,000 | -H-D | C] -- C:\$AVG
[2015.11.09 21:49:19 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\MFAData
[2015.11.09 21:49:19 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2015.11.09 21:48:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2015.11.09 21:48:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Avg
[2015.11.09 21:46:39 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\AvgSetupLog
[2015.11.09 21:46:39 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Avg
[2015.11.09 21:31:27 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2015.11.09 21:31:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iS3
[2015.11.06 19:13:07 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\IsolatedStorage
[2015.11.06 18:35:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\ČSOB_Pojišťovna,_a.s
[2015.10.30 10:41:58 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
[2015.10.30 10:41:46 | 000,000,000 | R--D | C] -- C:\Users\User\iCloudDrive
[2015.10.30 10:41:42 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Apple Inc
[2015.10.30 10:41:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\5D1F9447-A25A-434E-B17E-7C045F50AEB7.aplzod
[2015.10.30 10:32:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2015.10.27 12:06:39 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Unity
[2015.10.24 10:35:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2015.10.24 10:34:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2015.10.24 10:34:10 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2015.10.24 10:34:07 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2015.10.22 16:08:17 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2015.10.22 14:36:10 | 000,000,000 | R--D | C] -- C:\Users\User\AppData\Roaming\Brother
[2015.10.16 14:20:56 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Renča
[2015.10.15 14:57:21 | 001,290,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appraiser.dll
[2015.10.15 14:57:21 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\devinv.dll
[2015.10.15 14:57:20 | 000,699,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\invagent.dll
[2015.10.15 14:57:19 | 001,163,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2015.10.15 14:57:19 | 000,766,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\generaltel.dll
[2015.10.15 14:57:18 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\acmigration.dll
[2015.10.15 14:57:18 | 000,035,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CompatTelRunner.exe
[2015.10.15 12:54:43 | 001,354,240 | ---- | C] (CANON INC.) -- C:\windows\SysNative\CNC495C.dll
[2015.10.15 12:54:43 | 000,348,672 | ---- | C] (CANON INC.) -- C:\windows\SysNative\CNC495L.dll
[2015.10.15 12:54:43 | 000,307,200 | ---- | C] (CANON INC.) -- C:\windows\SysWow64\CNC495L.dll
[2015.10.15 12:54:43 | 000,112,128 | ---- | C] (CANON INC.) -- C:\windows\SysNative\CNC495I.dll
[2015.10.15 12:54:43 | 000,106,496 | ---- | C] (CANON INC.) -- C:\windows\SysWow64\CNC495U.dll
[2015.10.15 12:54:43 | 000,017,920 | ---- | C] (CANON INC.) -- C:\windows\SysNative\CNHMCA6.dll
[2015.10.15 12:54:43 | 000,015,872 | ---- | C] (CANON INC.) -- C:\windows\SysWow64\CNHMCA.dll
[2015.10.15 12:54:36 | 000,361,472 | ---- | C] (CANON INC.) -- C:\windows\SysNative\CNMLMA9.DLL
[2015.10.14 13:44:30 | 004,710,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d2d1.dll
[2015.10.14 13:42:51 | 001,134,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2015.10.14 13:42:21 | 000,686,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\advapi32.dll
[2015.10.14 13:40:57 | 000,669,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hhctrl.ocx
[2015.10.14 13:40:54 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\hhctrl.ocx
[2015.10.14 13:39:58 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NcdAutoSetup.dll
[2015.10.14 13:39:58 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-crt-stdio-l1-1-0.dll
[2015.10.14 13:39:58 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-crt-process-l1-1-0.dll
[2015.10.14 13:39:58 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-crt-environment-l1-1-0.dll
[2015.10.14 13:39:57 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-crt-stdio-l1-1-0.dll
[2015.10.14 13:39:57 | 000,016,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-crt-runtime-l1-1-0.dll
[2015.10.14 13:39:57 | 000,015,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-crt-convert-l1-1-0.dll
[2015.10.14 13:39:57 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-crt-time-l1-1-0.dll
[2015.10.14 13:39:57 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-crt-process-l1-1-0.dll
[2015.10.14 13:39:57 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-crt-conio-l1-1-0.dll
[2015.10.14 13:39:57 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-crt-utility-l1-1-0.dll
[2015.10.14 13:39:57 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-crt-utility-l1-1-0.dll
[2015.10.14 13:39:57 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-crt-locale-l1-1-0.dll
[2015.10.14 13:39:56 | 000,066,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-crt-private-l1-1-0.dll
[2015.10.14 13:39:56 | 000,063,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-crt-private-l1-1-0.dll
[2015.10.14 13:39:56 | 000,016,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-crt-runtime-l1-1-0.dll
[2015.10.14 13:39:56 | 000,015,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-crt-convert-l1-1-0.dll
[2015.10.14 13:39:56 | 000,013,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-crt-filesystem-l1-1-0.dll
[2015.10.14 13:39:56 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-crt-environment-l1-1-0.dll
[2015.10.14 13:39:54 | 000,901,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ucrtbase.dll
[2015.10.14 13:39:50 | 000,984,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ucrtbase.dll
[2015.10.14 13:39:50 | 000,022,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-crt-math-l1-1-0.dll
[2015.10.14 13:39:50 | 000,020,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-crt-math-l1-1-0.dll
[2015.10.14 13:39:50 | 000,019,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-crt-multibyte-l1-1-0.dll
[2015.10.14 13:39:50 | 000,019,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-crt-multibyte-l1-1-0.dll
[2015.10.14 13:39:50 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-crt-string-l1-1-0.dll
[2015.10.14 13:39:50 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-crt-string-l1-1-0.dll
[2015.10.14 13:39:50 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-crt-time-l1-1-0.dll
[2015.10.14 13:39:50 | 000,013,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-crt-filesystem-l1-1-0.dll
[2015.10.14 13:39:50 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-crt-heap-l1-1-0.dll
[2015.10.14 13:39:50 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-crt-conio-l1-1-0.dll
[2015.10.14 13:39:49 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-crt-locale-l1-1-0.dll
[2015.10.14 13:39:44 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-crt-heap-l1-1-0.dll
[2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2015.11.13 12:46:40 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015.11.13 12:39:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2015.11.13 11:23:01 | 000,004,489 | ---- | M] () -- C:\Users\User\Desktop\Bez názvu.png
[2015.11.13 11:18:35 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2015.11.13 11:14:19 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015.11.13 11:14:18 | 3338,219,520 | -HS- | M] () -- C:\hiberfil.sys
[2015.11.13 09:38:20 | 000,120,981 | ---- | M] () -- C:\Users\User\Desktop\Bez názvrewu.png
[2015.11.13 08:52:58 | 000,000,791 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\cmssservice.lnk
[2015.11.13 08:52:58 | 000,000,166 | ---- | M] () -- C:\Users\Public\Desktop\ČMSSModel.url
[2015.11.12 19:23:52 | 000,208,780 | ---- | M] () -- C:\Users\User\Documents\cc_20151112_192311.reg
[2015.11.12 19:15:59 | 004,532,776 | ---- | M] (Piriform Ltd) -- C:\Users\User\Desktop\dfsetup219.exe
[2015.11.12 19:15:18 | 006,762,072 | ---- | M] (Piriform Ltd) -- C:\Users\User\Desktop\ccsetup511.exe
[2015.11.12 17:57:58 | 000,000,035 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2015.11.12 16:07:32 | 000,805,266 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2015.11.12 16:07:32 | 000,787,818 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2015.11.12 16:07:32 | 000,160,264 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2015.11.12 16:07:31 | 001,929,746 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2015.11.12 16:07:31 | 000,176,282 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2015.11.11 21:13:23 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2015.11.11 21:08:07 | 000,491,704 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2015.11.03 01:23:06 | 000,810,488 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2015.11.03 01:23:06 | 000,176,632 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2015.10.31 00:24:50 | 000,585,728 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2015.10.31 00:11:51 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2015.10.31 00:11:46 | 005,990,912 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2015.10.30 23:36:24 | 000,663,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2015.10.30 23:32:13 | 000,720,896 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2015.10.30 23:31:26 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2015.10.30 22:53:01 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2015.10.30 22:46:02 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2015.10.22 14:59:58 | 000,000,423 | ---- | M] () -- C:\windows\BRWMARK.INI
[2015.10.20 22:54:41 | 000,136,904 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2015.10.20 15:36:47 | 002,243,072 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2015.10.20 15:35:00 | 000,891,904 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2015.10.20 15:34:36 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\WUSettingsProvider.dll
[2015.10.20 15:34:00 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2015.10.20 15:34:00 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2015.10.20 15:33:59 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2015.10.20 15:14:07 | 000,721,920 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll
[2015.10.20 15:13:13 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll
[2015.10.20 15:13:13 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll
[2015.10.20 15:13:13 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe
[2015.10.15 00:02:56 | 001,659,560 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\winload.efi
[2015.10.15 00:02:56 | 001,519,592 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\winload.exe
[2015.10.15 00:02:56 | 001,487,008 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\winresume.efi
[2015.10.15 00:02:56 | 001,355,848 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\winresume.exe
[2015.10.15 00:02:40 | 007,455,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2015.11.13 12:46:40 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015.11.13 11:23:01 | 000,004,489 | ---- | C] () -- C:\Users\User\Desktop\Bez názvu.png
[2015.11.13 09:37:11 | 000,120,981 | ---- | C] () -- C:\Users\User\Desktop\Bez názvrewu.png
[2015.11.13 08:52:58 | 000,000,791 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\cmssservice.lnk
[2015.11.13 08:52:58 | 000,000,166 | ---- | C] () -- C:\Users\Public\Desktop\ČMSSModel.url
[2015.11.12 19:23:30 | 000,208,780 | ---- | C] () -- C:\Users\User\Documents\cc_20151112_192311.reg
[2015.11.11 05:41:47 | 000,414,559 | ---- | C] () -- C:\windows\SysNative\ApnDatabase.xml
[2015.11.10 10:46:50 | 000,000,283 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Koš.lnk
[2015.10.15 12:54:43 | 000,012,800 | ---- | C] () -- C:\windows\SysWow64\CNC1747D.TBL
[2015.10.11 11:01:40 | 000,216,064 | ---- | C] ( ) -- C:\windows\SysWow64\Lagarith.dll
[2015.10.11 11:01:38 | 000,524,288 | ---- | C] () -- C:\windows\SysWow64\xvidcore.dll
[2015.10.11 11:01:38 | 000,139,264 | ---- | C] () -- C:\windows\SysWow64\xvidvfw.dll
[2015.10.02 08:11:13 | 000,000,423 | ---- | C] () -- C:\windows\BRWMARK.INI
[2015.10.02 08:11:13 | 000,000,034 | ---- | C] () -- C:\windows\SysWow64\BD2030.DAT
[2015.10.01 20:20:21 | 000,107,008 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2015.10.01 20:16:15 | 000,046,080 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2015.10.01 15:03:32 | 000,000,161 | ---- | C] () -- C:\windows\AutoKMS.ini
[2014.08.12 06:56:49 | 000,001,137 | ---- | C] () -- C:\windows\PEIS_PreloadData.ini
[2014.08.12 06:14:43 | 000,172,097 | ---- | C] () -- C:\windows\SysWow64\NoMSGuninstall.exe
[2014.08.12 06:14:43 | 000,053,248 | ---- | C] () -- C:\windows\SysWow64\UMonit64.exe
[2014.08.12 06:14:43 | 000,001,519 | ---- | C] () -- C:\windows\SysWow64\_IconCfg0.ini
[2014.08.12 06:14:43 | 000,000,973 | ---- | C] () -- C:\windows\SysWow64\ProductName.ini
[2014.08.12 06:14:43 | 000,000,184 | ---- | C] () -- C:\windows\SysWow64\IconCfg0.ini
[2014.08.12 06:14:32 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2014.08.11 13:44:49 | 000,068,608 | ---- | C] () -- C:\windows\SysWow64\igfxexps32.dll
[2014.08.11 13:44:43 | 000,342,944 | ---- | C] () -- C:\windows\SysWow64\igdmd32.dll
[2014.08.11 13:44:37 | 000,183,296 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2014.08.11 13:44:37 | 000,142,848 | ---- | C] () -- C:\windows\SysWow64\igdail32.dll
[2014.03.18 10:55:08 | 000,002,255 | ---- | C] () -- C:\windows\SysWow64\WimBootCompress.ini
========== ZeroAccess Check ==========
[2015.10.01 15:38:15 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.08.27 03:43:09 | 022,372,152 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.08.27 03:42:51 | 019,795,904 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014.10.29 02:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014.10.29 01:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014.10.29 02:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2015.10.02 10:33:03 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\(C0-1A-DA-42-40-91)
[2015.11.09 21:53:18 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\AVG
[2015.10.01 15:24:17 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ClassicShell
[2015.10.11 10:18:26 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DVDVideoSoft
[2015.10.11 11:02:20 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\FlashIntegro
[2015.09.21 10:46:41 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Hightail for Lenovo
[2015.10.01 15:29:51 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Praguesoft s.r.o
[2015.10.02 08:19:57 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TeamViewer
[2015.11.09 21:51:38 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TuneUp Software
[2015.10.02 14:22:19 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Wargaming.net
========== Purity Check ==========
========== Custom Scans ==========
< >
[2013.08.22 15:45:54 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
< >
< MD5 for: AGP440.SYS >
[2013.08.22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\windows\SysNative\drivers\AGP440.sys
[2013.08.22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_36be84f8fc597ea3\AGP440.sys
[2013.08.22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17238_none_ab0b455c927bd60f\AGP440.sys
[2015.10.06 08:39:36 | 000,000,012 | ---- | M] () MD5=AC26F500DB64617F336315BB5A0FDBE1 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\AGP440.sys
< MD5 for: ATAPI.SYS >
[2013.08.22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\windows\SysNative\drivers\atapi.sys
[2013.08.22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_64aa4354da84c2df\atapi.sys
[2013.08.22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.3.9600.16384_none_cdf68824f580d510\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2014.03.18 10:55:08 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\SysWOW64\autochk.exe
[2014.03.18 10:55:08 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_76c6a414dd35029f\autochk.exe
[2014.03.18 10:54:53 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\windows\SysNative\autochk.exe
[2014.03.18 10:54:53 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_d2e53f98959273d5\autochk.exe
< MD5 for: CDROM.SYS >
[2013.08.22 09:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\windows\SysNative\drivers\cdrom.sys
[2013.08.22 09:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_42e9c29f0affc440\cdrom.sys
[2013.08.22 09:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.3.9600.16384_none_5067bbed77be70be\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2015.10.06 08:52:52 | 000,018,016 | ---- | M] () MD5=14E1348B6D5DD39C23C2F8FE569B52E0 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.3.9600.16384_none_66bdf96f6ec6545d\cryptsvc.dll
[2014.10.29 02:27:24 | 000,131,584 | ---- | M] (Microsoft Corporation) MD5=6324F0D18FB52833BA64BC828E29054C -- C:\windows\SysNative\cryptsvc.dll
[2014.10.29 02:27:24 | 000,131,584 | ---- | M] (Microsoft Corporation) MD5=6324F0D18FB52833BA64BC828E29054C -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.3.9600.17415_none_670a944b6e8cc0e5\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2010.03.13 07:47:22 | 000,006,440 | ---- | M] () MD5=ACD301711FC165ED77A8D364D407BAF9 -- C:\Program Files\CyberLink\PowerDirector10\EventLog.dll
< MD5 for: EXPLORER.EXE >
[2015.10.06 09:13:11 | 000,406,329 | ---- | M] () MD5=025BA45EB718AE0DE32895BE9F020387 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_42adfbb14d868a5d\explorer.exe
[2015.10.06 12:50:12 | 000,346,045 | ---- | M] () MD5=04070828E1AE13385991A06123A9F287 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_4cfaa3b381ee81a0\explorer.exe
[2015.10.06 09:13:17 | 000,087,190 | ---- | M] () MD5=1BF154F7BFAE2B9E0545FB09946C1817 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17415_none_42bfa1f94d79e1bb\explorer.exe
[2015.10.06 09:13:04 | 000,406,497 | ---- | M] () MD5=1F499FDDEBB43C93D9C844D81ACC755C -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_42a5f9614d8dbfa5\explorer.exe
[2015.10.06 12:50:23 | 000,345,923 | ---- | M] () MD5=2C862CE86A0FA1E02E1518B5E20FC35E -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_4d02a60381e74c58\explorer.exe
[2015.10.06 12:50:33 | 000,107,122 | ---- | M] () MD5=52063502D4A2E28FEBEA781D0EE5C453 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17415_none_4d144c4b81daa3b6\explorer.exe
[2015.01.28 00:41:17 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=91E24273FCA076EA9E65DAFA98901225 -- C:\Windows\SysWOW64\explorer.exe
[2015.01.28 00:41:17 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=91E24273FCA076EA9E65DAFA98901225 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17667_none_4ce0410f82015c67\explorer.exe
[2015.01.28 00:47:12 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=C10A66189DC8C090E7C84873EDCEBC88 -- C:\Windows\explorer.exe
[2015.01.28 00:47:12 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=C10A66189DC8C090E7C84873EDCEBC88 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17667_none_428b96bd4da09a6c\explorer.exe
< MD5 for: HAL.DLL >
[2014.06.02 03:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\windows\SysNative\hal.dll
[2014.06.02 03:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17196_none_9bde68c32da7abbb\hal.dll
[2015.10.06 09:17:43 | 000,024,467 | ---- | M] () MD5=2635F50EAF3E1B4A8D32B21E1203E130 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17031_none_9c1a44f32d7b883b\hal.dll
< MD5 for: IASTORV.SYS >
[2013.08.22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\windows\SysNative\drivers\iaStorV.sys
[2013.08.22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_5069105fb236ae4b\iaStorV.sys
[2013.08.22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_6.3.9600.16384_none_9fcfb2835bbf0103\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2013.08.22 13:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\windows\SysNative\drivers\isapnp.sys
[2013.08.22 13:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_36be84f8fc597ea3\isapnp.sys
[2013.08.22 13:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17238_none_ab0b455c927bd60f\isapnp.sys
[2015.10.06 08:39:37 | 000,000,012 | ---- | M] () MD5=AC26F500DB64617F336315BB5A0FDBE1 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\isapnp.sys
< MD5 for: LSASS.EXE >
[2014.10.29 04:51:48 | 000,047,024 | ---- | M] (Microsoft Corporation) MD5=382100E75B6F4668AEAEF228C6CEFFAD -- C:\windows\SysNative\lsass.exe
[2014.10.29 04:51:48 | 000,047,024 | ---- | M] (Microsoft Corporation) MD5=382100E75B6F4668AEAEF228C6CEFFAD -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.17415_none_2e769c84660bda1b\lsass.exe
[2015.10.06 09:46:14 | 000,008,089 | ---- | M] () MD5=3FFB8CD649DEDA6497FD97550BE82357 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.16408_none_2e8484166600f08e\lsass.exe
< MD5 for: NDIS.SYS >
[2015.10.06 10:03:50 | 000,165,519 | ---- | M] () MD5=07CE116810C119B65E9DEFA34E50C00D -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17031_none_4a46d083fbdd5ca3\ndis.sys
[2015.07.14 22:59:47 | 001,113,944 | ---- | M] (Microsoft Corporation) MD5=97DC5967F65503213FD1F1B3E4A6F983 -- C:\windows\SysNative\drivers\ndis.sys
[2015.07.14 22:59:47 | 001,113,944 | ---- | M] (Microsoft Corporation) MD5=97DC5967F65503213FD1F1B3E4A6F983 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17933_none_4a48e22dfbdb75b0\ndis.sys
[2015.10.06 10:03:53 | 000,083,281 | ---- | M] () MD5=E47216FC1C4FCA5C1A9E3BBB79EA37FD -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17399_none_4a0df8fdfc06c676\ndis.sys
< MD5 for: NETLOGON.DLL >
[2014.10.29 02:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) MD5=02D117FC638B768BD1A15F8000B83EAE -- C:\windows\SysNative\netlogon.dll
[2014.10.29 02:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) MD5=02D117FC638B768BD1A15F8000B83EAE -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17415_none_eec2b22a0bb75b53\netlogon.dll
[2015.10.06 10:20:26 | 000,125,384 | ---- | M] () MD5=45C2C2EA335BD7FF360C7F006B915766 -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_ee9e39a60bd3552e\netlogon.dll
[2015.10.06 13:17:40 | 000,104,557 | ---- | M] () MD5=8203890854F74B5ACB9E8920EE24C826 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_f8cac1a04051b0c6\netlogon.dll
[2015.10.06 13:17:43 | 000,105,907 | ---- | M] () MD5=B25E2DE4078511EB1747FA0BDB6E4FC5 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_f8f2e3f840341729\netlogon.dll
[2015.10.06 10:20:24 | 000,123,829 | ---- | M] () MD5=C5EFDD0CD180E1CEB92294BF4B7F07A1 -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_ee76174e0bf0eecb\netlogon.dll
[2014.10.29 02:02:34 | 000,695,296 | ---- | M] (Microsoft Corporation) MD5=CCEC6CB98A00ECE7F5AFB9C0FC9427B3 -- C:\Windows\SysWOW64\netlogon.dll
[2014.10.29 02:02:34 | 000,695,296 | ---- | M] (Microsoft Corporation) MD5=CCEC6CB98A00ECE7F5AFB9C0FC9427B3 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17415_none_f9175c7c40181d4e\netlogon.dll
< MD5 for: NVRAID.SYS >
[2013.08.22 13:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\windows\SysNative\drivers\nvraid.sys
[2013.08.22 13:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvraid.sys
[2013.08.22 13:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2013.08.22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\windows\SysNative\drivers\nvstor.sys
[2013.08.22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvstor.sys
[2013.08.22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvstor.sys
< MD5 for: SCECLI.DLL >
[2015.10.06 13:15:55 | 000,042,572 | ---- | M] () MD5=22CDB04B964A8D34C42BB7ED150784F8 -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_3320ecb8e1733781\scecli.dll
[2015.10.06 10:18:39 | 000,045,911 | ---- | M] () MD5=878EBE290BED3EE6AC21BF4EE1458F67 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_28cc4266ad127586\scecli.dll
[2014.10.29 02:23:16 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=9A475B8F19A15BFDE8DF84E40ECAE8AA -- C:\windows\SysNative\scecli.dll
[2014.10.29 02:23:16 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=9A475B8F19A15BFDE8DF84E40ECAE8AA -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.17415_none_2918dd42acd8e20e\scecli.dll
[2014.10.29 02:01:41 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=FB740FE549197E7B08021EF30327921D -- C:\Windows\SysWOW64\scecli.dll
[2014.10.29 02:01:41 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=FB740FE549197E7B08021EF30327921D -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.17415_none_336d8794e139a409\scecli.dll
< MD5 for: SMSS.EXE >
[2014.03.18 10:54:43 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\windows\SysNative\smss.exe
[2014.03.18 10:54:43 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.17031_none_6f522891bc9cbe45\smss.exe
< MD5 for: SVCHOST.EXE >
[2015.10.06 14:30:58 | 000,007,517 | ---- | M] () MD5=73AA583D4FB0F05C313B38C091D94804 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_4a5b1e2820e75323\svchost.exe
[2015.10.06 10:20:44 | 000,007,559 | ---- | M] () MD5=CFE97816CBBEF783FD8634109F1877D2 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459\svchost.exe
[2014.10.29 04:17:51 | 000,033,088 | ---- | M] (Microsoft Corporation) MD5=D0ABC231C0B3E88C6B612B28ABBF734D -- C:\Windows\SysWOW64\svchost.exe
[2014.10.29 04:17:51 | 000,033,088 | ---- | M] (Microsoft Corporation) MD5=D0ABC231C0B3E88C6B612B28ABBF734D -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.17415_none_4aa7b90420adbfab\svchost.exe
[2014.10.29 05:11:20 | 000,038,792 | ---- | M] (Microsoft Corporation) MD5=E3A2AD05E24105B35E986CF9CB38EC47 -- C:\windows\SysNative\svchost.exe
[2014.10.29 05:11:20 | 000,038,792 | ---- | M] (Microsoft Corporation) MD5=E3A2AD05E24105B35E986CF9CB38EC47 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.17415_none_a6c65487d90b30e1\svchost.exe
[2015.10.05 09:48:32 | 000,893,752 | ---- | M] (MalwareBytes) MD5=E9A75E4B409A01E52055CE7CCA7FF925 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
< MD5 for: TCPIP.SYS >
[2014.04.03 08:59:18 | 002,518,872 | ---- | M] (Microsoft Corporation) MD5=4B666AE119D2ADBAC816BEA7DB4D6881 -- C:\Windows\SoftwareDistribution\Download\200d6be154b0c1b51536b68996f23a43\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17088_none_a3e0570b3a59cef2\tcpip.sys
[2015.10.06 10:47:36 | 000,288,350 | ---- | M] () MD5=5942F26DD54126E0D5D65D5EB834CC0B -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17415_none_a4290d393a23b3f2\tcpip.sys
[2015.10.06 10:47:15 | 000,483,332 | ---- | M] () MD5=59C36E883892CDA122493F39725AD498 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17085_none_a3dd562d3a5c82ed\tcpip.sys
[2015.10.06 10:46:50 | 000,526,770 | ---- | M] () MD5=61C0AF328195C83F6927193C91D8619B -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16521_none_a41a54d33a2f4e0d\tcpip.sys
[2015.06.11 21:12:57 | 002,476,376 | ---- | M] (Microsoft Corporation) MD5=746DDF7D59AB8D721C88D48434597E8D -- C:\windows\SysNative\drivers\tcpip.sys
[2015.06.11 21:12:57 | 002,476,376 | ---- | M] (Microsoft Corporation) MD5=746DDF7D59AB8D721C88D48434597E8D -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17903_none_a431e60f3a1d5716\tcpip.sys
[2015.10.06 10:47:05 | 000,483,044 | ---- | M] () MD5=9DA504195BE369DC6EA78F636FA30667 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17039_none_a41766f13a305c94\tcpip.sys
[2015.10.06 10:47:26 | 000,481,946 | ---- | M] () MD5=EA334A4CD901A652B2A6F5FA401103B3 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17136_none_a41467f93a330db6\tcpip.sys
< MD5 for: USERINIT.EXE >
[2015.10.06 10:56:08 | 000,002,671 | ---- | M] () MD5=061AC3BD7ADC5DCBA6AC0F23895266F8 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_cce71a20a5a6fe7f\userinit.exe
[2015.10.06 14:39:42 | 000,004,269 | ---- | M] () MD5=1AE98168631581DE1343C3A87A6CBCA9 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_70c87e9ced498d49\userinit.exe
[2014.10.29 02:28:08 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=5C131534A3EA4A461A793FB507A8004F -- C:\windows\SysNative\userinit.exe
[2014.10.29 02:28:08 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=5C131534A3EA4A461A793FB507A8004F -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.17415_none_cd33b4fca56d6b07\userinit.exe
[2014.10.29 02:05:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=D10643FC0095434C819316CA6CD748C0 -- C:\Windows\SysWOW64\userinit.exe
[2014.10.29 02:05:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=D10643FC0095434C819316CA6CD748C0 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.17415_none_71151978ed0ff9d1\userinit.exe
< MD5 for: WINLOGON.EXE >
[2015.10.06 11:04:08 | 000,100,951 | ---- | M] () MD5=A176623494AF009927242266EF51DCFB -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17031_none_60b45365a8c2ccdb\winlogon.exe
[2015.10.05 09:48:32 | 000,893,752 | ---- | M] (MalwareBytes) MD5=E9A75E4B409A01E52055CE7CCA7FF925 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2014.10.29 02:22:52 | 000,572,416 | ---- | M] (Microsoft Corporation) MD5=EC498BAE1F0D3E0E401C963F8D76C437 -- C:\windows\SysNative\winlogon.exe
[2014.10.29 02:22:52 | 000,572,416 | ---- | M] (Microsoft Corporation) MD5=EC498BAE1F0D3E0E401C963F8D76C437 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17415_none_60cdfbfda8aeeef1\winlogon.exe
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Vypnete antivir, at nebrani programu v praci.
