Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zablokování PC Policií ČR

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní: http://forum.viry.cz/viewtopic.php?f=12&t=123975 . Děkujeme za pochopení.
Zamčeno
Zpráva
Autor
Phreak
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 20 led 2013 13:55

Zablokování PC Policií ČR

#1 Příspěvek od Phreak »

Dobrý den,
mám stejný problém jako se řešil zde http://forum.viry.cz/viewtopic.php?f=4& ... 1&start=15

Postupoval jsem podle návodu, ComboFix jsem spustil v nouzovém režimu, ale objevovala se hláška o běžícím NOD32, nicméně ve správci úloh ani mezi spuštěnými službami nebyl.

Prosím o pomoc a kontrolu logu CF.

Děkuji!

ComboFix 13-01-17.04 - Phreak 20.01.2013 13:39:58.1.4 - x64 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4073.3457 [GMT 1:00]
Spuštěný z: c:\users\Phreak\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\dsgsdgdsgdsgw.pad
c:\programdata\FullRemove.exe
c:\users\Phreak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
c:\users\Phreak\wgsdgsdgdsgsd.exe
c:\windows\AsPatch10430001.exe
c:\windows\msxml4-KB954430-enu.LOG
c:\windows\msxml4-KB973688-enu.LOG
c:\windows\system\msvbvm60.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-20 do 2013-01-20 )))))))))))))))))))))))))))))))
.
.
2013-01-20 12:43 . 2013-01-20 12:43 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-20 12:43 . 2013-01-20 12:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-20 11:54 . 2013-01-20 11:54 67 ----a-w- c:\programdata\dsgsdgdsgdsgw.bat
2013-01-20 11:54 . 2013-01-20 11:54 159 ----a-w- c:\programdata\dsgsdgdsgdsgw.reg
2013-01-20 11:54 . 2013-01-20 11:54 -------- d-----w- c:\windows\Sun
2013-01-20 11:43 . 2013-01-20 11:43 -------- d--h--w- c:\programdata\.syncID
2013-01-19 15:16 . 2013-01-19 15:16 -------- d-----w- c:\users\Phreak\AppData\Local\DVD-RB Pro
2013-01-19 15:15 . 2013-01-19 15:18 -------- d-----w- c:\program files (x86)\DVD-RB PRO
2013-01-19 15:14 . 2013-01-19 15:14 -------- d-----w- c:\program files (x86)\AviSynth 2.5
2013-01-19 15:13 . 2013-01-19 15:13 -------- d-----w- c:\program files (x86)\Custom Technology
2013-01-19 15:13 . 2004-02-23 00:00 1386496 ----a-w- c:\windows\system32\MSVBVM60.DLL
2013-01-19 05:26 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{98B82CB7-5E74-40AF-BD3E-81D26D62E35B}\mpengine.dll
2013-01-13 16:41 . 2013-01-13 20:03 -------- d-----w- c:\users\Phreak\AppData\Roaming\Trados
2013-01-10 19:08 . 2013-01-10 19:08 -------- d-----w- c:\program files (x86)\URUSoft
2013-01-09 20:52 . 2012-11-30 05:41 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-01-06 11:11 . 2013-01-06 11:16 -------- d-----w- c:\users\Phreak\AppData\Roaming\SDL
2013-01-06 11:11 . 2013-01-06 11:11 -------- d-----w- c:\users\Phreak\AppData\Local\SDL
2013-01-06 11:08 . 2013-01-06 11:08 -------- d-----w- c:\program files (x86)\Common Files\SDL
2013-01-06 11:08 . 2013-01-06 11:08 -------- d-----w- c:\program files (x86)\MSXML 4.0
2013-01-06 11:06 . 2013-01-06 11:11 -------- d-----w- c:\programdata\SDL
2013-01-06 11:06 . 2013-01-06 11:09 -------- d-----w- c:\program files (x86)\SDL
2013-01-06 11:04 . 2013-01-06 11:04 -------- d-----w- c:\users\Phreak\AppData\Local\GHISLER
2013-01-06 11:04 . 2013-01-06 11:04 -------- d-----w- C:\totalcmd
2013-01-06 11:04 . 2013-01-06 11:04 -------- d-----w- c:\users\Phreak\AppData\Roaming\GHISLER
2013-01-06 10:40 . 2013-01-06 10:40 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared
2013-01-06 10:40 . 2013-01-13 16:41 -------- d-----w- c:\programdata\SDL International
2013-01-06 10:40 . 2013-01-06 11:04 -------- d-----w- c:\program files (x86)\SDL International
2013-01-06 10:38 . 2013-01-06 10:38 -------- d-----w- c:\users\Phreak\AppData\Local\ElevatedDiagnostics
2013-01-06 10:24 . 2013-01-06 10:24 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Šablony
2013-01-06 10:24 . 2013-01-06 10:24 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Soubory cookie
2013-01-06 10:24 . 2013-01-06 10:24 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Poslední
2013-01-06 10:24 . 2013-01-06 10:24 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Okolní tiskárny
2013-01-06 10:24 . 2013-01-06 10:24 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Okolní síť
2013-01-06 10:24 . 2013-01-06 10:24 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Nabídka Start
2013-01-06 10:24 . 2013-01-06 10:24 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Dokumenty
2013-01-06 10:24 . 2013-01-06 10:24 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Data aplikací
2013-01-06 10:16 . 2013-01-06 10:16 -------- d-----w- c:\users\Phreak\AppData\Local\Sun
2013-01-05 18:32 . 2013-01-19 13:33 -------- d-----w- c:\users\Phreak\AppData\Local\Deployment
2013-01-05 11:58 . 2013-01-19 14:53 -------- d-----w- c:\users\Phreak\AppData\Roaming\PotPlayerMini64
2013-01-05 11:58 . 2013-01-05 11:58 -------- d-----w- c:\users\Phreak\AppData\Local\Daum
2013-01-05 11:49 . 2013-01-05 11:49 -------- d-----w- c:\program files\DAUM
2013-01-02 20:58 . 2013-01-05 18:02 -------- d-----w- c:\users\Phreak\AppData\Roaming\BSplayer
2013-01-02 20:58 . 2013-01-02 20:58 -------- d-----w- c:\users\Phreak\AppData\Roaming\BSplayer Pro
2013-01-02 20:58 . 2013-01-05 18:02 -------- d-----w- c:\program files (x86)\Webteh
2012-12-31 10:04 . 2012-12-31 10:04 -------- d-----w- c:\users\Phreak\AppData\Roaming\UltraVNC
2012-12-31 10:04 . 2012-12-31 10:04 -------- d-----w- c:\program files\uvnc bvba
2012-12-27 19:52 . 2012-12-27 19:52 -------- d-----w- c:\users\Phreak\AppData\Roaming\Nero
2012-12-27 19:51 . 2012-12-27 19:51 -------- d-----w- c:\program files (x86)\Common Files\Nero
2012-12-27 19:51 . 2012-12-27 19:52 -------- d-----w- c:\program files (x86)\Nero
2012-12-27 19:51 . 2012-12-27 19:51 -------- d-----w- c:\programdata\Nero
2012-12-24 10:00 . 2012-12-24 10:00 -------- d-----w- c:\users\Phreak\.objectdb
2012-12-24 10:00 . 2012-12-24 10:00 -------- d-----w- c:\users\Phreak\AppData\Roaming\VitySoft
2012-12-21 17:57 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 17:57 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 17:57 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 17:57 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-20 11:38 . 2012-05-26 12:51 45056 ----a-w- c:\windows\SysWow64\acovcnt.exe
2013-01-10 18:22 . 2012-06-11 18:33 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-10 18:22 . 2012-06-11 18:33 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-30 04:45 . 2013-01-09 20:52 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-14 07:06 . 2012-12-15 15:56 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-15 15:56 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-15 15:56 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-15 15:56 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-15 15:56 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-15 15:56 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-15 15:56 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-15 15:56 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-15 15:56 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-15 15:56 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-15 15:56 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-15 15:56 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-15 15:56 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-15 15:56 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-15 15:56 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-15 15:56 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-15 15:56 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-15 15:56 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-15 15:56 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-15 15:56 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-15 15:56 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-15 15:56 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-15 11:22 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-15 11:22 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-02 05:59 . 2012-12-15 11:21 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-15 11:21 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
"DIMProbíhá stahování aktualizace...1338924290338"="c:\program files\Corel\CorelDRAW Graphics Suite X6\Draw\DIM.EXE" [2012-02-23 237944]
"Xvid"="c:\program files (x86)\Xvid\CheckUpdate.exe" [2011-01-17 8192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-01 2018032]
"FLxHCIm"="c:\program files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" [2011-04-08 43008]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"USBChargerPlusTray"="c:\program files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe" [2011-04-18 496560]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2011-09-15 3058304]
"THX TruStudio NB Settings"="c:\program files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" [2011-03-17 909312]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"CPMonitor"="c:\program files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe" [2011-04-01 84464]
"VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2011-04-08 45448]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
c:\users\Phreak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel(R) Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-4-1 548528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Shell"="c:\progra~3\dsgsdgdsgdsgw.bat"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
R1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
R1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 141264]
R2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 AsusUacSvc;Asus process privilege adjust service;c:\program files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe [2010-07-27 113840]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400]
R2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 168544]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-08-12 810144]
R2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 126320]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64;c:\program files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
R2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
R2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2011-03-26 91464]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-09-15 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-09-15 79360]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
R3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-17 32344]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2010-08-03 290920]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-21 471144]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-05-27 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys [2011-02-26 16768]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [2011-04-08 177152]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [2011-04-08 56320]
S3 fspad_win764;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_win764;c:\windows\system32\DRIVERS\fspad_win764.sys [2011-06-19 53760]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-11 18:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-04-07 11788392]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-13 617120]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-13 379552]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2010-09-14 25600]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2916584]
.
------- Doplňkový sken -------
.
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: Interfaces\{3DD89796-9CEF-41B5-B897-08CF54B9A351}: NameServer = 192.168.30.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-Syncables - c:\program files (x86)\syncables\syncables desktop\Syncables.exe
Wow6432Node-HKLM-Run-SunJavaUpdateSched - c:\program files (x86)\Java\jre7\bin\jusched.exe
Toolbar-Locked - (no file)
HKLM-Run-fspuip - c:\program files (x86)\FSP\fspuip.exe
HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-01-20 13:45:04
ComboFix-quarantined-files.txt 2013-01-20 12:45
.
Před spuštěním: Volných bajtů: 28 690 788 352
Po spuštění: Volných bajtů: 29 403 820 032
.
- - End Of File - - D6B632E850ABD2181E9353329DF78C16
Nahoru
Phreak
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 20 led 2013 13:55

Re: Zablokování PC Policií ČR

#2 Příspěvek od Phreak »

Omlouvám se,
po přečtení začátku původního příspěvku mi došlo, že jsem postupoval nesprávně - příště (snad již žádné příště nebude) si určitě dám pozor.

Děkuji za pomoc i v této nestandardní situaci.

OTL.txt

OTL logfile created on: 20.1.2013 17:07:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Phreak\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,98 Gb Total Physical Memory | 1,72 Gb Available Physical Memory | 43,35% Memory free
3,98 Gb Paging File | 1,67 Gb Available in Paging File | 41,99% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186,30 Gb Total Space | 27,22 Gb Free Space | 14,61% Space Free | Partition Type: NTFS
Drive D: | 254,45 Gb Total Space | 56,08 Gb Free Space | 22,04% Space Free | Partition Type: NTFS
Drive F: | 14,92 Gb Total Space | 6,59 Gb Free Space | 44,17% Space Free | Partition Type: FAT32
Drive H: | 3,87 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: BISHOP | User Name: Phreak | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.01.20 17:03:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Phreak\Desktop\OTL.exe
PRC - [2012.12.25 19:59:59 | 000,879,080 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.10.02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.10.02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.02.02 16:33:32 | 002,321,072 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2011.12.23 16:39:38 | 000,174,720 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2011.12.22 19:58:42 | 000,318,080 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2011.11.21 14:22:08 | 000,080,512 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2011.11.21 14:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2011.10.24 17:20:38 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2011.09.15 12:17:55 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2011.05.30 21:48:18 | 000,082,944 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
PRC - [2011.05.30 21:48:16 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\SysWOW64\ACEngSvr.exe
PRC - [2011.04.19 00:51:32 | 000,496,560 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2011.04.08 05:26:24 | 000,045,448 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
PRC - [2011.04.01 11:23:14 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
PRC - [2011.03.26 01:55:16 | 000,091,464 | ---- | M] () -- C:\ExpressGateUtil\VAWinService.exe
PRC - [2011.03.17 02:31:54 | 000,909,312 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
PRC - [2011.03.13 18:59:18 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2010.10.14 22:38:34 | 000,653,952 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
PRC - [2010.10.06 05:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.10.06 05:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.08.12 13:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2010.07.27 18:40:16 | 000,113,840 | ---- | M] () -- C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe
PRC - [2010.07.19 20:26:00 | 000,370,480 | ---- | M] (syncables, LLC) -- C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
PRC - [2009.11.02 22:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.06.19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2008.12.22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008.08.13 21:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2007.11.30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Modules (All) ==========

MOD - [2013.01.20 17:03:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Phreak\Desktop\OTL.exe
MOD - [2013.01.10 19:22:12 | 014,586,888 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
MOD - [2013.01.10 18:46:19 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\b95e7795ea5951d09521cddfc03b5c4e\Microsoft.VisualBasic.ni.dll
MOD - [2013.01.10 18:27:31 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013.01.10 18:27:21 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll
MOD - [2013.01.10 18:27:16 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.10 18:27:11 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.10 18:27:08 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013.01.10 18:27:07 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
MOD - [2013.01.10 18:26:57 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013.01.10 18:26:48 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013.01.10 18:26:46 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.10 18:26:42 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2013.01.09 21:48:49 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
MOD - [2013.01.09 21:48:47 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2013.01.09 21:48:47 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MOD - [2013.01.09 21:48:28 | 000,159,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
MOD - [2012.12.25 20:00:05 | 000,312,832 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2012.12.25 20:00:05 | 000,158,208 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2012.12.25 20:00:05 | 000,101,888 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2012.12.25 20:00:05 | 000,096,256 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2012.12.25 20:00:05 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2012.12.25 20:00:05 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2012.12.25 20:00:05 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2012.12.25 20:00:05 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2012.12.25 20:00:05 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2012.12.25 20:00:05 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2012.12.25 20:00:04 | 000,835,584 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll
MOD - [2012.12.25 20:00:04 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2012.12.25 19:59:59 | 000,879,080 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
MOD - [2012.12.25 19:59:57 | 016,185,832 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.dll
MOD - [2012.12.18 20:08:32 | 000,209,112 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
MOD - [2012.11.30 05:53:59 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2012.11.30 05:53:59 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2012.11.22 05:45:03 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2012.11.14 03:14:59 | 009,738,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2012.11.14 02:57:44 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2012.11.14 02:57:37 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2012.11.14 02:46:38 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2012.11.01 05:47:54 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll
MOD - [2012.10.09 18:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2012.10.05 11:53:23 | 000,364,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MOD - [2012.10.02 23:21:00 | 015,309,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvd3dum.dll
MOD - [2012.10.02 17:23:18 | 000,903,584 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
MOD - [2012.08.31 11:59:20 | 005,927,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MOD - [2012.08.24 17:57:48 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2012.08.16 05:43:44 | 004,171,424 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
MOD - [2012.07.15 15:06:19 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MOD - [2012.07.15 15:06:19 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
MOD - [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2012.06.02 05:40:42 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2012.06.02 05:40:39 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2012.06.02 05:36:29 | 001,159,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2012.06.02 05:34:09 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2012.05.05 08:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2012.04.21 05:21:01 | 001,625,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
MOD - [2012.02.11 00:31:42 | 001,737,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
MOD - [2012.02.02 16:33:32 | 002,321,072 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2012.01.31 09:25:12 | 002,891,264 | ---- | M] (FreeImage) -- C:\Program Files (x86)\ASUS\Wireless Console 3\FreeImage.dll
MOD - [2012.01.31 09:25:12 | 001,163,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
MOD - [2012.01.31 09:25:12 | 001,069,056 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\ASUS\Wireless Console 3\libeay32.dll
MOD - [2012.01.31 09:25:12 | 000,331,776 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\RtlLib.dll
MOD - [2012.01.31 09:25:12 | 000,303,104 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll
MOD - [2012.01.31 09:25:12 | 000,200,704 | ---- | M] (Realtek) -- C:\Program Files (x86)\ASUS\Wireless Console 3\IpLib.dll
MOD - [2012.01.31 09:25:12 | 000,080,384 | ---- | M] (ACTIONTEC Electronics,Inc) -- C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL
MOD - [2012.01.31 09:25:12 | 000,036,864 | ---- | M] (ATK) -- C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll
MOD - [2012.01.13 08:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2012.01.04 09:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2011.12.22 19:58:46 | 005,687,936 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\WaveThemeRes.dll
MOD - [2011.12.22 19:58:42 | 000,318,080 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
MOD - [2011.12.16 08:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2011.11.17 06:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2011.10.26 05:32:11 | 001,328,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\quartz.dll
MOD - [2011.10.24 17:20:38 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
MOD - [2011.09.15 12:17:55 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
MOD - [2011.08.27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011.08.27 05:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011.05.30 21:48:18 | 000,082,944 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
MOD - [2011.05.30 21:48:16 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\SysWOW64\ACEngSvr.exe
MOD - [2011.05.30 21:48:14 | 000,053,248 | ---- | M] (ASUSTeK) -- C:\Program Files (x86)\ASUS\Splendid\Chameleon.dll
MOD - [2011.05.30 21:48:14 | 000,032,768 | ---- | M] (ASUSTek) -- C:\Program Files (x86)\ASUS\Splendid\OVS.dll
MOD - [2011.05.30 21:48:14 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
MOD - [2011.05.24 11:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011.05.24 11:40:05 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll
MOD - [2011.05.24 11:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011.05.17 08:27:52 | 000,413,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MOD - [2011.05.04 19:27:06 | 001,164,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42u.dll
MOD - [2011.05.04 19:27:06 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll
MOD - [2011.05.04 19:26:31 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2011.04.19 00:51:32 | 000,496,560 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
MOD - [2011.04.08 05:26:24 | 000,045,448 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
MOD - [2011.04.01 12:25:16 | 004,495,856 | ---- | M] (Sonic Solutions) -- C:\Program Files (x86)\Roxio\CinePlayer\5.0\AS_Storage_w32.dll
MOD - [2011.04.01 11:23:14 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
MOD - [2011.03.17 02:31:54 | 000,909,312 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
MOD - [2011.03.16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011.02.19 22:03:12 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp100.dll
MOD - [2011.02.18 23:40:50 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr100.dll
MOD - [2011.01.28 19:15:54 | 000,102,400 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\en-US\THXAudNB.resources.dll
MOD - [2011.01.20 06:07:26 | 008,852,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office14\1029\GrooveIntlResource.dll
MOD - [2010.11.20 13:21:40 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010.11.20 13:21:38 | 011,410,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmp.dll
MOD - [2010.11.20 13:21:38 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2010.11.20 13:21:38 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010.11.20 13:21:38 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010.11.20 13:21:36 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010.11.20 13:21:34 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010.11.20 13:21:28 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2010.11.20 13:21:28 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010.11.20 13:21:26 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010.11.20 13:21:20 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010.11.20 13:21:16 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010.11.20 13:21:16 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2010.11.20 13:21:06 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2010.11.20 13:21:04 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010.11.20 13:21:04 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010.11.20 13:20:58 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010.11.20 13:20:50 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010.11.20 13:20:50 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll
MOD - [2010.11.20 13:20:50 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010.11.20 13:20:30 | 002,494,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netshell.dll
MOD - [2010.11.20 13:20:30 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2010.11.20 13:19:58 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2010.11.20 13:19:48 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
MOD - [2010.11.20 13:19:46 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010.11.20 13:19:46 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2010.11.20 13:19:40 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010.11.20 13:19:24 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010.11.20 13:19:04 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2010.11.20 13:19:02 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010.11.20 13:18:38 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2010.11.20 13:18:26 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll
MOD - [2010.11.20 13:18:26 | 001,003,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptui.dll
MOD - [2010.11.20 13:18:26 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2010.11.20 13:18:26 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2010.11.20 13:18:24 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010.11.20 13:18:24 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010.11.20 13:18:06 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2010.11.20 13:18:04 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2010.11.20 13:18:04 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2010.11.20 13:16:52 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010.11.20 13:16:52 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2010.11.20 13:08:58 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010.11.20 13:08:58 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2010.11.20 13:08:52 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2010.11.20 13:08:52 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010.11.20 13:08:46 | 012,625,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmploc.DLL
MOD - [2010.11.20 12:55:10 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010.11.05 02:58:20 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscoree.dll
MOD - [2010.09.21 22:03:14 | 000,145,280 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
MOD - [2010.09.01 17:50:06 | 000,238,080 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\CTLoadRs.dll
MOD - [2010.07.19 20:26:00 | 000,370,480 | ---- | M] (syncables, LLC) -- C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
MOD - [2009.11.02 22:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.11.02 22:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
MOD - [2009.11.02 22:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009.11.02 22:17:54 | 000,509,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\msvcp71.dll
MOD - [2009.11.02 22:17:42 | 000,353,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\msvcr71.dll
MOD - [2009.09.01 00:55:26 | 000,197,632 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXLgcy.dll
MOD - [2009.07.14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009.07.14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009.07.14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009.07.14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009.07.14 02:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanapi.dll
MOD - [2009.07.14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009.07.14 02:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanutil.dll
MOD - [2009.07.14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009.07.14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009.07.14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009.07.14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009.07.14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009.07.14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009.07.14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009.07.14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009.07.14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009.07.14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009.07.14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009.07.14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009.07.14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009.07.14 02:16:11 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Nlsdl.dll
MOD - [2009.07.14 02:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2009.07.14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009.07.14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll
MOD - [2009.07.14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009.07.14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009.07.14 02:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009.07.14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009.07.14 02:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009.07.14 02:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009.07.14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009.07.14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009.07.14 02:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IconCodecService.dll
MOD - [2009.07.14 02:15:24 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hnetcfg.dll
MOD - [2009.07.14 02:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009.07.14 02:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FirewallAPI.dll
MOD - [2009.07.14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009.07.14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009.07.14 02:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009.07.14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009.07.14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009.07.14 02:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009.07.14 02:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll
MOD - [2009.07.14 02:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll
MOD - [2009.07.14 02:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll
MOD - [2009.07.14 02:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll
MOD - [2009.07.14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009.07.14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009.07.14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009.07.14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009.07.14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009.07.14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009.07.14 02:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009.07.14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009.07.14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009.07.14 02:09:14 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbcint.dll
MOD - [2009.07.14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009.06.19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
MOD - [2007.11.30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Services (SafeList) ==========

SRV:64bit: - [2010.11.30 12:27:58 | 000,336,824 | ---- | M] (arvato digital services llc) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2_x64)
SRV:64bit: - [2010.11.29 23:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2010.09.23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.08.12 13:18:40 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2010.08.12 13:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010.07.27 18:40:16 | 000,113,840 | ---- | M] () [Auto | Running] -- C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe -- (AsusUacSvc)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.01.10 19:22:13 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.01.06 11:58:36 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.10.02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.10.02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.11.21 14:22:08 | 000,080,512 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2011.11.21 14:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2011.09.15 12:18:09 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011.09.15 12:18:07 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2011.03.26 01:55:16 | 000,091,464 | ---- | M] () [Auto | Running] -- C:\ExpressGateUtil\VAWinService.exe -- (VideAceWindowsService)
SRV - [2011.03.13 18:59:18 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011.03.13 18:58:30 | 000,074,912 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2010.10.06 05:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.10.06 05:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.07.03 16:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.05.26 14:28:21 | 000,560,184 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.06.19 07:03:08 | 000,053,760 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fspad_win764.sys -- (fspad_win764)
DRV:64bit: - [2011.04.21 19:17:04 | 000,471,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.04.08 23:46:08 | 000,177,152 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc)
DRV:64bit: - [2011.04.08 23:46:08 | 000,056,320 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh)
DRV:64bit: - [2011.03.13 18:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.03.13 18:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.03.13 18:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.03.13 18:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.03.13 18:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.03.13 18:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.03.13 18:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.26 01:42:18 | 000,016,768 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:64bit: - [2010.11.29 23:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010.11.20 14:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.05 16:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.09.23 08:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.09.21 17:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.08.03 11:43:14 | 000,290,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010.07.29 12:31:26 | 000,168,544 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010.07.29 12:31:26 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010.07.29 12:31:26 | 000,126,320 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2010.07.08 10:03:48 | 002,228,736 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.03.19 11:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009.11.18 00:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009.07.20 10:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.06.10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.05.24 01:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011.09.07 09:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.02 17:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=i ... lz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-990896321-3567134801-454702974-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-990896321-3567134801-454702974-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKU\S-1-5-21-990896321-3567134801-454702974-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012.05.26 13:59:02 | 000,000,000 | ---D | M]


========== Chrome ==========


O1 HOSTS File: ([2012.07.08 21:26:23 | 000,000,852 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [fspuip] C:\Program Files\FSP\FspUip.exe (Sentelic Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4:64bit: - HKLM..\Run: [THXCfg64] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [CPMonitor] C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe ()
O4 - HKLM..\Run: [FLxHCIm] C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe (Windows (R) Win 7 DDK provider)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [THX TruStudio NB Settings] C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [USBChargerPlusTray] C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe ()
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUSTeK Computer Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-990896321-3567134801-454702974-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-990896321-3567134801-454702974-1000..\Run: [DIMProbíhá stahování aktualizace...1338924290338] C:\Program Files\Corel\CorelDRAW Graphics Suite X6\Draw\DIM.EXE (Corel Corporation)
O4 - HKU\S-1-5-21-990896321-3567134801-454702974-1000..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\syncables.exe (syncables, LLC)
O4 - HKU\S-1-5-21-990896321-3567134801-454702974-1000..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe ()
O4 - HKU\S-1-5-21-990896321-3567134801-454702974-1005..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-990896321-3567134801-454702974-1005..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Phreak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-990896321-3567134801-454702974-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-990896321-3567134801-454702974-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_09)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{25FECCFC-97F2-438A-A56A-6B15D13779D9}: NameServer = 192.168.30.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AE1B0872-E620-48E0-86E2-EEE06B98D3C1}: NameServer = 192.168.30.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D1697E98-D362-49B9-ACF8-C65A4E3E5E72}: DhcpNameServer = 192.168.42.129
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.07.10 07:47:30 | 000,000,045 | R--- | M] () - H:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{1e868dc0-a737-11e1-880f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1e868dc0-a737-11e1-880f-806e6f6e6963}\Shell\AutoRun\command - "" = H:\launcher.exe -- [2009.09.30 08:10:28 | 037,318,438 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.XVID - xvidvfw.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()

SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.01.20 17:03:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Phreak\Desktop\OTL.exe
[2013.01.20 16:03:31 | 000,308,640 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.01.20 16:03:26 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.01.20 16:03:26 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.01.20 16:03:26 | 000,108,448 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.01.20 16:01:34 | 133,334,048 | ---- | C] (COMODO) -- C:\Users\Phreak\Desktop\cfw_installer.exe
[2013.01.20 16:00:22 | 010,156,344 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Phreak\Desktop\mbam-setup-1.70.0.1100.exe
[2013.01.20 15:07:57 | 000,000,000 | ---D | C] -- C:\ProgramData\.Syncables
[2013.01.20 13:45:05 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.01.20 13:19:17 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.01.20 13:19:06 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.01.20 12:54:10 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2013.01.20 12:43:57 | 000,000,000 | -H-D | C] -- C:\ProgramData\.syncID
[2013.01.19 16:20:24 | 001,386,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\MSVBVM60.DLL
[2013.01.19 16:16:56 | 000,000,000 | ---D | C] -- C:\Users\Phreak\AppData\Local\DVD-RB Pro
[2013.01.19 16:15:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Rebuilder PRO
[2013.01.19 16:15:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVD-RB PRO
[2013.01.19 16:14:49 | 000,000,000 | ---D | C] -- C:\Users\Phreak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
[2013.01.19 16:14:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
[2013.01.19 16:14:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5
[2013.01.19 16:13:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cinema Craft Encoder SP2
[2013.01.19 16:13:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Custom Technology
[2013.01.19 16:13:21 | 001,386,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSVBVM60.DLL
[2013.01.13 17:41:36 | 000,000,000 | ---D | C] -- C:\Users\Phreak\AppData\Roaming\Trados

========== Files - Modified Within 7 Days ==========

[2013.01.20 17:08:11 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.01.20 17:03:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Phreak\Desktop\OTL.exe
[2013.01.20 16:22:04 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.01.20 16:12:51 | 133,334,048 | ---- | M] (COMODO) -- C:\Users\Phreak\Desktop\cfw_installer.exe
[2013.01.20 16:03:21 | 000,108,448 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.01.20 16:03:20 | 000,308,640 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.01.20 16:03:20 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.01.20 16:03:20 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.01.20 16:03:19 | 001,081,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2013.01.20 16:03:19 | 000,960,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.01.20 16:00:27 | 010,156,344 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Phreak\Desktop\mbam-setup-1.70.0.1100.exe
[2013.01.20 15:49:25 | 000,001,142 | ---- | M] () -- C:\Users\Phreak\Desktop\Registrace ASUS produktu.lnk
[2013.01.20 15:47:26 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.20 15:47:26 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.20 15:44:25 | 001,502,864 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.20 15:44:25 | 000,643,326 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.01.20 15:44:25 | 000,628,042 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.20 15:44:25 | 000,125,940 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.01.20 15:44:25 | 000,110,414 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.20 15:40:09 | 000,045,056 | ---- | M] () -- C:\Windows\SysWow64\acovcnt.exe
[2013.01.20 15:40:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.20 15:39:49 | 3203,264,512 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.19 16:15:41 | 000,001,842 | ---- | M] () -- C:\Users\Phreak\Desktop\DVD Rebuilder.lnk
[2013.01.13 21:03:29 | 000,000,384 | ---- | M] () -- C:\Windows\ODBC.INI

========== Files Created - No Company Name ==========

[2013.01.20 17:08:11 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.01.20 15:49:25 | 000,001,142 | ---- | C] () -- C:\Users\Phreak\Desktop\Registrace ASUS produktu.lnk
[2013.01.20 15:07:15 | 000,001,425 | ---- | C] () -- C:\Users\Phreak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.01.19 16:15:41 | 000,001,842 | ---- | C] () -- C:\Users\Phreak\Desktop\DVD Rebuilder.lnk
[2013.01.13 21:03:29 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2013.01.10 23:16:54 | 000,004,065 | ---- | C] () -- C:\Users\Phreak\AppData\Local\recently-used.xbel
[2013.01.06 12:16:16 | 001,526,742 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.11.21 18:20:58 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012.11.21 18:20:58 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012.05.26 13:51:10 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe
[2011.09.15 12:18:11 | 000,001,313 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini
[2011.09.15 12:18:11 | 000,001,212 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini
[2011.09.15 12:18:11 | 000,001,212 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini
[2011.09.15 12:18:10 | 000,181,760 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011.09.15 12:18:10 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011.09.15 12:11:32 | 000,154,240 | ---- | C] () -- C:\Windows\AsPatch10430001.exe
[2011.09.15 12:07:28 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011.04.01 10:21:01 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
Nahoru
Phreak
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 20 led 2013 13:55

Re: Zablokování PC Policií ČR

#3 Příspěvek od Phreak »

Omlouvám se,
po přečtení začátku původního příspěvku mi došlo, že jsem postupoval nesprávně - příště (snad již žádné příště nebude) si určitě dám pozor.

Děkuji za pomoc i v této nestandardní situaci.

OTL.txt

OTL logfile created on: 20.1.2013 17:07:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Phreak\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,98 Gb Total Physical Memory | 1,72 Gb Available Physical Memory | 43,35% Memory free
3,98 Gb Paging File | 1,67 Gb Available in Paging File | 41,99% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186,30 Gb Total Space | 27,22 Gb Free Space | 14,61% Space Free | Partition Type: NTFS
Drive D: | 254,45 Gb Total Space | 56,08 Gb Free Space | 22,04% Space Free | Partition Type: NTFS
Drive F: | 14,92 Gb Total Space | 6,59 Gb Free Space | 44,17% Space Free | Partition Type: FAT32
Drive H: | 3,87 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: BISHOP | User Name: Phreak | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.01.20 17:03:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Phreak\Desktop\OTL.exe
PRC - [2012.12.25 19:59:59 | 000,879,080 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.10.02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.10.02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.02.02 16:33:32 | 002,321,072 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2011.12.23 16:39:38 | 000,174,720 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2011.12.22 19:58:42 | 000,318,080 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2011.11.21 14:22:08 | 000,080,512 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2011.11.21 14:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2011.10.24 17:20:38 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2011.09.15 12:17:55 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2011.05.30 21:48:18 | 000,082,944 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
PRC - [2011.05.30 21:48:16 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\SysWOW64\ACEngSvr.exe
PRC - [2011.04.19 00:51:32 | 000,496,560 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2011.04.08 05:26:24 | 000,045,448 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
PRC - [2011.04.01 11:23:14 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
PRC - [2011.03.26 01:55:16 | 000,091,464 | ---- | M] () -- C:\ExpressGateUtil\VAWinService.exe
PRC - [2011.03.17 02:31:54 | 000,909,312 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
PRC - [2011.03.13 18:59:18 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2010.10.14 22:38:34 | 000,653,952 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
PRC - [2010.10.06 05:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.10.06 05:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.08.12 13:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2010.07.27 18:40:16 | 000,113,840 | ---- | M] () -- C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe
PRC - [2010.07.19 20:26:00 | 000,370,480 | ---- | M] (syncables, LLC) -- C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
PRC - [2009.11.02 22:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.06.19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2008.12.22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008.08.13 21:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2007.11.30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Modules (All) ==========

MOD - [2013.01.20 17:03:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Phreak\Desktop\OTL.exe
MOD - [2013.01.10 19:22:12 | 014,586,888 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
MOD - [2013.01.10 18:46:19 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\b95e7795ea5951d09521cddfc03b5c4e\Microsoft.VisualBasic.ni.dll
MOD - [2013.01.10 18:27:31 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013.01.10 18:27:21 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll
MOD - [2013.01.10 18:27:16 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.10 18:27:11 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.10 18:27:08 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013.01.10 18:27:07 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
MOD - [2013.01.10 18:26:57 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013.01.10 18:26:48 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013.01.10 18:26:46 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.10 18:26:42 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2013.01.09 21:48:49 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
MOD - [2013.01.09 21:48:47 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2013.01.09 21:48:47 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MOD - [2013.01.09 21:48:28 | 000,159,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
MOD - [2012.12.25 20:00:05 | 000,312,832 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2012.12.25 20:00:05 | 000,158,208 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2012.12.25 20:00:05 | 000,101,888 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2012.12.25 20:00:05 | 000,096,256 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2012.12.25 20:00:05 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2012.12.25 20:00:05 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2012.12.25 20:00:05 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2012.12.25 20:00:05 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2012.12.25 20:00:05 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2012.12.25 20:00:05 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2012.12.25 20:00:04 | 000,835,584 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll
MOD - [2012.12.25 20:00:04 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2012.12.25 19:59:59 | 000,879,080 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
MOD - [2012.12.25 19:59:57 | 016,185,832 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.dll
MOD - [2012.12.18 20:08:32 | 000,209,112 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
MOD - [2012.11.30 05:53:59 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2012.11.30 05:53:59 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2012.11.22 05:45:03 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2012.11.14 03:14:59 | 009,738,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2012.11.14 02:57:44 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2012.11.14 02:57:37 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2012.11.14 02:46:38 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2012.11.01 05:47:54 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll
MOD - [2012.10.09 18:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2012.10.05 11:53:23 | 000,364,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MOD - [2012.10.02 23:21:00 | 015,309,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvd3dum.dll
MOD - [2012.10.02 17:23:18 | 000,903,584 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
MOD - [2012.08.31 11:59:20 | 005,927,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MOD - [2012.08.24 17:57:48 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2012.08.16 05:43:44 | 004,171,424 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
MOD - [2012.07.15 15:06:19 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MOD - [2012.07.15 15:06:19 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
MOD - [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2012.06.02 05:40:42 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2012.06.02 05:40:39 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2012.06.02 05:36:29 | 001,159,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2012.06.02 05:34:09 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2012.05.05 08:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2012.04.21 05:21:01 | 001,625,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
MOD - [2012.02.11 00:31:42 | 001,737,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
MOD - [2012.02.02 16:33:32 | 002,321,072 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2012.01.31 09:25:12 | 002,891,264 | ---- | M] (FreeImage) -- C:\Program Files (x86)\ASUS\Wireless Console 3\FreeImage.dll
MOD - [2012.01.31 09:25:12 | 001,163,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
MOD - [2012.01.31 09:25:12 | 001,069,056 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\ASUS\Wireless Console 3\libeay32.dll
MOD - [2012.01.31 09:25:12 | 000,331,776 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\RtlLib.dll
MOD - [2012.01.31 09:25:12 | 000,303,104 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll
MOD - [2012.01.31 09:25:12 | 000,200,704 | ---- | M] (Realtek) -- C:\Program Files (x86)\ASUS\Wireless Console 3\IpLib.dll
MOD - [2012.01.31 09:25:12 | 000,080,384 | ---- | M] (ACTIONTEC Electronics,Inc) -- C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL
MOD - [2012.01.31 09:25:12 | 000,036,864 | ---- | M] (ATK) -- C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll
MOD - [2012.01.13 08:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2012.01.04 09:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2011.12.22 19:58:46 | 005,687,936 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\WaveThemeRes.dll
MOD - [2011.12.22 19:58:42 | 000,318,080 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
MOD - [2011.12.16 08:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2011.11.17 06:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2011.10.26 05:32:11 | 001,328,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\quartz.dll
MOD - [2011.10.24 17:20:38 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
MOD - [2011.09.15 12:17:55 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
MOD - [2011.08.27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011.08.27 05:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011.05.30 21:48:18 | 000,082,944 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
MOD - [2011.05.30 21:48:16 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\SysWOW64\ACEngSvr.exe
MOD - [2011.05.30 21:48:14 | 000,053,248 | ---- | M] (ASUSTeK) -- C:\Program Files (x86)\ASUS\Splendid\Chameleon.dll
MOD - [2011.05.30 21:48:14 | 000,032,768 | ---- | M] (ASUSTek) -- C:\Program Files (x86)\ASUS\Splendid\OVS.dll
MOD - [2011.05.30 21:48:14 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
MOD - [2011.05.24 11:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011.05.24 11:40:05 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll
MOD - [2011.05.24 11:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011.05.17 08:27:52 | 000,413,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MOD - [2011.05.04 19:27:06 | 001,164,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42u.dll
MOD - [2011.05.04 19:27:06 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll
MOD - [2011.05.04 19:26:31 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2011.04.19 00:51:32 | 000,496,560 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
MOD - [2011.04.08 05:26:24 | 000,045,448 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
MOD - [2011.04.01 12:25:16 | 004,495,856 | ---- | M] (Sonic Solutions) -- C:\Program Files (x86)\Roxio\CinePlayer\5.0\AS_Storage_w32.dll
MOD - [2011.04.01 11:23:14 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
MOD - [2011.03.17 02:31:54 | 000,909,312 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
MOD - [2011.03.16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011.02.19 22:03:12 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp100.dll
MOD - [2011.02.18 23:40:50 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr100.dll
MOD - [2011.01.28 19:15:54 | 000,102,400 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\en-US\THXAudNB.resources.dll
MOD - [2011.01.20 06:07:26 | 008,852,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office14\1029\GrooveIntlResource.dll
MOD - [2010.11.20 13:21:40 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010.11.20 13:21:38 | 011,410,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmp.dll
MOD - [2010.11.20 13:21:38 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2010.11.20 13:21:38 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010.11.20 13:21:38 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010.11.20 13:21:36 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010.11.20 13:21:34 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010.11.20 13:21:28 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2010.11.20 13:21:28 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010.11.20 13:21:26 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010.11.20 13:21:20 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010.11.20 13:21:16 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010.11.20 13:21:16 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2010.11.20 13:21:06 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2010.11.20 13:21:04 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010.11.20 13:21:04 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010.11.20 13:20:58 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010.11.20 13:20:50 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010.11.20 13:20:50 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll
MOD - [2010.11.20 13:20:50 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010.11.20 13:20:30 | 002,494,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netshell.dll
MOD - [2010.11.20 13:20:30 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2010.11.20 13:19:58 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2010.11.20 13:19:48 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
MOD - [2010.11.20 13:19:46 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010.11.20 13:19:46 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2010.11.20 13:19:40 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010.11.20 13:19:24 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010.11.20 13:19:04 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2010.11.20 13:19:02 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010.11.20 13:18:38 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2010.11.20 13:18:26 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll
MOD - [2010.11.20 13:18:26 | 001,003,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptui.dll
MOD - [2010.11.20 13:18:26 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2010.11.20 13:18:26 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2010.11.20 13:18:24 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010.11.20 13:18:24 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010.11.20 13:18:06 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2010.11.20 13:18:04 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2010.11.20 13:18:04 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2010.11.20 13:16:52 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010.11.20 13:16:52 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2010.11.20 13:08:58 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010.11.20 13:08:58 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2010.11.20 13:08:52 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2010.11.20 13:08:52 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010.11.20 13:08:46 | 012,625,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmploc.DLL
MOD - [2010.11.20 12:55:10 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010.11.05 02:58:20 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscoree.dll
MOD - [2010.09.21 22:03:14 | 000,145,280 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
MOD - [2010.09.01 17:50:06 | 000,238,080 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\CTLoadRs.dll
MOD - [2010.07.19 20:26:00 | 000,370,480 | ---- | M] (syncables, LLC) -- C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
MOD - [2009.11.02 22:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.11.02 22:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
MOD - [2009.11.02 22:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009.11.02 22:17:54 | 000,509,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\msvcp71.dll
MOD - [2009.11.02 22:17:42 | 000,353,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\msvcr71.dll
MOD - [2009.09.01 00:55:26 | 000,197,632 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXLgcy.dll
MOD - [2009.07.14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009.07.14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009.07.14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009.07.14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009.07.14 02:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanapi.dll
MOD - [2009.07.14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009.07.14 02:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanutil.dll
MOD - [2009.07.14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009.07.14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009.07.14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009.07.14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009.07.14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009.07.14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009.07.14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009.07.14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009.07.14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009.07.14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009.07.14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009.07.14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009.07.14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009.07.14 02:16:11 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Nlsdl.dll
MOD - [2009.07.14 02:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2009.07.14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009.07.14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll
MOD - [2009.07.14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009.07.14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009.07.14 02:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009.07.14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009.07.14 02:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009.07.14 02:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009.07.14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009.07.14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009.07.14 02:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IconCodecService.dll
MOD - [2009.07.14 02:15:24 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hnetcfg.dll
MOD - [2009.07.14 02:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009.07.14 02:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FirewallAPI.dll
MOD - [2009.07.14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009.07.14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009.07.14 02:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009.07.14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009.07.14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009.07.14 02:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009.07.14 02:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll
MOD - [2009.07.14 02:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll
MOD - [2009.07.14 02:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll
MOD - [2009.07.14 02:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll
MOD - [2009.07.14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009.07.14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009.07.14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009.07.14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009.07.14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009.07.14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009.07.14 02:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009.07.14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009.07.14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009.07.14 02:09:14 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbcint.dll
MOD - [2009.07.14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009.06.19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
MOD - [2007.11.30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Services (SafeList) ==========

SRV:64bit: - [2010.11.30 12:27:58 | 000,336,824 | ---- | M] (arvato digital services llc) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2_x64)
SRV:64bit: - [2010.11.29 23:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2010.09.23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.08.12 13:18:40 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2010.08.12 13:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010.07.27 18:40:16 | 000,113,840 | ---- | M] () [Auto | Running] -- C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe -- (AsusUacSvc)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.01.10 19:22:13 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.01.06 11:58:36 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.10.02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.10.02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.11.21 14:22:08 | 000,080,512 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2011.11.21 14:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2011.09.15 12:18:09 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011.09.15 12:18:07 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2011.03.26 01:55:16 | 000,091,464 | ---- | M] () [Auto | Running] -- C:\ExpressGateUtil\VAWinService.exe -- (VideAceWindowsService)
SRV - [2011.03.13 18:59:18 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011.03.13 18:58:30 | 000,074,912 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2010.10.06 05:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.10.06 05:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.07.03 16:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.05.26 14:28:21 | 000,560,184 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.06.19 07:03:08 | 000,053,760 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fspad_win764.sys -- (fspad_win764)
DRV:64bit: - [2011.04.21 19:17:04 | 000,471,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.04.08 23:46:08 | 000,177,152 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc)
DRV:64bit: - [2011.04.08 23:46:08 | 000,056,320 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh)
DRV:64bit: - [2011.03.13 18:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.03.13 18:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.03.13 18:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.03.13 18:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.03.13 18:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.03.13 18:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.03.13 18:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.26 01:42:18 | 000,016,768 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:64bit: - [2010.11.29 23:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010.11.20 14:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.05 16:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.09.23 08:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.09.21 17:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.08.03 11:43:14 | 000,290,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010.07.29 12:31:26 | 000,168,544 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010.07.29 12:31:26 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010.07.29 12:31:26 | 000,126,320 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2010.07.08 10:03:48 | 002,228,736 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.03.19 11:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009.11.18 00:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009.07.20 10:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.06.10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.05.24 01:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011.09.07 09:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.02 17:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=i ... lz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-990896321-3567134801-454702974-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-990896321-3567134801-454702974-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKU\S-1-5-21-990896321-3567134801-454702974-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012.05.26 13:59:02 | 000,000,000 | ---D | M]


========== Chrome ==========


O1 HOSTS File: ([2012.07.08 21:26:23 | 000,000,852 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [fspuip] C:\Program Files\FSP\FspUip.exe (Sentelic Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4:64bit: - HKLM..\Run: [THXCfg64] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [CPMonitor] C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe ()
O4 - HKLM..\Run: [FLxHCIm] C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe (Windows (R) Win 7 DDK provider)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [THX TruStudio NB Settings] C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [USBChargerPlusTray] C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe ()
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUSTeK Computer Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-990896321-3567134801-454702974-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-990896321-3567134801-454702974-1000..\Run: [DIMProbíhá stahování aktualizace...1338924290338] C:\Program Files\Corel\CorelDRAW Graphics Suite X6\Draw\DIM.EXE (Corel Corporation)
O4 - HKU\S-1-5-21-990896321-3567134801-454702974-1000..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\syncables.exe (syncables, LLC)
O4 - HKU\S-1-5-21-990896321-3567134801-454702974-1000..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe ()
O4 - HKU\S-1-5-21-990896321-3567134801-454702974-1005..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-990896321-3567134801-454702974-1005..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Phreak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-990896321-3567134801-454702974-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-990896321-3567134801-454702974-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_09)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{25FECCFC-97F2-438A-A56A-6B15D13779D9}: NameServer = 192.168.30.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AE1B0872-E620-48E0-86E2-EEE06B98D3C1}: NameServer = 192.168.30.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D1697E98-D362-49B9-ACF8-C65A4E3E5E72}: DhcpNameServer = 192.168.42.129
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.07.10 07:47:30 | 000,000,045 | R--- | M] () - H:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{1e868dc0-a737-11e1-880f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1e868dc0-a737-11e1-880f-806e6f6e6963}\Shell\AutoRun\command - "" = H:\launcher.exe -- [2009.09.30 08:10:28 | 037,318,438 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.XVID - xvidvfw.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()

SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.01.20 17:03:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Phreak\Desktop\OTL.exe
[2013.01.20 16:03:31 | 000,308,640 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.01.20 16:03:26 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.01.20 16:03:26 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.01.20 16:03:26 | 000,108,448 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.01.20 16:01:34 | 133,334,048 | ---- | C] (COMODO) -- C:\Users\Phreak\Desktop\cfw_installer.exe
[2013.01.20 16:00:22 | 010,156,344 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Phreak\Desktop\mbam-setup-1.70.0.1100.exe
[2013.01.20 15:07:57 | 000,000,000 | ---D | C] -- C:\ProgramData\.Syncables
[2013.01.20 13:45:05 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.01.20 13:19:17 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.01.20 13:19:06 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.01.20 12:54:10 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2013.01.20 12:43:57 | 000,000,000 | -H-D | C] -- C:\ProgramData\.syncID
[2013.01.19 16:20:24 | 001,386,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\MSVBVM60.DLL
[2013.01.19 16:16:56 | 000,000,000 | ---D | C] -- C:\Users\Phreak\AppData\Local\DVD-RB Pro
[2013.01.19 16:15:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Rebuilder PRO
[2013.01.19 16:15:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVD-RB PRO
[2013.01.19 16:14:49 | 000,000,000 | ---D | C] -- C:\Users\Phreak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
[2013.01.19 16:14:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
[2013.01.19 16:14:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5
[2013.01.19 16:13:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cinema Craft Encoder SP2
[2013.01.19 16:13:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Custom Technology
[2013.01.19 16:13:21 | 001,386,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSVBVM60.DLL
[2013.01.13 17:41:36 | 000,000,000 | ---D | C] -- C:\Users\Phreak\AppData\Roaming\Trados

========== Files - Modified Within 7 Days ==========

[2013.01.20 17:08:11 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.01.20 17:03:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Phreak\Desktop\OTL.exe
[2013.01.20 16:22:04 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.01.20 16:12:51 | 133,334,048 | ---- | M] (COMODO) -- C:\Users\Phreak\Desktop\cfw_installer.exe
[2013.01.20 16:03:21 | 000,108,448 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.01.20 16:03:20 | 000,308,640 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.01.20 16:03:20 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.01.20 16:03:20 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.01.20 16:03:19 | 001,081,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2013.01.20 16:03:19 | 000,960,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.01.20 16:00:27 | 010,156,344 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Phreak\Desktop\mbam-setup-1.70.0.1100.exe
[2013.01.20 15:49:25 | 000,001,142 | ---- | M] () -- C:\Users\Phreak\Desktop\Registrace ASUS produktu.lnk
[2013.01.20 15:47:26 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.20 15:47:26 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.20 15:44:25 | 001,502,864 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.20 15:44:25 | 000,643,326 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.01.20 15:44:25 | 000,628,042 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.20 15:44:25 | 000,125,940 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.01.20 15:44:25 | 000,110,414 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.20 15:40:09 | 000,045,056 | ---- | M] () -- C:\Windows\SysWow64\acovcnt.exe
[2013.01.20 15:40:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.20 15:39:49 | 3203,264,512 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.19 16:15:41 | 000,001,842 | ---- | M] () -- C:\Users\Phreak\Desktop\DVD Rebuilder.lnk
[2013.01.13 21:03:29 | 000,000,384 | ---- | M] () -- C:\Windows\ODBC.INI

========== Files Created - No Company Name ==========

[2013.01.20 17:08:11 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.01.20 15:49:25 | 000,001,142 | ---- | C] () -- C:\Users\Phreak\Desktop\Registrace ASUS produktu.lnk
[2013.01.20 15:07:15 | 000,001,425 | ---- | C] () -- C:\Users\Phreak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.01.19 16:15:41 | 000,001,842 | ---- | C] () -- C:\Users\Phreak\Desktop\DVD Rebuilder.lnk
[2013.01.13 21:03:29 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2013.01.10 23:16:54 | 000,004,065 | ---- | C] () -- C:\Users\Phreak\AppData\Local\recently-used.xbel
[2013.01.06 12:16:16 | 001,526,742 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.11.21 18:20:58 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012.11.21 18:20:58 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012.05.26 13:51:10 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe
[2011.09.15 12:18:11 | 000,001,313 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini
[2011.09.15 12:18:11 | 000,001,212 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini
[2011.09.15 12:18:11 | 000,001,212 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini
[2011.09.15 12:18:10 | 000,181,760 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011.09.15 12:18:10 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011.09.15 12:11:32 | 000,154,240 | ---- | C] () -- C:\Windows\AsPatch10430001.exe
[2011.09.15 12:07:28 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011.04.01 10:21:01 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
Nahoru
Phreak
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 20 led 2013 13:55

Re: Zablokování PC Policií ČR

#4 Příspěvek od Phreak »

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012.05.26 13:53:37 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\ASUS WebStorage
[2012.06.11 19:37:05 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\Broken Sword 2.5
[2013.01.05 19:02:07 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\BSplayer
[2013.01.02 21:58:24 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\BSplayer Pro
[2012.06.24 10:43:31 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\DAEMON Tools Lite
[2013.01.06 12:04:19 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\GHISLER
[2012.07.08 21:20:35 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\Nuance
[2012.06.11 22:43:08 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\Opera
[2013.01.19 15:53:23 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\PotPlayerMini64
[2012.11.22 21:15:32 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\Publish Providers
[2013.01.06 12:16:22 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\SDL
[2012.11.22 21:29:09 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\Sony
[2013.01.13 21:03:45 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\Trados
[2013.01.19 20:51:44 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\uTorrent
[2012.12.24 11:00:22 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\VitySoft
[2013.01.10 21:34:05 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\XnView
[2012.06.27 20:57:35 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\Zeon

========== Purity Check ==========



========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ST95005620AS
Partitions: 3
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 - Removable Media
Interface type: USB
Media Type: Removable Media
Model: Patriot Memory USB Device
Partitions: 1
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 25,00GB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 186,00GB
Starting Offset: 26844594176
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: Extended w/Extended Int 13
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 254,00GB
Starting Offset: 226887729152
Hidden sectors: 0


DeviceID: Disk #1, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 15,00GB
Starting Offset: 4128768
Hidden sectors: 0


========== Base Services ==========
SRV:64bit: - [2009.07.14 02:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2010.11.20 14:25:42 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009.07.14 02:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010.11.20 14:27:24 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010.11.20 14:25:46 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009.07.14 02:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009.07.14 02:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012.07.04 23:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2012.06.02 06:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2012.06.02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010.11.20 14:27:26 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010.11.20 14:26:06 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010.11.20 13:18:32 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011.05.04 19:26:31 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009.07.14 02:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009.07.14 02:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009.07.14 02:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009.07.14 02:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010.11.20 14:26:40 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009.07.14 02:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009.07.14 02:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009.07.14 02:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009.07.14 02:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009.07.14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012.10.03 18:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009.07.14 02:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011.05.24 12:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012.02.11 07:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009.07.14 02:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010.11.20 14:27:26 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010.11.20 14:27:26 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010.11.20 14:27:26 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009.07.14 02:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010.11.20 14:27:28 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010.11.20 14:27:26 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010.11.20 13:21:20 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010.11.20 14:27:26 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010.11.20 14:27:28 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010.11.20 13:21:30 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009.07.14 02:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012.05.01 06:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010.11.20 14:25:28 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010.11.20 14:25:44 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010.11.20 14:25:44 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010.11.20 14:27:26 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010.11.20 14:27:30 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010.11.20 14:27:00 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010.11.20 14:27:30 | 000,580,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010.11.20 14:25:00 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010.11.20 13:17:24 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009.07.14 02:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012.06.02 23:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010.11.20 14:26:08 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009.07.14 02:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010.11.20 14:27:30 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,594 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.12.22 12:11:56 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< MD5 for: ACPI.SYS >
[2009.07.14 02:52:21 | 000,334,416 | ---- | M] (Microsoft Corporation) MD5=6F11E88748CDEFD2F76AA215F97DDFE5 -- C:\Windows\winsxs\amd64_acpi.inf_31bf3856ad364e35_6.1.7600.16385_none_7e7db5aae7b8d5ef\acpi.sys
[2010.11.20 14:32:48 | 000,334,208 | ---- | M] (Microsoft Corporation) MD5=D81D9E70B8A6DD14D42D7B4EFA65D5F2 -- C:\Windows\SysNative\drivers\acpi.sys
[2010.11.20 14:32:48 | 000,334,208 | ---- | M] (Microsoft Corporation) MD5=D81D9E70B8A6DD14D42D7B4EFA65D5F2 -- C:\Windows\SysNative\DriverStore\FileRepository\acpi.inf_amd64_neutral_aed2e7a487803437\acpi.sys
[2010.11.20 14:32:48 | 000,334,208 | ---- | M] (Microsoft Corporation) MD5=D81D9E70B8A6DD14D42D7B4EFA65D5F2 -- C:\Windows\winsxs\amd64_acpi.inf_31bf3856ad364e35_6.1.7601.17514_none_80aec972e4a75989\acpi.sys

< MD5 for: AFD.SYS >
[2011.12.28 04:59:24 | 000,498,688 | ---- | M] (Microsoft Corporation) MD5=1C7857B62DE5994A75B054A9FD4C3825 -- C:\Windows\SysNative\drivers\afd.sys
[2011.12.28 04:59:24 | 000,498,688 | ---- | M] (Microsoft Corporation) MD5=1C7857B62DE5994A75B054A9FD4C3825 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17752_none_35e10b89752ee0f5\afd.sys
[2011.12.28 05:01:36 | 000,498,176 | ---- | M] (Microsoft Corporation) MD5=36A14FD1A23F57046361733B792CA8DB -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21887_none_364f3a028e605345\afd.sys
[2009.07.14 00:21:42 | 000,500,224 | ---- | M] (Microsoft Corporation) MD5=B9384E03479D2506BC924C16A3DB87BC -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16385_none_33dd3439781e25f7\afd.sys
[2011.12.28 05:01:12 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=CCA39961E76B491DDF44B1E90FC8971D -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.21115_none_34b263fe91032456\afd.sys
[2010.11.20 10:23:36 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=D31DC7A16DEA4A9BAF179F3D6FBDB38C -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_360e4801750ca991\afd.sys
[2011.12.28 04:59:11 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=DB9D6C6B2CD95A9CA414D045B627422E -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16937_none_34154fcd77f3bbda\afd.sys

< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:28 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:28 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CMD.EXE >
[2010.11.20 14:24:34 | 000,345,088 | ---- | M] (Microsoft Corporation) MD5=5746BD7E255DD6A8AFA06F7C42C1BA41 -- C:\Windows\SysNative\cmd.exe
[2010.11.20 14:24:34 | 000,345,088 | ---- | M] (Microsoft Corporation) MD5=5746BD7E255DD6A8AFA06F7C42C1BA41 -- C:\Windows\winsxs\amd64_microsoft-windows-commandprompt_31bf3856ad364e35_6.1.7601.17514_none_e932cc2c30fc13b0\cmd.exe
[2009.07.14 02:39:01 | 000,344,576 | ---- | M] (Microsoft Corporation) MD5=6960D29ABE74341FAB8300DB3E6F883D -- C:\Windows\winsxs\amd64_microsoft-windows-commandprompt_31bf3856ad364e35_6.1.7600.16385_none_e701b864340d9016\cmd.exe
[2009.07.14 02:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) MD5=8AE6DD9A6D246004DA047F704F0CC487 -- C:\Windows\winsxs\wow64_microsoft-windows-commandprompt_31bf3856ad364e35_6.1.7600.16385_none_f15662b6686e5211\cmd.exe
[2010.11.20 13:17:02 | 000,302,592 | ---- | M] (Microsoft Corporation) MD5=AD7B9C14083B52BC532FBA5948342B98 -- C:\Windows\SysWOW64\cmd.exe
[2010.11.20 13:17:02 | 000,302,592 | ---- | M] (Microsoft Corporation) MD5=AD7B9C14083B52BC532FBA5948342B98 -- C:\Windows\winsxs\wow64_microsoft-windows-commandprompt_31bf3856ad364e35_6.1.7601.17514_none_f387767e655cd5ab\cmd.exe

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012.06.02 05:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012.04.24 05:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010.11.20 14:26:00 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012.04.24 05:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012.06.02 06:32:25 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=456107D69D4EE850A559434F19EFEE65 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_d2beeccacd6d6c07\cryptsvc.dll
[2012.04.24 06:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2012.04.24 05:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2012.06.04 08:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2009.07.14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2012.06.02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\SysWOW64\cryptsvc.dll
[2012.06.02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 06:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\SysNative\cryptsvc.dll
[2012.06.02 06:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 13:18:26 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012.04.24 06:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2012.06.02 06:25:12 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=BAF19B633933A9FB4883D27D66C39E9A -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_d22a7e2db457eb07\cryptsvc.dll
[2012.04.24 06:36:46 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=CE8BF1423AEE47DA5275FBC8AD3BD642 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_d2773c98cda297d3\cryptsvc.dll
[2012.06.02 05:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2012.04.24 06:59:45 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=F02786B66375292E58C8777082D4396D -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_d24deecfb43ce339\cryptsvc.dll
[2012.06.02 05:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll
[2012.04.24 05:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2009.07.14 02:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\SysNative\csrss.exe
[2009.07.14 02:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.20 14:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe

< MD5 for: FASTFAT.SYS >
[2009.07.14 00:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- C:\Windows\SysNative\drivers\fastfat.sys
[2009.07.14 00:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- C:\Windows\winsxs\amd64_microsoft-windows-fat_31bf3856ad364e35_6.1.7600.16385_none_0aa81d2771152f86\fastfat.sys

< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:36 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:36 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: I8042PRT.SYS >
[2009.07.14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\SysNative\drivers\i8042prt.sys
[2009.07.14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\SysNative\DriverStore\FileRepository\keyboard.inf_amd64_neutral_0684fdc43059f486\i8042prt.sys
[2009.07.14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\SysNative\DriverStore\FileRepository\msmouse.inf_amd64_neutral_7a5f47d3150cc0eb\i8042prt.sys
[2009.07.14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7600.16385_none_f3435f7ff2a9f325\i8042prt.sys
[2009.07.14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bf\i8042prt.sys
[2009.07.14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\winsxs\amd64_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_aa28fd23ec0c39f9\i8042prt.sys

< MD5 for: IASTOR.SYS >
[2010.11.05 16:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\eSupport\eDriver\Software\Others\Intel\IRST\Vista64_Win7_64_10.1.0.1008\iaStor.sys
[2010.11.05 16:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Windows\SysNative\drivers\iaStor.sys
[2010.11.05 16:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_710b330fb3531234\iaStor.sys

< MD5 for: IASTORV.SYS >
[2010.11.20 14:33:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:33:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: KBDCLASS.SYS >
[2009.07.14 02:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- C:\Windows\SysNative\drivers\kbdclass.sys
[2009.07.14 02:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- C:\Windows\SysNative\DriverStore\FileRepository\keyboard.inf_amd64_neutral_0684fdc43059f486\kbdclass.sys
[2009.07.14 02:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7600.16385_none_f3435f7ff2a9f325\kbdclass.sys
[2009.07.14 02:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bf\kbdclass.sys

< MD5 for: LSASS.EXE >
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 07:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2011.11.17 08:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe
[2011.11.17 08:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_02756f8b7653d554\lsass.exe
[2012.06.04 08:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2012.06.02 06:30:31 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=BF63CE11A25F3509129888710D5111FC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_0309de288f695654\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\SysNative\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 07:42:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D21BD47E528CD62E79311FB5DF0150E6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe

< MD5 for: NDIS.SYS >
[2010.12.29 11:45:14 | 000,947,584 | ---- | M] (Microsoft Corporation) MD5=02A1D495D9CD3C787BDE560CCC6A480E -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.20867_none_045d623d4ecba2f1\ndis.sys
[2010.12.29 11:33:33 | 000,950,656 | ---- | M] (Microsoft Corporation) MD5=303310C91F8C0740ED1C76851C759874 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.21628_none_066fff3d4bd0b870\ndis.sys
[2012.08.22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012.08.22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.20 14:33:46 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2010.12.29 11:41:29 | 000,947,584 | ---- | M] (Microsoft Corporation) MD5=A3151B3463EEA7E47F618F115D0D142E -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16726_none_03fe04d8358e7a0c\ndis.sys
[2010.12.29 11:57:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=C38B8AE57F78915905064A9A24DC1586 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17530_none_05d3903632c269df\ndis.sys
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 14:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 14:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 13:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NTFS.SYS >
[2010.11.20 14:33:48 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=05D78AA5CB5F3F5C31160BDB955D0B7C -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_04972f2c338b23d4\ntfs.sys
[2012.08.31 19:02:20 | 001,656,688 | ---- | M] (Microsoft Corporation) MD5=184C189D4FC416978550FC599BB4EDDA -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.17119_none_02b5b16c36606152\ntfs.sys
[2009.07.14 02:48:27 | 001,659,984 | ---- | M] (Microsoft Corporation) MD5=356698A13C4630D5B31C37378D469196 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16385_none_02661b64369ca03a\ntfs.sys
[2011.03.11 07:23:06 | 001,657,216 | ---- | M] (Microsoft Corporation) MD5=378E0E0DFEA67D98AE6EA53ADBBD76BC -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16778_none_0273f3c63691c4ea\ntfs.sys
[2011.03.11 07:25:53 | 001,685,888 | ---- | M] (Microsoft Corporation) MD5=867C1395F0100CBE9ACD73B1C2741149 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.20921_none_032ca00d4f8d24c5\ntfs.sys
[2011.03.11 07:19:20 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=87B104128D4D3BA3C13098BAEBF38082 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_04d11b5b4ce521d9\ntfs.sys
[2011.03.11 07:41:34 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=A2F74975097F52A00745F9637451FDD8 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_0459508233b9177f\ntfs.sys
[2012.08.31 18:57:17 | 001,687,408 | ---- | M] (Microsoft Corporation) MD5=B2746D84DDF68D09B41B72DF745CCBA6 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.22104_none_052b7b9d4ca0cf8b\ntfs.sys
[2012.08.31 19:19:35 | 001,659,760 | ---- | M] (Microsoft Corporation) MD5=E453ACF4E7D44E5530B5D5F2B9CA8563 -- C:\Windows\SysNative\drivers\ntfs.sys
[2012.08.31 19:19:35 | 001,659,760 | ---- | M] (Microsoft Corporation) MD5=E453ACF4E7D44E5530B5D5F2B9CA8563 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17945_none_0477c74a33a2859a\ntfs.sys
[2012.08.31 19:19:30 | 001,680,240 | ---- | M] (Microsoft Corporation) MD5=FDC7C8346B6D8274631951F1469F95D7 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.21316_none_033c4f3f4f80b23e\ntfs.sys

< MD5 for: NTKRNLPA.EXE >
[2012.03.06 06:59:41 | 003,958,128 | ---- | M] (Microsoft Corporation) MD5=06EF177FE7FEBB1314E42F568FCB55A3 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16973_none_6c0f928015704824\ntkrnlpa.exe
[2012.03.06 06:41:34 | 003,972,464 | ---- | M] (Microsoft Corporation) MD5=07B026E7A2C873D09F0073141EE2099E -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21936_none_6eadcec52b912d42\ntkrnlpa.exe
[2010.11.20 13:30:08 | 003,966,848 | ---- | M] (Microsoft Corporation) MD5=144BD78C6103C8616DE047B3532142DB -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17514_none_6e37cb8c12652b73\ntkrnlpa.exe
[2012.08.30 18:18:33 | 003,958,128 | ---- | M] (Microsoft Corporation) MD5=31805BFA4DC62A55D1C2193237DECC0F -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.17118_none_6c554d82153b4f9a\ntkrnlpa.exe
[2012.03.06 06:59:13 | 003,971,440 | ---- | M] (Microsoft Corporation) MD5=3B237D98A0DFC9395C7D97E33AA38ACF -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21163_none_6ca3d7592e85ff3f\ntkrnlpa.exe
[2012.05.04 11:08:16 | 003,958,128 | ---- | M] (Microsoft Corporation) MD5=406FC11EC77CD41740E6C4A7DE2BE627 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.17017_none_6c544b52153c391c\ntkrnlpa.exe
[2012.03.06 06:59:47 | 003,968,368 | ---- | M] (Microsoft Corporation) MD5=43711ABF8AE553A7B5FFFF61E60C419D -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17790_none_6ddd4ed012a99fed\ntkrnlpa.exe
[2012.05.04 11:03:53 | 003,968,368 | ---- | M] (Microsoft Corporation) MD5=4A56DB06360F59130CAED69FA7526F0A -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17835_none_6e2331b012747421\ntkrnlpa.exe
[2012.08.30 19:11:01 | 003,971,440 | ---- | M] (Microsoft Corporation) MD5=543F90836EFEB1CCE1DC547EF94CABAC -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21315_none_6cdbeb552e5ba086\ntkrnlpa.exe
[2012.08.30 18:06:08 | 003,972,464 | ---- | M] (Microsoft Corporation) MD5=770FEEA2823E463D68E170D7EA6FAEBA -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22103_none_6ecb17b32b7bbdd3\ntkrnlpa.exe
[2012.08.30 18:12:02 | 003,968,880 | ---- | M] (Microsoft Corporation) MD5=7E1EC00B7D0D33A67DFC563574EEFF93 -- C:\Windows\SysWOW64\ntkrnlpa.exe
[2012.08.30 18:12:02 | 003,968,880 | ---- | M] (Microsoft Corporation) MD5=7E1EC00B7D0D33A67DFC563574EEFF93 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17944_none_6e176360127d73e2\ntkrnlpa.exe
[2011.04.01 08:55:04 | 003,966,848 | ---- | M] (Microsoft Corporation) MD5=8E641A407A795DFB7B3A34053EF8DB39 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20826_none_6cd23bf92e62adf0\ntkrnlpa.exe
[2012.03.31 05:39:37 | 003,968,368 | ---- | M] (Microsoft Corporation) MD5=8F6D5704D7522AAB8B4B82C0D35D9184 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17803_none_6e41a0e0125deda0\ntkrnlpa.exe
[2012.03.31 05:37:34 | 003,971,952 | ---- | M] (Microsoft Corporation) MD5=93358348D0B79812CAAA83A1377E4449 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21955_none_6e972ea32ba24bcd\ntkrnlpa.exe
[2012.04.02 05:46:44 | 003,958,128 | ---- | M] (Microsoft Corporation) MD5=9D19079820928D72A5708A668B5B62AE -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16988_none_6c09c4061573e2c8\ntkrnlpa.exe
[2011.04.01 08:55:04 | 003,957,120 | ---- | M] (Microsoft Corporation) MD5=A6DCF9F73F2FCA7A96D9585817A08B43 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16695_none_6bfbed8a157ebb3f\ntkrnlpa.exe
[2012.05.04 11:03:53 | 003,971,952 | ---- | M] (Microsoft Corporation) MD5=AFF886D9D718D3747E5031816C0DA7D2 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21987_none_6e78bf732bb8d24e\ntkrnlpa.exe
[2012.05.04 11:03:46 | 003,970,928 | ---- | M] (Microsoft Corporation) MD5=B8B8ED76D2C7F85F343A284E1DD19B9A -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21207_none_6ce8b9ef2e51ba1c\ntkrnlpa.exe
[2012.03.31 05:43:25 | 003,970,928 | ---- | M] (Microsoft Corporation) MD5=C6D1D128DE4148E35B6C04B6892EB71A -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21179_none_6c9f09292e88b33a\ntkrnlpa.exe
[2009.07.14 02:20:44 | 003,954,768 | ---- | M] (Microsoft Corporation) MD5=E2A8596576873BC5D509031DECD8C95D -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16385_none_6c06b7c41576a7d9\ntkrnlpa.exe
Nahoru
Phreak
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 20 led 2013 13:55

Re: Zablokování PC Policií ČR

#5 Příspěvek od Phreak »

< MD5 for: NTOSKRNL.EXE >
[2012.03.31 07:05:57 | 005,559,664 | ---- | M] (Microsoft Corporation) MD5=03B5C6DBA5A770CEEFD1615E380C6BC3 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17803_none_ca603c63cabb5ed6\ntoskrnl.exe
[2012.03.06 06:59:41 | 003,902,320 | ---- | M] (Microsoft Corporation) MD5=0FB535B17A519134C5F9867841B019AF -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16973_none_6c0f928015704824\ntoskrnl.exe
[2010.11.20 13:30:08 | 003,911,040 | ---- | M] (Microsoft Corporation) MD5=2088D9994332583EDB3C561DE31EA5AD -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17514_none_6e37cb8c12652b73\ntoskrnl.exe
[2012.05.04 12:06:22 | 005,559,664 | ---- | M] (Microsoft Corporation) MD5=2819BB6417B85D38169A4F151463A815 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17835_none_ca41cd33cad1e557\ntoskrnl.exe
[2012.03.31 05:39:37 | 003,913,072 | ---- | M] (Microsoft Corporation) MD5=28F44480E411C3DDF04B63F6560E6EF4 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17803_none_6e41a0e0125deda0\ntoskrnl.exe
[2012.03.31 05:37:33 | 003,916,656 | ---- | M] (Microsoft Corporation) MD5=2E02A17E8965AD671E4987E503AD38B1 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21955_none_6e972ea32ba24bcd\ntoskrnl.exe
[2012.05.04 11:08:15 | 003,902,320 | ---- | M] (Microsoft Corporation) MD5=3D58BF0B376A9968B70B9EB293BE3739 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.17017_none_6c544b52153c391c\ntoskrnl.exe
[2012.08.30 19:10:31 | 005,473,136 | ---- | M] (Microsoft Corporation) MD5=502070A5B89F1E6DEC54817DEBF46425 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21315_none_c8fa86d8e6b911bc\ntoskrnl.exe
[2012.03.06 07:43:21 | 005,504,880 | ---- | M] (Microsoft Corporation) MD5=51F2FD7B6C7966AFE271611D786D35A3 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16973_none_c82e2e03cdcdb95a\ntoskrnl.exe
[2012.05.04 11:03:50 | 003,913,072 | ---- | M] (Microsoft Corporation) MD5=53483A0B2DE3617E832F1DBAF9620F39 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17835_none_6e2331b012747421\ntoskrnl.exe
[2012.08.30 18:06:07 | 003,917,168 | ---- | M] (Microsoft Corporation) MD5=5355A85D26EECFA3A68B1F55B0C59A20 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22103_none_6ecb17b32b7bbdd3\ntoskrnl.exe
[2012.03.06 06:59:41 | 003,913,072 | ---- | M] (Microsoft Corporation) MD5=53B4BDEA12A032EEC71E60B6BFF42F37 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17790_none_6ddd4ed012a99fed\ntoskrnl.exe
[2012.03.06 06:41:34 | 003,916,656 | ---- | M] (Microsoft Corporation) MD5=57B7DE30C4E65AD19CA13AC3065EE60B -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21936_none_6eadcec52b912d42\ntoskrnl.exe
[2012.03.31 06:52:37 | 005,473,136 | ---- | M] (Microsoft Corporation) MD5=5E6017E5814B3BC366A5A7A88538D0FC -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21179_none_c8bda4ace6e62470\ntoskrnl.exe
[2012.08.30 19:11:00 | 003,915,632 | ---- | M] (Microsoft Corporation) MD5=60D216C90A0A306A2A1E69B9EC4A2BA7 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21315_none_6cdbeb552e5ba086\ntoskrnl.exe
[2012.04.02 05:46:44 | 003,902,320 | ---- | M] (Microsoft Corporation) MD5=678AD0F9DB55F9127851CD631456F483 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16988_none_6c09c4061573e2c8\ntoskrnl.exe
[2012.05.04 11:51:47 | 005,561,200 | ---- | M] (Microsoft Corporation) MD5=6A692DB27A943B463E97B749DD34F3DA -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21987_none_ca975af6e4164384\ntoskrnl.exe
[2012.03.31 06:39:18 | 005,561,200 | ---- | M] (Microsoft Corporation) MD5=708A4C721CEE6B3845B5A54477D873CF -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21955_none_cab5ca26e3ffbd03\ntoskrnl.exe
[2011.04.01 08:55:04 | 003,901,824 | ---- | M] (Microsoft Corporation) MD5=776201760B5692F10DDA3BE85B54F213 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16695_none_6bfbed8a157ebb3f\ntoskrnl.exe
[2012.05.04 11:03:46 | 003,915,632 | ---- | M] (Microsoft Corporation) MD5=7A77B0BB0E658AEDC1C99B6DBCB360A1 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21207_none_6ce8b9ef2e51ba1c\ntoskrnl.exe
[2012.08.30 18:18:33 | 003,902,832 | ---- | M] (Microsoft Corporation) MD5=8C8FC2396921C0F897721718ABD5E70B -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.17118_none_6c554d82153b4f9a\ntoskrnl.exe
[2012.08.30 18:12:02 | 003,914,096 | ---- | M] (Microsoft Corporation) MD5=948F0B444CB6CC35FE5F9DE52420CB95 -- C:\Windows\SysWOW64\ntoskrnl.exe
[2012.08.30 18:12:02 | 003,914,096 | ---- | M] (Microsoft Corporation) MD5=948F0B444CB6CC35FE5F9DE52420CB95 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17944_none_6e176360127d73e2\ntoskrnl.exe
[2012.04.02 06:34:04 | 005,504,880 | ---- | M] (Microsoft Corporation) MD5=9579F84C40B3BE205C9FD4CCDD99B6B7 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16988_none_c8285f89cdd153fe\ntoskrnl.exe
[2009.07.14 02:48:28 | 005,511,248 | ---- | M] (Microsoft Corporation) MD5=9E722B768E33D26AD8FA7D642E707443 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16385_none_c8255347cdd4190f\ntoskrnl.exe
[2012.08.30 19:02:58 | 005,562,736 | ---- | M] (Microsoft Corporation) MD5=A0D1C0E813A7C6E17C029375AC2ACE18 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22103_none_cae9b336e3d92f09\ntoskrnl.exe
[2012.05.04 11:03:53 | 003,916,656 | ---- | M] (Microsoft Corporation) MD5=A37A39568C8EC9A17D1B7471445B81A8 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21987_none_6e78bf732bb8d24e\ntoskrnl.exe
[2012.03.06 06:59:13 | 003,915,632 | ---- | M] (Microsoft Corporation) MD5=B83E403A94C4CB2D0576DD6945469D16 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21163_none_6ca3d7592e85ff3f\ntoskrnl.exe
[2009.07.14 02:20:44 | 003,899,472 | ---- | M] (Microsoft Corporation) MD5=B9D673F7707219DFD264891A26C21ECB -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16385_none_6c06b7c41576a7d9\ntoskrnl.exe
[2012.03.06 07:53:37 | 005,559,152 | ---- | M] (Microsoft Corporation) MD5=BAA66E360105F79B5948A2FDAF3AA8FE -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17790_none_c9fbea53cb071123\ntoskrnl.exe
[2012.05.04 11:52:22 | 005,505,392 | ---- | M] (Microsoft Corporation) MD5=BD31B81BFA2E89680315AB15D0D58671 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.17017_none_c872e6d5cd99aa52\ntoskrnl.exe
[2012.05.04 17:52:23 | 005,473,136 | ---- | M] (Microsoft Corporation) MD5=C4C870BD7F081C7AAC4DA553CD17E0F1 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21207_none_c9075572e6af2b52\ntoskrnl.exe
[2011.04.01 08:55:04 | 003,911,552 | ---- | M] (Microsoft Corporation) MD5=C6169F5FDC8399E0C6C0729AB6EF2EF8 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20826_none_6cd23bf92e62adf0\ntoskrnl.exe
[2010.11.20 14:33:48 | 005,563,776 | ---- | M] (Microsoft Corporation) MD5=C6CEC3E6CC9842B73501C70AA64C00FE -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17514_none_ca56670fcac29ca9\ntoskrnl.exe
[2012.08.30 19:11:29 | 005,505,904 | ---- | M] (Microsoft Corporation) MD5=CD632F72C798CA012FE429F66E1F1CAD -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.17118_none_c873e905cd98c0d0\ntoskrnl.exe
[2012.03.31 05:43:25 | 003,915,632 | ---- | M] (Microsoft Corporation) MD5=D909EAFA618BC9DB2615303DA3D9C830 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21179_none_6c9f09292e88b33a\ntoskrnl.exe
[2011.04.01 08:55:04 | 005,510,528 | ---- | M] (Microsoft Corporation) MD5=E2EA143288BFF3D6B3AEB88C3BC02DAF -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16695_none_c81a890dcddc2c75\ntoskrnl.exe
[2011.04.01 08:55:04 | 005,477,248 | ---- | M] (Microsoft Corporation) MD5=E6FC5686F6BB6F0CEB1107E6D064A944 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20826_none_c8f0d77ce6c01f26\ntoskrnl.exe
[2012.03.06 07:51:04 | 005,473,136 | ---- | M] (Microsoft Corporation) MD5=F96AA8BE1890C99883A6C233F9FB59A7 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21163_none_c8c272dce6e37075\ntoskrnl.exe
[2012.03.06 07:30:57 | 005,561,200 | ---- | M] (Microsoft Corporation) MD5=FCAB208AC0F7263A84EB627B1517E5AC -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21936_none_cacc6a48e3ee9e78\ntoskrnl.exe
[2012.08.30 19:03:45 | 005,559,664 | ---- | M] (Microsoft Corporation) MD5=FE905D59663E86BFE51623947B7425FD -- C:\Windows\SysNative\ntoskrnl.exe
[2012.08.30 19:03:45 | 005,559,664 | ---- | M] (Microsoft Corporation) MD5=FE905D59663E86BFE51623947B7425FD -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17944_none_ca35fee3cadae518\ntoskrnl.exe

< MD5 for: NVRAID.SYS >
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.11.20 14:33:50 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 14:33:50 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 07:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 07:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 07:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: REGEDIT.EXE >
[2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe
[2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SPOOLSV.EXE >
[2012.02.11 07:29:02 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=567977DC43CC13C4C35ED7084C0B84D5 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16962_none_32533f26db2c36c0\spoolsv.exe
[2012.02.11 07:26:04 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=807B5B0E287027F72AC37B0CDA9512DA -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.21149_none_32f955f1f433834b\spoolsv.exe
[2012.02.11 07:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=85DAA09A98C9286D4EA2BA8D0E644377 -- C:\Windows\SysNative\spoolsv.exe
[2012.02.11 07:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=85DAA09A98C9286D4EA2BA8D0E644377 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17777_none_3433cdb2d8563d50\spoolsv.exe
[2009.07.14 02:39:44 | 000,558,080 | ---- | M] (Microsoft Corporation) MD5=89E8550C5862999FCF482EA562B0E98E -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_324094c8db39cbbd\spoolsv.exe
[2010.11.20 14:25:22 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=B96C17B5DC1424D56EEA3A99E97428CD -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_3471a890d8284f57\spoolsv.exe
[2012.02.11 07:20:28 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=B9D7A4858CF32A6A15D2763F1DE47E0E -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.21921_none_34ed7a43f150b682\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2010.11.20 14:33:58 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.03.30 11:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2012.03.30 12:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012.08.22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2012.03.30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys

< MD5 for: TDX.SYS >
[2009.07.14 00:21:15 | 000,099,840 | ---- | M] (Microsoft Corporation) MD5=079125C4B17B01FCAEEBCE0BCB290C0F -- C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_4632b9f2f5c6af5e\tdx.sys
[2010.11.20 10:21:58 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806 -- C:\Windows\SysNative\drivers\tdx.sys
[2010.11.20 10:21:58 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806 -- C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_4863cdbaf2b532f8\tdx.sys

< MD5 for: USER32.DLL >
[2010.11.20 13:08:58 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 13:08:58 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 14:27:28 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 14:27:28 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WDF01000.SYS >
[2009.07.14 02:45:55 | 000,654,928 | ---- | M] (Microsoft Corporation) MD5=441BD2D7B4F98134C3A4F9FA570FD250 -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.1.7600.16385_none_d24809e1379d1f91\Wdf01000.sys
[2012.07.26 05:55:47 | 000,785,512 | ---- | M] (Microsoft Corporation) MD5=442783E2CB0DA19873B7A63833FF4CB4 -- C:\Windows\SysNative\drivers\Wdf01000.sys
[2012.07.26 05:55:47 | 000,785,512 | ---- | M] (Microsoft Corporation) MD5=442783E2CB0DA19873B7A63833FF4CB4 -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.1.7600.17013_none_d2919c4737664b78\Wdf01000.sys
[2012.07.26 05:55:47 | 000,785,512 | ---- | M] (Microsoft Corporation) MD5=442783E2CB0DA19873B7A63833FF4CB4 -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.1.7600.21203_none_d3260ae4507bcc78\Wdf01000.sys
[2012.07.26 05:55:47 | 000,785,512 | ---- | M] (Microsoft Corporation) MD5=442783E2CB0DA19873B7A63833FF4CB4 -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.1.7601.17803_none_d482f2fd34846558\Wdf01000.sys
[2012.07.26 05:55:47 | 000,785,512 | ---- | M] (Microsoft Corporation) MD5=442783E2CB0DA19873B7A63833FF4CB4 -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.1.7601.22004_none_d50d68344da151bb\Wdf01000.sys

< MD5 for: WIN32K.SYS >
[2012.07.18 18:22:09 | 003,151,360 | ---- | M] (Microsoft Corporation) MD5=0BEA3EEDF5DA0C2160EB8C4EAC18AAD2 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22060_none_1768e904ca7044db\win32k.sys
[2011.05.04 19:25:58 | 003,135,488 | ---- | M] (Microsoft Corporation) MD5=0E7FBAD1692AACF9E0FF7E6624CC8B4C -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17570_none_16d49e79b15a964b\win32k.sys
[2011.05.04 19:25:58 | 003,133,440 | ---- | M] (Microsoft Corporation) MD5=11D256F453BE218C3C2AEB35B7633EA3 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16772_none_14f04207b4325d0d\win32k.sys
[2012.05.15 02:25:43 | 003,148,800 | ---- | M] (Microsoft Corporation) MD5=1D7EDEAD6891810BCF8566B2319A8B11 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21995_none_174da290ca83e41f\win32k.sys
[2012.11.23 04:35:07 | 003,151,872 | ---- | M] (Microsoft Corporation) MD5=26B161D96D1562819CBDF8A59DBA06D5 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21380_none_156cee0ccd5a0df8\win32k.sys
[2012.11.23 04:45:35 | 003,147,264 | ---- | M] (Microsoft Corporation) MD5=298CC3E47CB19627639BFA84F424BDD4 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.17175_none_14f320b9b42fd3c9\win32k.sys
[2011.04.01 08:59:08 | 003,127,808 | ---- | M] (Microsoft Corporation) MD5=33DD4577B4BA2CF6BD1D1096DCBB0A49 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16732_none_151b81b7b411ed49\win32k.sys
[2012.10.18 19:25:58 | 003,149,824 | ---- | M] (Microsoft Corporation) MD5=34B419EDEAC6F12B34908DE3758F98C9 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17977_none_16dba817b1543c48\win32k.sys
[2011.05.04 19:25:58 | 003,137,536 | ---- | M] (Microsoft Corporation) MD5=3B166F6F8AFBB1B4C1FDDAB0149C3BCE -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.20914_none_15bcc0d4cd1d8506\win32k.sys
[2012.11.22 04:28:17 | 003,151,872 | ---- | M] (Microsoft Corporation) MD5=3BB7D9504A6BAB5E49DD503F005955E6 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22171_none_175f1b48ca77774a\win32k.sys
[2012.04.02 04:01:19 | 003,143,680 | ---- | M] (Microsoft Corporation) MD5=44DC57624E27B6EF3EA24F4892CB2620 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16988_none_14eb77a3b4350b56\win32k.sys
[2012.06.12 04:08:36 | 003,148,800 | ---- | M] (Microsoft Corporation) MD5=511166D3F5D7EBA36DE48C4F5E195886 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17860_none_16df7417b15271cf\win32k.sys
[2012.11.23 04:26:31 | 003,149,824 | ---- | M] (Microsoft Corporation) MD5=523B9B64F2B6C630A2E0A87116C05F12 -- C:\Windows\SysNative\win32k.sys
[2012.11.23 04:26:31 | 003,149,824 | ---- | M] (Microsoft Corporation) MD5=523B9B64F2B6C630A2E0A87116C05F12 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18010_none_17155dbbb12a1683\win32k.sys
[2012.10.18 19:35:40 | 003,151,872 | ---- | M] (Microsoft Corporation) MD5=5C874B021D964326A38765955E108E7F -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21347_none_159f2fc2cd334f95\win32k.sys
[2012.07.18 18:30:08 | 003,150,848 | ---- | M] (Microsoft Corporation) MD5=63F37D88031FDDD3E83B1FA980878052 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21274_none_157bbd3acd4e5a3c\win32k.sys
[2011.04.01 08:59:08 | 003,129,344 | ---- | M] (Microsoft Corporation) MD5=643E6764B18CB3266357FD0AB649F7A8 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21634_none_178d7c1cca542bad\win32k.sys
[2012.06.12 04:02:52 | 003,147,264 | ---- | M] (Microsoft Corporation) MD5=7FF70301AB5176FC3B72BD6C9B8BF888 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.17039_none_15225fabb40bcc3a\win32k.sys
[2012.03.31 03:56:14 | 003,148,800 | ---- | M] (Microsoft Corporation) MD5=88592AB8F8AE4F7264A936AEE682BBE5 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21955_none_1778e240ca63745b\win32k.sys
[2012.10.18 19:18:22 | 003,147,264 | ---- | M] (Microsoft Corporation) MD5=8ABB4C73841402A9D30A4CC0B880FCE1 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.17147_none_15159111b415b2a4\win32k.sys
[2011.04.01 08:59:08 | 003,129,344 | ---- | M] (Microsoft Corporation) MD5=9F9B2A0552CD7FCD1B6A29B94A6AABE1 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.20873_none_157adf1ccd4f162e\win32k.sys
[2012.10.18 19:14:46 | 003,151,872 | ---- | M] (Microsoft Corporation) MD5=9FE34DE5E7E97DA1AB228F71687BDB88 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22137_none_17905cb4ca519f90\win32k.sys
[2012.05.15 02:32:33 | 003,146,752 | ---- | M] (Microsoft Corporation) MD5=A0360F2DEFCBC40497A4F3D0599FE71A -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17842_none_16f71483b1406c9b\win32k.sys
[2012.06.12 04:04:59 | 003,151,360 | ---- | M] (Microsoft Corporation) MD5=A8191824CC60305DD2313D7A74F95EDD -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21231_none_15a3fc0ccd309e73\win32k.sys
[2010.11.20 10:53:34 | 003,126,272 | ---- | M] (Microsoft Corporation) MD5=A89392A32BA98468710FD7E38318934B -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17514_none_17197f29b1265401\win32k.sys
[2012.03.31 04:05:06 | 003,148,800 | ---- | M] (Microsoft Corporation) MD5=B132D7E1E53C5835B13E5F23394C3202 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21179_none_1580bcc6cd49dbc8\win32k.sys
[2012.05.15 02:33:51 | 003,148,800 | ---- | M] (Microsoft Corporation) MD5=B6044DA39F692DDE4AE382053E22A229 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21215_none_15bd9d0ccd1ccbed\win32k.sys
[2012.06.12 03:58:04 | 003,151,872 | ---- | M] (Microsoft Corporation) MD5=BC91C50C20709D85A2137E689DC3ED19 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22016_none_17a4fa5cca425130\win32k.sys
[2012.11.22 04:26:40 | 003,149,824 | ---- | M] (Microsoft Corporation) MD5=C58923115CDE6071C3BF2FF063546E9F -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18009_none_17293041b119dea1\win32k.sys
[2012.11.23 04:28:21 | 003,152,384 | ---- | M] (Microsoft Corporation) MD5=C672AE7957256A51E4F4A0B16CFB8CDC -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22172_none_17601b92ca7690a1\win32k.sys
[2009.07.14 00:40:40 | 003,122,176 | ---- | M] (Microsoft Corporation) MD5=CBEF2EB83438ED9FC39411CC8378B0E7 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16385_none_14e86b61b437d067\win32k.sys
[2012.07.18 18:31:12 | 003,146,752 | ---- | M] (Microsoft Corporation) MD5=E37C71EA972AD883E7841D07BC6D5F1C -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.17073_none_14f11e3fb431a3f4\win32k.sys
[2011.05.04 19:25:58 | 003,137,536 | ---- | M] (Microsoft Corporation) MD5=E5043EE4E7762CBF2E8D69E7D7E726E1 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21673_none_17613c22ca75821a\win32k.sys
[2012.05.15 02:32:20 | 003,144,192 | ---- | M] (Microsoft Corporation) MD5=E794341563033721CE10B4F43FC07F4C -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.17024_none_15282e25b4083196\win32k.sys
[2012.07.18 19:15:06 | 003,148,800 | ---- | M] (Microsoft Corporation) MD5=F0D6864A7D52CE137E0A9D24795C3F0E -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17904_none_172456adb11e2cac\win32k.sys
[2012.03.31 04:10:03 | 003,146,240 | ---- | M] (Microsoft Corporation) MD5=F4C456F9235ED440B81107E951555411 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17803_none_1723547db11f162e\win32k.sys
[2011.04.01 08:59:08 | 003,129,344 | ---- | M] (Microsoft Corporation) MD5=F7755E762C67E2AFF6087AB5D2CE7A7A -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17535_none_1704df9bb135a53a\win32k.sys
[2012.11.22 09:20:36 | 003,147,264 | ---- | M] (Microsoft Corporation) MD5=F8410E860A7250CC7E645C6CA4A4D9E6 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.17174_none_14f2206fb430ba72\win32k.sys
[2012.11.22 04:41:57 | 003,151,872 | ---- | M] (Microsoft Corporation) MD5=F9744B7394857A472AB94052FB12EEDC -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21379_none_1580c092cd49d616\win32k.sys

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

< MD5 for: WINSRV.DLL >
[2011.07.16 06:26:18 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=0CB6EBF4B461A6043353C570BD72A1E1 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.16850_none_128f0019b5f25b8f\winsrv.dll
[2012.08.20 20:06:40 | 000,215,040 | ---- | M] (Microsoft Corporation) MD5=0E83424D4CEC0665A3A916AD6B261E53 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.21306_none_13548c10cee23265\winsrv.dll
[2012.08.20 19:27:20 | 000,215,040 | ---- | M] (Microsoft Corporation) MD5=111AFE35DD2D423EE8E176CA7B2BBDC7 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22091_none_14d49672cc561df0\winsrv.dll
[2012.10.04 18:38:24 | 000,215,040 | ---- | M] (Microsoft Corporation) MD5=4343295C52C8B1ADD906F1A37B940AA1 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.17135_none_12a97d51b5ddcff0\winsrv.dll
[2009.07.14 02:41:56 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=457B44AB6D502E55F64A867D4F35C76C -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.16385_none_12738849b6063c52\winsrv.dll
[2011.06.24 06:26:55 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=6D408ABD60A995A2DAB4BAAE38BCA04F -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.20995_none_12f25ea6cf2be9d0\winsrv.dll
[2012.10.04 18:45:55 | 000,215,040 | ---- | M] (Microsoft Corporation) MD5=72CC564BBC70DE268784BCE91EB8A28F -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17965_none_146f9457b31c5994\winsrv.dll
[2012.08.18 16:42:31 | 000,215,040 | ---- | M] (Microsoft Corporation) MD5=79CDA06F75AD5373DD447F57575C4400 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.17107_none_12cbeda9b5c3aecb\winsrv.dll
[2012.10.04 18:35:04 | 000,215,040 | ---- | M] (Microsoft Corporation) MD5=7C17C4AACC79E619E6A4131F51588ED3 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.21335_none_13331c02cefb6ce1\winsrv.dll
[2012.11.30 06:45:14 | 000,215,040 | ---- | M] (Microsoft Corporation) MD5=9E479C2B605C25DA4971ABA36250FAEF -- C:\Windows\SysNative\winsrv.dll
[2012.11.30 06:45:14 | 000,215,040 | ---- | M] (Microsoft Corporation) MD5=9E479C2B605C25DA4971ABA36250FAEF -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.18015_none_14a57c15b2f40121\winsrv.dll
[2012.11.30 06:43:49 | 000,215,040 | ---- | M] (Microsoft Corporation) MD5=B0F0F844BB3BA4C25837310FD0909BFD -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.21386_none_12fe0cb0cf2311ed\winsrv.dll
[2011.06.24 06:27:05 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=C13D05A015346DED3D722BE285814495 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21756_none_1504fba6cc30ff4f\winsrv.dll
[2012.11.30 06:55:04 | 000,215,040 | ---- | M] (Microsoft Corporation) MD5=C2B1F6196C7FE1EA1BF827312B095D06 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22177_none_14f039eccc407b3f\winsrv.dll
[2012.11.30 06:49:28 | 000,215,040 | ---- | M] (Microsoft Corporation) MD5=C4C551E6AB333C0EB812A3A4672E89DB -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.17179_none_12823ec9b5faa510\winsrv.dll
[2012.10.04 18:43:44 | 000,215,040 | ---- | M] (Microsoft Corporation) MD5=CC44EBC3E04E76AABE19EB4A16663E4A -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22125_none_152448f4cc19bcdc\winsrv.dll
[2010.11.20 14:27:30 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=E0406AEF04B088D1C49FC78D0546F689 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17514_none_14a49c11b2f4bfec\winsrv.dll
[2011.06.24 06:34:53 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=EB6A48CC998E1090E44E8E7F1009A640 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17641_none_14812d55b30fc4e1\winsrv.dll
[2012.08.20 19:48:43 | 000,215,040 | ---- | M] (Microsoft Corporation) MD5=F46BBAAC1C4980F4D0DD463F190A42D3 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17932_none_148d033db306b9bc\winsrv.dll

< MD5 for: WS2_32.DLL >
[2010.11.20 14:27:30 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 14:27:30 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 13:21:40 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 13:21:40 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
Nahoru
Phreak
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 20 led 2013 13:55

Re: Zablokování PC Policií ČR

#6 Příspěvek od Phreak »

< MD5 for: WSCRIPT.EXE >
[2009.07.14 02:39:57 | 000,168,960 | ---- | M] (Microsoft Corporation) MD5=8886E0697B0A93C521F99099EF643450 -- C:\Windows\SysNative\wscript.exe
[2009.07.14 02:39:57 | 000,168,960 | ---- | M] (Microsoft Corporation) MD5=8886E0697B0A93C521F99099EF643450 -- C:\Windows\winsxs\amd64_microsoft-windows-scripting_31bf3856ad364e35_6.1.7600.16385_none_a45d44bd1a0af822\wscript.exe
[2009.07.14 02:14:49 | 000,141,824 | ---- | M] (Microsoft Corporation) MD5=D1AB72DB2BEDD2F255D35DA3DA0D4B16 -- C:\Windows\SysWOW64\wscript.exe
[2009.07.14 02:14:49 | 000,141,824 | ---- | M] (Microsoft Corporation) MD5=D1AB72DB2BEDD2F255D35DA3DA0D4B16 -- C:\Windows\winsxs\wow64_microsoft-windows-scripting_31bf3856ad364e35_6.1.7600.16385_none_aeb1ef0f4e6bba1d\wscript.exe

< >

< >

< %systemroot%\system32\drivers\*.sys /md5 /64 >
[2009.07.14 01:06:38 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=64EDD3F59DB321947969FDF1DD747323 -- C:\Windows\SysNative\drivers\1394bus.sys
[2010.11.20 11:44:58 | 000,229,888 | ---- | M] (Microsoft Corporation) MD5=A87D604AEA360176311474C87A63BB88 -- C:\Windows\SysNative\drivers\1394ohci.sys
[2010.11.20 14:32:48 | 000,334,208 | ---- | M] (Microsoft Corporation) MD5=D81D9E70B8A6DD14D42D7B4EFA65D5F2 -- C:\Windows\SysNative\drivers\acpi.sys
[2010.11.20 10:30:44 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=99F8E788246D495CE3794D7E7821D2CA -- C:\Windows\SysNative\drivers\acpipmi.sys
[2009.07.14 02:52:21 | 000,491,088 | ---- | M] (Adaptec, Inc.) MD5=2F6B34B83843F0C5118B63AC634F5BF4 -- C:\Windows\SysNative\drivers\adp94xx.sys
[2009.07.14 02:52:21 | 000,339,536 | ---- | M] (Adaptec, Inc.) MD5=597F78224EE9224EA1A13D6350CED962 -- C:\Windows\SysNative\drivers\adpahci.sys
[2009.07.14 02:52:21 | 000,182,864 | ---- | M] (Adaptec, Inc.) MD5=E109549C90F62FB570B9540C4B148E54 -- C:\Windows\SysNative\drivers\adpu320.sys
[2011.12.28 04:59:24 | 000,498,688 | ---- | M] (Microsoft Corporation) MD5=1C7857B62DE5994A75B054A9FD4C3825 -- C:\Windows\SysNative\drivers\afd.sys
[2009.07.14 01:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=7ECFF9B22276B73F43A99A15A6094E90 -- C:\Windows\SysNative\drivers\agilevpn.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2011.02.26 01:42:18 | 000,016,768 | ---- | M] (ASUSTek Computer Inc.) MD5=14370049D8C9912EAC7603809A77C378 -- C:\Windows\SysNative\drivers\AiCharger.sys
[2009.07.14 02:52:21 | 000,015,440 | ---- | M] (Acer Laboratories Inc.) MD5=5812713A477A3AD7363C7438CA2EE038 -- C:\Windows\SysNative\drivers\aliide.sys
[2009.07.14 02:52:21 | 000,015,440 | ---- | M] (Microsoft Corporation) MD5=1FF8B4431C353CE385C875F194924C0C -- C:\Windows\SysNative\drivers\amdide.sys
[2009.07.14 00:19:25 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=7024F087CFF1833A806193EF9D22CDA9 -- C:\Windows\SysNative\drivers\amdk8.sys
[2009.07.14 00:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) MD5=1E56388B3FE0D031C44144EB8C4D6217 -- C:\Windows\SysNative\drivers\amdppm.sys
[2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) MD5=D4121AE6D0C0E7E13AA221AA57EF2D49 -- C:\Windows\SysNative\drivers\amdsata.sys
[2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) MD5=F67F933E79241ED32FF46A4F29B5120B -- C:\Windows\SysNative\drivers\amdsbs.sys
[2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) MD5=540DAF1CEA6094886D72126FD7C33048 -- C:\Windows\SysNative\drivers\amdxata.sys
[2010.11.20 11:14:38 | 000,061,440 | ---- | M] (Microsoft Corporation) MD5=89A69C3F2F319B43379399547526D952 -- C:\Windows\SysNative\drivers\appid.sys
[2009.07.14 02:52:21 | 000,087,632 | ---- | M] (Adaptec, Inc.) MD5=C484F8CEB1717C540242531DB7845C4E -- C:\Windows\SysNative\drivers\arc.sys
[2009.07.14 02:52:21 | 000,097,856 | ---- | M] (Adaptec, Inc.) MD5=019AF6924AEFE7839F61C830227FE79C -- C:\Windows\SysNative\drivers\arcsas.sys
[2009.07.14 01:10:13 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=769765CE2CC62867468CEA93969B2242 -- C:\Windows\SysNative\drivers\asyncmac.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2010.11.20 14:32:48 | 000,155,520 | ---- | M] (Microsoft Corporation) MD5=A34FE1E025E88798E746F484956C0720 -- C:\Windows\SysNative\drivers\ataport.sys
[2010.07.08 10:03:48 | 002,228,736 | ---- | M] (Atheros Communications, Inc.) MD5=DE8B9C3E0E09D918B394207F34AC16DD -- C:\Windows\SysNative\drivers\athrx.sys
[2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) MD5=B5ACE6968304A3900EEB1EBFD9622DF2 -- C:\Windows\SysNative\drivers\b57nd60a.sys
[2009.07.14 02:52:21 | 000,028,240 | ---- | M] (Microsoft Corporation) MD5=F4DE2AE7A9E1BADAC70BC71EA2C17612 -- C:\Windows\SysNative\drivers\battc.sys
[2009.07.14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys
[2009.07.14 00:35:59 | 000,045,056 | ---- | M] (Microsoft Corporation) MD5=61583EE3C3A17003C4ACD0475646B4D3 -- C:\Windows\SysNative\drivers\blbdrive.sys
[2011.05.04 19:25:04 | 000,090,624 | ---- | M] (Microsoft Corporation) MD5=6C02A83164F5CC0A262F4199F0871CF5 -- C:\Windows\SysNative\drivers\bowser.sys
[2009.06.10 21:41:06 | 000,018,432 | ---- | M] (Brother Industries, Ltd.) MD5=F09EEE9EDC320B5E1501F749FDE686C8 -- C:\Windows\SysNative\drivers\BrFiltLo.sys
[2009.06.10 21:41:06 | 000,008,704 | ---- | M] (Brother Industries, Ltd.) MD5=B114D3098E9BDB8BEA8B053685831BE6 -- C:\Windows\SysNative\drivers\BrFiltUp.sys
[2009.07.14 02:01:48 | 000,095,232 | ---- | M] (Microsoft Corporation) MD5=5C2F352A4E961D72518261257AAE204B -- C:\Windows\SysNative\drivers\bridge.sys
[2009.07.14 02:19:07 | 000,286,720 | ---- | M] (Brother Industries Ltd.) MD5=43BEA8D483BF1870F018E2D02E06A5BD -- C:\Windows\SysNative\drivers\BrSerId.sys
[2009.06.10 21:41:10 | 000,047,104 | ---- | M] (Brother Industries Ltd.) MD5=A6ECA2151B08A09CACECA35C07F05B42 -- C:\Windows\SysNative\drivers\BrSerWdm.sys
[2009.06.10 21:41:10 | 000,014,976 | ---- | M] (Brother Industries Ltd.) MD5=B79968002C277E869CF38BD22CD61524 -- C:\Windows\SysNative\drivers\BrUsbMdm.sys
[2009.06.10 21:41:10 | 000,014,720 | ---- | M] (Brother Industries Ltd.) MD5=A87528880231C54E75EA7A44943B38BF -- C:\Windows\SysNative\drivers\BrUsbSer.sys
[2011.03.13 18:58:42 | 000,298,656 | ---- | M] (Atheros) MD5=FE70889A85C57A9268101B2DB0474509 -- C:\Windows\SysNative\drivers\btath_a2dp.sys
[2011.03.13 18:58:42 | 000,028,832 | ---- | M] (Atheros) MD5=A83A91D07D1FE6BBE7A9DB46CA00434B -- C:\Windows\SysNative\drivers\btath_bus.sys
[2011.03.13 18:58:42 | 000,036,000 | ---- | M] (Atheros) MD5=CBE61B4494165F458BD87E37181EE934 -- C:\Windows\SysNative\drivers\btath_flt.sys
[2011.03.13 18:58:44 | 000,201,376 | ---- | M] (Atheros) MD5=C864FF85EE16D61C2BDD5EF76824625F -- C:\Windows\SysNative\drivers\btath_hcrp.sys
[2011.03.13 18:58:44 | 000,055,456 | ---- | M] (Atheros) MD5=0DEA505EFB5D771826D177EF8B8A208F -- C:\Windows\SysNative\drivers\btath_lwflt.sys
[2011.03.13 18:58:44 | 000,154,272 | ---- | M] (Atheros) MD5=724C8088C96EFE7A3E63FEC21D4681C0 -- C:\Windows\SysNative\drivers\btath_rcp.sys
[2011.03.13 18:58:44 | 000,280,224 | ---- | M] (Atheros) MD5=AA0F5AFCF077C5246589B32ECEEAE566 -- C:\Windows\SysNative\drivers\btfilter.sys
[2009.07.14 01:06:53 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=CF98190A94F62E405C8CB255018B2315 -- C:\Windows\SysNative\drivers\bthenum.sys
[2009.07.14 01:06:52 | 000,072,192 | ---- | M] (Microsoft Corporation) MD5=9DA669F11D1F894AB4EB69BF546A42E8 -- C:\Windows\SysNative\drivers\bthmodem.sys
[2009.07.14 01:07:00 | 000,118,784 | ---- | M] (Microsoft Corporation) MD5=02DD601B708DD0667E1331FA8518E9FF -- C:\Windows\SysNative\drivers\bthpan.sys
[2012.07.06 21:07:42 | 000,552,960 | ---- | M] (Microsoft Corporation) MD5=738D0E9272F59EB7A1449C3EC118E6C4 -- C:\Windows\SysNative\drivers\bthport.sys
[2011.04.28 04:54:56 | 000,080,384 | ---- | M] (Microsoft Corporation) MD5=F188B7394D81010767B6DF3178519A37 -- C:\Windows\SysNative\drivers\BTHUSB.SYS
[2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) MD5=3E5B191307609F7514148C6832BB0842 -- C:\Windows\SysNative\drivers\bxvbda.sys
[2009.07.14 00:19:47 | 000,092,160 | ---- | M] (Microsoft Corporation) MD5=B8BD2BB284668C84865658C77574381A -- C:\Windows\SysNative\drivers\cdfs.sys
[2009.10.20 11:00:00 | 000,010,224 | ---- | M] (Sonic Solutions) MD5=EFE63BDFC12A1DD65FBB9E621F29B78C -- C:\Windows\SysNative\drivers\cdr4_xp.sys
[2009.10.20 11:00:00 | 000,010,224 | ---- | M] (Sonic Solutions) MD5=60B3B1A2544EB7843F26EC291BB590BB -- C:\Windows\SysNative\drivers\cdralw2k.sys
[2010.11.20 10:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.07.14 01:06:34 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=D7CD5C4E1B71FA62050515314CFB52CF -- C:\Windows\SysNative\drivers\circlass.sys
[2010.11.20 14:32:58 | 000,179,072 | ---- | M] (Microsoft Corporation) MD5=ACFAD0B512226C7A83C7CB09FD55A9AD -- C:\Windows\SysNative\drivers\Classpnp.sys
[2009.07.14 00:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) MD5=0840155D0BDDF1190F84A663C284BD33 -- C:\Windows\SysNative\drivers\CmBatt.sys
[2009.07.14 02:52:31 | 000,017,488 | ---- | M] (CMD Technology, Inc.) MD5=E19D3F095812725D88F9001985B94EDD -- C:\Windows\SysNative\drivers\cmdide.sys
[2012.06.02 06:50:10 | 000,458,704 | ---- | M] (Microsoft Corporation) MD5=9AC4F97C2D3E93367E2148EA940CD2CD -- C:\Windows\SysNative\drivers\cng.sys
[2009.07.14 02:52:31 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=102DE219C3F61415F964C88E9085AD14 -- C:\Windows\SysNative\drivers\compbatt.sys
[2010.11.20 11:33:18 | 000,038,912 | ---- | M] (Microsoft Corporation) MD5=03EDB043586CCEBA243D689BDDA370A8 -- C:\Windows\SysNative\drivers\CompositeBus.sys
[2009.07.14 02:47:48 | 000,039,504 | ---- | M] (Microsoft Corporation) MD5=3E588B60EC061686BA05D33574A344C6 -- C:\Windows\SysNative\drivers\crashdmp.sys
[2009.07.14 02:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) MD5=1C827878A998C18847245FE1F34EE597 -- C:\Windows\SysNative\drivers\crcdisk.sys
[2010.11.20 10:26:34 | 000,102,400 | ---- | M] (Microsoft Corporation) MD5=9BB2EF44EAA163B29C4A4587887A0FE4 -- C:\Windows\SysNative\drivers\dfsc.sys
[2009.07.14 00:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) MD5=13096B05847EC78F0977F2C0F79E9AB3 -- C:\Windows\SysNative\drivers\discache.sys
[2009.07.14 02:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\drivers\disk.sys
[2011.04.22 23:15:29 | 000,027,520 | ---- | M] (Microsoft Corporation) MD5=9BBD8B5855BC6578957F82341F9CDE5A -- C:\Windows\SysNative\drivers\Diskdump.sys
[2010.07.13 14:21:48 | 000,015,464 | ---- | M] (Realtek Semiconductor Corp.) MD5=06A5553E5F3D8717E56FEB8E559F92B5 -- C:\Windows\SysNative\drivers\diskperf64.sys
[2009.07.14 02:01:25 | 000,116,224 | ---- | M] (Microsoft Corporation) MD5=21D26064AEDB4988F785BB4A3A2C051E -- C:\Windows\SysNative\drivers\drmk.sys
[2009.07.14 01:06:16 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=9B19F34400D24DF84C858A421C205754 -- C:\Windows\SysNative\drivers\drmkaud.sys
[2009.07.14 02:47:48 | 000,028,736 | ---- | M] (Microsoft Corporation) MD5=839B5FE3D48E9F35B22C21A3D5103F6C -- C:\Windows\SysNative\drivers\Dumpata.sys
[2009.07.14 02:43:14 | 000,055,128 | ---- | M] (Microsoft Corporation) MD5=814DB88F2641691575A455CF25354098 -- C:\Windows\SysNative\drivers\dumpfve.sys
[2009.07.14 00:38:28 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=BF24D6F2ED97FE830BFD52B246F98E67 -- C:\Windows\SysNative\drivers\dxapi.sys
[2009.07.14 00:38:28 | 000,098,816 | ---- | M] (Microsoft Corporation) MD5=FEDE0629ECB23650D48989517D4914DA -- C:\Windows\SysNative\drivers\dxg.sys
[2010.11.20 14:33:26 | 000,982,912 | ---- | M] (Microsoft Corporation) MD5=F5BEE30450E18E6B83A5012C100616FD -- C:\Windows\SysNative\drivers\dxgkrnl.sys
[2010.11.20 10:49:56 | 000,258,048 | ---- | M] (Microsoft Corporation) MD5=9CD68BDDF322535C02ADC8331013D13D -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2010.07.29 12:31:26 | 000,168,544 | ---- | M] (ESET) MD5=398FDC5694F2BA9E51E321CA40D1706E -- C:\Windows\SysNative\drivers\eamonm.sys
[2010.07.29 12:31:26 | 000,141,264 | ---- | M] (ESET) MD5=E99457900012B53B2226F146ECAF9136 -- C:\Windows\SysNative\drivers\ehdrv.sys
[2009.07.14 02:47:48 | 000,530,496 | ---- | M] (Emulex) MD5=0E5DA5369A0FCAEA12456DD852545184 -- C:\Windows\SysNative\drivers\elxstor.sys
[2010.07.29 12:31:26 | 000,126,320 | ---- | M] (ESET) MD5=A2AF094DCBE8BFF7E898D327750506A0 -- C:\Windows\SysNative\drivers\epfwwfpr.sys
[2009.07.14 00:31:04 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=34A3C54752046E79A126E15C51DB409B -- C:\Windows\SysNative\drivers\errdev.sys
[2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) MD5=DC5D737F51BE844D8C82C695EB17372F -- C:\Windows\SysNative\drivers\evbda.sys
[2009.07.14 00:23:29 | 000,195,072 | ---- | M] (Microsoft Corporation) MD5=A510C654EC00C1E9BDD91EEB3A59823B -- C:\Windows\SysNative\drivers\exfat.sys
[2009.07.14 00:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- C:\Windows\SysNative\drivers\fastfat.sys
[2009.07.14 01:00:54 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=D765D19CD8EF61F650C384F62FAC00AB -- C:\Windows\SysNative\drivers\fdc.sys
[2009.07.14 02:47:48 | 000,070,224 | ---- | M] (Microsoft Corporation) MD5=655661BE46B5F5F3FD454E2C3095B930 -- C:\Windows\SysNative\drivers\fileinfo.sys
[2009.07.14 00:25:40 | 000,034,304 | ---- | M] (Microsoft Corporation) MD5=5F671AB5BC87EEA04EC38A6CD5962A47 -- C:\Windows\SysNative\drivers\filetrace.sys
[2009.07.14 01:00:54 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=C172A0F53008EAEB8EA33FE10E177AF5 -- C:\Windows\SysNative\drivers\flpydisk.sys
[2010.11.20 14:33:36 | 000,289,664 | ---- | M] (Microsoft Corporation) MD5=DA6B67270FD9DB3697B20FCE94950741 -- C:\Windows\SysNative\drivers\fltMgr.sys
[2011.04.08 23:46:08 | 000,177,152 | ---- | M] (Fresco Logic) MD5=7DE8A770487FC4B5E3A168AD97E1D370 -- C:\Windows\SysNative\drivers\FLxHCIc.sys
[2011.04.08 23:46:08 | 000,056,320 | ---- | M] (Fresco Logic) MD5=2D54A3319FC955029E4B371CDC088FF4 -- C:\Windows\SysNative\drivers\FLxHCIh.sys
[2009.07.14 02:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) MD5=D43703496149971890703B4B1B723EAC -- C:\Windows\SysNative\drivers\fsdepends.sys
[2011.06.19 07:03:08 | 000,053,760 | ---- | M] (Windows (R) Win 7 DDK provider) MD5=3DFA8D4E50D608F8F732014614C84DD2 -- C:\Windows\SysNative\drivers\fspad_win764.sys
[2010.09.23 08:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) MD5=6C06701BF1DB05405804D7EB610991CE -- C:\Windows\SysNative\drivers\fssfltr.sys
[2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) MD5=6BD9295CC032DD3077C671FCCF579A7B -- C:\Windows\SysNative\drivers\fs_rec.sys
[2010.11.20 14:29:00 | 000,223,248 | ---- | M] (Microsoft Corporation) MD5=1F7B25B858FA27015169FE95E54108ED -- C:\Windows\SysNative\drivers\fvevol.sys
[2012.08.22 19:12:33 | 000,288,624 | ---- | M] (Microsoft Corporation) MD5=910DD6694848872FD3B8F42BAF801D0A -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2009.07.14 02:47:48 | 000,065,088 | ---- | M] (Microsoft Corporation) MD5=8C778D335C9D272CFD3298AB02ABE3B6 -- C:\Windows\SysNative\drivers\GAGP30KX.SYS
[2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) MD5=F2523EF6460FC42405B12248338AB2F0 -- C:\Windows\SysNative\drivers\hcw85cir.sys
[2010.11.20 11:43:44 | 000,122,368 | ---- | M] (Microsoft Corporation) MD5=97BFED39B6B79EB12CDDBFEED51F56BB -- C:\Windows\SysNative\drivers\hdaudbus.sys
[2010.11.20 11:44:24 | 000,350,208 | ---- | M] (Microsoft Corporation) MD5=975761C778E33CD22498059B91E7373A -- C:\Windows\SysNative\drivers\HdAudio.sys
[2010.09.21 17:59:38 | 000,056,344 | ---- | M] (Intel Corporation) MD5=1C6E73FC46B509EFF9D0086AA37132DF -- C:\Windows\SysNative\drivers\HECIx64.sys
[2009.07.14 00:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=78E86380454A7B10A5EB255DC44A355F -- C:\Windows\SysNative\drivers\hidbatt.sys
[2009.07.14 01:06:52 | 000,100,864 | ---- | M] (Microsoft Corporation) MD5=7FD2A313F7AFE5C4DAB14798C48DD104 -- C:\Windows\SysNative\drivers\hidbth.sys
[2010.11.20 11:43:50 | 000,076,800 | ---- | M] (Microsoft Corporation) MD5=8B0E40E7E8BBF5ACF390465609D89FF1 -- C:\Windows\SysNative\drivers\hidclass.sys
[2009.07.14 01:06:23 | 000,046,592 | ---- | M] (Microsoft Corporation) MD5=0A77D29F311B88CFAE3B13F9C1A73825 -- C:\Windows\SysNative\drivers\hidir.sys
[2009.07.14 01:06:17 | 000,032,896 | ---- | M] (Microsoft Corporation) MD5=49EE2E52E6CD03947DAD72F65367BE06 -- C:\Windows\SysNative\drivers\hidparse.sys
[2010.11.20 11:43:50 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=9592090A7E2B61CD582B612B6DF70536 -- C:\Windows\SysNative\drivers\hidusb.sys
[2010.11.20 14:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) MD5=39D2ABCD392F3D8A6DCE7B60AE7B8EFC -- C:\Windows\SysNative\drivers\HpSAMD.sys
[2010.11.20 10:25:16 | 000,753,664 | ---- | M] (Microsoft Corporation) MD5=0EA7DE1ACB728DD5A369FD742D6EEE28 -- C:\Windows\SysNative\drivers\http.sys
[2010.11.20 14:33:38 | 000,014,720 | ---- | M] (Microsoft Corporation) MD5=A5462BD6884960C9DC85ED49D34FF392 -- C:\Windows\SysNative\drivers\hwpolicy.sys
[2009.07.14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\SysNative\drivers\i8042prt.sys
[2010.11.05 16:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Windows\SysNative\drivers\iaStor.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2009.07.14 02:48:04 | 000,044,112 | ---- | M] (Intel Corp./ICP vortex GmbH) MD5=5C18831C61933628F5BB0EA2675B9D21 -- C:\Windows\SysNative\drivers\iirsp.sys
[2009.07.14 02:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) MD5=F00F20E70C6EC3AA366910083A0518AA -- C:\Windows\SysNative\drivers\intelide.sys
[2009.07.14 00:19:25 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=ADA036632C664CAA754079041CF1F8C1 -- C:\Windows\SysNative\drivers\intelppm.sys
[2010.11.20 11:52:20 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=C9F0E1BD74365A8771590E9008D22AB6 -- C:\Windows\SysNative\drivers\ipfltdrv.sys
[2010.11.20 11:04:54 | 000,078,848 | ---- | M] (Microsoft Corporation) MD5=0FC1AEA580957AA8817B8F305D18CA3A -- C:\Windows\SysNative\drivers\IPMIDrv.sys
[2009.07.14 01:10:03 | 000,116,224 | ---- | M] (Microsoft Corporation) MD5=AF9B39A7E7B6CAA203B3862582E9F2D0 -- C:\Windows\SysNative\drivers\ipnat.sys
[2009.07.14 01:09:02 | 000,120,320 | ---- | M] (Microsoft Corporation) MD5=05360B1EA5A2ABF620D1D96EBD8BD8F1 -- C:\Windows\SysNative\drivers\irda.sys
[2009.07.14 01:08:59 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=3ABF5E7213EB28966D55D58B515D5CE9 -- C:\Windows\SysNative\drivers\irenum.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 02:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- C:\Windows\SysNative\drivers\kbdclass.sys
[2010.11.20 11:33:26 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=0705EFF5B42A9DB58548EEC3B26BB484 -- C:\Windows\SysNative\drivers\kbdhid.sys
[2009.07.20 10:29:40 | 000,015,416 | ---- | M] ( ) MD5=E63EF8C3271D014F14E2469CE75FECB4 -- C:\Windows\SysNative\drivers\kbfiltr.sys
[2010.11.20 11:33:26 | 000,243,712 | ---- | M] (Microsoft Corporation) MD5=24FBF5CC5C04150073C315A7C83521EE -- C:\Windows\SysNative\drivers\ks.sys
[2012.06.02 06:48:16 | 000,095,600 | ---- | M] (Microsoft Corporation) MD5=97A7070AEA4C058B6418519E869A63B4 -- C:\Windows\SysNative\drivers\ksecdd.sys
[2012.06.02 06:48:16 | 000,151,920 | ---- | M] (Microsoft Corporation) MD5=26C43A7C2862447EC59DEDA188D1DA07 -- C:\Windows\SysNative\drivers\ksecpkg.sys
[2009.07.14 01:00:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=6869281E78CB31A43E969F06B57347C4 -- C:\Windows\SysNative\drivers\ksthunk.sys
[2009.06.10 21:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) MD5=033B4AED2C5519072C0D81E00804D003 -- C:\Windows\SysNative\drivers\L1C62x64.sys
[2009.07.14 01:08:51 | 000,060,928 | ---- | M] (Microsoft Corporation) MD5=1538831CF8AD2979A04C423779465827 -- C:\Windows\SysNative\drivers\lltdio.sys
[2009.07.14 02:48:04 | 000,114,752 | ---- | M] (LSI Corporation) MD5=1A93E54EB0ECE102495A51266DCDB6A6 -- C:\Windows\SysNative\drivers\lsi_fc.sys
[2009.07.14 02:48:04 | 000,106,560 | ---- | M] (LSI Corporation) MD5=1047184A9FDC8BDBFF857175875EE810 -- C:\Windows\SysNative\drivers\lsi_sas.sys
[2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) MD5=30F5C0DE1EE8B5BC9306C1F0E4A75F93 -- C:\Windows\SysNative\drivers\lsi_sas2.sys
[2009.07.14 02:48:04 | 000,115,776 | ---- | M] (LSI Corporation) MD5=0504EACAFF0D3C8AED161C4B0D369D4A -- C:\Windows\SysNative\drivers\lsi_scsi.sys
[2009.07.14 00:26:13 | 000,113,152 | ---- | M] (Microsoft Corporation) MD5=43D0F98E1D56CCDDB0D5254CFF7B356E -- C:\Windows\SysNative\drivers\luafv.sys
[2009.11.18 00:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) MD5=8FF2D95CBA49B405C5DE27039FF0BF35 -- C:\Windows\SysNative\drivers\MBfilt64.sys
[2009.07.14 01:01:06 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=3C9F072F9DCA856B9FB7A20CBD4281AC -- C:\Windows\SysNative\drivers\mcd.sys
[2009.07.14 02:48:04 | 000,035,392 | ---- | M] (LSI Corporation) MD5=A55805F747C6EDB6A9080D7C633BD0F4 -- C:\Windows\SysNative\drivers\megasas.sys
[2009.07.14 02:48:04 | 000,284,736 | ---- | M] (LSI Corporation, Inc.) MD5=BAF74CE0072480C3B6B7C13B2A94D6B3 -- C:\Windows\SysNative\drivers\MegaSR.sys
[2009.07.14 01:10:48 | 000,040,448 | ---- | M] (Microsoft Corporation) MD5=800BA92F7010378B09F9ED9270F07137 -- C:\Windows\SysNative\drivers\modem.sys
[2009.07.14 00:38:52 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=B03D591DC7DA45ECE20B3B467E6AADAA -- C:\Windows\SysNative\drivers\monitor.sys
[2009.07.14 02:48:27 | 000,049,216 | ---- | M] (Microsoft Corporation) MD5=7D27EA49F3C1F687D357E77A470AEA99 -- C:\Windows\SysNative\drivers\mouclass.sys
[2009.07.14 01:00:20 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D3BF052C40B0C4166D9FD86A4288C1E6 -- C:\Windows\SysNative\drivers\mouhid.sys
[2010.11.20 14:33:44 | 000,094,592 | ---- | M] (Microsoft Corporation) MD5=32E7A3D591D671A6DF2DB515A5CBE0FA -- C:\Windows\SysNative\drivers\mountmgr.sys
[2010.11.20 14:33:46 | 000,155,008 | ---- | M] (Microsoft Corporation) MD5=A44B420D30BD56E145D6A2BC8768EC58 -- C:\Windows\SysNative\drivers\mpio.sys
[2009.07.14 01:08:25 | 000,077,312 | ---- | M] (Microsoft Corporation) MD5=6C38C9E45AE0EA2FA5E551F2ED5E978F -- C:\Windows\SysNative\drivers\mpsdrv.sys
[2010.11.20 10:26:44 | 000,140,800 | ---- | M] (Microsoft Corporation) MD5=DC722758B8261E1ABAFD31A3C0A66380 -- C:\Windows\SysNative\drivers\mrxdav.sys
[2011.04.27 03:40:40 | 000,158,208 | ---- | M] (Microsoft Corporation) MD5=A5D9106A73DC88564C825D317CAC68AC -- C:\Windows\SysNative\drivers\mrxsmb.sys
[2011.07.09 03:46:28 | 000,288,768 | ---- | M] (Microsoft Corporation) MD5=D711B3C1D5F42C0C2415687BE09FC163 -- C:\Windows\SysNative\drivers\mrxsmb10.sys
[2011.04.27 03:39:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=9423E9D355C8D303E76B8CFBD8A5C30C -- C:\Windows\SysNative\drivers\mrxsmb20.sys
[2010.11.20 14:33:46 | 000,031,104 | ---- | M] (Microsoft Corporation) MD5=C25F0BAFA182CBCA2DD3C851C2E75796 -- C:\Windows\SysNative\drivers\msahci.sys
[2010.11.20 14:33:46 | 000,140,672 | ---- | M] (Microsoft Corporation) MD5=DB801A638D011B9633829EB6F663C900 -- C:\Windows\SysNative\drivers\msdsm.sys
[2009.07.14 00:19:47 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=AA3FB40E17CE1388FA1BEDAB50EA8F96 -- C:\Windows\SysNative\drivers\msfs.sys
[2009.07.14 01:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=F9D215A46A8B9753F61767FA72A20326 -- C:\Windows\SysNative\drivers\mshidkmdf.sys
[2009.07.14 02:48:27 | 000,015,424 | ---- | M] (Microsoft Corporation) MD5=D916874BBD4F8B07BFB7FA9B3CCAE29D -- C:\Windows\SysNative\drivers\msisadrv.sys
[2010.11.20 14:33:46 | 000,273,792 | ---- | M] (Microsoft Corporation) MD5=D931D7309DEB2317035B07C9F9E6B0BD -- C:\Windows\SysNative\drivers\msiscsi.sys
[2009.07.14 01:00:18 | 000,011,136 | ---- | M] (Microsoft Corporation) MD5=49CCF2C4FEA34FFAD8B1B59D49439366 -- C:\Windows\SysNative\drivers\mskssrv.sys
[2009.07.14 01:00:17 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=BDD71ACE35A232104DDD349EE70E1AB3 -- C:\Windows\SysNative\drivers\mspclock.sys
[2009.07.14 01:00:17 | 000,006,784 | ---- | M] (Microsoft Corporation) MD5=4ED981241DB27C3383D72092B618A1D0 -- C:\Windows\SysNative\drivers\mspqm.sys
[2010.11.20 14:33:46 | 000,366,976 | ---- | M] (Microsoft Corporation) MD5=759A9EEB0FA9ED79DA1FB7D4EF78866D -- C:\Windows\SysNative\drivers\msrpc.sys
[2009.07.14 02:48:27 | 000,032,320 | ---- | M] (Microsoft Corporation) MD5=0EED230E37515A0EAEE3C2E1BC97B288 -- C:\Windows\SysNative\drivers\mssmbios.sys
[2009.07.14 01:00:17 | 000,008,064 | ---- | M] (Microsoft Corporation) MD5=2E66F9ECB30B4221A318C92AC2250779 -- C:\Windows\SysNative\drivers\mstee.sys
[2009.07.14 01:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=7EA404308934E675BFFDE8EDF0757BCD -- C:\Windows\SysNative\drivers\MTConfig.sys
[2009.07.14 02:48:27 | 000,060,496 | ---- | M] (Microsoft Corporation) MD5=F9A18612FD3526FE473C1BDA678D61C8 -- C:\Windows\SysNative\drivers\mup.sys
[2012.08.22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2009.07.14 01:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=9F9A1F53AAD7DA4D6FEF5BB73AB811AC -- C:\Windows\SysNative\drivers\ndiscap.sys
[2009.07.14 01:10:00 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=30639C932D9FEF22B31268FE25A1B6E5 -- C:\Windows\SysNative\drivers\ndistapi.sys
[2010.11.20 11:50:10 | 000,056,832 | ---- | M] (Microsoft Corporation) MD5=136185F9FB2CC61E573E676AA5402356 -- C:\Windows\SysNative\drivers\ndisuio.sys
[2010.11.20 11:52:36 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=53F7305169863F0A2BDDC49E116C2E11 -- C:\Windows\SysNative\drivers\ndiswan.sys
[2010.11.20 11:52:22 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=015C0D8E0E0421B4CFD48CFFE2825879 -- C:\Windows\SysNative\drivers\ndproxy.sys
[2009.07.14 01:09:26 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=86743D9F5D2B1048062B14B1D84501C4 -- C:\Windows\SysNative\drivers\netbios.sys
[2010.11.20 10:23:22 | 000,261,632 | ---- | M] (Microsoft Corporation) MD5=09594D1089C523423B32A4229263F068 -- C:\Windows\SysNative\drivers\netbt.sys
[2012.08.22 19:12:40 | 000,376,688 | ---- | M] (Microsoft Corporation) MD5=7942B7AC3FF598F8A1736D51ADAF04E8 -- C:\Windows\SysNative\drivers\netio.sys
[2009.07.14 02:48:26 | 000,051,264 | ---- | M] (IBM Corporation) MD5=77889813BE4D166CDAB78DDBA990DA92 -- C:\Windows\SysNative\drivers\nfrd960.sys
[2009.07.14 00:19:48 | 000,044,032 | ---- | M] (Microsoft Corporation) MD5=1E4C4AB5C9B8DD13179BBDC75A2A01F7 -- C:\Windows\SysNative\drivers\npfs.sys
[2009.07.14 00:21:02 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=E7F5AE18AF4168178A642A9247C63001 -- C:\Windows\SysNative\drivers\nsiproxy.sys
[2012.08.31 19:19:35 | 001,659,760 | ---- | M] (Microsoft Corporation) MD5=E453ACF4E7D44E5530B5D5F2B9CA8563 -- C:\Windows\SysNative\drivers\ntfs.sys
[2009.07.14 00:19:38 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=9899284589F75FA8724FF3D16AED75C1 -- C:\Windows\SysNative\drivers\null.sys
[2012.07.03 16:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) MD5=1F07B814C0BB5AABA703ABFF1F31F2E8 -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2012.10.02 23:21:00 | 013,443,944 | ---- | M] (NVIDIA Corporation) MD5=5104BAC2DA2A5BDD86AC6B0708B00F06 -- C:\Windows\SysNative\drivers\nvlddmkm.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2009.07.14 02:48:26 | 000,122,960 | ---- | M] (Microsoft Corporation) MD5=270D7CD42D6E3979F6DD0146650F0E05 -- C:\Windows\SysNative\drivers\NV_AGP.SYS
[2009.07.14 01:07:23 | 000,318,976 | ---- | M] (Microsoft Corporation) MD5=1EA3749C4114DB3E3161156FFFFA6B33 -- C:\Windows\SysNative\drivers\nwifi.sys
[2009.07.14 01:06:45 | 000,072,832 | ---- | M] (Microsoft Corporation) MD5=3589478E4B22CE21B41FA1BFC0B8B8A0 -- C:\Windows\SysNative\drivers\ohci1394.sys
[2010.11.20 11:52:22 | 000,131,584 | ---- | M] (Microsoft Corporation) MD5=0557CF5A2556BD58E26384169D72438D -- C:\Windows\SysNative\drivers\pacer.sys
[2009.07.14 01:00:41 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=0086431C29C35BE1DBC43F52CC273887 -- C:\Windows\SysNative\drivers\parport.sys
[2012.03.17 08:58:57 | 000,075,120 | ---- | M] (Microsoft Corporation) MD5=E9766131EEADE40A27DC27D2D68FBA9C -- C:\Windows\SysNative\drivers\partmgr.sys
[2010.11.20 14:33:50 | 000,184,704 | ---- | M] (Microsoft Corporation) MD5=94575C0571D1462A0F70BDE6BD6EE6B3 -- C:\Windows\SysNative\drivers\pci.sys
[2009.07.14 02:45:45 | 000,012,352 | ---- | M] (Microsoft Corporation) MD5=B5B8B5EF2E5CB34DF8DCF8831E3534FA -- C:\Windows\SysNative\drivers\pciide.sys
[2009.07.14 02:45:46 | 000,048,720 | ---- | M] (Microsoft Corporation) MD5=144497DAA145BA0F7BE896064146C058 -- C:\Windows\SysNative\drivers\pciidex.sys
[2009.07.14 02:45:45 | 000,220,752 | ---- | M] (Microsoft Corporation) MD5=B2E81D4E87CE48589F98CB8C05B01F2F -- C:\Windows\SysNative\drivers\pcmcia.sys
[2009.07.14 02:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=D6B9C2E1A11A3A4B26A182FFEF18F603 -- C:\Windows\SysNative\drivers\pcw.sys
[2009.07.14 02:01:19 | 000,651,264 | ---- | M] (Microsoft Corporation) MD5=68769C3356B3BE5D1C732C97B9A80D6E -- C:\Windows\SysNative\drivers\PEAuth.sys
[2009.07.14 01:06:29 | 000,230,400 | ---- | M] (Microsoft Corporation) MD5=32E11315B5126921FFD9074840EF13D3 -- C:\Windows\SysNative\drivers\portcls.sys
[2009.07.14 00:19:25 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=0D922E23C041EFB1C3FAC2A6F943C9BF -- C:\Windows\SysNative\drivers\processr.sys
[2010.03.19 11:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) MD5=87B04878A6D59D6C79251DC960C674C1 -- C:\Windows\SysNative\drivers\PxHlpa64.sys
[2009.07.14 02:45:46 | 001,524,816 | ---- | M] (QLogic Corporation) MD5=A53A15A11EBFD21077463EE2C7AFEEF0 -- C:\Windows\SysNative\drivers\ql2300.sys
[2009.07.14 02:45:45 | 000,128,592 | ---- | M] (QLogic Corporation) MD5=4F6D12B51DE1AAEFF7DC58C4D75423C8 -- C:\Windows\SysNative\drivers\ql40xx.sys
[2009.07.14 01:09:48 | 000,046,592 | ---- | M] (Microsoft Corporation) MD5=76707BB36430888D9CE9D705398ADB6C -- C:\Windows\SysNative\drivers\qwavedrv.sys
[2009.07.14 01:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=5A0DA8AD5762FA2D91678A8A01311704 -- C:\Windows\SysNative\drivers\rasacd.sys
[2010.11.20 11:52:36 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=471815800AE33E6F1C32FB1B97C490CA -- C:\Windows\SysNative\drivers\rasl2tp.sys
[2009.07.14 01:10:17 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=855C9B1CD4756C5E9A2AA58A15F58C25 -- C:\Windows\SysNative\drivers\raspppoe.sys
[2010.11.20 11:52:34 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=F92A2C41117A11A00BE01CA01A7FCDE9 -- C:\Windows\SysNative\drivers\raspptp.sys
[2009.07.14 01:10:25 | 000,083,968 | ---- | M] (Microsoft Corporation) MD5=E8B1E447B008D07FF47D016C2B0EEECB -- C:\Windows\SysNative\drivers\rassstp.sys
[2010.11.20 10:27:56 | 000,309,248 | ---- | M] (Microsoft Corporation) MD5=77F665941019A1594D887A74F301FA2F -- C:\Windows\SysNative\drivers\rdbss.sys
[2009.07.14 01:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=302DA2A0539F2CF54D7C6CC30C1F2D8D -- C:\Windows\SysNative\drivers\rdpbus.sys
[2009.07.14 01:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=CEA6CC257FC9B7715F1C2B4849286D24 -- C:\Windows\SysNative\drivers\RDPCDD.sys
[2009.07.14 01:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BB5971A4F00659529A5C44831AF22365 -- C:\Windows\SysNative\drivers\RDPENCDD.sys
[2009.07.14 01:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=216F3FA57533D98E1F74DED70113177A -- C:\Windows\SysNative\drivers\RDPREFMP.sys
[2012.04.28 04:55:21 | 000,210,944 | ---- | M] (Microsoft Corporation) MD5=E61608AA35E98999AF9AAEEEA6114B0A -- C:\Windows\SysNative\drivers\rdpwd.sys
[2010.11.20 14:33:54 | 000,213,888 | ---- | M] (Microsoft Corporation) MD5=34ED295FA0121C241BFEF24764FC4520 -- C:\Windows\SysNative\drivers\rdyboost.sys
[2009.07.14 01:06:56 | 000,158,720 | ---- | M] (Microsoft Corporation) MD5=3DD798846E2C28102B922C56E71B7932 -- C:\Windows\SysNative\drivers\rfcomm.sys
[2010.11.20 11:49:52 | 000,146,432 | ---- | M] (Microsoft Corporation) MD5=CAF88D6573D21CD2AA27001DDBFDC74D -- C:\Windows\SysNative\drivers\rmcast.sys
[2012.07.04 21:26:03 | 000,041,472 | ---- | M] (Microsoft Corporation) MD5=0E01641D96889BDEB22DE12D30575B08 -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012.07.04 21:26:07 | 000,041,472 | ---- | M] (Microsoft Corporation) MD5=9EBE1CA4BEDBAA510DCAC418B87B3C45 -- C:\Windows\SysNative\drivers\rndismpx.sys
[2009.07.14 01:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=388D3DD1A6457280F3BADBA9F3ACD6B1 -- C:\Windows\SysNative\drivers\rootmdm.sys
[2009.07.14 01:08:51 | 000,076,800 | ---- | M] (Microsoft Corporation) MD5=DDC86E4F8E7456261E637E3552E804FF -- C:\Windows\SysNative\drivers\rspndr.sys
[2011.04.21 19:17:04 | 000,471,144 | ---- | M] (Realtek ) MD5=F4C374B1C46DE294B573BB43723AC3F6 -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2011.04.12 13:08:24 | 002,833,256 | ---- | M] (Realtek Semiconductor Corp.) MD5=7D24E44761EE029680BD8DA23FAB8FB4 -- C:\Windows\SysNative\drivers\RTKVHD64.sys
[2010.08.03 11:43:14 | 000,290,920 | ---- | M] (Realtek Semiconductor Corp.) MD5=E57FAC2CDB73F06586ED2ED310B80932 -- C:\Windows\SysNative\drivers\rtsuvstor.sys
[2010.11.20 14:33:56 | 000,103,808 | ---- | M] (Microsoft Corporation) MD5=AC03AF3329579FFFB455AA2DAABBE22B -- C:\Windows\SysNative\drivers\sbp2port.sys
[2010.11.20 11:10:00 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=253F38D0D7074C02FF8DEB9836C97D2B -- C:\Windows\SysNative\drivers\scfilter.sys
[2010.11.20 14:33:56 | 000,171,392 | ---- | M] (Microsoft Corporation) MD5=1B1E264203D4EF9D3DA1987AD70355AB -- C:\Windows\SysNative\drivers\scsiport.sys
[2009.06.10 21:37:19 | 000,023,040 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) MD5=3EA8A16169C26AFBEB544E0E48421186 -- C:\Windows\SysNative\drivers\secdrv.sys
[2009.07.14 01:00:33 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=CB624C0035412AF0DEBEC78C41F5CA1B -- C:\Windows\SysNative\drivers\serenum.sys
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] (Microsoft Corporation) MD5=C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 -- C:\Windows\SysNative\drivers\serial.sys
[2009.07.14 01:00:20 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=1C545A7D0691CC4A027396535691C3E3 -- C:\Windows\SysNative\drivers\sermouse.sys
[2009.07.14 01:01:01 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=A554811BCD09279536440C964AE35BBF -- C:\Windows\SysNative\drivers\sffdisk.sys
[2009.07.14 01:01:03 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=FF414F0BAEFEBA59BC6C04B3DB0B87BF -- C:\Windows\SysNative\drivers\sffp_mmc.sys
[2010.11.20 11:34:02 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DD85B78243A19B59F0637DCF284DA63C -- C:\Windows\SysNative\drivers\sffp_sd.sys
[2009.07.14 01:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\SysNative\drivers\sfloppy.sys
[2009.06.10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) MD5=1BC348CF6BAA90EC8E533EF6E6A69933 -- C:\Windows\SysNative\drivers\SiSG664.sys
[2009.07.14 02:45:45 | 000,043,584 | ---- | M] (Silicon Integrated Systems Corp.) MD5=843CAF1E5FDE1FFD5FF768F23A51E2E1 -- C:\Windows\SysNative\drivers\sisraid2.sys
[2009.07.14 02:45:46 | 000,080,464 | ---- | M] (Silicon Integrated Systems) MD5=6A6C106D42E9FFFF8B9FCB4F754F6DA4 -- C:\Windows\SysNative\drivers\sisraid4.sys
[2009.07.14 01:09:09 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=548260A7B8654E024DC30BF8A7C5BAA4 -- C:\Windows\SysNative\drivers\smb.sys
[2009.07.14 01:00:35 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=A80348BA03E96C70852959655CA3E084 -- C:\Windows\SysNative\drivers\smclib.sys
[2009.07.14 02:45:55 | 000,019,008 | ---- | M] (Microsoft Corporation) MD5=B9E31E5CACDFE584F34F730A677803F9 -- C:\Windows\SysNative\drivers\spldr.sys
[2009.06.10 21:48:43 | 000,426,496 | ---- | M] (Microsoft Corporation) MD5=FFF95479C7AB1550F0750A5D01744211 -- C:\Windows\SysNative\drivers\spsys.sys
[2012.05.26 14:28:21 | 000,560,184 | ---- | M] (Duplex Secure Ltd.) MD5=A15860E920B02C9A7CE8F3A6C2FF1E3A -- C:\Windows\SysNative\drivers\sptd.sys
[2011.04.29 04:06:10 | 000,467,456 | ---- | M] (Microsoft Corporation) MD5=441FBA48BFF01FDB9D5969EBC1838F0B -- C:\Windows\SysNative\drivers\srv.sys
[2011.04.29 04:05:49 | 000,410,112 | ---- | M] (Microsoft Corporation) MD5=B4ADEBBF5E3677CCE9651E0F01F7CC28 -- C:\Windows\SysNative\drivers\srv2.sys
[2011.04.29 04:05:37 | 000,168,448 | ---- | M] (Microsoft Corporation) MD5=27E461F0BE5BFF5FC737328F749538C3 -- C:\Windows\SysNative\drivers\srvnet.sys
[2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) MD5=F3817967ED533D08327DC73BC4D5542A -- C:\Windows\SysNative\drivers\stexstor.sys
[2011.03.11 07:41:37 | 000,189,824 | ---- | M] (Microsoft Corporation) MD5=19CB37AC38B802BE9C441D094521A29A -- C:\Windows\SysNative\drivers\storport.sys
[2009.07.14 01:06:18 | 000,068,864 | ---- | M] (Microsoft Corporation) MD5=001CC10FA5E71AE1119115E126C8750D -- C:\Windows\SysNative\drivers\stream.sys
[2009.07.14 02:45:55 | 000,012,496 | ---- | M] (Microsoft Corporation) MD5=D01EC09B6711A5F8E7E6564A4D0FBC90 -- C:\Windows\SysNative\drivers\swenum.sys
[2009.07.14 01:01:04 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=6E316C01CBA8B785FE495F5CC4F48C6F -- C:\Windows\SysNative\drivers\tape.sys
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.10.03 17:07:26 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=1B16D0BD9841794A6E0CDE0CEF744ABC -- C:\Windows\SysNative\drivers\tcpipreg.sys
[2010.11.20 10:22:08 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=6F020A220388ECA0AB6062DC27BD16B6 -- C:\Windows\SysNative\drivers\tdi.sys
[2009.07.14 01:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=3371D21011695B16333A3934340C4E7C -- C:\Windows\SysNative\drivers\tdpipe.sys
[2012.02.17 05:57:32 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=51C5ECEB1CDEE2468A1748BE550CFBC8 -- C:\Windows\SysNative\drivers\tdtcp.sys
[2010.11.20 10:21:58 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806 -- C:\Windows\SysNative\drivers\tdx.sys
[2010.11.20 14:33:58 | 000,063,360 | ---- | M] (Microsoft Corporation) MD5=561E7E1F06895D78DE991E01DD0FB6E5 -- C:\Windows\SysNative\drivers\termdd.sys
[2010.11.20 12:04:10 | 000,039,424 | ---- | M] (Microsoft Corporation) MD5=CE18B2CDFC837C99E5FAE9CA6CBA5D30 -- C:\Windows\SysNative\drivers\tssecsrv.sys
[2010.11.20 12:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) MD5=D11C783E3EF9A3C52C0EBE83CC5000E9 -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2010.11.20 12:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=9CC2CCAE8A84820EAECB886D477CBCB8 -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2010.11.20 11:51:52 | 000,125,440 | ---- | M] (Microsoft Corporation) MD5=3566A8DAAFA27AF944F5D705EAA64894 -- C:\Windows\SysNative\drivers\tunnel.sys
[2010.11.29 23:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) MD5=FD24F98D2898BE093FE926604BE7DB99 -- C:\Windows\SysNative\drivers\TurboB.sys
[2009.07.14 02:45:55 | 000,064,080 | ---- | M] (Microsoft Corporation) MD5=B4DD609BD7E282BFC683CEC7EAAAAD67 -- C:\Windows\SysNative\drivers\UAGP35.SYS
[2010.11.20 10:26:12 | 000,328,192 | ---- | M] (Microsoft Corporation) MD5=FF4232A1A64012BAA1FD97C7B67DF593 -- C:\Windows\SysNative\drivers\udfs.sys
[2009.07.14 02:45:55 | 000,064,592 | ---- | M] (Microsoft Corporation) MD5=4BFE1BC28391222894CBF1E7D0E42320 -- C:\Windows\SysNative\drivers\ULIAGPKX.SYS
[2010.11.20 11:44:38 | 000,048,640 | ---- | M] (Microsoft Corporation) MD5=DC54A574663A895C8763AF0FA1FF7561 -- C:\Windows\SysNative\drivers\umbus.sys
[2009.07.14 01:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=B2E8E8CB557B156DA5493BBDDCC1474D -- C:\Windows\SysNative\drivers\umpass.sys
[2009.07.14 01:09:49 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D0FE8CB5F84303E73FF0754437FAD3D1 -- C:\Windows\SysNative\drivers\usb8023.sys
[2009.07.14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=70D05EE263568A742D14E1876DF80532 -- C:\Windows\SysNative\drivers\usb8023x.sys
[2010.11.20 11:44:06 | 000,032,896 | ---- | M] (Microsoft Corporation) MD5=292A8E03B3FCE04E39B5BE9B14132030 -- C:\Windows\SysNative\drivers\USBCAMD2.sys
[2011.03.25 04:29:14 | 000,098,816 | ---- | M] (Microsoft Corporation) MD5=6F1A3157A1C89435352CEB543CDB359C -- C:\Windows\SysNative\drivers\usbccgp.sys
[2009.07.14 01:06:37 | 000,100,352 | ---- | M] (Microsoft Corporation) MD5=AF0892A803FDDA7492F595368E3B68E7 -- C:\Windows\SysNative\drivers\usbcir.sys
[2011.03.25 04:28:59 | 000,007,936 | ---- | M] (Microsoft Corporation) MD5=CCA2AB1752A61F29C3C941CD79D78CEA -- C:\Windows\SysNative\drivers\usbd.sys
[2011.03.25 04:29:04 | 000,052,736 | ---- | M] (Microsoft Corporation) MD5=C025055FE7B87701EB042095DF1A2D7B -- C:\Windows\SysNative\drivers\usbehci.sys
[2011.03.25 04:29:26 | 000,343,040 | ---- | M] (Microsoft Corporation) MD5=287C6C9410B111B68B52CA298F7B8C24 -- C:\Windows\SysNative\drivers\usbhub.sys
[2011.03.25 04:29:04 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=9840FC418B4CBD632D3D0A667A725C31 -- C:\Windows\SysNative\drivers\usbohci.sys
[2011.03.25 04:29:14 | 000,325,120 | ---- | M] (Microsoft Corporation) MD5=AE259C75F9A0B057B6BF9E9695632B09 -- C:\Windows\SysNative\drivers\usbport.sys
[2009.07.14 01:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\SysNative\drivers\usbprint.sys
[2010.11.20 12:37:22 | 000,031,744 | ---- | M] (Microsoft Corporation) MD5=C3EC945DEC43C00E2AD4C98DDDD064C7 -- C:\Windows\SysNative\drivers\usbrpm.sys
[2011.03.11 05:37:16 | 000,091,648 | ---- | M] (Microsoft Corporation) MD5=FED648B01349A3C8395A5169DB5FB7D6 -- C:\Windows\SysNative\drivers\USBSTOR.SYS
[2011.03.25 04:29:03 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=62069A34518BCF9C1FD9E74B3F6DB7CD -- C:\Windows\SysNative\drivers\usbuhci.sys
[2010.11.20 11:44:36 | 000,184,960 | ---- | M] (Microsoft Corporation) MD5=454800C2BC7F3927CE030141EE4F4C50 -- C:\Windows\SysNative\drivers\usbvideo.sys
[2009.07.14 02:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) MD5=C5C876CCFC083FF3B128F933823E87BD -- C:\Windows\SysNative\drivers\vdrvroot.sys
[2009.07.14 00:38:47 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=53E92A310193CB3C03BEA963DE7D9CFC -- C:\Windows\SysNative\drivers\vga.sys
[2009.07.14 00:38:47 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=DA4DA3F5E02943C2DC8C6ED875DE68DD -- C:\Windows\SysNative\drivers\vgapnp.sys
[2010.11.20 14:34:02 | 000,215,936 | ---- | M] (Microsoft Corporation) MD5=2CE2DF28C83AEAF30084E1B1EB253CBB -- C:\Windows\SysNative\drivers\vhdmp.sys
[2009.07.14 02:45:55 | 000,017,488 | ---- | M] (VIA Technologies, Inc.) MD5=E5689D93FFE4E5D66C0178761240DD54 -- C:\Windows\SysNative\drivers\viaide.sys
[2009.07.14 00:38:51 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=E7353D59C9842BC7299FAEB7E7E09340 -- C:\Windows\SysNative\drivers\videoprt.sys
[2010.11.20 14:34:02 | 000,071,552 | ---- | M] (Microsoft Corporation) MD5=D2AAFD421940F640B407AEFAAEBD91B0 -- C:\Windows\SysNative\drivers\volmgr.sys
[2010.11.20 14:34:02 | 000,363,392 | ---- | M] (Microsoft Corporation) MD5=A255814907C89BE58B79EF2F189B843B -- C:\Windows\SysNative\drivers\volmgrx.sys
[2010.11.20 14:34:04 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\drivers\volsnap.sys
[2009.07.14 02:45:55 | 000,161,872 | ---- | M] (VIA Technologies Inc.,Ltd) MD5=5E2016EA6EBACA03C04FEAC5F330D997 -- C:\Windows\SysNative\drivers\vsmraid.sys
[2009.07.14 01:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=36D4720B72B5C5D9CB2B9C29E9DF67A1 -- C:\Windows\SysNative\drivers\vwifibus.sys
[2009.07.14 01:07:22 | 000,059,904 | ---- | M] (Microsoft Corporation) MD5=6A3D66263414FF0D6FA754C646612F3F -- C:\Windows\SysNative\drivers\vwififlt.sys
[2009.07.14 01:07:28 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=6A638FC4BFDDC4D9B186C28C91BD1A01 -- C:\Windows\SysNative\drivers\vwifimp.sys
[2009.07.14 01:02:07 | 000,027,776 | ---- | M] (Microsoft Corporation) MD5=4E9440F4F152A7B944CB1663D3935A3E -- C:\Windows\SysNative\drivers\wacompen.sys
[2010.11.20 11:52:38 | 000,088,576 | ---- | M] (Microsoft Corporation) MD5=356AFD78A6ED4457169241AC3965230C -- C:\Windows\SysNative\drivers\wanarp.sys
[2009.07.14 00:37:35 | 000,042,496 | ---- | M] (Microsoft Corporation) MD5=FC438D1430B28618E2D0C7C332A710AD -- C:\Windows\SysNative\drivers\watchdog.sys
[2009.07.14 02:45:55 | 000,021,056 | ---- | M] (Microsoft Corporation) MD5=72889E16FF12BA0F235467D6091B17DC -- C:\Windows\SysNative\drivers\wd.sys
[2012.07.26 05:55:47 | 000,785,512 | ---- | M] (Microsoft Corporation) MD5=442783E2CB0DA19873B7A63833FF4CB4 -- C:\Windows\SysNative\drivers\Wdf01000.sys
[2012.07.26 05:55:47 | 000,054,376 | ---- | M] (Microsoft Corporation) MD5=AEA0A67275CFBA0E463E00C6E9A1DDAE -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2009.07.14 01:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=611B23304BF067451A9FDEE01FBDD725 -- C:\Windows\SysNative\drivers\wfplwf.sys
[2008.05.24 01:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) MD5=52DED146E4797E6CCF94799E8E22BB2A -- C:\Windows\SysNative\drivers\WimFltr.sys
[2009.07.14 02:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) MD5=05ECAEC3E4529A7153B3136CEB49F0EC -- C:\Windows\SysNative\drivers\wimmount.sys
[2009.07.14 00:31:02 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=F6FF8944478594D0E414D3F048F0D778 -- C:\Windows\SysNative\drivers\wmiacpi.sys
[2009.07.14 02:45:55 | 000,016,464 | ---- | M] (Microsoft Corporation) MD5=FC146F46872D4C5B529B89A5131FD1E6 -- C:\Windows\SysNative\drivers\wmilib.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2012.07.26 03:26:45 | 000,087,040 | ---- | M] (Microsoft Corporation) MD5=AB886378EEB55C6C75B4F2D14B6C869F -- C:\Windows\SysNative\drivers\WUDFPf.sys
[2012.07.26 03:26:06 | 000,198,656 | ---- | M] (Microsoft Corporation) MD5=DDA4CAF29D8C0A297F886BFE561E6659 -- C:\Windows\SysNative\drivers\WUDFRd.sys

< %systemroot%\system32\*.sys /md5 /64 >
[2010.07.08 10:03:48 | 002,228,736 | ---- | M] (Atheros Communications, Inc.) MD5=DE8B9C3E0E09D918B394207F34AC16DD -- C:\Windows\SysNative\athrx.sys
[2009.07.14 02:52:31 | 000,367,696 | ---- | M] (Microsoft Corporation) MD5=FE1EC06F2253F691FE36217C592A0206 -- C:\Windows\SysNative\clfs.sys
[2012.11.23 04:26:31 | 003,149,824 | ---- | M] (Microsoft Corporation) MD5=523B9B64F2B6C630A2E0A87116C05F12 -- C:\Windows\SysNative\win32k.sys

< >

< >

< >

< %systemroot%\system32\drivers\*.sys /10 >

< %systemroot%\system32\drivers\*.sys /X >
[2012.05.26 14:02:09 | 000,000,000 | ---- | M] () -- C:\Windows\system32\drivers\1043_ASUSTeK_G74Sx.alu
[2011.09.15 12:22:15 | 000,000,000 | ---- | M] () -- C:\Windows\system32\drivers\1043_ASUSTEK_G74SX_V40_WIN7.MRK
[2009.06.10 22:14:29 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2009.06.10 22:14:29 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt
[2010.10.06 04:50:58 | 000,008,192 | ---- | M] () -- C:\Windows\system32\drivers\IntelMEFWVer.dll

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /10 >
[2013.01.20 15:40:09 | 000,045,056 | ---- | M] () -- C:\Windows\system32\acovcnt.exe
[2013.01.10 19:22:13 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2013.01.10 19:22:13 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2013.01.20 15:42:22 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\*.* /lockedfiles >
[2013.01.20 15:42:22 | 000,000,018 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\log.txt

< %systemroot%\system32\config\*.sav >

< >

< >

< >

< %systemroot%\Tasks\*.job >
[2013.01.20 16:22:04 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< %systemroot%\*.* /U /s >
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\inf\Translation Memory\*.tmp files -> C:\Windows\inf\Translation Memory\*.tmp -> ]
[1 C:\Windows\inf\Translation Memory\0000\*.tmp files -> C:\Windows\inf\Translation Memory\0000\*.tmp -> ]
[1 C:\Windows\inf\Translation Memory\0005\*.tmp files -> C:\Windows\inf\Translation Memory\0005\*.tmp -> ]
[1 C:\Windows\inf\Translation Memory\0009\*.tmp files -> C:\Windows\inf\Translation Memory\0009\*.tmp -> ]
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\34e955b246389e90c435a24a6e13fc58\*.tmp files -> C:\Windows\SoftwareDistribution\Download\34e955b246389e90c435a24a6e13fc58\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\4593b43eca900ec3be6d66d3e64e9579\*.tmp files -> C:\Windows\SoftwareDistribution\Download\4593b43eca900ec3be6d66d3e64e9579\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ff24ff7bef95d3c6636b1e05ac083693\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ff24ff7bef95d3c6636b1e05ac083693\*.tmp -> ]

< %systemroot%\*. /rp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Nabídka Start\*.lnk /x >

< %ALLUSERSPROFILE%\Data Aplikácií\*.* >

< %ALLUSERSPROFILE%\Data Aplikácií\*.exe /s >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %APPDATA%\*. >
[2013.01.09 21:54:50 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\Adobe
[2012.05.26 13:53:37 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\ASUS WebStorage
[2012.06.11 19:37:05 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\Broken Sword 2.5
[2013.01.05 19:02:07 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\BSplayer
[2013.01.02 21:58:24 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\BSplayer Pro
[2012.09.04 18:09:36 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\Corel
[2012.06.24 10:43:31 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\DAEMON Tools Lite
[2012.08.07 20:22:45 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\dvdcss
[2012.07.08 21:20:35 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\FLEXnet
[2013.01.06 12:04:19 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\GHISLER
[2012.05.26 13:51:12 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\Identities
[2012.05.26 14:40:13 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\Macromedia
[2009.07.14 08:44:38 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\Media Center Programs
[2013.01.13 21:08:55 | 000,000,000 | --SD | M] -- C:\Users\Phreak\AppData\Roaming\Microsoft
[2012.12.27 20:52:37 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\Nero
[2012.07.08 21:20:35 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\Nuance
[2012.11.22 21:15:34 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\NVIDIA
[2012.06.11 22:43:08 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\Opera
[2013.01.19 15:53:23 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\PotPlayerMini64
[2012.11.22 21:15:32 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\Publish Providers
[2013.01.06 12:16:22 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\SDL
[2012.11.22 21:29:09 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\Sony
[2013.01.13 21:03:45 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\Trados
[2012.12.31 11:04:18 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\UltraVNC
[2013.01.19 20:51:44 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\uTorrent
[2012.12.24 11:00:22 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\VitySoft
[2013.01.05 20:26:10 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\vlc
[2012.06.11 19:38:39 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\WinRAR
[2013.01.10 21:34:05 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\XnView
[2012.06.27 20:57:35 | 000,000,000 | ---D | M] -- C:\Users\Phreak\AppData\Roaming\Zeon

< %APPDATA%\*.* >

< %APPDATA%\*.exe /s >

< %SYSTEMDRIVE%\*.exe >

< >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 14:25:18 | 001,475,584 | ---- | M] (Microsoft Corporation)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2012.04.17 16:19:40 | 003,671,872 | ---- | M] (DT Soft Ltd)
"Xvid" = C:\Program Files (x86)\Xvid\CheckUpdate.exe -- [2011.01.17 20:41:43 | 000,008,192 | ---- | M] ()
"Syncables" = C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe -- [2010.07.19 20:26:00 | 000,370,480 | ---- | M] (syncables, LLC)
"DIMProbíhá stahování aktualizace...1338924290338" = "C:\Program Files\Corel\CorelDRAW Graphics Suite X6\Draw\DIM.EXE" "c:\programdata\corel\downloads\540240626_310002\1338924290338\dim_params.xml" -Launch=3 -uibase="c:\users\phreak\appdata\roaming\corel\messages\540240626_310002\cz\messagecache2\workflow" -- [2012.02.23 09:50:02 | 000,237,944 | ---- | M] (Corel Corporation)

< >

< >

< >

< >

< C:\users\*.dll /s >
[2009.11.02 22:17:36 | 000,034,088 | ---- | M] (CyberLink) -- C:\users\All Users\CyberLink\Power2Go\P2GoGadget.dll
[2006.06.30 20:00:06 | 000,029,616 | ---- | M] (InstallShield Software Corporation) -- C:\users\All Users\Macrovision\FLEXnet Connect\11\dwusplay.dll
[2008.09.26 17:19:04 | 000,517,408 | ---- | M] (Acresso Corporation) -- C:\users\All Users\Macrovision\FLEXnet Connect\11\isusweb.dll
[2008.09.26 17:19:04 | 000,029,984 | ---- | M] (Acresso Corporation) -- C:\users\All Users\Macrovision\FLEXnet Connect\11\_ispmres.dll
[2008.09.26 17:19:04 | 000,443,680 | ---- | M] (Acresso Corporation) -- C:\users\All Users\Macrovision\FLEXnet Connect\11\_isusres.dll
[2009.06.10 21:31:21 | 000,015,616 | ---- | M] (Microsoft Corp.) -- C:\users\All Users\Microsoft\IdentityCRL\ppcrlconfig.dll
[2009.06.10 21:31:21 | 000,254,216 | ---- | M] (Microsoft Corp.) -- C:\users\All Users\Microsoft\IdentityCRL\ppcrlui.dll
[2012.05.26 14:32:41 | 000,019,736 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
[2010.06.17 22:52:34 | 000,526,176 | ---- | M] () -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.bg-bg\dwdcw20.dll
[2010.06.25 02:24:28 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.bg-bg\msvcr90.dll
[2010.07.20 17:12:16 | 000,223,616 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.bg-bg\osetupui.dll
[2010.07.20 17:12:26 | 000,111,456 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.bg-bg\1026\dwintl20.dll
[2010.05.28 16:49:17 | 000,526,176 | ---- | M] () -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.cs-cz\dwdcw20.dll
[2010.06.03 01:04:41 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.cs-cz\msvcr90.dll
[2010.06.08 23:14:38 | 000,220,544 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.cs-cz\osetupui.dll
[2010.06.08 23:14:39 | 000,110,472 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.cs-cz\1029\dwintl20.dll
[2010.03.22 00:47:44 | 000,526,176 | ---- | M] () -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.en-us\dwdcw20.dll
[2010.03.22 16:59:15 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.en-us\msvcr90.dll
[2010.03.11 20:59:42 | 000,191,872 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.en-us\osetupui.dll
[2010.03.22 00:47:45 | 000,107,912 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.en-us\1033\dwintl20.dll
[2010.06.17 22:52:34 | 000,526,176 | ---- | M] () -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.et-ee\dwdcw20.dll
[2010.06.25 02:24:28 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.et-ee\msvcr90.dll
[2010.08.03 20:21:48 | 000,206,208 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.et-ee\osetupui.dll
[2010.08.03 20:21:50 | 000,109,448 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.et-ee\1061\dwintl20.dll
[2010.06.17 22:52:34 | 000,526,176 | ---- | M] () -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.hr-hr\dwdcw20.dll
[2010.06.25 02:24:28 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.hr-hr\msvcr90.dll
[2010.07.20 17:26:12 | 000,211,328 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.hr-hr\osetupui.dll
[2010.07.20 17:26:13 | 000,110,472 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.hr-hr\1050\dwintl20.dll
[2010.05.28 16:49:17 | 000,526,176 | ---- | M] () -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.hu-hu\dwdcw20.dll
[2010.06.03 01:04:41 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.hu-hu\msvcr90.dll
[2010.06.15 13:02:40 | 000,219,520 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.hu-hu\osetupui.dll
[2010.06.08 23:34:06 | 000,109,416 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.hu-hu\1038\dwintl20.dll
[2010.06.17 22:52:34 | 000,526,176 | ---- | M] () -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.lt-lt\dwdcw20.dll
[2010.06.25 02:24:28 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.lt-lt\msvcr90.dll
[2010.07.20 17:31:03 | 000,201,088 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.lt-lt\osetupui.dll
[2010.07.20 17:31:05 | 000,110,496 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.lt-lt\1063\dwintl20.dll
[2010.06.17 22:52:34 | 000,526,176 | ---- | M] () -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.lv-lv\dwdcw20.dll
[2010.06.25 02:24:28 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.lv-lv\msvcr90.dll
[2010.07.20 17:33:41 | 000,207,232 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.lv-lv\osetupui.dll
[2010.07.20 17:33:41 | 000,110,496 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.lv-lv\1062\dwintl20.dll
[2010.03.23 10:51:57 | 000,526,176 | ---- | M] () -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.pl-pl\dwdcw20.dll
[2010.03.30 13:06:02 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.pl-pl\msvcr90.dll
[2010.03.21 17:23:30 | 000,227,200 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.pl-pl\osetupui.dll
[2010.03.21 17:23:32 | 000,111,512 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.pl-pl\1045\dwintl20.dll
[2010.06.17 22:52:34 | 000,526,176 | ---- | M] () -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.ro-ro\dwdcw20.dll
[2010.06.25 02:24:28 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.ro-ro\msvcr90.dll
[2010.06.23 03:19:35 | 000,220,544 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.ro-ro\osetupui.dll
[2010.06.23 03:19:36 | 000,110,984 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.ro-ro\1048\dwintl20.dll
[2010.06.17 22:52:34 | 000,526,176 | ---- | M] () -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.sk-sk\dwdcw20.dll
[2010.06.25 02:24:28 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.sk-sk\msvcr90.dll
[2010.07.07 18:58:38 | 000,221,056 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.sk-sk\osetupui.dll
[2010.07.07 18:58:39 | 000,110,472 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.sk-sk\1051\dwintl20.dll
[2010.06.17 22:52:34 | 000,526,176 | ---- | M] () -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.sl-si\dwdcw20.dll
[2010.06.25 02:24:28 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.sl-si\msvcr90.dll
[2010.07.07 18:58:58 | 000,214,400 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.sl-si\osetupui.dll
[2010.07.07 18:58:59 | 000,109,968 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.sl-si\1060\dwintl20.dll
[2010.06.17 22:52:34 | 000,526,176 | ---- | M] () -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.sr-latn-cs\dwdcw20.dll
[2010.06.25 02:24:28 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.sr-latn-cs\msvcr90.dll
[2010.08.11 06:31:36 | 000,220,528 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.sr-latn-cs\osetupui.dll
[2010.08.11 06:31:36 | 000,110,456 | ---- | M] (Korporacija Microsoft) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\Office.sr-latn-cs\2074\dwintl20.dll
[2010.06.25 02:23:53 | 005,789,544 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\SingleImage.WW\osetup.dll
[2010.06.25 02:24:21 | 001,248,016 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\Office14\SingleImage.WW\PidGenX.dll
[2010.07.20 10:24:39 | 000,026,000 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\OStarter\bg-bg\launchofficeintl.dll
[2010.06.08 10:50:11 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\OStarter\cs-cz\launchofficeintl.dll
[2010.02.27 19:33:13 | 000,018,336 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\OStarter\en-us\launchofficeintl.dll
[2010.08.03 09:01:48 | 000,024,016 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\OStarter\et-ee\launchofficeintl.dll
[2010.07.20 10:24:54 | 000,020,936 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\OStarter\hr-hr\launchofficeintl.dll
[2010.06.08 10:49:52 | 000,025,040 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\OStarter\hu-hu\launchofficeintl.dll
[2010.07.20 10:24:59 | 000,021,488 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\OStarter\lt-lt\launchofficeintl.dll
[2010.07.20 10:25:11 | 000,025,016 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\OStarter\lv-lv\launchofficeintl.dll
[2010.03.20 10:50:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\OStarter\pl-pl\launchofficeintl.dll
[2010.06.22 10:16:12 | 000,025,528 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\OStarter\ro-ro\launchofficeintl.dll
[2010.07.07 02:47:53 | 000,024,992 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\OStarter\sk-sk\launchofficeintl.dll
[2010.07.07 02:47:52 | 000,024,536 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\OStarter\sl-si\launchofficeintl.dll
[2010.08.10 03:23:35 | 000,024,480 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\OEMOffice14\OStarter\sr-latn-cs\launchofficeintl.dll
[2013.01.08 06:32:08 | 009,161,176 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\Windows Defender\Definition Updates\{98B82CB7-5E74-40AF-BD3E-81D26D62E35B}\mpengine.dll
[2012.11.08 18:24:30 | 009,125,352 | ---- | M] (Microsoft Corporation) -- C:\users\All Users\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
[2012.09.14 19:21:15 | 003,105,280 | ---- | M] (Sony Creative Software Inc.) -- C:\users\All Users\Sony\customaction_x64.dll
[2011.04.05 19:54:16 | 000,207,360 | ---- | M] (Sonic Solutions) -- C:\users\All Users\Uninstall\{C03F3D5B-0D83-4F81-A324-32F4E7F1BF6A}\bin\ProductVersion.dll
[2010.11.22 02:10:00 | 000,190,960 | ---- | M] (Roxio, Inc.) -- C:\users\All Users\Uninstall\{C03F3D5B-0D83-4F81-A324-32F4E7F1BF6A}\bin\rsl.dll
[2013.01.05 19:32:33 | 000,197,632 | ---- | M] (Dino Chiesa) -- C:\users\Phreak\AppData\Local\Apps\2.0\RTBG41VG.YYX\EQCK5A63.C8Y\ioni..uced_edbe51ad942a3f5c_0001.0009_none_564b9d4c87761338\Ionic.Zip.Reduced.dll
[2013.01.05 19:32:33 | 000,197,632 | ---- | M] (Dino Chiesa) -- C:\users\Phreak\AppData\Local\Apps\2.0\RTBG41VG.YYX\EQCK5A63.C8Y\ipfi..tion_0000000000000000_0001.0000_6a653486996f84ad\Ionic.Zip.Reduced.dll
[2013.01.05 19:32:34 | 000,010,240 | ---- | M] () -- C:\users\Phreak\AppData\Local\Apps\2.0\RTBG41VG.YYX\EQCK5A63.C8Y\ipfi..tion_0000000000000000_0001.0000_6a653486996f84ad\IPFilter.dll
[2013.01.06 12:10:26 | 000,003,072 | ---- | M] () -- C:\users\Phreak\AppData\Local\Temp\0oszxcle.dll
[2012.08.23 04:38:58 | 000,248,008 | ---- | M] (Ask.com) -- C:\users\Phreak\AppData\Local\Temp\AskSLib.dll
[2012.06.24 11:24:14 | 000,774,144 | ---- | M] () -- C:\users\Phreak\AppData\Local\Temp\cres.dll
[2012.06.24 11:24:14 | 001,314,816 | ---- | M] () -- C:\users\Phreak\AppData\Local\Temp\cshell.dll
[2011.03.30 11:40:32 | 000,095,576 | ---- | M] (Microsoft Corporation) -- C:\users\Phreak\AppData\Local\Temp\DSETUP.dll
[2011.03.30 11:40:32 | 001,566,040 | ---- | M] () -- C:\users\Phreak\AppData\Local\Temp\dsetup32.dll
[2012.09.04 18:03:30 | 000,012,288 | ---- | M] () -- C:\users\Phreak\AppData\Local\Temp\idSHFvdPnOFLJVOttEWP.DLL
[11 C:\users\Phreak\AppData\Local\Temp\*.tmp files -> C:\users\Phreak\AppData\Local\Temp\*.tmp -> ]
[2009.05.06 13:48:45 | 000,413,276 | ---- | M] (Ashok P. Nadkarni) -- C:\users\Phreak\AppData\Local\Temp\be29e7f1-71ae-4703-50cb-1d52be512f51\twapi-be29e7f1-71ae-4703-50cb-1d52be512f51.dll
[2012.12.27 20:49:35 | 000,246,440 | ---- | M] (Ask.com) -- C:\users\Phreak\AppData\Local\Temp\NeroInstallFiles\NERO20120813121238302\ISSetupPrerequisites\neroAskToolbar\ApnIC.dll
[2008.07.11 22:11:42 | 001,495,040 | ---- | M] (SDL International) -- C:\users\Phreak\AppData\Local\Temp\SDLTrados 2007 Suite\SupportFiles\SDL\ActivationWizardRS.dll
[2008.07.11 22:12:32 | 002,613,248 | ---- | M] (Macrovision Europe Ltd.) -- C:\users\Phreak\AppData\Local\Temp\SDLTrados 2007 Suite\SupportFiles\SDL\ActivationWizardRS_libFNP.dll
[2008.07.11 22:12:40 | 002,613,248 | ---- | M] (Macrovision Europe Ltd.) -- C:\users\Phreak\AppData\Local\Temp\SDLTrados 2007 Suite\SupportFiles\SDL\ActUtilProRS_libFNP.dll
[2007.04.23 15:28:42 | 000,698,368 | ---- | M] () -- C:\users\Phreak\AppData\Local\Temp\SDLTrados 2007 Suite\SupportFiles\SDL\FnpCommsSoap.dll
[2007.04.23 15:28:34 | 000,118,848 | ---- | M] (MicroQuill Software Publishing, Inc.) -- C:\users\Phreak\AppData\Local\Temp\SDLTrados 2007 Suite\SupportFiles\SDL\shw32.dll
[2008.07.11 22:05:14 | 000,999,424 | ---- | M] (SDL International) -- C:\users\Phreak\AppData\Local\Temp\SDLTrados 2007 Suite\SupportFiles\SDL\TradosBasis.dll
[2008.07.11 22:05:16 | 000,033,280 | ---- | M] (SDL International) -- C:\users\Phreak\AppData\Local\Temp\SDLTrados 2007 Suite\SupportFiles\SDL\TradosUILanguageMgr.dll

< C:\ProgramData\*.* >
[2010.07.07 00:10:38 | 000,131,472 | ---- | M] () -- C:\ProgramData\FullRemove.exe
[2011.09.15 12:23:04 | 000,000,105 | ---- | M] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2011.09.15 12:22:33 | 000,000,107 | ---- | M] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\System32\config\systemprofile\AppData\Local\Data aplikací] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\Windows\System32\config\systemprofile\AppData\Local\History] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\Windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programy] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs -> Junction
[C:\Windows\System32\config\systemprofile\Data aplikací] -> C:\Windows\system32\config\systemprofile\AppData\Roaming -> Junction
[C:\Windows\System32\config\systemprofile\Documents\Filmy] -> C:\Windows\system32\config\systemprofile\Videos -> Junction
[C:\Windows\System32\config\systemprofile\Documents\Hudba] -> C:\Windows\system32\config\systemprofile\Music -> Junction
[C:\Windows\System32\config\systemprofile\Documents\Obrázky] -> C:\Windows\system32\config\systemprofile\Pictures -> Junction
[C:\Windows\System32\config\systemprofile\Dokumenty] -> C:\Windows\system32\config\systemprofile\Documents -> Junction
[C:\Windows\System32\config\systemprofile\Local Settings] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\Windows\System32\config\systemprofile\Nabídka Start] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu -> Junction
[C:\Windows\System32\config\systemprofile\Okolní síť] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts -> Junction
[C:\Windows\System32\config\systemprofile\Okolní tiskárny] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts -> Junction
[C:\Windows\System32\config\systemprofile\Poslední] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent -> Junction
[C:\Windows\System32\config\systemprofile\SendTo] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo -> Junction
[C:\Windows\System32\config\systemprofile\Soubory cookie] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies -> Junction
[C:\Windows\System32\config\systemprofile\Šablony] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates -> Junction
[C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Data aplikací] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\Windows\SysWOW64\config\systemprofile\AppData\Local\History] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programy] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Data aplikací] -> C:\Windows\system32\config\systemprofile\AppData\Roaming -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Documents\Filmy] -> C:\Windows\system32\config\systemprofile\Videos -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Documents\Hudba] -> C:\Windows\system32\config\systemprofile\Music -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Documents\Obrázky] -> C:\Windows\system32\config\systemprofile\Pictures -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Dokumenty] -> C:\Windows\system32\config\systemprofile\Documents -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Local Settings] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Nabídka Start] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Okolní síť] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Okolní tiskárny] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Poslední] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent -> Junction
[C:\Windows\SysWOW64\config\systemprofile\SendTo] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Soubory cookie] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Šablony] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates -> Junction

< End of report >
Nahoru
Phreak
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 20 led 2013 13:55

Re: Zablokování PC Policií ČR

#7 Příspěvek od Phreak »

Extras.txt

OTL Extras logfile created on: 20.1.2013 17:07:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Phreak\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,98 Gb Total Physical Memory | 1,72 Gb Available Physical Memory | 43,35% Memory free
3,98 Gb Paging File | 1,67 Gb Available in Paging File | 41,99% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186,30 Gb Total Space | 27,22 Gb Free Space | 14,61% Space Free | Partition Type: NTFS
Drive D: | 254,45 Gb Total Space | 56,08 Gb Free Space | 22,04% Space Free | Partition Type: NTFS
Drive F: | 14,92 Gb Total Space | 6,59 Gb Free Space | 44,17% Space Free | Partition Type: FAT32
Drive H: | 3,87 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: BISHOP | User Name: Phreak | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002AAB51-F859-432B-8BF7-A2E75DA220E3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{12CA32AC-96A5-43C3-AADD-54DB4632261B}" = rport=139 | protocol=6 | dir=out | app=system |
"{1713C4D9-8337-42F3-8185-9E5D9DEE3333}" = rport=445 | protocol=6 | dir=out | app=system |
"{28671533-3E6E-4974-8654-A5C91F95E698}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3884E18E-00FC-4CE6-9EEF-C63D7D682ECA}" = rport=138 | protocol=17 | dir=out | app=system |
"{39FE1D79-08CB-46CF-8DAA-C360D88908D6}" = rport=10243 | protocol=6 | dir=out | app=system |
"{4330DF80-BEF6-4F65-9F99-7A36946BFFC7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4664F37F-1F3E-4729-9525-81A1AED2C27C}" = lport=8182 | protocol=6 | dir=in | name=java(tm) platform se binary |
"{49BBEDE6-7C97-41A5-B7F2-3CD6AEEF1763}" = lport=137 | protocol=17 | dir=in | app=system |
"{57440854-18D7-4521-AE1D-2124E2166C13}" = lport=138 | protocol=17 | dir=in | app=system |
"{5CE2099E-BAEC-4C3C-A502-EEC4CBCB9AE3}" = rport=137 | protocol=17 | dir=out | app=system |
"{64FFA7BD-1C41-45BD-8D43-F622BE7B22AF}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6C3F652C-5E35-4461-AD91-3D6C121C8EE4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{88A1B099-31BB-4F66-9F38-D5645832A7A8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{89BE2828-F7C7-421A-992D-7F196CEB2DEC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8B6F2C2C-8018-43A7-B7AC-26177AFB6846}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{AD8F195E-62D9-4395-9A1F-5E2751A660F1}" = lport=139 | protocol=6 | dir=in | app=system |
"{AF2C3D19-E368-4692-8A04-AC64561A656D}" = lport=445 | protocol=6 | dir=in | app=system |
"{B36B7768-F50C-44E2-99F3-8D7CF8C97D7E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{B88BE05B-CE1E-41DB-8AA8-4DF1289AF6EC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C5887489-88EC-46D2-AF57-4D60ABD63C70}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C89BFE09-43F4-4615-A3F8-9F751636E621}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D1987B9B-1A98-41DA-93DC-69823B799353}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EC9402B0-1EDF-4681-ADED-7A62F03F309A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{FF0E14E4-C858-4882-BB0F-5B5456352724}" = lport=5353 | protocol=17 | dir=in | name=java(tm) platform se binary |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02608C3D-386B-4089-B9EC-D5D3120BA951}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{046EFBDE-1E96-4205-ABBA-B3C402DD908B}" = protocol=6 | dir=in | app=d:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe |
"{0BE9CC3F-56E3-4C10-9BD4-08F2A5F1230D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1C012DDB-20FC-4B8D-B645-5EB2F8F37321}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{22370664-A25E-40BE-9408-8FA6CE9009F7}" = protocol=17 | dir=in | app=d:\program files\call of duty 4 - modern warfare\iw3mp.exe |
"{2B3BA753-FD1C-4B9A-9146-1EE6E3D44883}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{350A5891-4CB9-482A-8977-9D52852290F7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3D16FA6D-3A4B-4F12-BD4A-9B4A29E03C36}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4A0C8C63-3BC2-4313-B624-C3CDC5101D95}" = protocol=17 | dir=in | app=d:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe |
"{4C5C55D3-6471-46B0-8C69-F90DE933EB3F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{55D38288-489E-4FD1-B775-5C41662B23C6}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{56A5BA11-88C5-4750-80A7-B57ABA921457}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5A0FB677-A5FA-4A4C-8ADE-296475720DD4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5B3CF587-354A-4C45-9A75-28C42D5E9E63}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{793A4BF3-B749-4018-BF1D-A4FC86E3F150}" = protocol=6 | dir=in | app=d:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe |
"{7DD5C6C8-C032-4B9E-B2D8-C0E7F15C687A}" = protocol=6 | dir=in | app=d:\program files\call of duty 4 - modern warfare\iw3mp.exe |
"{802CC8A3-9659-459C-B9DC-38CE347133C1}" = protocol=17 | dir=in | app=d:\program files (x86)\utorrent\utorrent.exe |
"{81C24161-8325-4E34-8D17-32F5AEC033DF}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8BFC7720-3511-4D69-9BC3-B6915B758B34}" = protocol=6 | dir=in | app=d:\program files (x86)\utorrent\utorrent.exe |
"{8ED54866-7A95-4222-A8E0-B238FD916FB3}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{91E76949-866F-4FFA-A05B-B0085FDC8DA9}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{9AD19BF3-8B34-4D09-AEF3-B95066831BB9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{A6A1FD85-62E1-4035-9802-044A48CB89CF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A7290D48-AE45-4367-9487-F9D57C3C4E19}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{B045AB82-A905-495F-A538-28002F67FCC3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B2B2D1EF-6E07-4983-ABFA-1282228343B7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{B95F55FD-479F-4C9E-9125-3720D6F81C06}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BAD755B6-0CCB-4A22-8A24-824BA9960524}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C48CCE52-98DF-491B-9EF1-2CAFECC6D269}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C4F3EDD5-5F0F-4971-BB4E-9ECE3A36412D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CF29C564-F0EF-4C4B-93BD-67481CE51D62}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E6CD99EA-6190-4D47-8A05-06274FFED3C3}" = protocol=17 | dir=in | app=d:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe |
"{EC4B5F14-1AD7-4B5D-8239-97031C2C7092}" = protocol=6 | dir=in | app=c:\program files\uvnc bvba\ultravnc\vncviewer.exe |
"{FCDADCBB-D05E-4ECF-A3CA-197C7E72CC02}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FCDEDB10-35FC-4498-A7A0-7F2630EDDB76}" = protocol=17 | dir=in | app=c:\program files\uvnc bvba\ultravnc\vncviewer.exe |
"{FD3607E4-1C90-41E0-A9C4-A2399C2F0C67}" = protocol=6 | dir=out | app=system |
"TCP Query User{7EF88F5D-01DE-424D-A04C-51F0F69AEDDF}D:\program files (x86)\borderlands(direct play with all 4 dlc's)\borderlands(direct play with all 4 dlc's)\binaries\borderlands.exe" = protocol=6 | dir=in | app=d:\program files (x86)\borderlands(direct play with all 4 dlc's)\borderlands(direct play with all 4 dlc's)\binaries\borderlands.exe |
"TCP Query User{AE8932DB-5818-4B8A-8D34-9BBA1B186056}C:\windows\keygen.exe" = protocol=6 | dir=in | app=c:\windows\keygen.exe |
"TCP Query User{AEE8AB37-0668-432E-AFDB-41C89001F951}C:\program files (x86)\fox\no one lives forever 2\lithtech.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fox\no one lives forever 2\lithtech.exe |
"UDP Query User{4ECBF54B-17B5-4F8F-9855-B04645A0EBB6}C:\windows\keygen.exe" = protocol=17 | dir=in | app=c:\windows\keygen.exe |
"UDP Query User{84DB97B0-1197-460D-B5D1-96D4AAF9B28B}C:\program files (x86)\fox\no one lives forever 2\lithtech.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fox\no one lives forever 2\lithtech.exe |
"UDP Query User{D15A6249-170C-4D4A-9BC7-A4FE88301B82}D:\program files (x86)\borderlands(direct play with all 4 dlc's)\borderlands(direct play with all 4 dlc's)\binaries\borderlands.exe" = protocol=17 | dir=in | app=d:\program files (x86)\borderlands(direct play with all 4 dlc's)\borderlands(direct play with all 4 dlc's)\binaries\borderlands.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{BDBFAC49-8877-472F-876B-75ADB7DBC955}" = CorelDRAW Graphics Suite X6 (64-Bit)
"_{EBDC2D0D-1E26-4EF2-BB48-C7E18F7800C6}" = Corel Graphics - Windows Shell Extension
"{0437C01E-70D6-489B-B504-952F59912A72}" = Windows Live Family Safety
"{10762393-1B90-4AC2-AF1A-4C0C04AE303F}" = CorelDRAW Graphics Suite X6 - VBA (x64)
"{1967EF95-E00B-4669-8B1C-A589BE8BF24F}" = CorelDRAW Graphics Suite X6 - Capture (x64)
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E3A578C-0A7D-4820-990F-B7545C0B2303}" = CorelDRAW Graphics Suite X6 - VSTA (x64)
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{26A24AE4-039D-4CA4-87B4-2F86417011FF}" = Java 7 Update 11 (64-bit)
"{27AE72A4-B217-4CDC-B82B-3311E9D7460E}" = CorelDRAW Graphics Suite X6 - Draw (x64)
"{27F3F8DE-AC95-4E10-90A6-EBA999DDBCAF}" = Windows Live Remote Service Resources
"{29CFD07F-4971-41B0-B14D-621ACCC264AC}" = Windows Live Remote Service Resources
"{2C72B5E4-AA34-4F1A-8C7E-468530F9F6A3}" = CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64)
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{35869A6C-BA31-4F23-B52D-BC1B1E41EC1B}" = CorelDRAW Graphics Suite X6 - Common (x64)
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{3933C06C-8239-432B-87FC-F2BDC5B49A10}" = CorelDRAW Graphics Suite X6 - FontNav (x64)
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4827A9B4-FC4C-4BA9-9EFB-10CF703E7C3A}" = Windows Live Family Safety
"{4970B06C-7708-4AAB-9341-3FD1D9B1AA34}" = Windows Live Family Safety
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{6099F026-0A98-4D40-9B3D-ED2123A8CBD0}" = CorelDRAW Graphics Suite X6 - Redist (x64)
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{641B32DB-8226-4250-86C9-34671162F5D5}" = Windows Live Remote Client Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{65EDA937-3C7B-4009-99A1-795FD3FBECF5}" = Windows Live Family Safety
"{6A2482BC-733A-404A-939A-2D5BC636E6F9}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{701D8EE6-6A5A-4509-9740-35F551193CE0}" = Windows Live Family Safety
"{7386B5FA-8715-481D-821F-7785110506DF}" = CorelDRAW Graphics Suite X6 - Custom Data (x64)
"{76BB831E-D059-449A-AFDE-2A677E45DF18}" = Windows Live Family Safety
"{78654366-5889-4A70-90D9-04B00709EEE0}" = Windows Live Remote Client Resources
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{79899C6B-E315-4A3F-8904-02DEAB8D660D}" = Corel Graphics - Windows Shell Extension 32 Bit
"{7B79AE44-9B76-4815-84E5-ACAC3F0F0278}" = CorelDRAW Graphics Suite X6 - VideoBrowser (x64)
"{8068ACF9-B398-4C14-BEF6-817F12024707}" = Windows Live Family Safety
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{90120064-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x64)
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{90F60409-7000-11D3-8CFE-0150048383C9}" = Microsoft Visual Basic for Applications 7.1 (x64) English
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AAAB95-AEBE-437A-B7CA-37C7BE13FFE9}" = CorelDRAW Graphics Suite X6 - Connect (x64)
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A6752BB4-C571-4F3B-9A47-97405068DE0B}" = Windows Live Family Safety
"{A7500970-FE98-11E1-B560-F04DA23A5C58}" = Vegas Pro 12.0 (64-bit)
"{AB085680-FE98-11E1-A232-F04DA23A5C58}" = MSVCRT Redists
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B1E301A1-C2B4-4B0B-AF31-C71F8A53DCDA}" = Fresco Logic USB3.0 Host Controller
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 306.97
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6294D78-AFAA-48DF-8243-B41902D7F236}" = CorelDRAW Graphics Suite X6 - CZ (x64)
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{B6DF7031-2843-44FD-9CAB-DECAB4257456}" = CorelDRAW Graphics Suite X6 - IPM
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel(R) Turbo Boost Technology Monitor 2.0
"{BD864ECC-620D-4240-AB9A-B5F7340E337C}" = Windows Live Family Safety
"{BDBFAC49-8877-472F-876B-75ADB7DBC955}" = CorelDRAW Graphics Suite X6 - Setup Files (x64)
"{C02C2C22-2EB1-47C8-B74F-8AB1A62FAE31}" = Windows Live Family Safety
"{C933FB4A-CFC0-4DDD-8FB1-A437B6C58B34}" = Windows Live Family Safety
"{CB5FBF73-7CE7-481C-8598-8D4C34705C23}" = Windows Live Family Safety
"{CCE7423E-1D84-4CD3-9E32-220EC9358D97}" = CorelDRAW Graphics Suite X6 (x64)
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D157C6E7-5847-4FD1-BEDC-7389493874F6}" = Windows Live Remote Service Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D7C2687D-924E-4485-B367-C7D95CBF8DDD}" = CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64)
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DDE82E3D-20C4-48E1-AE1D-B1F10E42CA44}" = CorelDRAW Graphics Suite X6 - Writing Tools (x64)
"{DDF61711-75A1-4EED-9C4B-789D3932A4A7}" = ESET NOD32 Antivirus
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E10CB758-D5FD-4A2D-A1C9-459D6BB0C035}" = Windows Live Remote Client Resources
"{E699230D-4B5E-411E-9F45-FF50789B18DD}" = CorelDRAW Graphics Suite X6 - Filters (x64)
"{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}" = Finger Sensing Pad Driver
"{EBDC2D0D-1E26-4EF2-BB48-C7E18F7800C6}" = Corel Graphics - Windows Shell Extension
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{F0793412-6407-4870-9A8C-6FE198A4EB12}" = Windows Live Remote Client Resources
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F7ADB493-B913-4D61-9A63-DA736C20C3F2}" = Adobe Photoshop Lightroom 4.1 64-bit
"GameFast_is1" = GameFast.exe
"GIMP-2_is1" = GIMP 2.8.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"PotPlayer64" = Daum PotPlayer 1.5.34665 x64 Edition
"Rotation Desktop for G Series_is1" = Rotation Desktop for G Series.exe
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"Ultravnc2_is1" = UltraVnc
"WinRAR archiver" = WinRAR 4.20 beta 3 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{047377C9-C74B-4345-82E8-03BAE5DF2C32}" = Windows Live Writer
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{0785A0B6-07DF-43CF-B147-E1EB4CEA0345}" = Windows Live Messenger
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A093C39-CBB3-4142-B93F-562F176B6305}" = Windows Live Mesh
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B80A0FD-755A-4796-BFB0-A7B07366F33A}" = Windows Live Mail
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C4FF2FE-9E75-4DBF-B2DA-11CE1F10C4B5}" = Roxio AACS Certificate
"{1168ECF1-2932-4E86-BC83-560C256C8022}" = Windows Live Photo Common
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{18107EE8-6977-4181-A2D2-A9DF2DB609DD}" = SDL MultiTerm SideBySide Tools
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}" = „Windows Live Essentials“
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}" = Kontrola Windows Live Mesh ActiveX za daljinske veze
"{19EA33FB-B34E-40EA-8B8A-61743AEB795A}" = Wireless Console 3
"{1BCF995D-78B8-4883-BC8E-D7A32BB463DA}" = Windows Live Messenger
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}" = Windows Live Mesh ActiveX-i juhtelement kaugühendustele
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26513CE5-7A51-478D-93BD-AC1D38103463}" = Windows Live Messenger
"{26A24AE4-039D-4CA4-87B4-2F83216014F0}" = Java(TM) 6 Update 14
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{2720009D-9566-45A7-A370-0E6DAC313F3F}" = „Windows Live Mail“
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{2890E324-6F3B-4975-8B95-E7D6D80E0226}" = Nero Burning ROM Help (CHM)
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{2CC0789D-D31B-445F-8970-6E058BE39754}" = Windows Live UX Platform Language Pack
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD}" = Windows Live Messenger
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{341697D8-9923-445E-B42A-529E5A99CB7A}" = syncables desktop SE
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{36B0DC39-3282-40EB-8587-B875CE46C3A7}" = ExpressGateCloud
"{38253529-D97D-4901-AE53-5CC9736D3A2E}" = ASUS AI Recovery
"{399F2130-59E1-11DF-9F46-8091DFD72085}" = SDL Trados Studio 2009 SP3
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3B8F240C-B75E-4A1E-BDCC-6C7F033078A3}" = Windows Live UX Platform Language Pack
"{3D9167B2-87EB-4713-90B4-E46F2CAFE28D}" = Nero BurningROM 12
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{442032CB-900C-49C7-B4B4-2B76525DD403}" = Windows Live Photo Common
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{517EAAB9-C35E-4949-B8C2-20C241162BBB}" = Windows Live Pošta
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{539A0CEA-17E4-4FE4-A5E8-EC5D40610A79}" = „Windows Live Messenger“
"{545192D4-E817-4EAA-834D-623EA50CF268}" = Windows Live UX Platform Language Pack
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{584A1ECC-00AB-4FCC-B6AE-172741F32ABC}_is1" = DVD Rebuilder
"{5963F4B4-D138-47CD-ADEF-470E87E185BD}" = Nero Burning ROM
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D163056-96B7-440F-A836-89BA5D3CFF2F}" = Windows Live Photo Common
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69C76448-D4B8-4886-A848-61CD4EB4B2C7}" = SDL Trados 2007
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}" = Windows Live Movie Maker
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6D30E864-46AE-435B-8230-8B5D42B4AE37}" = Windows Live Messenger
"{6DCE9C3E-3DB7-4C3C-8B80-BC55781BB7B6}" = Windows Live Writer Resources
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71684DFF-CDED-450C-AF0C-4A1A6438A1A5}" = Windows Live Essentials
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{77BC9EAF-14C7-4338-9B1C-D5A3E142C0B8}" = Windows Live Photo Common
"{77DAF553-291A-4471-988C-5677D90DB57E}" = Windows Live Writer Resources
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{826A9D28-CAB2-4950-8AAA-B639DCA444CE}" = Windows Live UX Platform Language Pack
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{829CDAAD-5AF1-482F-978B-591C16A34ACC}" = Windows Live Messenger
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{86E6D3A7-3ADC-44C0-B94E-85D2A9DD36B0}" = Windows Live Writer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8985AE5E-622A-4980-8BF8-0A1830643220}" = Windows Live Mesh ActiveX kontrola za daljinske veze
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D33ECF4-1A77-4674-ABAE-DFF978C5BC0A}" = Windows Live Movie Maker
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EFCE1F8-8ADB-40F2-BED7-7728BED00EC0}" = Windows Live Essentials
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{AB90513B-B892-41B5-8F8B-1D356A449652}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{8148DB19-71B1-4415-8B26-DF5B9E873FC3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{EEF3E2C0-135B-44DC-BEDD-7F01CFBEFF46}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}" = „Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E771D5B-C429-4CBC-8730-3EBD9EC99E4C}" = Windows Live Movie Maker
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A1668729-C4D2-49AE-877B-FB608362FFF1}" = Windows Live Essentials
"{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}" = Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.01) - Czech
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{AECA3622-E634-4A55-A696-70A511CBE06E}" = ASUS USB Charger Plus
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B11AB9C8-18A6-41DC-98B4-4988CC030136}" = THX TruStudio
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B81722D3-0A95-4BDE-AA1A-A2A5D12FCDB2}" = Windows Live Foto-galerija
"{B9B66F77-9D00-4CA4-BDF1-BBA8236B4DB6}" = Windows Live Writer
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C03F3D5B-0D83-4F81-A324-32F4E7F1BF6A}" = Roxio CinePlayer
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7DEE8F5-29D4-4A5E-823B-4A7850C5E53D}" = Windows Live'i fotogalerii
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C877E454-FA36-409A-A00E-1240CEC61BBD}" = „Windows Live“ fotogalerija
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF936193-C584-458C-B793-15FA945621AF}" = Windows Live fotoattēlu galerija
"{CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}" = Windows Live Movie Maker
"{D06F10C5-3EDD-4B29-A3B5-16BBB9A047F8}" = Windows Live Mesh
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D27DF849-C8C7-4892-A7F1-E0B381A1BD01}" = Windows Live Writer
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5A4E5F3-9ACD-412E-B380-F838DF9787B9}" = Windows Live Writer Resources
"{D987098B-3AD4-4E88-B80E-CF27A32D1955}" = Windows Live Writer Resources
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{EAB1BDF2-734A-4D44-9169-7615D185C974}" = Windows Live Mesh
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EBCCE08A-B3EE-40E7-96D7-31741D481015}" = No One Lives Forever 2
"{EC20FB81-9B5E-4B97-92A2-8DC52548EFCE}" = Windows Live Mesh
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EE3E60BC-F29F-4E7B-A110-B538387D34DA}" = No One Lives Forever - Game of the Year Edition
"{EE492B20-FB15-4A98-883C-3054354A11F8}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F66430D8-08E6-4C96-B9B7-90E66E27D58C}" = Windows Live Mail
"{F6D8331A-FC4F-4EC6-834E-BAE578E5D93F}" = Roxio CinePlayer
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AnyToISO_is1" = AnyToISO
"Asus Vibe2.0" = AsusVibe2.0
"AsusScr_G74 Series_ENG" = AsusScr_G74 Series_ENG
"AviSynth" = AviSynth 2.5
"Broken Sword 2.5_is1" = Broken Sword 2.5
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"CDex" = CDex - Open Source Digital Audio CD Extractor
"Cinema Craft Encoder SP2" = Cinema Craft Encoder SP2
"DAEMON Tools Lite" = DAEMON Tools Lite
"FormatFactory" = FormatFactory 3.0.1
"InstallShield_{36B0DC39-3282-40EB-8587-B875CE46C3A7}" = ExpressGateCloud
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Opera 12.12.1707" = Opera 12.12
"S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0006]
"SubtitleWorkshop" = Subtitle Workshop 2.51
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.4
"WinLiveSuite" = Windows Live Essentials
"World of Goo" = World of Goo
"XnView_is1" = XnView 1.99.5
"Xvid Video Codec 1.3.2" = Xvid Video Codec

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-990896321-3567134801-454702974-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"07140e809c2bb6df" = IPFilter Updater

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 19.11.2012 17:25:41 | Computer Name = Bishop | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 19.11.2012 17:25:42 | Computer Name = Bishop | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 19.11.2012 17:25:44 | Computer Name = Bishop | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 19.11.2012 17:25:46 | Computer Name = Bishop | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 19.11.2012 17:25:47 | Computer Name = Bishop | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 19.11.2012 18:19:24 | Computer Name = Bishop | Source = MsiInstaller | ID = 11704
Description =

Error - 19.11.2012 18:19:25 | Computer Name = Bishop | Source = MsiInstaller | ID = 11712
Description =

Error - 21.11.2012 14:12:56 | Computer Name = Bishop | Source = Application Hang | ID = 1002
Description = Program CDex.exe verze 1.7.0.4 přestal spolupracovat se systémem Windows
a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému,
vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu: 470 Čas
spuštění: 01cdc813c2f01eda Čas ukončení: 3 Cesta k aplikaci: C:\Program Files (x86)\CDex\CDex.exe

ID
hlášení: 109934a5-3407-11e2-921e-742f68b7ea03

Error - 22.11.2012 17:28:47 | Computer Name = Bishop | Source = Application Error | ID = 1000
Description = Název chybující aplikace: vegas120.exe, verze: 12.0.0.367, časové
razítko: 0x505372c3 Název chybujícího modulu: ole32.dll, verze: 6.1.7601.17514, časové
razítko: 0x4ce7c92c Kód výjimky: 0xc0000005 Posun chyby: 0x0000000000031670 ID chybujícího
procesu: 0x1590 Čas spuštění chybující aplikace: 0x01cdc8f647d5cabb Cesta k chybující
aplikaci: D:\Program Files\Vegas Pro 12.0\vegas120.exe Cesta k chybujícímu modulu:
C:\Windows\system32\ole32.dll ID zprávy: 99397901-34eb-11e2-b2fe-742f68b7ea03

Error - 13.12.2012 19:27:39 | Computer Name = Bishop | Source = Application Error | ID = 1000
Description = Název chybující aplikace: xnview.exe, verze: 1.99.0.0, časové razítko:
0x5086a819 Název chybujícího modulu: xnview.exe, verze: 1.99.0.0, časové razítko:
0x5086a819 Kód výjimky: 0xc0000005 Posun chyby: 0x000f06d3 ID chybujícího procesu:
0xa50 Čas spuštění chybující aplikace: 0x01cdd98941e786ba Cesta k chybující aplikaci:
C:\Program Files (x86)\XnView\xnview.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\XnView\xnview.exe ID zprávy: aea76b22-457c-11e2-aac3-742f68b7ea03

[ System Events ]
Error - 5.1.2013 14:15:45 | Computer Name = Bishop | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 6.1.2013 6:05:33 | Computer Name = Bishop | Source = volmgr | ID = 262190
Description = Inicializace výpisu stavu systému se nezdařila.

Error - 6.1.2013 6:21:16 | Computer Name = Bishop | Source = volmgr | ID = 262190
Description = Inicializace výpisu stavu systému se nezdařila.

Error - 6.1.2013 6:25:56 | Computer Name = Bishop | Source = iaStor | ID = 262149
Description = Na \Device\Ide\iaStor0 byla zjištěna chyba parity.

Error - 6.1.2013 6:46:13 | Computer Name = Bishop | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 6.1.2013 6:48:40 | Computer Name = Bishop | Source = volmgr | ID = 262190
Description = Inicializace výpisu stavu systému se nezdařila.

Error - 6.1.2013 6:51:57 | Computer Name = Bishop | Source = volmgr | ID = 262190
Description = Inicializace výpisu stavu systému se nezdařila.

Error - 6.1.2013 14:19:16 | Computer Name = Bishop | Source = volmgr | ID = 262190
Description = Inicializace výpisu stavu systému se nezdařila.

Error - 7.1.2013 17:19:06 | Computer Name = Bishop | Source = volmgr | ID = 262190
Description = Inicializace výpisu stavu systému se nezdařila.

Error - 9.1.2013 16:45:07 | Computer Name = Bishop | Source = volmgr | ID = 262190
Description = Inicializace výpisu stavu systému se nezdařila.


< End of report >
Nahoru
Phreak
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 20 led 2013 13:55

Re: Zablokování PC Policií ČR

#8 Příspěvek od Phreak »

Tak soubory v adresáři nebyly...

Přikládám log z ComboFixu a opět podotýkám, že ESET ani Win Defender nebyly mezi aktivními procesy/službami a přesto je CF hlásil jako běžící...

Díky.

ComboFix 13-01-17.04 - Phreak 20.01.2013 22:12:42.1.4 - x64 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4073.3386 [GMT 1:00]
Spuštěný z: c:\users\Phreak\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\windows\AsPatch10430001.exe
c:\windows\msxml4-KB954430-enu.LOG
c:\windows\msxml4-KB973688-enu.LOG
c:\windows\system\msvbvm60.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-20 do 2013-01-20 )))))))))))))))))))))))))))))))
.
.
2013-01-20 21:15 . 2013-01-20 21:15 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-20 21:15 . 2013-01-20 21:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-20 11:54 . 2013-01-20 11:54 -------- d-----w- c:\windows\Sun
2013-01-20 11:43 . 2013-01-20 11:43 -------- d--h--w- c:\programdata\.syncID
2013-01-19 15:16 . 2013-01-19 15:16 -------- d-----w- c:\users\Phreak\AppData\Local\DVD-RB Pro
2013-01-19 15:15 . 2013-01-19 15:18 -------- d-----w- c:\program files (x86)\DVD-RB PRO
2013-01-19 15:14 . 2013-01-19 15:14 -------- d-----w- c:\program files (x86)\AviSynth 2.5
2013-01-19 15:13 . 2013-01-19 15:13 -------- d-----w- c:\program files (x86)\Custom Technology
2013-01-19 15:13 . 2004-02-23 00:00 1386496 ----a-w- c:\windows\system32\MSVBVM60.DLL
2013-01-19 05:26 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{98B82CB7-5E74-40AF-BD3E-81D26D62E35B}\mpengine.dll
2013-01-13 16:41 . 2013-01-13 20:03 -------- d-----w- c:\users\Phreak\AppData\Roaming\Trados
2013-01-10 19:08 . 2013-01-10 19:08 -------- d-----w- c:\program files (x86)\URUSoft
2013-01-09 20:52 . 2012-11-30 05:41 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-01-06 11:11 . 2013-01-06 11:16 -------- d-----w- c:\users\Phreak\AppData\Roaming\SDL
2013-01-06 11:11 . 2013-01-06 11:11 -------- d-----w- c:\users\Phreak\AppData\Local\SDL
2013-01-06 11:08 . 2013-01-06 11:08 -------- d-----w- c:\program files (x86)\Common Files\SDL
2013-01-06 11:08 . 2013-01-06 11:08 -------- d-----w- c:\program files (x86)\MSXML 4.0
2013-01-06 11:06 . 2013-01-06 11:11 -------- d-----w- c:\programdata\SDL
2013-01-06 11:06 . 2013-01-06 11:09 -------- d-----w- c:\program files (x86)\SDL
2013-01-06 11:04 . 2013-01-06 11:04 -------- d-----w- c:\users\Phreak\AppData\Local\GHISLER
2013-01-06 11:04 . 2013-01-06 11:04 -------- d-----w- C:\totalcmd
2013-01-06 11:04 . 2013-01-06 11:04 -------- d-----w- c:\users\Phreak\AppData\Roaming\GHISLER
2013-01-06 10:40 . 2013-01-06 10:40 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared
2013-01-06 10:40 . 2013-01-13 16:41 -------- d-----w- c:\programdata\SDL International
2013-01-06 10:40 . 2013-01-06 11:04 -------- d-----w- c:\program files (x86)\SDL International
2013-01-06 10:38 . 2013-01-06 10:38 -------- d-----w- c:\users\Phreak\AppData\Local\ElevatedDiagnostics
2013-01-06 10:24 . 2013-01-06 10:24 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Šablony
2013-01-06 10:24 . 2013-01-06 10:24 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Soubory cookie
2013-01-06 10:24 . 2013-01-06 10:24 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Poslední
2013-01-06 10:24 . 2013-01-06 10:24 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Okolní tiskárny
2013-01-06 10:24 . 2013-01-06 10:24 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Okolní síť
2013-01-06 10:24 . 2013-01-06 10:24 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Nabídka Start
2013-01-06 10:24 . 2013-01-06 10:24 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Dokumenty
2013-01-06 10:24 . 2013-01-06 10:24 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Data aplikací
2013-01-06 10:16 . 2013-01-06 10:16 -------- d-----w- c:\users\Phreak\AppData\Local\Sun
2013-01-05 18:32 . 2013-01-19 13:33 -------- d-----w- c:\users\Phreak\AppData\Local\Deployment
2013-01-05 11:58 . 2013-01-19 14:53 -------- d-----w- c:\users\Phreak\AppData\Roaming\PotPlayerMini64
2013-01-05 11:58 . 2013-01-05 11:58 -------- d-----w- c:\users\Phreak\AppData\Local\Daum
2013-01-05 11:49 . 2013-01-05 11:49 -------- d-----w- c:\program files\DAUM
2013-01-02 20:58 . 2013-01-05 18:02 -------- d-----w- c:\users\Phreak\AppData\Roaming\BSplayer
2013-01-02 20:58 . 2013-01-02 20:58 -------- d-----w- c:\users\Phreak\AppData\Roaming\BSplayer Pro
2013-01-02 20:58 . 2013-01-05 18:02 -------- d-----w- c:\program files (x86)\Webteh
2012-12-31 10:04 . 2012-12-31 10:04 -------- d-----w- c:\users\Phreak\AppData\Roaming\UltraVNC
2012-12-31 10:04 . 2012-12-31 10:04 -------- d-----w- c:\program files\uvnc bvba
2012-12-27 19:52 . 2012-12-27 19:52 -------- d-----w- c:\users\Phreak\AppData\Roaming\Nero
2012-12-27 19:51 . 2012-12-27 19:51 -------- d-----w- c:\program files (x86)\Common Files\Nero
2012-12-27 19:51 . 2012-12-27 19:52 -------- d-----w- c:\program files (x86)\Nero
2012-12-27 19:51 . 2012-12-27 19:51 -------- d-----w- c:\programdata\Nero
2012-12-24 10:00 . 2012-12-24 10:00 -------- d-----w- c:\users\Phreak\.objectdb
2012-12-24 10:00 . 2012-12-24 10:00 -------- d-----w- c:\users\Phreak\AppData\Roaming\VitySoft
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-20 20:55 . 2012-05-26 12:51 45056 ----a-w- c:\windows\SysWow64\acovcnt.exe
2013-01-20 15:03 . 2012-10-21 11:38 960416 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-20 15:03 . 2012-10-21 11:38 1081760 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-01-10 18:22 . 2012-06-11 18:33 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-10 18:22 . 2012-06-11 18:33 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-16 17:11 . 2012-12-21 17:57 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 17:57 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 17:57 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 17:57 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-11-30 04:45 . 2013-01-09 20:52 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-14 07:06 . 2012-12-15 15:56 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-15 15:56 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-15 15:56 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-15 15:56 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-15 15:56 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-15 15:56 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-15 15:56 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-15 15:56 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-15 15:56 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-15 15:56 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-15 15:56 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-15 15:56 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-15 15:56 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-15 15:56 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-15 15:56 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-15 15:56 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-15 15:56 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-15 15:56 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-15 15:56 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-15 15:56 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-15 15:56 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-15 15:56 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-15 11:22 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-15 11:22 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-02 05:59 . 2012-12-15 11:21 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-15 11:21 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
"Xvid"="c:\program files (x86)\Xvid\CheckUpdate.exe" [2011-01-17 8192]
"Syncables"="c:\program files (x86)\syncables\syncables desktop\Syncables.exe" [2010-07-19 370480]
"DIMProbíhá stahování aktualizace...1338924290338"="c:\program files\Corel\CorelDRAW Graphics Suite X6\Draw\DIM.EXE" [2012-02-23 237944]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"FLxHCIm"="c:\program files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" [2011-04-08 43008]
"USBChargerPlusTray"="c:\program files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe" [2011-04-18 496560]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2011-09-15 3058304]
"THX TruStudio NB Settings"="c:\program files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" [2011-03-17 909312]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"CPMonitor"="c:\program files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe" [2011-04-01 84464]
"VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2011-04-08 45448]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2011-12-22 318080]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2011-10-24 174720]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2012-02-02 2321072]
.
c:\users\Phreak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel(R) Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-4-1 548528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
R1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 141264]
R2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 AsusUacSvc;Asus process privilege adjust service;c:\program files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe [2010-07-27 113840]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400]
R2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 168544]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-08-12 810144]
R2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 126320]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64;c:\program files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
R2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
R2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2011-03-26 91464]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-09-15 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-09-15 79360]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
R3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-17 32344]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2010-08-03 290920]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-21 471144]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-05-27 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys [2011-02-26 16768]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [2011-04-08 177152]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [2011-04-08 56320]
S3 fspad_win764;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_win764;c:\windows\system32\DRIVERS\fspad_win764.sys [2011-06-19 53760]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-11 18:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-04-07 11788392]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-13 617120]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-13 379552]
"fspuip"="c:\program files (x86)\FSP\fspuip.exe" [BU]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2010-09-14 25600]
"Setwallpaper"="c:\programdata\SetWallpaper.cmd" [BU]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2916584]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://asus.msn.com
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: Interfaces\{25FECCFC-97F2-438A-A56A-6B15D13779D9}: NameServer = 192.168.30.1
TCP: Interfaces\{AE1B0872-E620-48E0-86E2-EEE06B98D3C1}: NameServer = 192.168.30.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-01-20 22:17:21
ComboFix-quarantined-files.txt 2013-01-20 21:17
ComboFix2.txt 2013-01-20 12:45
.
Před spuštěním: Volných bajtů: 29 049 655 296
Po spuštění: Volných bajtů: 29 303 369 728
.
- - End Of File - - BE0132991FEFEF5A723D244C5B87F6DD
Nahoru
Phreak
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 20 led 2013 13:55

Re: Zablokování PC Policií ČR

#9 Příspěvek od Phreak »

Ještě jednou moc děkuji za pomoc!
Nahoru
Zamčeno

Zpět na „Diskuze, řešení problémů“