VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Winlog.exe CPU usage 40%, GPU Usage 90%

https://forum.viry.cz:443/viewtopic.php?t=134841

Stránka 1 z 1

Winlog.exe CPU usage 40%, GPU Usage 90%

Napsal: 20 pro 2013 23:02
od durod
Prosim o kontorlu logu.
winlogon.exe mi vytezuje CPU a GPU. Kdyz soubour killnu, po restartu je zpet. diky.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-12-2013 02
Ran by Slavicek (administrator) on SLAVICEK-PC on 20-12-2013 22:54:52
Running from C:\Users\Slavicek\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: 041B
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Spigot, Inc.) C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
() C:\ProgramData\WinUpdate\windrv.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Almico Software (http://www.almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(REALiX) C:\Program Files\HWiNFO64\HWiNFO64.EXE
(Spigot, Inc.) C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
() C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\ProgramData\WinUpdate\winlog.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(MPC-HC Team) C:\Program Files (x86)\MPC-HC\mpc-hc.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Ghisler Software GmbH) C:\Program Files (x86)\Totalcmd\TOTALCMD.EXE
(forum.viry.cz) C:\Users\Slavicek\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2918656 2011-01-12] (ESET)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AutoKMS] - C:\Windows\AutoKMS.exe [615936 2013-03-01] ()
HKCU\...\Run: [Google Update] - C:\Users\Slavicek\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-06-14] (Google Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [HP Deskjet 3510 series (NET)] - C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKCU\...\Run: [Zoner Photo Studio Service 16] - C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe [27672 2013-09-16] ()
HKCU\...\Run: [Windows Drivers] - C:\ProgramData\WinUpdate\windrv.exe [335872 2013-12-17] ()
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKCU\...\Run: [Zoner Photo Studio Autoupdate] - C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe [800280 2013-09-16] (ZONER software)
MountPoints2: {23160af9-67e7-11e3-86b8-bcaec5b6e7f2} - F:\SETUP.EXE
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-10-17] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HWiNFO64] - C:\Program Files\HWiNFO64\HWiNFO64.EXE [2478552 2012-11-20] (REALiX)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [SearchSettings] - C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [1383232 2013-12-13] (Spigot, Inc.)
HKU\Mcx1-SLAVICEK-PC\...\Winlogon: [Shell] C:\Windows\eHome\McrMgr.exe [343552 2009-07-14] (Microsoft Corporation) <==== ATTENTION
Startup: C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MSIAfterburner - odkaz.lnk
ShortcutTarget: MSIAfterburner - odkaz.lnk -> C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe ()
Startup: C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\speedfan - odkaz.lnk
ShortcutTarget: speedfan - odkaz.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe (Almico Software (http://www.almico.com))

==================== Internet (Whitelisted) ====================

ProxyServer: http=;ftp=;https=;
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7EF0238D0AFACC01
URLSearchHook: HKCU - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\8.5\pdfforgeToolbarIE64.dll (Spigot, Inc.)
URLSearchHook: HKCU - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\8.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
SearchScopes: HKCU - DefaultScope {90268043-C27E-4C78-9869-F1C292187594} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKCU - {90268043-C27E-4C78-9869-F1C292187594} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\8.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
Toolbar: HKLM - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\8.5\pdfforgeToolbarIE64.dll (Spigot, Inc.)
Toolbar: HKLM-x32 - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\8.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default
FF DefaultSearchEngine: Yahoo
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Yahoo
FF Homepage: hxxp://www.seznam.cz/
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=827316&p=
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - c:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.116.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.132.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.140.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - c:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - c:\PROGRA~2\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Slavicek\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Slavicek\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Slavicek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\searchplugins\seznam.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\zoznam-sk.xml
FF Extension: WebTran - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
FF Extension: Auto Copy - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}
FF Extension: Armada Custom Toolbar - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\{29c0f5ff-3564-46bc-9f4a-50c73f426486}
FF Extension: Back to Top - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\{3C9A65A6-9563-4485-BA4A-4BCD698BCFB4}
FF Extension: Address Bar Search - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}
FF Extension: Aging Tabs - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\aging-tabs@design-noir.de.xpi
FF Extension: Add-on Compatibility Reporter - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\compatibility@addons.mozilla.org.xpi
FF Extension: FireGestures - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\firegestures@xuldev.org.xpi
FF Extension: No Name - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\pdfforge@mybrowserbar.com
FF Extension: No Name - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\sfStatistics.xml
FF Extension: Instrument Test - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\testpilot@labs.mozilla.com.xpi
FF Extension: Session Manager - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
FF Extension: PDF Download - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi
FF Extension: Flashblock - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi
FF Extension: Adblock Plus - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Download Statusbar - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
FF Extension: Tab Mix Plus - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF Extension: Mouse Gestures Redox - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\{FFA36170-80B1-4535-B0E3-A4569E497DD0}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

==================== Services (Whitelisted) =================

S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [42360 2011-01-12] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [810144 2011-01-12] (ESET)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-04-13] ()
S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [x]
S4 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [x]

==================== Drivers (Whitelisted) ====================

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [31360 2011-10-18] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-25] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 atillk64; E:\Install\flashATI\ati_winflash_2.0.1.14\atillk64.sys [14608 2006-07-19] (ATI Technologies Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2012-11-20] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-18] (Disc Soft Ltd)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [170640 2010-12-21] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141264 2010-12-21] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [125296 2010-12-21] (ESET)
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\atBIOS\GPCIDrv64.sys [14376 2010-02-04] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [29672 2012-12-15] (REALiX(tm))
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2012-11-20] ()
S3 RAMDiskVE; C:\Windows\System32\Drivers\RAMDiskVE.sys [63696 2010-11-21] ()
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-01-23] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2013-12-18] (Duplex Secure Ltd.)
U3 agkbn2i5; C:\Windows\System32\Drivers\agkbn2i5.sys [0 ] (Microsoft Corporation)
S3 ALSysIO; \??\z:\Temp\ALSysIO64.sys [x]
S3 amdkmdag; system32\DRIVERS\atikmdag.sys [x]
S3 ATSZIO; \??\C:\Program Files (x86)\ASUS\ASUS PC Diagnostics\ATSZIO64.sys [x]
S3 cpuz132; \??\c:\Temp\cpuz132\cpuz132_x64.sys [x]
S3 EverestDriver; \??\E:\Install\everest\kerneld.amd64 [x]
S3 getbus; \??\l:\Temp\getbus.sys [x]
S3 GPU-Z; \??\c:\Users\Slavicek\AppData\Local\MICROS~1\Windows\Temp\GPU-Z.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-20 22:54 - 2013-12-20 22:55 - 00022548 _____ C:\Users\Slavicek\Desktop\FRST.txt
2013-12-20 22:54 - 2013-12-20 22:54 - 00000000 ____D C:\FRST
2013-12-20 22:54 - 2013-12-20 22:53 - 02193141 _____ (Farbar) C:\Users\Slavicek\Desktop\FRST64.exe
2013-12-20 22:54 - 2013-12-20 22:53 - 00112640 _____ (forum.viry.cz) C:\Users\Slavicek\Desktop\FRSTLauncher.exe
2013-12-20 21:55 - 2013-12-20 21:55 - 00000146 _____ C:\Users\Slavicek\Desktop\Zvuk - odkaz.lnk
2013-12-20 18:38 - 2013-12-20 18:38 - 00000000 ____D C:\Users\Slavicek\AppData\Roaming\TeamViewer
2013-12-20 18:36 - 2013-12-20 18:36 - 00001173 _____ C:\Users\Public\Desktop\TeamViewer 9.lnk
2013-12-20 18:36 - 2013-12-20 18:36 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-12-20 16:44 - 2013-12-20 16:44 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-12-19 09:56 - 2013-12-19 09:56 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-12-19 09:56 - 2013-12-19 09:56 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-12-19 09:56 - 2013-12-19 09:56 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-12-19 09:56 - 2013-12-19 09:56 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-12-19 09:56 - 2013-12-19 09:56 - 00000000 ____D C:\Users\Slavicek\AppData\Roaming\VitySoft
2013-12-19 09:56 - 2013-12-19 09:56 - 00000000 ____D C:\Users\Slavicek\.objectdb
2013-12-19 09:56 - 2013-12-19 09:56 - 00000000 ____D C:\ProgramData\Oracle
2013-12-19 09:56 - 2013-12-19 09:56 - 00000000 ____D C:\Program Files\Java
2013-12-18 20:27 - 2013-12-18 20:27 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-12-18 19:57 - 2013-12-18 19:58 - 00000000 ____D C:\Users\Slavicek\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2013-12-18 19:57 - 2013-12-18 19:57 - 00002588 _____ C:\Users\Slavicek\Desktop\Windows 7 USB DVD Download Tool.lnk
2013-12-18 19:57 - 2013-12-18 19:57 - 00000000 ____D C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2013-12-18 18:35 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-18 18:35 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-18 18:35 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-18 18:35 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-18 18:35 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-18 18:35 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-18 18:35 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-18 18:35 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-18 18:35 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-18 18:35 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-18 18:35 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-18 18:35 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-18 18:35 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-18 18:35 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-18 18:35 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-18 18:35 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-18 18:35 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-18 18:35 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-18 18:35 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-18 18:35 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-18 18:35 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-18 18:35 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-18 18:35 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-18 18:35 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-18 18:35 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-18 18:35 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-18 18:35 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-18 18:35 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-18 18:35 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-18 18:35 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-18 18:35 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-18 14:52 - 2013-12-19 16:40 - 00000000 ____D C:\Users\Slavicek\Documents\Vakcina
2013-12-18 14:22 - 2013-12-18 14:22 - 00234010 _____ C:\Windows\system32\poclbm130302GeForceGTX670gv1w256l4pOpenCL1_1CUDA4_2_1.bin
2013-12-18 14:20 - 2013-12-18 14:20 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-12-18 10:57 - 2013-12-18 10:57 - 00001957 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-12-18 08:27 - 2013-12-18 08:27 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2013-12-18 08:24 - 2013-12-18 08:24 - 00000752 _____ C:\Users\Public\Desktop\Max Payne 3.lnk
2013-12-18 08:02 - 2013-12-18 08:02 - 00000000 ____D C:\Users\Slavicek\Documents\Rockstar Games
2013-12-17 21:39 - 2013-12-17 21:42 - 00000000 ____D C:\ProgramData\WinUpdate
2013-12-17 18:18 - 2013-12-17 18:18 - 00000000 ____D C:\Program Files (x86)\pdfforge Toolbar
2013-12-17 18:18 - 2013-12-17 18:18 - 00000000 ____D C:\Program Files (x86)\Application Updater
2013-12-17 17:18 - 2013-12-17 17:18 - 00000000 ___SH C:\Users\Slavicek\AppData\Local\Microsoft\Windows\WebCacheLock.dat
2013-12-17 15:54 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-17 15:52 - 2013-12-17 15:54 - 00009538 _____ C:\Windows\IE11_main.log
2013-12-17 15:52 - 2013-12-17 15:52 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-17 15:52 - 2013-12-17 15:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-17 15:52 - 2013-12-17 15:52 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-17 15:52 - 2013-12-17 15:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-17 15:52 - 2013-12-17 15:52 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-17 15:52 - 2013-12-17 15:52 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-17 15:52 - 2013-12-17 15:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-16 21:11 - 2013-09-12 09:58 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-12-16 21:11 - 2013-09-12 09:58 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 00458528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-12-16 21:11 - 2013-06-16 13:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-12-16 21:11 - 2013-06-16 13:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-12-16 21:11 - 2013-01-29 09:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2013-12-16 20:24 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-12-16 20:24 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-12-16 20:24 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-12-16 20:24 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-12-16 20:24 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-12-16 20:24 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-12-16 20:24 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-12-16 16:16 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-16 16:16 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-16 16:16 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-16 16:16 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-16 16:09 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-16 16:09 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-16 16:09 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-16 16:09 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-16 16:09 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-16 16:09 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-16 16:09 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-16 16:09 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-16 16:09 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-16 16:09 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-16 16:09 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-16 16:09 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-16 16:09 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-16 16:09 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-16 16:09 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-16 16:09 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-16 16:09 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-16 16:09 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-12-16 16:09 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-12-16 16:09 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-12-16 16:09 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-12-16 16:09 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-12-16 16:09 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-16 16:09 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-12-16 16:09 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-12-16 16:09 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-12-16 16:09 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-16 16:09 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-12-16 16:09 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-12-16 16:09 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-12-16 16:09 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-12-16 16:09 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-12-16 16:09 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-12-16 16:09 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-12-16 16:09 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-12-16 16:09 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-12-16 16:09 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-12-16 16:09 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-12-16 16:09 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-12-16 16:09 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-12-16 16:09 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-12-16 16:09 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-12-16 16:09 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-12-16 16:09 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-12-16 16:09 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-12-16 16:09 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-12-16 16:09 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-12-16 16:09 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-12-16 16:09 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-12-16 16:09 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-12-16 16:09 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-12-16 16:09 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-12-16 16:09 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-12-16 16:09 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-12-16 16:09 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-12-16 16:09 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-12-16 16:09 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-12-16 16:09 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-12-16 16:09 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-12-16 16:09 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-12-16 16:09 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-12-16 16:09 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-12-16 16:09 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-12-16 16:09 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-12-16 16:09 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-12-16 16:09 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-12-16 16:09 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-12-16 16:09 - 2013-07-12 11:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-12-16 16:09 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-12-16 16:09 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-12-16 16:09 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-12-16 16:09 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-12-16 16:09 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-12-16 16:09 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-12-16 16:09 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-12-16 16:09 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-12-16 16:09 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-12-16 16:09 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-12-16 16:09 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-12-16 16:09 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-12-16 16:09 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-12-16 16:09 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-12-16 16:09 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-12-16 16:09 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-12-16 16:09 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-12-16 16:09 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-12-16 16:09 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-12-16 16:09 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-12-16 16:09 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-12-16 16:08 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-12-16 16:08 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-12-16 16:08 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-12-16 16:08 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-12-16 16:08 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-12-16 09:22 - 2013-12-16 09:22 - 00013160 _____ C:\Users\Slavicek\Desktop\Registration New Pack.txt
2013-12-08 19:15 - 2013-12-08 19:15 - 00002937 _____ C:\Users\Slavicek\Documents\Žádost+o+úrok+z+prodlení_urg_email.odt
2013-12-07 21:02 - 2013-12-07 21:03 - 00000000 ____D C:\Users\Slavicek\Documents\Finanční arb

==================== One Month Modified Files and Folders =======

2013-12-20 22:55 - 2013-12-20 22:54 - 00022548 _____ C:\Users\Slavicek\Desktop\FRST.txt
2013-12-20 22:54 - 2013-12-20 22:54 - 00000000 ____D C:\FRST
2013-12-20 22:54 - 2011-06-02 10:41 - 04980736 ____H C:\Users\Slavicek\AppData\Local\Microsoft\Windows\UsrClass.dat
2013-12-20 22:53 - 2013-12-20 22:54 - 02193141 _____ (Farbar) C:\Users\Slavicek\Desktop\FRST64.exe
2013-12-20 22:53 - 2013-12-20 22:54 - 00112640 _____ (forum.viry.cz) C:\Users\Slavicek\Desktop\FRSTLauncher.exe
2013-12-20 22:52 - 2013-03-01 12:04 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2013-12-20 22:52 - 2012-06-14 12:41 - 00003034 _____ C:\Windows\System32\Tasks\MSIAfterburner
2013-12-20 22:48 - 2009-07-14 05:45 - 00025712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-20 22:48 - 2009-07-14 05:45 - 00025712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-20 22:45 - 2009-07-14 06:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-20 22:41 - 2013-03-13 18:16 - 00000000 __SHD C:\Users\Slavicek\AppData\Local\Microsoft\Windows\WebCache
2013-12-20 22:41 - 2013-03-01 12:04 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2013-12-20 22:41 - 2011-07-15 16:39 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-20 22:41 - 2011-06-12 12:25 - 00000000 ____D C:\Users\Slavicek\AppData\Roaming\Skype
2013-12-20 22:41 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-20 22:41 - 2009-07-14 05:51 - 00011902 _____ C:\Windows\setupact.log
2013-12-20 22:40 - 2011-06-02 10:41 - 01637909 _____ C:\Windows\WindowsUpdate.log
2013-12-20 22:34 - 2011-07-15 16:39 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-20 22:28 - 2011-06-14 06:39 - 00000958 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004605396-3039704758-1652441973-1000UA.job
2013-12-20 21:55 - 2013-12-20 21:55 - 00000146 _____ C:\Users\Slavicek\Desktop\Zvuk - odkaz.lnk
2013-12-20 21:34 - 2009-07-14 05:45 - 00350688 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-20 18:38 - 2013-12-20 18:38 - 00000000 ____D C:\Users\Slavicek\AppData\Roaming\TeamViewer
2013-12-20 18:36 - 2013-12-20 18:36 - 00001173 _____ C:\Users\Public\Desktop\TeamViewer 9.lnk
2013-12-20 18:36 - 2013-12-20 18:36 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-12-20 16:50 - 2011-06-02 16:23 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-20 16:44 - 2013-12-20 16:44 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-12-20 16:44 - 2013-03-01 11:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-12-20 16:28 - 2011-06-14 06:39 - 00000906 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004605396-3039704758-1652441973-1000Core.job
2013-12-19 20:10 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-19 16:40 - 2013-12-18 14:52 - 00000000 ____D C:\Users\Slavicek\Documents\Vakcina
2013-12-19 09:56 - 2013-12-19 09:56 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-12-19 09:56 - 2013-12-19 09:56 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-12-19 09:56 - 2013-12-19 09:56 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-12-19 09:56 - 2013-12-19 09:56 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-12-19 09:56 - 2013-12-19 09:56 - 00000000 ____D C:\Users\Slavicek\AppData\Roaming\VitySoft
2013-12-19 09:56 - 2013-12-19 09:56 - 00000000 ____D C:\Users\Slavicek\.objectdb
2013-12-19 09:56 - 2013-12-19 09:56 - 00000000 ____D C:\ProgramData\Oracle
2013-12-19 09:56 - 2013-12-19 09:56 - 00000000 ____D C:\Program Files\Java
2013-12-19 09:56 - 2011-06-02 10:41 - 00000000 ____D C:\Users\Slavicek
2013-12-18 20:28 - 2012-12-25 14:56 - 02621440 ____H C:\Users\Mcx1-SLAVICEK-PC\AppData\Local\Microsoft\Windows\UsrClass.dat
2013-12-18 20:28 - 2011-06-02 11:42 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-18 20:27 - 2013-12-18 20:27 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-12-18 19:58 - 2013-12-18 19:57 - 00000000 ____D C:\Users\Slavicek\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2013-12-18 19:57 - 2013-12-18 19:57 - 00002588 _____ C:\Users\Slavicek\Desktop\Windows 7 USB DVD Download Tool.lnk
2013-12-18 19:57 - 2013-12-18 19:57 - 00000000 ____D C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2013-12-18 14:22 - 2013-12-18 14:22 - 00234010 _____ C:\Windows\system32\poclbm130302GeForceGTX670gv1w256l4pOpenCL1_1CUDA4_2_1.bin
2013-12-18 14:20 - 2013-12-18 14:20 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-12-18 14:20 - 2011-08-10 20:13 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2013-12-18 14:20 - 2010-11-21 04:47 - 00393648 _____ C:\Windows\PFRO.log
2013-12-18 10:57 - 2013-12-18 10:57 - 00001957 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-12-18 10:57 - 2011-06-05 10:09 - 00003160 _____ C:\Windows\System32\Tasks\SidebarExecute
2013-12-18 10:57 - 2011-06-02 16:19 - 00381440 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2013-12-18 08:27 - 2013-12-18 08:27 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2013-12-18 08:24 - 2013-12-18 08:24 - 00000752 _____ C:\Users\Public\Desktop\Max Payne 3.lnk
2013-12-18 08:02 - 2013-12-18 08:02 - 00000000 ____D C:\Users\Slavicek\Documents\Rockstar Games
2013-12-17 22:46 - 2011-06-02 18:14 - 00000000 ____D C:\xGames
2013-12-17 21:42 - 2013-12-17 21:39 - 00000000 ____D C:\ProgramData\WinUpdate
2013-12-17 18:18 - 2013-12-17 18:18 - 00000000 ____D C:\Program Files (x86)\pdfforge Toolbar
2013-12-17 18:18 - 2013-12-17 18:18 - 00000000 ____D C:\Program Files (x86)\Application Updater
2013-12-17 17:19 - 2012-11-12 07:49 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-17 17:19 - 2011-06-24 19:01 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-17 17:18 - 2013-12-17 17:18 - 00000000 ___SH C:\Users\Slavicek\AppData\Local\Microsoft\Windows\WebCacheLock.dat
2013-12-17 17:18 - 2011-06-02 10:41 - 00001420 _____ C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-17 17:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\sk-SK
2013-12-17 17:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\sk-SK
2013-12-17 17:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-17 15:54 - 2013-12-17 15:52 - 00009538 _____ C:\Windows\IE11_main.log
2013-12-17 15:52 - 2013-12-17 15:52 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-17 15:52 - 2013-12-17 15:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-17 15:52 - 2013-12-17 15:52 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-17 15:52 - 2013-12-17 15:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-17 15:52 - 2013-12-17 15:52 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-17 15:52 - 2013-12-17 15:52 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-17 15:52 - 2013-12-17 15:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-16 21:12 - 2013-01-30 12:41 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-16 21:09 - 2011-06-03 15:57 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-12-16 21:09 - 2011-06-02 11:55 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-12-16 20:49 - 2012-05-10 17:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-12-16 20:49 - 2011-09-15 05:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-12-16 16:15 - 2011-06-28 10:57 - 00767492 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-16 16:12 - 2013-01-30 12:40 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-12-16 16:11 - 2013-08-14 09:59 - 00000000 ____D C:\Windows\system32\MRT
2013-12-16 09:22 - 2013-12-16 09:22 - 00013160 _____ C:\Users\Slavicek\Desktop\Registration New Pack.txt
2013-12-13 15:29 - 2011-07-15 16:39 - 00003936 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-13 15:29 - 2011-07-15 16:39 - 00003684 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-10 23:11 - 2011-06-02 10:41 - 00000000 ____D C:\Users\Slavicek\AppData\Local\Microsoft\Windows\Caches
2013-12-08 19:15 - 2013-12-08 19:15 - 00002937 _____ C:\Users\Slavicek\Documents\Žádost+o+úrok+z+prodlení_urg_email.odt
2013-12-07 21:03 - 2013-12-07 21:02 - 00000000 ____D C:\Users\Slavicek\Documents\Finanční arb
2013-12-07 20:42 - 2011-06-12 12:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-07 20:42 - 2011-06-12 12:25 - 00000000 ____D C:\ProgramData\Skype
2013-12-07 20:40 - 2012-12-25 14:56 - 00000000 ____D C:\Users\Mcx1-SLAVICEK-PC
2013-12-07 20:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-12-07 20:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2013-12-06 16:23 - 2011-06-14 06:39 - 00003938 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1004605396-3039704758-1652441973-1000UA
2013-12-06 16:23 - 2011-06-14 06:39 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1004605396-3039704758-1652441973-1000Core
2013-12-06 08:53 - 2012-11-13 09:24 - 00002492 _____ C:\Users\Slavicek\Desktop\Google Chrome.lnk
2013-12-01 14:42 - 2011-06-02 12:23 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-26 12:54 - 2013-12-18 18:35 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 11:19 - 2013-12-18 18:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 11:18 - 2013-12-18 18:35 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 11:11 - 2013-12-18 18:35 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 10:48 - 2013-12-18 18:35 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 10:46 - 2013-12-18 18:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 10:41 - 2013-12-18 18:35 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 10:29 - 2013-12-18 18:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 10:27 - 2013-12-18 18:35 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 10:23 - 2013-12-18 18:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 10:21 - 2013-12-18 18:35 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 10:18 - 2013-12-18 18:35 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 10:18 - 2013-12-18 18:35 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 10:16 - 2013-12-18 18:35 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 09:57 - 2013-12-18 18:35 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 09:38 - 2013-12-18 18:35 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 09:38 - 2013-12-18 18:35 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 09:35 - 2013-12-18 18:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 09:32 - 2013-12-18 18:35 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 09:28 - 2013-12-18 18:35 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 09:16 - 2013-12-18 18:35 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 09:02 - 2013-12-18 18:35 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 08:48 - 2013-12-18 18:35 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 08:32 - 2013-12-18 18:35 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 08:26 - 2013-12-18 18:35 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 08:07 - 2013-12-18 18:35 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 07:40 - 2013-12-18 18:35 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 07:34 - 2013-12-18 18:35 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 07:34 - 2013-12-18 18:35 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 07:33 - 2013-12-18 18:35 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 07:27 - 2013-12-18 18:35 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-23 19:26 - 2013-12-16 16:09 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-11-23 18:47 - 2013-12-16 16:09 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll

Some content of TEMP:
====================
C:\Users\Slavicek\AppData\Local\Microsoft\Windows\Temp\bitool.dll
C:\Users\Slavicek\AppData\Local\Microsoft\Windows\Temp\DTLite4471-0335.exe
C:\Users\Slavicek\AppData\Local\Microsoft\Windows\Temp\DTLite4481-0347.exe
C:\Users\Slavicek\AppData\Local\Microsoft\Windows\Temp\nvSCPAPI.dll
C:\Users\Slavicek\AppData\Local\Microsoft\Windows\Temp\nvStInst.exe
C:\Users\Slavicek\AppData\Local\Microsoft\Windows\Temp\sfamcc00001.dll
C:\Users\Slavicek\AppData\Local\Microsoft\Windows\Temp\sfamcc00002.dll
C:\Users\Slavicek\AppData\Local\Microsoft\Windows\Temp\sfareca00001.dll
C:\Users\Slavicek\AppData\Local\Microsoft\Windows\Temp\SkypeSetup.exe
C:\Users\Slavicek\AppData\Local\Microsoft\Windows\Temp\sonarinst.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-20 17:13




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (SSD) (Fixed) (Total:89.43 GB) (Free:13.07 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:345.57 GB) (Free:9.81 GB) NTFS
Drive e: (Install_FIlmy) (Fixed) (Total:585.94 GB) (Free:55.22 GB) NTFS
Drive f: (OFFICE14) (CDROM) (Total:2.11 GB) (Free:0 GB) UDF
Drive h: (Nový zväzok) (Fixed) (Total:376.27 GB) (Free:2.16 GB) NTFS
Drive i: () (Fixed) (Total:110 GB) (Free:57.06 GB) NTFS
Drive j: (Adrika) (Fixed) (Total:109.89 GB) (Free:85.4 GB) NTFS

Available physical RAM: 5697.52 MB
Total physical RAM: 8168.8 MB
Percentage of memory in use: 30%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 89 GB) (Disk ID: 3FBA4E6A)
Partition 1: (Active) - (Size=89 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 9B64CFD8)
Partition 1: (Not Active) - (Size=376 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=220 GB) - (Type=OF Extended)
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 4284FF7D)
Partition 1: (Not Active) - (Size=346 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=586 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004605396-3039704758-1652441973-1000Core.job => C:\Users\Slavicek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004605396-3039704758-1652441973-1000UA.job => C:\Users\Slavicek\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57
AlternateDataStreams: C:\ProgramData\TEMP:8927A071
AlternateDataStreams: C:\ProgramData\TEMP:B468194E

==================== Security Center ==================

AV: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Slavicek\Desktop" je 2 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\Slavicek\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pocket Navigator Installer 6.0
C:\Program Files (x86)\Navigator11\Setup Utility\clickertray.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Winlogon.exe CPU usage 40%, GPU Usage 90%

Napsal: 21 pro 2013 07:24
od durod
Log jsem delal, kdyz porces bezel.

Jinak s PC problemy nejsou, ja bych to ani nezaregistroval, kdybych neslysel zvysene otacky graficke karty.
winlogon.exe mam v system 32 a v ProgramData-tam asi nema co delat....

Re: Winlogon.exe CPU usage 40%, GPU Usage 90%

Napsal: 21 pro 2013 12:19
od durod
OK udelam to .. mea culpa
mam na mysli winlog.exe...sorry za mystifikaci.....

() C:\ProgramData\WinUpdate\winlog.exe

HKU\Mcx1-SLAVICEK-PC\...\Winlogon: [Shell] C:\Windows\eHome\McrMgr.exe [343552 2009-07-14] (Microsoft Corporation) <==== ATTENTION

Re: Winlog.exe CPU usage 40%, GPU Usage 90%

Napsal: 21 pro 2013 12:35
od durod
Tak jsem to spustil, ale uvedomil jsi, ze winlog.exe nebezi...po restartu se spustil a vytezuje mi to cpu na 40% a GPU na 92%, VRAM 300MB, RAM 38MB...OTL stale bezi....

Re: Winlog.exe CPU usage 40%, GPU Usage 90%

Napsal: 21 pro 2013 12:48
od durod
OTL logfile created on: 21. 12. 2013 12:25:10 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Slavicek\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

7,98 Gb Total Physical Memory | 5,84 Gb Available Physical Memory | 73,15% Memory free
7,98 Gb Paging File | 5,37 Gb Available in Paging File | 67,27% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 89,43 Gb Total Space | 12,42 Gb Free Space | 13,88% Space Free | Partition Type: NTFS
Drive D: | 345,57 Gb Total Space | 9,81 Gb Free Space | 2,84% Space Free | Partition Type: NTFS
Drive E: | 585,94 Gb Total Space | 57,34 Gb Free Space | 9,79% Space Free | Partition Type: NTFS
Drive G: | 7,20 Gb Total Space | 3,63 Gb Free Space | 50,48% Space Free | Partition Type: FAT32
Drive H: | 376,27 Gb Total Space | 2,16 Gb Free Space | 0,57% Space Free | Partition Type: NTFS
Drive I: | 110,00 Gb Total Space | 57,06 Gb Free Space | 51,88% Space Free | Partition Type: NTFS
Drive J: | 109,89 Gb Total Space | 85,40 Gb Free Space | 77,72% Space Free | Partition Type: NTFS

Computer Name: SLAVICEK-PC | User Name: Slavicek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013/12/21 12:22:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Slavicek\Desktop\OTL.exe
PRC - [2013/12/17 11:38:33 | 005,341,536 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2013/12/17 11:38:32 | 013,543,264 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
PRC - [2013/12/17 11:22:10 | 000,199,520 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
PRC - [2013/12/13 11:35:28 | 001,383,232 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2013/12/13 11:31:26 | 000,807,800 | ---- | M] (Spigot, Inc.) -- c:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
PRC - [2013/09/16 20:41:10 | 000,800,280 | ---- | M] (ZONER software) -- C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
PRC - [2013/05/10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/13 11:20:37 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/01/23 07:12:42 | 000,166,968 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe
PRC - [2013/01/23 07:12:40 | 000,425,016 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
PRC - [2011/10/17 15:12:52 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/10/17 15:12:48 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/06/02 16:03:15 | 003,680,568 | ---- | M] (Ghisler Software GmbH) -- C:\Program Files (x86)\Totalcmd\TOTALCMD.EXE
PRC - [2011/03/17 11:50:42 | 004,523,928 | ---- | M] (Almico Software (http://www.almico.com)) -- C:\Program Files (x86)\SpeedFan\speedfan.exe
PRC - [2011/01/12 15:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2010/11/17 08:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe


========== Modules (All) ==========

MOD - [2013/12/21 12:22:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Slavicek\Desktop\OTL.exe
MOD - [2013/12/21 12:21:37 | 000,192,512 | ---- | M] () -- c:\Users\Slavicek\AppData\Local\MICROS~1\Windows\Temp\sfamcc00001.dll
MOD - [2013/12/21 12:21:37 | 000,172,032 | ---- | M] () -- c:\Users\Slavicek\AppData\Local\MICROS~1\Windows\Temp\sfareca00001.dll
MOD - [2013/12/18 07:26:43 | 000,216,576 | ---- | M] () -- C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\5.12.17.1_0\plugin\blackfishietab.dll
MOD - [2013/12/17 15:52:45 | 000,752,640 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\VGX\VGX.dll
MOD - [2013/12/17 15:52:45 | 000,454,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vbscript.dll
MOD - [2013/12/17 15:52:45 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtmsft.dll
MOD - [2013/12/17 15:52:45 | 000,244,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtrans.dll
MOD - [2013/12/17 15:52:45 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll
MOD - [2013/12/17 11:39:38 | 000,360,288 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Resource_sk.dll
MOD - [2013/12/17 11:38:34 | 003,012,448 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_StaticRes.dll
MOD - [2013/12/17 11:38:32 | 013,543,264 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
MOD - [2013/12/17 11:22:10 | 000,095,584 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\tv_w32.dll
MOD - [2013/12/16 19:13:08 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/12/16 19:13:04 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013/12/16 19:12:59 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
MOD - [2013/12/13 11:35:32 | 000,117,568 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth175.dll
MOD - [2013/12/13 11:35:28 | 001,383,232 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
MOD - [2013/12/04 03:48:06 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
MOD - [2013/12/04 03:48:04 | 000,399,312 | ---- | M] () -- C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
MOD - [2013/12/04 03:48:02 | 004,055,504 | ---- | M] () -- C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll
MOD - [2013/12/04 03:47:12 | 002,134,480 | ---- | M] (Google Inc.) -- C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\31.0.1650.63\libpeerconnection.dll
MOD - [2013/12/04 03:47:11 | 000,702,416 | ---- | M] () -- C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
MOD - [2013/12/04 03:47:11 | 000,099,792 | ---- | M] () -- C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\31.0.1650.63\libegl.dll
MOD - [2013/12/04 03:47:10 | 009,962,960 | ---- | M] (The ICU Project) -- C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\31.0.1650.63\icudt.dll
MOD - [2013/12/04 03:47:08 | 001,619,408 | ---- | M] () -- C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
MOD - [2013/12/04 03:47:03 | 031,266,256 | ---- | M] (Google Inc.) -- C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\31.0.1650.63\chrome_child.dll
MOD - [2013/12/04 03:47:01 | 026,319,824 | ---- | M] (Google Inc.) -- C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\31.0.1650.63\chrome.dll
MOD - [2013/12/04 03:29:56 | 003,231,688 | ---- | M] (Microsoft Corporation) -- C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\31.0.1650.63\D3DCompiler_46.dll
MOD - [2013/11/26 11:11:50 | 017,112,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
MOD - [2013/11/26 09:38:54 | 002,166,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2013/11/26 09:16:12 | 004,243,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll
MOD - [2013/11/26 08:26:42 | 011,221,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2013/11/26 07:33:33 | 001,820,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2013/11/26 07:27:32 | 001,157,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2013/11/14 16:42:42 | 020,584,608 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
MOD - [2013/10/19 02:36:59 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2013/10/12 03:04:36 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wshom.ocx
MOD - [2013/10/12 03:03:31 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\scrrun.dll
MOD - [2013/10/12 03:01:25 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2013/10/05 20:57:25 | 001,168,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2013/10/03 03:00:44 | 000,311,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2013/09/25 02:58:17 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2013/09/25 02:57:26 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2013/09/25 02:56:42 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2013/09/16 20:41:12 | 000,770,584 | ---- | M] (ZONER software) -- C:\Program Files\Zoner\Photo Studio 16\Program32\zpsres.CZ.dll
MOD - [2013/09/16 20:41:10 | 000,800,280 | ---- | M] (ZONER software) -- C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
MOD - [2013/09/16 20:41:08 | 008,479,256 | ---- | M] (ZONER software) -- C:\Program Files\Zoner\Photo Studio 16\Program32\Zxl.dll
MOD - [2013/09/16 20:41:04 | 000,448,536 | ---- | M] (ZONER software) -- C:\Program Files\Zoner\Photo Studio 16\Program32\zcl.dll
MOD - [2013/09/16 20:40:56 | 000,049,688 | ---- | M] (ZONER software) -- C:\Program Files\Zoner\Photo Studio 16\Program32\Iepack.dll
MOD - [2013/09/12 09:58:10 | 012,947,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvd3dum.dll
MOD - [2013/09/12 09:58:10 | 002,630,304 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvapi.dll
MOD - [2013/09/11 21:21:54 | 000,505,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MOD - [2013/09/11 16:10:58 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\f4e49f5f51d2fa5e6190464468dff4d3\Microsoft.VisualBasic.ni.dll
MOD - [2013/09/11 12:41:48 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll
MOD - [2013/09/08 03:03:58 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2013/09/05 10:34:32 | 000,098,464 | R--- | M] (Skype Technologies) -- C:\Program Files (x86)\Skype\Updater\Updater.dll
MOD - [2013/08/29 02:50:30 | 001,292,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2013/08/29 02:48:17 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2013/08/14 15:41:55 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\914b102327a5f48542af50a6e5c1f8ab\IAStorUtil.ni.dll
MOD - [2013/08/14 15:18:38 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/14 15:18:30 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/14 15:18:28 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/08/02 02:50:42 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2013/08/02 02:50:41 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2013/07/26 02:55:59 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2013/07/11 17:02:24 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\9806320368a8f23f1f6c5de66ebb29d0\IAStorCommon.ni.dll
MOD - [2013/07/11 16:59:06 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/07/09 05:52:33 | 000,663,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2013/07/09 05:52:10 | 000,175,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2013/07/09 05:46:31 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2013/07/04 12:51:04 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davclnt.dll
MOD - [2013/07/04 12:50:56 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll
MOD - [2013/06/06 05:57:01 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2013/06/06 05:50:56 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll
MOD - [2013/05/27 05:57:26 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Defender\MpOAV.dll
MOD - [2013/04/26 00:30:32 | 001,505,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d11.dll
MOD - [2013/04/23 23:57:27 | 005,932,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MOD - [2013/04/17 08:02:06 | 001,230,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2013/04/10 00:34:01 | 001,247,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2013/04/03 05:50:20 | 001,625,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll
MOD - [2013/03/19 14:57:20 | 001,949,696 | ---- | M] (FUJ) -- C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfjpomofbadillhmdjcjfbbdghgikmac\0.9.1_0\npSmoothGesturesPlugin.dll
MOD - [2013/01/23 07:12:42 | 000,166,968 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe
MOD - [2013/01/23 07:12:40 | 000,425,016 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
MOD - [2013/01/16 17:01:08 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
MOD - [2013/01/16 17:01:06 | 000,348,160 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
MOD - [2013/01/16 17:01:00 | 000,229,376 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTCore.dll
MOD - [2013/01/16 17:00:58 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTUI.dll
MOD - [2013/01/16 17:00:56 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTFC.dll
MOD - [2013/01/13 22:17:03 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
MOD - [2013/01/13 22:17:02 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
MOD - [2013/01/13 22:16:42 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
MOD - [2013/01/13 22:12:46 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
MOD - [2013/01/13 22:11:21 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
MOD - [2013/01/13 22:11:08 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
MOD - [2013/01/13 22:11:07 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
MOD - [2013/01/13 22:11:07 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
MOD - [2013/01/13 22:11:07 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
MOD - [2013/01/13 21:22:22 | 001,988,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10warp.dll
MOD - [2013/01/13 21:20:31 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2013/01/13 21:08:43 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll
MOD - [2013/01/13 20:46:25 | 001,080,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll
MOD - [2013/01/13 20:37:57 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2013/01/04 07:11:21 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msmpeg2vdec.dll
MOD - [2012/12/07 13:26:17 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll
MOD - [2012/12/07 13:20:43 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gameux.dll
MOD - [2012/11/30 11:48:46 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTMUI.dll
MOD - [2012/11/30 11:24:00 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTFC.dll
MOD - [2012/11/22 05:45:03 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2012/11/01 05:47:54 | 001,389,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll
MOD - [2012/11/01 05:47:54 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll
MOD - [2012/10/31 12:21:48 | 000,049,776 | ---- | M] (Microsoft Corporation) -- c:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
MOD - [2012/10/09 18:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2012/10/05 11:53:23 | 000,364,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MOD - [2012/09/25 23:47:43 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\synceng.dll
MOD - [2012/07/04 22:16:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll
MOD - [2012/07/04 22:14:34 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\browcli.dll
MOD - [2012/06/04 17:23:18 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSSHooks.dll
MOD - [2012/06/04 16:02:42 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTUI.dll
MOD - [2012/05/05 08:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2012/04/07 12:26:29 | 002,342,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2012/02/15 03:13:50 | 000,356,352 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWOW64\atiadlxy.dll
MOD - [2012/01/13 08:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2012/01/04 09:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2011/12/16 08:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2011/11/17 06:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2011/10/26 05:32:11 | 001,328,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\quartz.dll
MOD - [2011/10/17 15:12:48 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MOD - [2011/10/17 15:08:28 | 000,174,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUIHelper.dll
MOD - [2011/10/17 15:08:24 | 001,318,912 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IntelVisualDesign.dll
MOD - [2011/08/27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011/08/27 05:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011/06/16 05:33:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2011/06/15 20:38:32 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2011/06/15 20:35:33 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MOD - [2011/06/11 01:58:52 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr100.dll
MOD - [2011/06/08 14:20:12 | 000,044,936 | ---- | M] (ZONER software) -- C:\Program Files\Zoner\Photo Studio 13\Program32\ShellExt.dll
MOD - [2011/06/02 16:03:15 | 003,680,568 | ---- | M] (Ghisler Software GmbH) -- C:\Program Files (x86)\Totalcmd\TOTALCMD.EXE
MOD - [2011/05/24 11:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011/05/24 11:40:05 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll
MOD - [2011/05/24 11:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011/04/30 20:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTTSH.dll
MOD - [2011/04/30 16:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTTSH.dll
MOD - [2011/04/18 19:26:50 | 000,129,952 | ---- | M] (Intel Corporation.) -- C:\Program Files\Zoner\Photo Studio 16\Program32\ippcc-7.0.dll
MOD - [2011/04/18 19:26:40 | 002,157,472 | ---- | M] (Intel Corporation.) -- C:\Program Files\Zoner\Photo Studio 16\Program32\ippccg9-7.0.dll
MOD - [2011/04/18 19:26:12 | 000,396,192 | ---- | M] (Intel Corporation.) -- C:\Program Files\Zoner\Photo Studio 16\Program32\ippi-7.0.dll
MOD - [2011/04/18 19:26:00 | 015,084,448 | ---- | M] (Intel Corporation.) -- C:\Program Files\Zoner\Photo Studio 16\Program32\ippig9-7.0.dll
MOD - [2011/04/17 12:22:28 | 000,138,144 | ---- | M] (Intel Corporation.) -- C:\Program Files\Zoner\Photo Studio 16\Program32\ippcore-7.0.dll
MOD - [2011/03/17 11:50:42 | 004,523,928 | ---- | M] (Almico Software (http://www.almico.com)) -- C:\Program Files (x86)\SpeedFan\speedfan.exe
MOD - [2011/03/11 06:33:59 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll
MOD - [2011/03/10 20:18:22 | 000,756,640 | ---- | M] (Intel Corporation) -- C:\Program Files\Zoner\Photo Studio 16\Program32\libiomp5md.dll
MOD - [2011/03/03 06:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2011/02/19 22:03:12 | 004,422,992 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zoner\Photo Studio 16\Program32\mfc100u.dll
MOD - [2011/02/19 22:03:12 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zoner\Photo Studio 16\Program32\msvcp100.dll
MOD - [2011/02/19 22:03:12 | 000,055,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zoner\Photo Studio 16\Program32\mfc100enu.dll
MOD - [2011/02/19 22:03:12 | 000,051,024 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zoner\Photo Studio 16\Program32\vcomp100.dll
MOD - [2011/02/18 23:40:50 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zoner\Photo Studio 16\Program32\msvcr100.dll
MOD - [2011/01/12 15:45:28 | 000,188,024 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\shellExt.dll
MOD - [2010/11/21 04:25:15 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010/11/21 04:25:11 | 003,207,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mf.dll
MOD - [2010/11/21 04:25:11 | 000,547,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PortableDeviceApi.dll
MOD - [2010/11/21 04:25:11 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\evr.dll
MOD - [2010/11/21 04:25:09 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\syncui.dll
MOD - [2010/11/21 04:24:50 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wshbth.dll
MOD - [2010/11/21 04:24:43 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010/11/21 04:24:33 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2010/11/21 04:24:32 | 001,003,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptui.dll
MOD - [2010/11/21 04:24:32 | 000,505,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\taskschd.dll
MOD - [2010/11/21 04:24:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\twext.dll
MOD - [2010/11/21 04:24:32 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010/11/21 04:24:32 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\acppage.dll
MOD - [2010/11/21 04:24:28 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\riched20.dll
MOD - [2010/11/21 04:24:28 | 000,202,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\activeds.dll
MOD - [2010/11/21 04:24:28 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvfw32.dll
MOD - [2010/11/21 04:24:26 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010/11/21 04:24:26 | 000,572,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
MOD - [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2010/11/21 04:24:25 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010/11/21 04:24:23 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll
MOD - [2010/11/21 04:24:23 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010/11/21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010/11/21 04:24:16 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2010/11/21 04:24:16 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010/11/21 04:24:16 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010/11/21 04:24:16 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010/11/21 04:24:16 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010/11/21 04:24:16 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2010/11/21 04:24:15 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\networkexplorer.dll
MOD - [2010/11/21 04:24:14 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msftedit.dll
MOD - [2010/11/21 04:24:14 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2010/11/21 04:24:14 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010/11/21 04:24:09 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2010/11/21 04:24:08 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010/11/21 04:24:08 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2010/11/21 04:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2010/11/21 04:24:08 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010/11/21 04:24:08 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pdh.dll
MOD - [2010/11/21 04:24:08 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorAPI.dll
MOD - [2010/11/21 04:24:08 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\thumbcache.dll
MOD - [2010/11/21 04:24:08 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mapi32.dll
MOD - [2010/11/21 04:24:03 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wer.dll
MOD - [2010/11/21 04:24:03 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010/11/21 04:24:02 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2010/11/21 04:24:02 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
MOD - [2010/11/21 04:24:01 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010/11/21 04:24:01 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll
MOD - [2010/11/21 04:24:01 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\actxprxy.dll
MOD - [2010/11/21 04:24:01 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscoree.dll
MOD - [2010/11/21 04:24:00 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2010/11/21 04:24:00 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntlanman.dll
MOD - [2010/11/21 04:23:55 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010/11/21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010/11/21 04:23:55 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2010/11/21 04:23:55 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2010/11/21 04:23:54 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2010/11/21 04:23:54 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010/11/21 04:23:51 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010/11/21 04:23:51 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010/11/21 04:23:51 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2010/11/21 04:23:48 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010/11/21 04:23:48 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010/11/21 04:23:48 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdscore.dll
MOD - [2010/11/21 04:23:48 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2010/11/18 17:08:12 | 000,055,808 | ---- | M] (Igor Pavlov) -- C:\Program Files (x86)\7-Zip\7-zip.dll
MOD - [2010/11/17 08:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
MOD - [2010/11/17 08:52:38 | 000,096,904 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.dll
MOD - [2010/03/18 07:15:26 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zoner\Photo Studio 13\Program32\msvcr100.dll
MOD - [2009/10/30 19:39:34 | 000,020,480 | ---- | M] (Orbmu2k) -- C:\Users\Slavicek\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_Temperatures1.2.gadget\SpeedfanReader.dll
MOD - [2009/10/30 19:32:55 | 000,020,480 | ---- | M] (Jonathan Abbott) -- C:\Users\Slavicek\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Wired_Network_Meter_V3.1.gadget\netlib.dll
MOD - [2009/08/18 10:29:22 | 000,134,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
MOD - [2009/07/14 02:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2009/07/14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009/07/14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009/07/14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009/07/14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009/07/14 02:16:19 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Sidebar\wlsrvc.dll
MOD - [2009/07/14 02:16:19 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wmiutils.dll
MOD - [2009/07/14 02:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanapi.dll
MOD - [2009/07/14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009/07/14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009/07/14 02:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanutil.dll
MOD - [2009/07/14 02:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll
MOD - [2009/07/14 02:16:17 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemdisp.dll
MOD - [2009/07/14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009/07/14 02:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2009/07/14 02:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2009/07/14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009/07/14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009/07/14 02:16:14 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc_os.dll
MOD - [2009/07/14 02:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shfolder.dll
MOD - [2009/07/14 02:16:13 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensorsApi.dll
MOD - [2009/07/14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009/07/14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009/07/14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009/07/14 02:16:12 | 000,791,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\opengl32.dll
MOD - [2009/07/14 02:16:12 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PortableDeviceTypes.dll
MOD - [2009/07/14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009/07/14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2009/07/14 02:16:12 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\perfproc.dll
MOD - [2009/07/14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009/07/14 02:16:12 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\perfdisk.dll
MOD - [2009/07/14 02:16:12 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\perfos.dll
MOD - [2009/07/14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009/07/14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009/07/14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009/07/14 02:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2009/07/14 02:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2009/07/14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009/07/14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll
MOD - [2009/07/14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2009/07/14 02:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll
MOD - [2009/07/14 02:15:44 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msiltcfg.dll
MOD - [2009/07/14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009/07/14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009/07/14 02:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009/07/14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009/07/14 02:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009/07/14 02:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009/07/14 02:15:39 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfplat.dll
MOD - [2009/07/14 02:15:37 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Magnification.dll
MOD - [2009/07/14 02:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\LocationApi.dll
MOD - [2009/07/14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009/07/14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009/07/14 02:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll
MOD - [2009/07/14 02:15:24 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hnetcfg.dll
MOD - [2009/07/14 02:15:24 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hid.dll
MOD - [2009/07/14 02:15:22 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\glu32.dll
MOD - [2009/07/14 02:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009/07/14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009/07/14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009/07/14 02:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009/07/14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009/07/14 02:15:13 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll
MOD - [2009/07/14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009/07/14 02:15:13 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\drprov.dll
MOD - [2009/07/14 02:15:11 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dinput8.dll
MOD - [2009/07/14 02:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009/07/14 02:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll
MOD - [2009/07/14 02:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll
MOD - [2009/07/14 02:15:10 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddrawex.dll
MOD - [2009/07/14 02:15:08 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davhlpr.dll
MOD - [2009/07/14 02:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll
MOD - [2009/07/14 02:15:07 | 000,149,019 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crtdll.dll
MOD - [2009/07/14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009/07/14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009/07/14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009/07/14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009/07/14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009/07/14 02:14:57 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avicap32.dll
MOD - [2009/07/14 02:14:52 | 000,202,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\adsldpc.dll
MOD - [2009/07/14 02:14:10 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hhctrl.ocx
MOD - [2009/07/14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/14 02:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009/07/14 02:11:26 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2help.dll
MOD - [2009/07/14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009/07/14 02:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009/07/14 02:10:22 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc.dll
MOD - [2009/07/14 02:09:14 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbcint.dll
MOD - [2009/07/14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009/07/14 02:04:30 | 001,297,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comres.dll
MOD - [2008/03/30 15:22:42 | 000,070,144 | ---- | M] () -- C:\Program Files (x86)\PSPad editor\PSPadShell.dll
MOD - [2008/01/20 21:21:40 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe


========== Services (SafeList) ==========

SRV:64bit: - [2013/11/26 10:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/02/15 04:13:00 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/01/12 15:44:02 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2011/01/12 15:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/12/17 11:38:33 | 005,341,536 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2013/12/13 11:31:26 | 000,807,800 | ---- | M] (Spigot, Inc.) [Auto | Running] -- c:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/13 11:20:37 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/09/20 08:56:06 | 000,136,896 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2012/09/14 18:17:21 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/10/17 15:12:52 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/10/27 15:18:52 | 000,052,896 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/12/18 14:20:37 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/12/18 10:57:22 | 000,381,440 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2013/06/16 13:38:15 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/12/15 19:15:01 | 000,029,672 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV:64bit: - [2012/11/20 20:58:55 | 000,088,480 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2012/11/20 20:58:55 | 000,046,400 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 03:13:12 | 000,327,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/10/18 05:26:32 | 000,031,360 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2011/10/17 18:40:50 | 000,093,712 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/10/17 14:55:32 | 000,559,384 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/06/10 05:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/21 14:04:06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010/12/21 14:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010/12/21 12:47:38 | 000,125,296 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2010/12/10 12:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/12/10 12:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/11/21 08:45:36 | 000,063,696 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RAMDiskVE.sys -- (RAMDiskVE)
DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 14:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010/11/20 14:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010/11/20 12:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010/11/20 12:35:26 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcuxd.sys -- (vpcuxd)
DRV:64bit: - [2010/11/20 12:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010/10/27 14:50:28 | 000,301,680 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2010/10/27 14:50:28 | 000,279,152 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2010/10/27 14:50:28 | 000,203,624 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2010/10/27 14:50:28 | 000,156,520 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2010/10/27 14:50:28 | 000,058,992 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2010/10/27 14:50:28 | 000,055,336 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AthDfu.sys -- (ATHDFU)
DRV:64bit: - [2010/10/27 14:50:28 | 000,038,248 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2010/10/27 14:50:28 | 000,031,080 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2010/10/19 22:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/08/18 00:28:32 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2010/06/09 09:00:14 | 000,028,544 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\intelsmb.sys -- (smbusp)
DRV:64bit: - [2010/01/05 02:23:20 | 001,847,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/14 01:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/04/08 13:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV - [2013/12/18 20:27:58 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2013/01/23 07:12:38 | 000,013,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
DRV - [2010/02/04 09:09:00 | 000,014,376 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\GIGABYTE\atBIOS\GPCIDrv64.sys -- (GPCIDrv)
DRV - [2009/10/09 21:49:06 | 000,026,752 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\Install\everest\kerneld.amd64 -- (EverestDriver)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2006/07/19 18:04:00 | 000,014,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- E:\Install\flashATI\ati_winflash_2.0.1.14\atillk64.sys -- (atillk64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1004605396-3039704758-1652441973-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1004605396-3039704758-1652441973-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7E F0 23 8D 0A FA CC 01 [binary data]
IE - HKU\S-1-5-21-1004605396-3039704758-1652441973-1000\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - c:\Program Files (x86)\pdfforge Toolbar\IE\8.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-1004605396-3039704758-1652441973-1000\..\SearchScopes,DefaultScope = {90268043-C27E-4C78-9869-F1C292187594}
IE - HKU\S-1-5-21-1004605396-3039704758-1652441973-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-1004605396-3039704758-1652441973-1000\..\SearchScopes\{90268043-C27E-4C78-9869-F1C292187594}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-1004605396-3039704758-1652441973-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1004605396-3039704758-1652441973-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=;

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=827316"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: aging-tabs@design-noir.de:0.7.1
FF - prefs.js..extensions.enabledAddons: compatibility@addons.mozilla.org:0.9
FF - prefs.js..extensions.enabledAddons: firegestures@xuldev.org:1.6.6
FF - prefs.js..extensions.enabledAddons: {0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}:1.0.1
FF - prefs.js..extensions.enabledAddons: {1280606b-2510-4fe0-97ef-9b5a22eafe30}:0.7.6.1
FF - prefs.js..extensions.enabledAddons: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2
FF - prefs.js..extensions.enabledAddons: {3C9A65A6-9563-4485-BA4A-4BCD698BCFB4}:6.0.1
FF - prefs.js..extensions.enabledAddons: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.15.1
FF - prefs.js..extensions.enabledAddons: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9
FF - prefs.js..extensions.enabledAddons: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledAddons: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.6
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27
FF - prefs.js..extensions.enabledAddons: pdfforge@mybrowserbar.com:7.6
FF - prefs.js..extensions.enabledAddons: {badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}:1.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: elemhidehelper@adblockplus.org:1.1
FF - prefs.js..extensions.enabledItems: aging-tabs@design-noir.de:0.7.1
FF - prefs.js..extensions.enabledItems: {0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}:1.0.1
FF - prefs.js..extensions.enabledItems: {3C9A65A6-9563-4485-BA4A-4BCD698BCFB4}:5.3.2
FF - prefs.js..extensions.enabledItems: cs@dictionaries.addons.mozilla.org:1.0.2
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.2
FF - prefs.js..extensions.enabledItems: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.14.2
FF - prefs.js..extensions.enabledItems: {FFA36170-80B1-4535-B0E3-A4569E497DD0}:3.0.3
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2
FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe30}:0.7.4
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.5
FF - prefs.js..extensions.enabledItems: {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2009
FF - prefs.js..extensions.enabledItems: ietab@ip.cn:1.95.20100933
FF - prefs.js..extensions.enabledItems: omiazad@msn.com:1.0.5
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=green ... =827316&p="
FF - prefs.js..network.proxy.type: 4
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: c:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.132.0: C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.140.0: C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.7: C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: c:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: c:\PROGRA~2\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Slavicek\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Slavicek\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Slavicek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2012/05/11 09:40:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/01 09:18:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/09/12 09:51:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012/05/11 09:40:28 | 000,000,000 | ---D | M]

[2011/06/02 12:07:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Slavicek\AppData\Roaming\mozilla\Extensions
[2013/12/17 18:18:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Slavicek\AppData\Roaming\mozilla\Firefox\Profiles\cksie3dt.default\extensions
[2011/06/02 12:45:58 | 000,000,000 | ---D | M] (WebTran) -- C:\Users\Slavicek\AppData\Roaming\mozilla\Firefox\Profiles\cksie3dt.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
[2011/06/02 12:45:58 | 000,000,000 | ---D | M] (Auto Copy) -- C:\Users\Slavicek\AppData\Roaming\mozilla\Firefox\Profiles\cksie3dt.default\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}
[2011/07/12 11:46:52 | 000,000,000 | ---D | M] (Armada Custom Toolbar) -- C:\Users\Slavicek\AppData\Roaming\mozilla\Firefox\Profiles\cksie3dt.default\extensions\{29c0f5ff-3564-46bc-9f4a-50c73f426486}
[2011/06/02 12:45:58 | 000,000,000 | ---D | M] (Back to Top) -- C:\Users\Slavicek\AppData\Roaming\mozilla\Firefox\Profiles\cksie3dt.default\extensions\{3C9A65A6-9563-4485-BA4A-4BCD698BCFB4}
[2013/09/07 10:41:24 | 000,000,000 | ---D | M] (Address Bar Search) -- C:\Users\Slavicek\AppData\Roaming\mozilla\Firefox\Profiles\cksie3dt.default\extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}
[2011/03/11 12:25:28 | 000,029,829 | ---- | M] () (No name found) -- C:\Users\Slavicek\AppData\Roaming\mozilla\firefox\profiles\cksie3dt.default\extensions\aging-tabs@design-noir.de.xpi
[2011/08/26 06:38:54 | 000,131,597 | ---- | M] () (No name found) -- C:\Users\Slavicek\AppData\Roaming\mozilla\firefox\profiles\cksie3dt.default\extensions\compatibility@addons.mozilla.org.xpi
[2011/08/16 16:43:56 | 000,085,650 | ---- | M] () (No name found) -- C:\Users\Slavicek\AppData\Roaming\mozilla\firefox\profiles\cksie3dt.default\extensions\firegestures@xuldev.org.xpi
[2011/08/26 16:57:07 | 000,594,961 | ---- | M] () (No name found) -- C:\Users\Slavicek\AppData\Roaming\mozilla\firefox\profiles\cksie3dt.default\extensions\testpilot@labs.mozilla.com.xpi
[2011/08/11 08:17:18 | 000,473,887 | ---- | M] () (No name found) -- C:\Users\Slavicek\AppData\Roaming\mozilla\firefox\profiles\cksie3dt.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
[2011/04/02 13:20:40 | 000,164,858 | ---- | M] () (No name found) -- C:\Users\Slavicek\AppData\Roaming\mozilla\firefox\profiles\cksie3dt.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi
[2011/07/17 18:54:06 | 000,097,169 | ---- | M] () (No name found) -- C:\Users\Slavicek\AppData\Roaming\mozilla\firefox\profiles\cksie3dt.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi
[2011/07/02 15:06:16 | 000,608,840 | ---- | M] () (No name found) -- C:\Users\Slavicek\AppData\Roaming\mozilla\firefox\profiles\cksie3dt.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011/03/11 22:24:44 | 000,417,717 | ---- | M] () (No name found) -- C:\Users\Slavicek\AppData\Roaming\mozilla\firefox\profiles\cksie3dt.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2011/06/27 18:38:48 | 000,565,069 | ---- | M] () (No name found) -- C:\Users\Slavicek\AppData\Roaming\mozilla\firefox\profiles\cksie3dt.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2011/03/11 12:27:56 | 000,155,040 | ---- | M] () (No name found) -- C:\Users\Slavicek\AppData\Roaming\mozilla\firefox\profiles\cksie3dt.default\extensions\{FFA36170-80B1-4535-B0E3-A4569E497DD0}.xpi
[2012/06/09 05:44:21 | 000,002,402 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\mozilla\firefox\profiles\cksie3dt.default\searchplugins\askcom.xml
[2008/09/01 18:30:00 | 000,001,303 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\mozilla\firefox\profiles\cksie3dt.default\searchplugins\seznam.xml
[2013/06/13 10:40:11 | 000,000,904 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\mozilla\firefox\profiles\cksie3dt.default\searchplugins\yahoo.xml
[2011/10/01 09:18:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/08/07 17:28:20 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/08/29 10:54:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2013/08/07 17:28:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/08/07 17:28:21 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/12/17 18:18:57 | 000,000,000 | ---D | M] (pdfforge Toolbar) -- C:\PROGRAM FILES (X86)\PDFFORGE TOOLBAR\FF
[2011/06/16 05:53:46 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/07/11 22:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010/01/01 09:00:00 | 000,001,583 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\atlas-sk.xml
[2010/01/01 09:00:00 | 000,001,380 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\azet-sk.xml
[2010/01/01 09:00:00 | 000,001,479 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\dunaj-sk.xml
[2011/07/12 11:33:38 | 000,001,088 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\search.xml
[2010/01/01 09:00:00 | 000,001,473 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slovnik-sk.xml
[2010/01/01 09:00:00 | 000,001,104 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-sk.xml
[2010/01/01 09:00:00 | 000,000,830 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\zoznam-sk.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Chrome IE Tab (Enabled) = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\3.5.14.1_0\plugin/blackfishietab.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - Extension: Google Translate = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.5_0\
CHR - Extension: TooManyTabs for Chrome = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp\2.0.0_0\
CHR - Extension: SmoothGestures: Plugin = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apagmdofhjomjncpiebpaaonngppcpcl\0.8_1\
CHR - Extension: Session Manager = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi\0.4_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Email = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Slovn\u00EDk = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0\
CHR - Extension: YouTube = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: FlashBlock = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdngiadmnkhgemkimkhiilgffbjijcie\1.2.11.10_0\
CHR - Extension: Copy Without Formatting = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekbgkmeapobkbadclnkjfjdbpbcaobd\0.31_0\
CHR - Extension: Adblock Plus = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0\
CHR - Extension: H\u013Eada\u0165 v Google = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: SmoothGestures: Plugin = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfjpomofbadillhmdjcjfbbdghgikmac\0.9.1_0\
CHR - Extension: Autocomplete = on = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecpgkdflcnofdbbkiggklcfmgbnbabhh\1.0_0\
CHR - Extension: Recent History = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbmkfdfomhhlonpbnpiibloacemdhjjm\2.1.4.1_0\
CHR - Extension: Better Battlelog (BBLog) = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbnkmpcicaafjhmnhiblopefjfacnmem\3.8.0_0\
CHR - Extension: Close Tabs = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gadafnnkijfmbbmeielphlapddbmgbgo\1.1_0\
CHR - Extension: AdBlock = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0\
CHR - Extension: LastPass = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\3.0.20_0\
CHR - Extension: IE Tab = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\5.12.17.1_0\
CHR - Extension: CrxMouse = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgkpaicikihijadgifklkbpdajbkhjo\2.7.3_0\
CHR - Extension: Gestures for Google Chrome\u2122 = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkfjicglakibpenojifdiepckckakgk\1.13.4_0\
CHR - Extension: Smooth Gestures = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfkgmnnajiljnolcgolmmgnecgldgeld\0.17.14_0\
CHR - Extension: Download Assistant = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfjkgbjaikamkkojmakjclmkianficch\5.0.2_0\
CHR - Extension: Pe\u0148a\u017Eenka Google = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Social Disconnection = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocgdombbghiaamheoibcbmgniphmedhe\1.1_0\
CHR - Extension: Auto Login = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeoibdmcpaofjgcdncagknlmlmngkgfm\1.5.1_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0\
CHR - Extension: Antisocial = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pghncadecdbeoiklgemofaoampiiicmn\0.2.4_0\
CHR - Extension: Gmail = C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - c:\Program Files (x86)\pdfforge Toolbar\IE\8.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - c:\Program Files (x86)\pdfforge Toolbar\IE\8.5\pdfforgeToolbarIE64.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - c:\Program Files (x86)\pdfforge Toolbar\IE\8.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
O4:64bit: - HKLM..\Run: [AutoKMS] C:\Windows\AutoKMS.exe ()
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [HWiNFO64] C:\Program Files\HWiNFO64\HWiNFO64.EXE (REALiX)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [SearchSettings] c:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1004605396-3039704758-1652441973-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-1004605396-3039704758-1652441973-1000..\Run: [HP Deskjet 3510 series (NET)] C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKU\S-1-5-21-1004605396-3039704758-1652441973-1000..\Run: [Windows Drivers] C:\ProgramData\WinUpdate\windrv.exe ()
O4 - HKU\S-1-5-21-1004605396-3039704758-1652441973-1000..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE (ZONER software)
O4 - HKU\S-1-5-21-1004605396-3039704758-1652441973-1000..\Run: [Zoner Photo Studio Service 16] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe" File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MSIAfterburner - odkaz.lnk = C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe ()
O4 - Startup: C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\speedfan - odkaz.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe (Almico Software (http://www.almico.com))
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-1004605396-3039704758-1652441973-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9810D9DF-7CFB-4793-8B29-504676C1B0F3}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/04/14 22:54:30 | 000,000,166 | ---- | M] () - G:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

Re: Winlog.exe CPU usage 40%, GPU Usage 90%

Napsal: 21 pro 2013 12:49
od durod
CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.aacacm - AACACM.acm (fccHandler)
Drivers32:64bit: msacm.ac3acm - ac3acm.acm (fccHandler)
Drivers32:64bit: msacm.ac3filter - ac3filter.acm ()
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.l3pacm - l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FFDS - ff_vfw.dll ()
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: VIDC.LAGS - lagarith.dll ( )
Drivers32:64bit: VIDC.MLCY - mlc.dll ()
Drivers32:64bit: vidc.x264 - x264vfw.dll ()
Drivers32: msacm.aacacm - C:\Windows\SysWow64\AACACM.acm (fccHandler)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3pacm - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.LAGS - C:\Windows\SysWow64\lagarith.dll ( )
Drivers32: VIDC.MLCY - C:\Windows\SysWow64\mlc.dll ()
Drivers32: VIDC.RTV1 - C:\Windows\SysWow64\rtvcvfw32.dll ()
Drivers32: VIDC.X264 - C:\Windows\SysWow64\x264vfw.dll ()

SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013/12/21 12:23:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Slavicek\Desktop\OTL.exe
[2013/12/21 11:33:33 | 000,000,000 | ---D | C] -- C:\Users\Slavicek\Documents\Stasznost
[2013/12/20 22:54:29 | 000,000,000 | ---D | C] -- C:\FRST
[2013/12/20 22:54:13 | 002,193,141 | ---- | C] (Farbar) -- C:\Users\Slavicek\Desktop\FRST64.exe
[2013/12/20 22:54:13 | 000,112,640 | ---- | C] (forum.viry.cz) -- C:\Users\Slavicek\Desktop\FRSTLauncher.exe
[2013/12/20 18:38:38 | 000,000,000 | ---D | C] -- C:\Users\Slavicek\AppData\Roaming\TeamViewer
[2013/12/20 18:36:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2013/12/20 16:44:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2013/12/19 09:56:34 | 000,000,000 | ---D | C] -- C:\Users\Slavicek\.objectdb
[2013/12/19 09:56:33 | 000,000,000 | ---D | C] -- C:\Users\Slavicek\AppData\Roaming\VitySoft
[2013/12/19 09:56:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/12/19 09:56:19 | 000,312,744 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013/12/19 09:56:17 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013/12/19 09:56:17 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013/12/19 09:56:17 | 000,108,968 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013/12/19 09:56:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/12/19 09:56:13 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/12/18 20:27:58 | 000,025,640 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2013/12/18 19:57:53 | 000,000,000 | ---D | C] -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
[2013/12/18 18:35:47 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/12/18 18:35:47 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2013/12/18 18:35:46 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/12/18 18:35:46 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/12/18 18:35:46 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/12/18 18:35:46 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013/12/18 18:35:46 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/12/18 18:35:46 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2013/12/18 18:35:46 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/12/18 18:35:45 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/12/18 18:35:45 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013/12/18 18:35:45 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/12/18 18:35:45 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013/12/18 18:35:44 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/12/18 18:35:43 | 001,995,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/12/18 18:35:40 | 005,769,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/12/18 14:52:55 | 000,000,000 | ---D | C] -- C:\Users\Slavicek\Documents\Vakcina
[2013/12/18 14:20:37 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013/12/18 10:57:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2013/12/18 08:27:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
[2013/12/18 08:24:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MaxPayn3
[2013/12/18 08:02:05 | 000,000,000 | ---D | C] -- C:\Users\Slavicek\Documents\Rockstar Games
[2013/12/17 21:39:20 | 000,000,000 | ---D | C] -- C:\ProgramData\WinUpdate
[2013/12/17 21:35:23 | 000,000,000 | ---D | C] -- C:\Users\Slavicek\AppData\Roaming\dclogs
[2013/12/17 18:18:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spigot
[2013/12/17 18:18:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\pdfforge Toolbar
[2013/12/17 18:18:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2013/12/17 15:54:16 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2013/12/17 15:52:47 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/12/17 15:52:47 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/12/17 15:52:45 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/12/17 15:52:45 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/12/17 15:52:45 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2013/12/17 15:52:45 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/12/17 15:52:45 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2013/12/17 15:52:45 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/12/17 15:52:45 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/12/17 15:52:45 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/12/17 15:52:45 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/12/17 15:52:45 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/12/17 15:52:45 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/12/17 15:52:45 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/12/17 15:52:45 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/12/17 15:52:45 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/12/17 15:52:45 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/12/17 15:52:45 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/12/17 15:52:45 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/12/17 15:52:45 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/12/17 15:52:45 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/12/17 15:52:45 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/12/17 15:52:45 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/12/17 15:52:45 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/12/17 15:52:45 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/12/17 15:52:45 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/12/17 15:52:45 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/12/17 15:52:45 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/12/17 15:52:45 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/12/17 15:52:45 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/12/17 15:52:45 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/12/17 15:52:45 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/12/17 15:52:45 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/12/17 15:52:45 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/12/17 15:52:45 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/12/17 15:52:45 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/12/17 15:52:45 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/12/17 15:52:45 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/12/17 15:52:45 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/12/17 15:52:45 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2013/12/17 15:52:45 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/12/17 15:52:45 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/12/17 15:52:45 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/12/17 15:52:45 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/12/17 15:52:45 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/12/17 15:52:45 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/12/17 15:52:45 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/12/17 15:52:45 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/12/17 15:52:45 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/12/17 15:52:45 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2013/12/17 15:52:45 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/12/17 15:52:45 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/12/17 15:52:45 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2013/12/17 15:52:45 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/12/17 15:52:45 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/12/17 15:52:45 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/12/17 15:52:45 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2013/12/17 15:52:45 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2013/12/17 15:52:45 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/12/17 15:52:45 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/12/17 15:52:45 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/12/17 15:52:45 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/12/17 15:52:45 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/12/17 15:52:45 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/12/16 21:11:34 | 029,337,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013/12/16 21:11:34 | 022,102,304 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013/12/16 21:11:34 | 015,703,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013/12/16 21:11:34 | 013,628,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013/12/16 21:11:34 | 009,281,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013/12/16 21:11:34 | 007,720,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013/12/16 21:11:34 | 007,648,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013/12/16 21:11:34 | 006,329,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013/12/16 21:11:34 | 002,970,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013/12/16 21:11:34 | 002,789,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013/12/16 21:11:34 | 002,367,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013/12/16 21:11:34 | 002,007,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013/12/16 21:11:34 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2013/12/16 21:11:34 | 001,222,824 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2013/12/16 21:11:34 | 000,681,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2013/12/16 21:11:34 | 000,603,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2013/12/16 21:11:34 | 000,586,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2013/12/16 21:11:34 | 000,515,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2013/12/16 21:11:34 | 000,458,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2013/12/16 21:11:34 | 000,388,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2013/12/16 21:11:34 | 000,317,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2013/12/16 21:11:34 | 000,266,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2013/12/16 21:11:34 | 000,196,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2013/12/16 21:11:34 | 000,168,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2013/12/16 21:11:34 | 000,141,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2013/12/16 21:11:34 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2013/12/16 21:11:33 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013/12/16 21:11:33 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013/12/16 20:24:21 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2013/12/16 20:24:21 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2013/12/16 16:16:49 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2013/12/16 16:16:49 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2013/12/16 16:16:49 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2013/12/16 16:16:47 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2013/12/16 16:14:51 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2013/12/16 16:09:50 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/12/16 16:09:50 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/12/16 16:09:50 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2013/12/16 16:09:48 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/12/16 16:09:46 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013/12/16 16:09:46 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/12/16 16:09:46 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2013/12/16 16:09:46 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2013/12/16 16:09:46 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013/12/16 16:09:45 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013/12/16 16:09:44 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013/12/16 16:09:44 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2013/12/16 16:09:44 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2013/12/16 16:09:44 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2013/12/16 16:09:43 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013/12/16 16:09:41 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2013/12/16 16:09:41 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2013/12/16 16:09:41 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2013/12/16 16:09:40 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013/12/16 16:09:40 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2013/12/16 16:09:40 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2013/12/16 16:09:40 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013/12/16 16:09:40 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2013/12/16 16:09:40 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2013/12/16 16:09:40 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013/12/16 16:09:40 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2013/12/16 16:09:40 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013/12/16 16:09:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2013/12/16 16:09:39 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2013/12/16 16:09:39 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2013/12/16 16:09:38 | 005,549,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/12/16 16:09:38 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2013/12/16 16:09:37 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/12/16 16:09:37 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/12/16 16:09:37 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2013/12/16 16:09:37 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2013/12/16 16:09:36 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/12/16 16:09:36 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/12/16 16:09:35 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/12/16 16:09:35 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/12/16 16:09:35 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/12/16 16:09:35 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/12/16 16:09:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/12/16 16:09:34 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
[2013/12/16 16:09:33 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2013/12/16 16:09:33 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2013/12/16 16:09:33 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2013/12/16 16:09:33 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2013/12/16 16:09:32 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2013/12/16 16:09:32 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2013/12/16 16:09:32 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2013/12/16 16:09:32 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2013/12/16 16:09:32 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2013/12/16 16:08:58 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2013/12/16 16:08:58 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2013/12/16 16:08:58 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2013/12/16 16:08:58 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2013/03/01 12:04:43 | 001,061,344 | ---- | C] (techPowerUp (www.techpowerup.com)) -- C:\Program Files (x86)\GPU-Z.0.6.4.exe
[9 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[5 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Slavicek\Documents\*.tmp files -> C:\Users\Slavicek\Documents\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013/12/21 12:26:28 | 000,782,470 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/12/21 12:26:28 | 000,654,812 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/12/21 12:26:28 | 000,122,684 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/12/21 12:26:20 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/12/21 12:22:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Slavicek\Desktop\OTL.exe
[2013/12/21 12:21:35 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/12/21 12:21:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/12/21 12:10:11 | 000,025,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/12/21 12:10:11 | 000,025,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/12/21 11:34:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/12/21 11:28:00 | 000,000,958 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1004605396-3039704758-1652441973-1000UA.job
[2013/12/20 22:53:55 | 000,112,640 | ---- | M] (forum.viry.cz) -- C:\Users\Slavicek\Desktop\FRSTLauncher.exe
[2013/12/20 22:53:01 | 002,193,141 | ---- | M] (Farbar) -- C:\Users\Slavicek\Desktop\FRST64.exe
[2013/12/20 21:55:36 | 000,000,146 | ---- | M] () -- C:\Users\Slavicek\Desktop\Zvuk - odkaz.lnk
[2013/12/20 21:34:02 | 000,350,688 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/12/20 18:36:42 | 000,001,173 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2013/12/20 16:28:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1004605396-3039704758-1652441973-1000Core.job
[2013/12/19 09:56:15 | 000,108,968 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013/12/19 09:56:14 | 000,312,744 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013/12/19 09:56:14 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013/12/19 09:56:13 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013/12/18 20:27:58 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2013/12/18 19:57:53 | 000,002,588 | ---- | M] () -- C:\Users\Slavicek\Desktop\Windows 7 USB DVD Download Tool.lnk
[2013/12/18 14:22:08 | 000,234,010 | ---- | M] () -- C:\Windows\SysNative\poclbm130302GeForceGTX670gv1w256l4pOpenCL1_1CUDA4_2_1.bin
[2013/12/18 14:20:37 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013/12/18 10:57:51 | 000,001,957 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2013/12/18 10:57:22 | 000,381,440 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2013/12/18 08:24:22 | 000,000,752 | ---- | M] () -- C:\Users\Public\Desktop\Max Payne 3.lnk
[2013/12/17 17:19:23 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/12/17 17:19:23 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/12/17 15:52:47 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/12/17 15:52:47 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/12/17 15:52:45 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/12/17 15:52:45 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/12/17 15:52:45 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2013/12/17 15:52:45 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/12/17 15:52:45 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2013/12/17 15:52:45 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/12/17 15:52:45 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/12/17 15:52:45 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/12/17 15:52:45 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/12/17 15:52:45 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/12/17 15:52:45 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/12/17 15:52:45 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/12/17 15:52:45 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/12/17 15:52:45 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/12/17 15:52:45 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/12/17 15:52:45 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/12/17 15:52:45 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/12/17 15:52:45 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/12/17 15:52:45 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/12/17 15:52:45 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/12/17 15:52:45 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/12/17 15:52:45 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/12/17 15:52:45 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/12/17 15:52:45 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/12/17 15:52:45 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/12/17 15:52:45 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/12/17 15:52:45 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/12/17 15:52:45 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/12/17 15:52:45 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/12/17 15:52:45 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/12/17 15:52:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/12/17 15:52:45 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/12/17 15:52:45 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/12/17 15:52:45 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/12/17 15:52:45 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/12/17 15:52:45 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/12/17 15:52:45 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/12/17 15:52:45 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2013/12/17 15:52:45 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/12/17 15:52:45 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/12/17 15:52:45 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/12/17 15:52:45 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/12/17 15:52:45 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/12/17 15:52:45 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/12/17 15:52:45 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/12/17 15:52:45 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/12/17 15:52:45 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/12/17 15:52:45 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2013/12/17 15:52:45 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/12/17 15:52:45 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/12/17 15:52:45 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2013/12/17 15:52:45 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/12/17 15:52:45 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/12/17 15:52:45 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/12/17 15:52:45 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2013/12/17 15:52:45 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2013/12/17 15:52:45 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/12/17 15:52:45 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/12/17 15:52:45 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/12/17 15:52:45 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/12/17 15:52:45 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/12/17 15:52:45 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/12/17 15:52:45 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/12/17 15:52:45 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/12/16 16:15:27 | 000,767,492 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[9 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[5 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Slavicek\Documents\*.tmp files -> C:\Users\Slavicek\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/12/21 12:26:20 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/12/20 21:55:36 | 000,000,146 | ---- | C] () -- C:\Users\Slavicek\Desktop\Zvuk - odkaz.lnk
[2013/12/20 18:36:42 | 000,001,185 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
[2013/12/20 18:36:42 | 000,001,173 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2013/12/18 19:57:53 | 000,002,588 | ---- | C] () -- C:\Users\Slavicek\Desktop\Windows 7 USB DVD Download Tool.lnk
[2013/12/18 14:22:08 | 000,234,010 | ---- | C] () -- C:\Windows\SysNative\poclbm130302GeForceGTX670gv1w256l4pOpenCL1_1CUDA4_2_1.bin
[2013/12/18 10:57:51 | 000,001,957 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2013/12/18 08:24:22 | 000,000,752 | ---- | C] () -- C:\Users\Public\Desktop\Max Payne 3.lnk
[2013/12/17 15:52:45 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/12/17 15:52:45 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/09/26 15:06:00 | 001,487,859 | ---- | C] () -- C:\Windows\unins000.exe
[2013/09/26 15:06:00 | 000,007,861 | ---- | C] () -- C:\Windows\unins000.dat
[2013/08/13 16:21:27 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/08/04 20:28:49 | 000,167,236 | ---- | C] () -- C:\Windows\Chytrá angličtina - DEMO Uninstaller.exe
[2013/05/24 17:07:33 | 000,000,037 | -HS- | C] () -- C:\Users\Slavicek\AppData\Local\70149b02515b3bb20dd492.47983420
[2013/04/13 11:20:33 | 000,290,184 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/04/13 11:20:08 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/03/01 11:59:03 | 000,615,936 | ---- | C] () -- C:\Windows\AutoKMS.exe
[2013/03/01 11:59:03 | 000,000,161 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2012/12/24 20:24:33 | 000,000,394 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/11/27 05:58:24 | 004,316,160 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2012/11/19 21:00:00 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012/09/07 16:00:02 | 000,582,656 | ---- | C] () -- C:\Users\Slavicek\AppData\Local\file__0.localstorage
[2012/07/03 02:28:06 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/06/10 01:21:56 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/05/22 00:28:58 | 000,155,648 | ---- | C] () -- C:\Windows\SysWow64\mlc.dll
[2012/03/19 17:42:36 | 000,023,119 | ---- | C] () -- C:\Users\Slavicek\AppData\Local\SRDownloader.err
[2012/03/19 17:19:51 | 000,001,104 | ---- | C] () -- C:\Users\Slavicek\AppData\Local\SRDownloader.nast
[2012/03/13 18:44:48 | 000,000,012 | ---- | C] () -- C:\ProgramData\ReminderNextRun
[2012/02/26 14:51:38 | 000,000,016 | ---- | C] () -- C:\Windows\SCNDRVU.INI
[2012/02/15 03:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/02/15 03:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/12/30 14:49:21 | 000,000,057 | ---- | C] () -- C:\Windows\SysWow64\imon1.dat
[2011/06/02 16:01:55 | 000,007,593 | ---- | C] () -- C:\Users\Slavicek\AppData\Local\Resmon.ResmonCfg

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/01/10 11:45:45 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Babylon
[2011/06/24 16:31:29 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\BluePeak-de
[2012/11/20 20:55:43 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\DAEMON Tools Lite
[2013/12/18 07:29:16 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\dclogs
[2012/05/11 09:04:04 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\ESET
[2013/09/28 19:29:35 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\FreeCall
[2012/09/26 19:15:34 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\GHISLER
[2012/12/06 11:30:10 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Mael
[2012/08/13 12:30:08 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\MapFactor
[2011/09/17 17:07:30 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\mkvtoolnix
[2011/10/17 13:18:37 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Orbit
[2013/07/31 09:21:57 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Origin
[2012/06/09 05:44:15 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\PlatinumHideIP
[2011/10/17 13:18:24 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\ProgSense
[2011/07/03 12:54:16 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\PunkBuster
[2012/12/25 12:29:02 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Shark007
[2013/12/20 18:38:38 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\TeamViewer
[2012/11/22 06:23:08 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Theta
[2012/03/22 20:31:37 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\ts3overlay
[2012/07/12 15:02:50 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Ubisoft
[2013/12/19 09:56:33 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\VitySoft
[2012/12/25 13:18:56 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Win7codecs
[2011/06/02 16:39:56 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Windows SideBar
[2012/06/15 16:50:26 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\XRay Engine
[2012/08/14 10:22:32 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\YourFileDownloader
[2013/09/18 09:51:23 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Zoner

========== Purity Check ==========



========== Custom Scans ==========

========== Drive Information ==========

Re: Winlog.exe CPU usage 40%, GPU Usage 90%

Napsal: 21 pro 2013 12:53
od durod
Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: KINGSTON SVP100S296G
Partitions: 1
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD6400AAKS-75A7B0
Partitions: 3
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE2 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD10EALS-00Z8A0
Partitions: 2
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE3 - Removable Media
Interface type: USB
Media Type: Removable Media
Model: Kingston DT 100 G2 USB Device
Partitions: 1
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 89,00GB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #1, Partition #0
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 376,00GB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #1, Partition #1
PartitionType: Extended w/Extended Int 13
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 220,00GB
Starting Offset: 404019478528
Hidden sectors: 0


DeviceID: Disk #2, Partition #0
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 346,00GB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #2, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 586,00GB
Starting Offset: 371057491968
Hidden sectors: 0


DeviceID: Disk #3, Partition #0
PartitionType: Unknown
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 7,00GB
Starting Offset: 32256
Hidden sectors: 0

[2013/03/01 11:52:43 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2013/12/19 09:56:23 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2009/07/14 08:07:31 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Default
[2011/07/12 11:21:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\AKLogData64
[2013/07/31 08:24:40 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\{FD433863-51C6-4D7C-9193-D0644A854F23}
[2009/07/14 06:32:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Microsoft\WwanSvc
[2010/11/21 16:10:29 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2009/07/14 06:32:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Microsoft\WwanSvc\Profiles
[2009/07/14 04:20:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Default\AppData
[2012/12/25 14:56:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Mcx1-SLAVICEK-PC\AppData
[2012/12/25 14:56:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Mcx1-SLAVICEK-PC\AppData\Local\Microsoft\Media Player\Vyrovnávacia pamäť pre obaly albumov
[2013/12/20 18:36:42 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Public\Desktop
[2009/07/14 03:34:59 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Public\Favorites
[2012/12/25 14:58:23 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Public\Libraries
[2011/11/15 13:18:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Public\Recorded TV\TempRec
[2011/06/15 18:04:50 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Slavicek\AppData
[2011/06/14 10:22:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Slavicek\AppData\Local\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
[2013/12/08 19:47:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Slavicek\AppData\Local\Microsoft\Device Metadata\dmrccache\downloads
[2011/06/02 10:48:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Slavicek\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2011/06/02 10:48:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Slavicek\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
[2011/06/02 12:58:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Slavicek\AppData\Local\Microsoft\Media Player\Vyrovnávacia pamäť pre obaly albumov
[2011/06/02 10:41:29 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Slavicek\AppData\Local\Microsoft\Windows\Burn\Burn
[2011/10/13 14:28:22 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Slavicek\AppData\Local\Microsoft\Windows\Burn\Burn1
[2013/10/13 16:31:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Slavicek\AppData\Local\Microsoft\Windows\Dočasné internetové súbory\Content.MSO
[2013/12/21 11:28:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Slavicek\AppData\Local\Microsoft\Windows\Dočasné internetové súbory\Content.Word
[2013/03/13 18:16:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Slavicek\AppData\Local\Microsoft\Windows\Dočasné internetové súbory\Virtualized
[2013/10/04 10:12:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Slavicek\AppData\Roaming\FreeCall\slavicek.patolog\My Display Pictures
[2011/08/12 11:00:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Slavicek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/12/17 17:18:50 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Slavicek\AppData\Roaming\Microsoft\Windows\DNTException\Low
[2013/04/24 16:32:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Slavicek\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
[2013/03/13 18:16:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Slavicek\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low
[2013/03/13 18:16:19 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Slavicek\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
[2011/06/12 12:49:00 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Slavicek\Documents\ZPS13\_@Keywords
[2012/03/31 15:33:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\UpdatusUser\AppData
[2013/12/18 20:28:26 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/06/02 15:20:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2013/02/16 17:17:15 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\EAInstaller
[2013/09/14 20:12:04 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 3
[2013/02/16 11:17:47 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\EAInstaller\Crysis 3 MP Open Beta
[2013/03/21 22:59:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\EAInstaller\Dead Space 3
[2011/07/12 11:21:35 | 000,000,000 | -H-D | M] -- C:\ProgramData\AKLogData64
[2013/07/31 08:24:40 | 000,000,000 | -H-D | M] -- C:\ProgramData\{FD433863-51C6-4D7C-9193-D0644A854F23}
[2009/07/14 06:32:38 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc
[2010/11/21 16:10:29 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2009/07/14 06:32:38 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\Profiles
[2009/07/14 08:07:31 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2011/07/12 11:21:35 | 000,000,000 | -H-D | M] -- C:\Users\All Users\AKLogData64
[2013/07/31 08:24:40 | 000,000,000 | -H-D | M] -- C:\Users\All Users\{FD433863-51C6-4D7C-9193-D0644A854F23}
[2009/07/14 06:32:38 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc
[2010/11/21 16:10:29 | 000,000,000 | RH-D | M] -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2009/07/14 06:32:38 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\Profiles
[2009/07/14 04:20:08 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2012/12/25 14:56:08 | 000,000,000 | -H-D | M] -- C:\Users\Mcx1-SLAVICEK-PC\AppData
[2012/12/25 14:56:34 | 000,000,000 | -H-D | M] -- C:\Users\Mcx1-SLAVICEK-PC\AppData\Local\Microsoft\Media Player\Vyrovnávacia pamäť pre obaly albumov
[2013/12/20 18:36:42 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2009/07/14 03:34:59 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites
[2012/12/25 14:58:23 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2011/11/15 13:18:30 | 000,000,000 | -H-D | M] -- C:\Users\Public\Recorded TV\TempRec
[2011/06/15 18:04:50 | 000,000,000 | -H-D | M] -- C:\Users\Slavicek\AppData
[2011/06/14 10:22:32 | 000,000,000 | -H-D | M] -- C:\Users\Slavicek\AppData\Local\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
[2013/12/08 19:47:43 | 000,000,000 | -H-D | M] -- C:\Users\Slavicek\AppData\Local\Microsoft\Device Metadata\dmrccache\downloads
[2011/06/02 10:48:54 | 000,000,000 | -H-D | M] -- C:\Users\Slavicek\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2011/06/02 10:48:54 | 000,000,000 | -H-D | M] -- C:\Users\Slavicek\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
[2011/06/02 12:58:06 | 000,000,000 | -H-D | M] -- C:\Users\Slavicek\AppData\Local\Microsoft\Media Player\Vyrovnávacia pamäť pre obaly albumov
[2011/06/02 10:41:29 | 000,000,000 | RH-D | M] -- C:\Users\Slavicek\AppData\Local\Microsoft\Windows\Burn\Burn
[2011/10/13 14:28:22 | 000,000,000 | RH-D | M] -- C:\Users\Slavicek\AppData\Local\Microsoft\Windows\Burn\Burn1
[2013/10/13 16:31:58 | 000,000,000 | -H-D | M] -- C:\Users\Slavicek\AppData\Local\Microsoft\Windows\Dočasné internetové súbory\Content.MSO
[2013/12/21 11:28:11 | 000,000,000 | -H-D | M] -- C:\Users\Slavicek\AppData\Local\Microsoft\Windows\Dočasné internetové súbory\Content.Word
[2013/03/13 18:16:18 | 000,000,000 | -H-D | M] -- C:\Users\Slavicek\AppData\Local\Microsoft\Windows\Dočasné internetové súbory\Virtualized
[2013/10/04 10:12:44 | 000,000,000 | -H-D | M] -- C:\Users\Slavicek\AppData\Roaming\FreeCall\slavicek.patolog\My Display Pictures
[2011/08/12 11:00:22 | 000,000,000 | -H-D | M] -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/12/17 17:18:50 | 000,000,000 | -H-D | M] -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\DNTException\Low
[2013/04/24 16:32:34 | 000,000,000 | -H-D | M] -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
[2013/03/13 18:16:18 | 000,000,000 | -H-D | M] -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low
[2013/03/13 18:16:19 | 000,000,000 | -H-D | M] -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
[2011/06/12 12:49:00 | 000,000,000 | RH-D | M] -- C:\Users\Slavicek\Documents\ZPS13\_@Keywords
[2012/03/31 15:33:02 | 000,000,000 | -H-D | M] -- C:\Users\UpdatusUser\AppData
[2011/06/06 15:34:39 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData
[2012/08/13 09:12:10 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData
[2011/06/02 11:56:36 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Media Player\Vyrovnávacia pamäť pre obaly albumov
[2012/12/24 20:24:33 | 000,000,000 | -H-D | M] -- C:\Windows\SysNative\GroupPolicy

========== Base Services ==========
SRV:64bit: - [2009/07/14 02:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2013/02/27 06:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/14 02:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010/11/21 04:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010/11/21 04:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2013/09/25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/14 02:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/14 02:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012/07/04 23:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2013/07/09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013/07/09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/21 04:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/21 04:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/21 04:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011/03/03 07:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/14 02:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/14 02:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/14 02:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/14 02:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010/11/21 04:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/07/14 02:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/14 02:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/14 02:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/14 02:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012/10/03 18:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/14 02:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011/05/24 12:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/02/11 07:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2013/09/25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/14 02:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010/11/21 04:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/21 04:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/21 04:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2013/09/25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/07/14 02:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/11/21 04:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/21 04:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/21 04:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010/11/21 04:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/21 04:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/21 04:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/14 02:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/05/01 06:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/21 04:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/21 04:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/21 04:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/21 04:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/11/21 04:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/21 04:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/21 04:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/21 04:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/21 04:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/07/14 02:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/06/02 23:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010/11/21 04:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/14 02:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010/11/21 04:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

< >
[2009/07/14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 06:08:49 | 000,032,520 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/06/14 06:39:11 | 000,000,906 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004605396-3039704758-1652441973-1000Core.job
[2011/06/14 06:39:12 | 000,000,958 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004605396-3039704758-1652441973-1000UA.job
[2011/07/15 16:39:54 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011/07/15 16:39:54 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< MD5 for: ACPI.SYS >
[2010/11/21 04:23:47 | 000,334,208 | ---- | M] (Microsoft Corporation) MD5=D81D9E70B8A6DD14D42D7B4EFA65D5F2 -- C:\Windows\SysNative\drivers\acpi.sys
[2010/11/21 04:23:47 | 000,334,208 | ---- | M] (Microsoft Corporation) MD5=D81D9E70B8A6DD14D42D7B4EFA65D5F2 -- C:\Windows\SysNative\DriverStore\FileRepository\acpi.inf_amd64_neutral_aed2e7a487803437\acpi.sys
[2010/11/21 04:23:47 | 000,334,208 | ---- | M] (Microsoft Corporation) MD5=D81D9E70B8A6DD14D42D7B4EFA65D5F2 -- C:\Windows\winsxs\amd64_acpi.inf_31bf3856ad364e35_6.1.7601.17514_none_80aec972e4a75989\acpi.sys

< MD5 for: AFD.SYS >
[2011/12/28 04:59:24 | 000,498,688 | ---- | M] (Microsoft Corporation) MD5=1C7857B62DE5994A75B054A9FD4C3825 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17752_none_35e10b89752ee0f5\afd.sys
[2013/09/14 02:11:05 | 000,496,128 | ---- | M] (Microsoft Corporation) MD5=26EF7E0DF4EDCD898EB7A671529410B8 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.22457_none_366f8b668e482477\afd.sys
[2013/09/14 02:10:19 | 000,497,152 | ---- | M] (Microsoft Corporation) MD5=314C17917AC8523EC77A710215012A65 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.18264_none_35d81beb75355772\afd.sys
[2011/12/28 05:01:36 | 000,498,176 | ---- | M] (Microsoft Corporation) MD5=36A14FD1A23F57046361733B792CA8DB -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21887_none_364f3a028e605345\afd.sys
[2013/09/28 02:14:56 | 000,496,128 | ---- | M] (Microsoft Corporation) MD5=50AB05903CBEF298D135A943D4432E3C -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.22467_none_3664bb7a8e504068\afd.sys
[2013/09/28 02:09:10 | 000,497,152 | ---- | M] (Microsoft Corporation) MD5=79059559E89D06E8B80CE2944BE20228 -- C:\Windows\SysNative\drivers\afd.sys
[2013/09/28 02:09:10 | 000,497,152 | ---- | M] (Microsoft Corporation) MD5=79059559E89D06E8B80CE2944BE20228 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.18272_none_35cb4b6b753f40b5\afd.sys
[2010/11/21 04:24:08 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=D31DC7A16DEA4A9BAF179F3D6FBDB38C -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_360e4801750ca991\afd.sys
[2011/04/25 03:34:03 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=D5B031C308A409A0A576BFF4CF083D30 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_3618198975057170\afd.sys
[2011/04/25 04:09:35 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=F4AD06143EAC303F55D0E86C40802976 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_3695e61e8e2c13d4\afd.sys

< MD5 for: AGP440.SYS >
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010/11/21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CMD.EXE >
[2010/11/21 04:23:55 | 000,345,088 | ---- | M] (Microsoft Corporation) MD5=5746BD7E255DD6A8AFA06F7C42C1BA41 -- C:\Windows\SysNative\cmd.exe
[2010/11/21 04:23:55 | 000,345,088 | ---- | M] (Microsoft Corporation) MD5=5746BD7E255DD6A8AFA06F7C42C1BA41 -- C:\Windows\winsxs\amd64_microsoft-windows-commandprompt_31bf3856ad364e35_6.1.7601.17514_none_e932cc2c30fc13b0\cmd.exe
[2010/11/21 04:24:03 | 000,302,592 | ---- | M] (Microsoft Corporation) MD5=AD7B9C14083B52BC532FBA5948342B98 -- C:\Windows\SysWOW64\cmd.exe
[2010/11/21 04:24:03 | 000,302,592 | ---- | M] (Microsoft Corporation) MD5=AD7B9C14083B52BC532FBA5948342B98 -- C:\Windows\winsxs\wow64_microsoft-windows-commandprompt_31bf3856ad364e35_6.1.7601.17514_none_f387767e655cd5ab\cmd.exe

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012/06/02 05:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012/04/24 05:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010/11/21 04:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012/04/24 05:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2013/05/10 05:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013/05/13 05:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013/07/09 15:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2012/04/24 06:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2013/10/05 03:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2013/07/09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\SysNative\cryptsvc.dll
[2013/07/09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013/07/09 14:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013/07/09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013/07/09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2012/06/04 08:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2013/05/10 06:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013/05/11 06:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2012/06/02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012/06/02 06:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2010/11/21 04:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013/05/11 05:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2012/04/24 06:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2013/05/10 06:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013/05/13 06:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013/05/10 06:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2013/10/05 02:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2009/07/14 02:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\SysNative\csrss.exe
[2009/07/14 02:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe

< MD5 for: EXPLORER.EXE >
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: FASTFAT.SYS >
[2009/07/14 00:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- C:\Windows\SysNative\drivers\fastfat.sys
[2009/07/14 00:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- C:\Windows\winsxs\amd64_microsoft-windows-fat_31bf3856ad364e35_6.1.7600.16385_none_0aa81d2771152f86\fastfat.sys

< MD5 for: HAL.DLL >
[2010/11/21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: I8042PRT.SYS >
[2009/07/14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\SysNative\drivers\i8042prt.sys
[2009/07/14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\SysNative\DriverStore\FileRepository\keyboard.inf_amd64_neutral_0684fdc43059f486\i8042prt.sys
[2009/07/14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\SysNative\DriverStore\FileRepository\msmouse.inf_amd64_neutral_7a5f47d3150cc0eb\i8042prt.sys
[2009/07/14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bf\i8042prt.sys
[2009/07/14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\winsxs\amd64_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_aa28fd23ec0c39f9\i8042prt.sys

< MD5 for: IASTOR.SYS >
[2011/04/26 10:07:36 | 000,557,848 | ---- | M] (Intel Corporation) MD5=26CF4275034214ECEDD8EC17B0A18A99 -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Drivers\x64\iaStor.sys
[2011/10/17 14:55:32 | 000,559,384 | ---- | M] (Intel Corporation) MD5=8180A2392E732E8871589B54FAB6991F -- C:\Windows\SysNative\drivers\iaStor.sys
[2011/10/17 14:55:32 | 000,559,384 | ---- | M] (Intel Corporation) MD5=8180A2392E732E8871589B54FAB6991F -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_74f348dee3038044\iaStor.sys
[2011/04/26 09:57:06 | 000,461,080 | ---- | M] (Intel Corporation) MD5=9615DAF540B2C04DC871D10D7AE59F38 -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Drivers\x32\iaStor.sys

< MD5 for: IASTORV.SYS >
[2010/11/21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: KBDCLASS.SYS >
[2009/07/14 02:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- C:\Windows\SysNative\drivers\kbdclass.sys
[2009/07/14 02:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- C:\Windows\SysNative\DriverStore\FileRepository\keyboard.inf_amd64_neutral_0684fdc43059f486\kbdclass.sys
[2009/07/14 02:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bf\kbdclass.sys

< MD5 for: LSASS.EXE >
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011/11/17 07:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2013/09/25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\SysNative\lsass.exe
[2013/09/25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_042b9307739f26ed\lsass.exe
[2012/08/24 18:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012/06/04 08:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2011/11/17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011/11/17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011/11/17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2013/09/25 02:08:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=F021DAFB1F87616FCEBA159C2ED7042F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_04c503168cb026a0\lsass.exe

< MD5 for: NDIS.SYS >
[2012/08/22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012/08/22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012/08/22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010/11/21 04:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010/11/21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NTFS.SYS >
[2010/11/21 04:23:55 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=05D78AA5CB5F3F5C31160BDB955D0B7C -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_04972f2c338b23d4\ntfs.sys
[2011/03/11 07:19:20 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=87B104128D4D3BA3C13098BAEBF38082 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_04d11b5b4ce521d9\ntfs.sys
[2011/03/11 07:41:34 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=A2F74975097F52A00745F9637451FDD8 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_0459508233b9177f\ntfs.sys
[2013/04/12 15:16:02 | 001,686,888 | ---- | M] (Microsoft Corporation) MD5=A6AE4551BF8EED09FA3B6FCDF472F3E1 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.22297_none_04cd2f154ce71430\ntfs.sys
[2012/08/31 18:57:17 | 001,687,408 | ---- | M] (Microsoft Corporation) MD5=B2746D84DDF68D09B41B72DF745CCBA6 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.22104_none_052b7b9d4ca0cf8b\ntfs.sys
[2013/04/12 15:45:08 | 001,656,680 | ---- | M] (Microsoft Corporation) MD5=B98F8C6E31CD07B2E6F71F7F648E38C0 -- C:\Windows\SysNative\drivers\ntfs.sys
[2013/04/12 15:45:08 | 001,656,680 | ---- | M] (Microsoft Corporation) MD5=B98F8C6E31CD07B2E6F71F7F648E38C0 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.18127_none_048f41be3390b0cf\ntfs.sys
[2012/08/31 19:19:35 | 001,659,760 | ---- | M] (Microsoft Corporation) MD5=E453ACF4E7D44E5530B5D5F2B9CA8563 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17945_none_0477c74a33a2859a\ntfs.sys

< MD5 for: NTKRNLPA.EXE >
[2012/03/06 06:41:34 | 003,972,464 | ---- | M] (Microsoft Corporation) MD5=07B026E7A2C873D09F0073141EE2099E -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21936_none_6eadcec52b912d42\ntkrnlpa.exe
[2013/08/02 06:58:43 | 003,973,056 | ---- | M] (Microsoft Corporation) MD5=0F3ACFF7F3D87C319F7894EF7155609B -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22411_none_6ebe4ce52b859e8b\ntkrnlpa.exe
[2011/04/09 07:02:25 | 003,967,872 | ---- | M] (Microsoft Corporation) MD5=102A6182087B18C795664BCD22EB52E9 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17592_none_6ddf4b9812a7d84d\ntkrnlpa.exe
[2010/11/21 04:23:51 | 003,966,848 | ---- | M] (Microsoft Corporation) MD5=144BD78C6103C8616DE047B3532142DB -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17514_none_6e37cb8c12652b73\ntkrnlpa.exe
[2013/07/08 06:08:20 | 003,973,056 | ---- | M] (Microsoft Corporation) MD5=16A6C242C9B4DCA5A0B0FB7A95A75D70 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22379_none_6e856dc72baf13c2\ntkrnlpa.exe
[2013/08/02 02:59:30 | 003,968,960 | ---- | M] (Microsoft Corporation) MD5=1A9E4EE88B31750E5CA207424143F99C -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18229_none_6e31e0981268e843\ntkrnlpa.exe
[2011/11/19 12:11:29 | 003,971,440 | ---- | M] (Microsoft Corporation) MD5=2EDA0DCCF5F00CDB91A9ECBE45CB0B3D -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21863_none_6e8a5c3d2bac37e9\ntkrnlpa.exe
[2011/11/19 15:50:02 | 003,968,368 | ---- | M] (Microsoft Corporation) MD5=31C59B0CA08B1203E35D2BA19319279E -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17727_none_6e30004a126a8db7\ntkrnlpa.exe
[2011/06/23 06:55:25 | 003,967,872 | ---- | M] (Microsoft Corporation) MD5=3624D782F8B061B6FBA3A35E2FE53CFD -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21755_none_6e972ad72ba2517f\ntkrnlpa.exe
[2013/03/19 05:41:10 | 003,972,440 | ---- | M] (Microsoft Corporation) MD5=3DFCBEEE97DF8BBAA749CAACFC9C43E1 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22280_none_6e71995b2bbf4e7d\ntkrnlpa.exe
[2012/03/06 06:59:47 | 003,968,368 | ---- | M] (Microsoft Corporation) MD5=43711ABF8AE553A7B5FFFF61E60C419D -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17790_none_6ddd4ed012a99fed\ntkrnlpa.exe
[2013/08/29 02:51:45 | 003,969,472 | ---- | M] (Microsoft Corporation) MD5=482C8CD985C727C7C78A5E9B320947F0 -- C:\Windows\SysWOW64\ntkrnlpa.exe
[2013/08/29 02:51:45 | 003,969,472 | ---- | M] (Microsoft Corporation) MD5=482C8CD985C727C7C78A5E9B320947F0 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18247_none_6e1a402c127aed77\ntkrnlpa.exe
[2012/05/04 11:03:53 | 003,968,368 | ---- | M] (Microsoft Corporation) MD5=4A56DB06360F59130CAED69FA7526F0A -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17835_none_6e2331b012747421\ntkrnlpa.exe
[2013/01/05 06:00:15 | 003,967,848 | ---- | M] (Microsoft Corporation) MD5=660100CB90F344040EF57F52FC0681C3 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18044_none_6e173b82127da724\ntkrnlpa.exe
[2012/08/30 18:06:08 | 003,972,464 | ---- | M] (Microsoft Corporation) MD5=770FEEA2823E463D68E170D7EA6FAEBA -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22103_none_6ecb17b32b7bbdd3\ntkrnlpa.exe
[2012/08/30 18:12:02 | 003,968,880 | ---- | M] (Microsoft Corporation) MD5=7E1EC00B7D0D33A67DFC563574EEFF93 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17944_none_6e176360127d73e2\ntkrnlpa.exe
[2013/03/19 06:04:13 | 003,968,856 | ---- | M] (Microsoft Corporation) MD5=88355CFE81D381F93C74716DAA803587 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18113_none_6e36ace212663721\ntkrnlpa.exe
[2013/01/05 05:49:01 | 003,971,928 | ---- | M] (Microsoft Corporation) MD5=8E43161944CE6E3A1F2B2618B992A8CE -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22210_none_6ebd48cf2b868ae6\ntkrnlpa.exe
[2012/03/31 05:39:37 | 003,968,368 | ---- | M] (Microsoft Corporation) MD5=8F6D5704D7522AAB8B4B82C0D35D9184 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17803_none_6e41a0e0125deda0\ntkrnlpa.exe
[2012/03/31 05:37:34 | 003,971,952 | ---- | M] (Microsoft Corporation) MD5=93358348D0B79812CAAA83A1377E4449 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21955_none_6e972ea32ba24bcd\ntkrnlpa.exe
[2011/04/09 07:01:20 | 003,967,872 | ---- | M] (Microsoft Corporation) MD5=9CF7F5D025183FA10E130445BC071B70 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21701_none_6ec9394b2b7d606e\ntkrnlpa.exe
[2011/06/23 05:33:57 | 003,967,872 | ---- | M] (Microsoft Corporation) MD5=A4A8EF2ACE5FA5863AA0B04C9BBFECA7 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17640_none_6e135c8612811711\ntkrnlpa.exe
[2012/05/04 11:03:53 | 003,971,952 | ---- | M] (Microsoft Corporation) MD5=AFF886D9D718D3747E5031816C0DA7D2 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21987_none_6e78bf732bb8d24e\ntkrnlpa.exe
[2013/07/09 06:03:34 | 003,968,960 | ---- | M] (Microsoft Corporation) MD5=DD5F17D44E9966E7EA447AE8C4D12D6C -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18205_none_6e437f48125c4b05\ntkrnlpa.exe
[2013/08/29 02:58:44 | 003,973,568 | ---- | M] (Microsoft Corporation) MD5=EB6B2FB5EE07337C8B4F3A16CBC18BE3 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22436_none_6eadae7f2b915520\ntkrnlpa.exe

< MD5 for: NTOSKRNL.EXE >
[2011/11/19 12:11:28 | 003,916,656 | ---- | M] (Microsoft Corporation) MD5=00B12EA93ED392FBD09F07B63E926647 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21863_none_6e8a5c3d2bac37e9\ntoskrnl.exe
[2012/03/31 07:05:57 | 005,559,664 | ---- | M] (Microsoft Corporation) MD5=03B5C6DBA5A770CEEFD1615E380C6BC3 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17803_none_ca603c63cabb5ed6\ntoskrnl.exe
[2011/11/19 16:20:37 | 005,559,152 | ---- | M] (Microsoft Corporation) MD5=1AFFF8D5352AECEF2ECD47FFA02D7F7D -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17727_none_ca4e9bcdcac7feed\ntoskrnl.exe
[2010/11/21 04:23:51 | 003,911,040 | ---- | M] (Microsoft Corporation) MD5=2088D9994332583EDB3C561DE31EA5AD -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17514_none_6e37cb8c12652b73\ntoskrnl.exe
[2013/03/19 06:25:43 | 005,553,496 | ---- | M] (Microsoft Corporation) MD5=25F87CF0EAF38AD1D412E804AE00CE3B -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22280_none_ca9034dee41cbfb3\ntoskrnl.exe
[2012/05/04 12:06:22 | 005,559,664 | ---- | M] (Microsoft Corporation) MD5=2819BB6417B85D38169A4F151463A815 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17835_none_ca41cd33cad1e557\ntoskrnl.exe
[2012/03/31 05:39:37 | 003,913,072 | ---- | M] (Microsoft Corporation) MD5=28F44480E411C3DDF04B63F6560E6EF4 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17803_none_6e41a0e0125deda0\ntoskrnl.exe
[2013/03/19 06:04:10 | 003,913,560 | ---- | M] (Microsoft Corporation) MD5=2DFAB8C3C394E95D262E1325BDA5DFE4 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18113_none_6e36ace212663721\ntoskrnl.exe
[2012/03/31 05:37:33 | 003,916,656 | ---- | M] (Microsoft Corporation) MD5=2E02A17E8965AD671E4987E503AD38B1 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21955_none_6e972ea32ba24bcd\ntoskrnl.exe
[2013/01/05 05:49:01 | 003,916,648 | ---- | M] (Microsoft Corporation) MD5=2E083C7D9CA98B63FA8F8062874E9327 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22210_none_6ebd48cf2b868ae6\ntoskrnl.exe
[2013/07/08 06:22:06 | 005,554,624 | ---- | M] (Microsoft Corporation) MD5=3431F8C9C9B18EE536453FC55B87DA3E -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22379_none_caa4094ae40c84f8\ntoskrnl.exe
[2013/07/08 06:08:20 | 003,918,272 | ---- | M] (Microsoft Corporation) MD5=49248651E41EE81D4C1FFDE28FDC096C -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22379_none_6e856dc72baf13c2\ntoskrnl.exe
[2012/05/04 11:03:50 | 003,913,072 | ---- | M] (Microsoft Corporation) MD5=53483A0B2DE3617E832F1DBAF9620F39 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17835_none_6e2331b012747421\ntoskrnl.exe
[2012/08/30 18:06:07 | 003,917,168 | ---- | M] (Microsoft Corporation) MD5=5355A85D26EECFA3A68B1F55B0C59A20 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22103_none_6ecb17b32b7bbdd3\ntoskrnl.exe
[2012/03/06 06:59:41 | 003,913,072 | ---- | M] (Microsoft Corporation) MD5=53B4BDEA12A032EEC71E60B6BFF42F37 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17790_none_6ddd4ed012a99fed\ntoskrnl.exe
[2011/06/23 06:43:12 | 005,561,216 | ---- | M] (Microsoft Corporation) MD5=577841951E8BAD6EA8288106693CD39F -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17640_none_ca31f809cade8847\ntoskrnl.exe
[2012/03/06 06:41:34 | 003,916,656 | ---- | M] (Microsoft Corporation) MD5=57B7DE30C4E65AD19CA13AC3065EE60B -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21936_none_6eadcec52b912d42\ntoskrnl.exe
[2013/08/02 02:59:30 | 003,913,664 | ---- | M] (Microsoft Corporation) MD5=5D0325AEF9DE48330908EC2E2DB0359F -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18229_none_6e31e0981268e843\ntoskrnl.exe
[2011/04/09 07:02:25 | 003,912,576 | ---- | M] (Microsoft Corporation) MD5=5D21C487F79F8245E799071589E035BF -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17592_none_6ddf4b9812a7d84d\ntoskrnl.exe
[2013/08/02 07:26:09 | 005,554,624 | ---- | M] (Microsoft Corporation) MD5=5DA80B9D5EB7197AA99006C2DDD14E08 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22411_none_cadce868e3e30fc1\ntoskrnl.exe
[2013/08/02 03:23:53 | 005,550,528 | ---- | M] (Microsoft Corporation) MD5=63B563F1FC047AB3E21530DBBE773260 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18229_none_ca507c1bcac65979\ntoskrnl.exe
[2012/05/04 11:51:47 | 005,561,200 | ---- | M] (Microsoft Corporation) MD5=6A692DB27A943B463E97B749DD34F3DA -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21987_none_ca975af6e4164384\ntoskrnl.exe
[2013/01/05 06:53:43 | 005,553,512 | ---- | M] (Microsoft Corporation) MD5=6B0D9CF92C08D42533C12FC1A0B5403F -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18044_none_ca35d705cadb185a\ntoskrnl.exe
[2012/03/31 06:39:18 | 005,561,200 | ---- | M] (Microsoft Corporation) MD5=708A4C721CEE6B3845B5A54477D873CF -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21955_none_cab5ca26e3ffbd03\ntoskrnl.exe
[2011/11/19 13:04:17 | 005,561,200 | ---- | M] (Microsoft Corporation) MD5=70A2D18E0B2A1ADBAE90008684E030AC -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21863_none_caa8f7c0e409a91f\ntoskrnl.exe
[2013/03/19 05:41:07 | 003,916,632 | ---- | M] (Microsoft Corporation) MD5=80A652978002318C9723D43CFA618816 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22280_none_6e71995b2bbf4e7d\ntoskrnl.exe
[2013/08/29 02:51:45 | 003,914,176 | ---- | M] (Microsoft Corporation) MD5=813A7F5A2D6D366EB3FFB643B851BCE5 -- C:\Windows\SysWOW64\ntoskrnl.exe
[2013/08/29 02:51:45 | 003,914,176 | ---- | M] (Microsoft Corporation) MD5=813A7F5A2D6D366EB3FFB643B851BCE5 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18247_none_6e1a402c127aed77\ntoskrnl.exe
[2013/01/05 06:00:11 | 003,913,064 | ---- | M] (Microsoft Corporation) MD5=82FF919E9236B0137B5C7455B0E1418A -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18044_none_6e173b82127da724\ntoskrnl.exe
[2011/06/23 06:55:25 | 003,912,576 | ---- | M] (Microsoft Corporation) MD5=90EFDB506F6140EEA9DEE398D9449D86 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21755_none_6e972ad72ba2517f\ntoskrnl.exe
[2012/08/30 18:12:02 | 003,914,096 | ---- | M] (Microsoft Corporation) MD5=948F0B444CB6CC35FE5F9DE52420CB95 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17944_none_6e176360127d73e2\ntoskrnl.exe
[2013/08/29 02:58:41 | 003,918,272 | ---- | M] (Microsoft Corporation) MD5=998141EB656327F13B8EEC01BAADC5D4 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22436_none_6eadae7f2b915520\ntoskrnl.exe
[2011/04/09 07:50:20 | 005,562,240 | ---- | M] (Microsoft Corporation) MD5=99C2715F138E7ED2F489AB796DD3B53C -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21701_none_cae7d4cee3dad1a4\ntoskrnl.exe
[2013/07/09 06:03:34 | 003,913,664 | ---- | M] (Microsoft Corporation) MD5=9FA7BF625122CCAC90FCD307174D8CF3 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18205_none_6e437f48125c4b05\ntoskrnl.exe
[2012/08/30 19:02:58 | 005,562,736 | ---- | M] (Microsoft Corporation) MD5=A0D1C0E813A7C6E17C029375AC2ACE18 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22103_none_cae9b336e3d92f09\ntoskrnl.exe
[2013/01/05 06:42:37 | 005,554,536 | ---- | M] (Microsoft Corporation) MD5=A0F9F36C3F670053F9A2E9B9577CD1AB -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22210_none_cadbe452e3e3fc1c\ntoskrnl.exe
[2012/05/04 11:03:53 | 003,916,656 | ---- | M] (Microsoft Corporation) MD5=A37A39568C8EC9A17D1B7471445B81A8 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21987_none_6e78bf732bb8d24e\ntoskrnl.exe
[2013/03/19 07:04:06 | 005,550,424 | ---- | M] (Microsoft Corporation) MD5=AC3232ED772403D38D64C18CD5A66FBD -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18113_none_ca554865cac3a857\ntoskrnl.exe
[2012/03/06 07:53:37 | 005,559,152 | ---- | M] (Microsoft Corporation) MD5=BAA66E360105F79B5948A2FDAF3AA8FE -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17790_none_c9fbea53cb071123\ntoskrnl.exe
[2013/08/02 06:58:43 | 003,918,272 | ---- | M] (Microsoft Corporation) MD5=BE61C925CC1A1340840EFF07A5911612 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22411_none_6ebe4ce52b859e8b\ntoskrnl.exe
[2013/07/09 07:03:30 | 005,550,528 | ---- | M] (Microsoft Corporation) MD5=C19DCA1024135D5485E25AB1047F77BC -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18205_none_ca621acbcab9bc3b\ntoskrnl.exe
[2010/11/21 04:24:26 | 005,563,776 | ---- | M] (Microsoft Corporation) MD5=C6CEC3E6CC9842B73501C70AA64C00FE -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17514_none_ca56670fcac29ca9\ntoskrnl.exe
[2013/08/29 03:23:10 | 005,552,064 | ---- | M] (Microsoft Corporation) MD5=C842D8DC6E5BCD750FA50E4083CBBBEB -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22436_none_cacc4a02e3eec656\ntoskrnl.exe
[2011/06/23 06:22:01 | 005,561,728 | ---- | M] (Microsoft Corporation) MD5=CE6AF5EC2DB1567B6297ADCB56B39B5D -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21755_none_cab5c65ae3ffc2b5\ntoskrnl.exe
[2011/04/09 07:01:20 | 003,912,576 | ---- | M] (Microsoft Corporation) MD5=D385343510B75545EC5DB3A64C2D2492 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21701_none_6ec9394b2b7d606e\ntoskrnl.exe
[2011/04/09 08:02:55 | 005,562,240 | ---- | M] (Microsoft Corporation) MD5=D60D9BCEAE5870A67E6C167F4681877B -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17592_none_c9fde71bcb054983\ntoskrnl.exe
[2011/11/19 15:50:02 | 003,913,584 | ---- | M] (Microsoft Corporation) MD5=F0F0E99A65F598A1A7720F5111C4DA8F -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17727_none_6e30004a126a8db7\ntoskrnl.exe
[2011/06/23 05:33:57 | 003,912,576 | ---- | M] (Microsoft Corporation) MD5=FB58ABD5E1F75A2CF713C9DFF0EC0804 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17640_none_6e135c8612811711\ntoskrnl.exe
[2012/03/06 07:30:57 | 005,561,200 | ---- | M] (Microsoft Corporation) MD5=FCAB208AC0F7263A84EB627B1517E5AC -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21936_none_cacc6a48e3ee9e78\ntoskrnl.exe
[2012/08/30 19:03:45 | 005,559,664 | ---- | M] (Microsoft Corporation) MD5=FE905D59663E86BFE51623947B7425FD -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17944_none_ca35fee3cadae518\ntoskrnl.exe
[2013/08/29 03:17:48 | 005,549,504 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysNative\ntoskrnl.exe
[2013/08/29 03:17:48 | 005,549,504 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18247_none_ca38dbafcad85ead\ntoskrnl.exe

< MD5 for: NVRAID.SYS >
[2011/03/11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011/03/11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010/11/21 04:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010/11/21 04:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011/03/11 07:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys

Re: Winlog.exe CPU usage 40%, GPU Usage 90%

Napsal: 21 pro 2013 12:54
od durod
< MD5 for: NVSTOR.SYS >
[2011/03/11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: REGEDIT.EXE >
[2009/07/14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[2009/07/14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009/07/14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe
[2009/07/14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe

< MD5 for: SCECLI.DLL >
[2010/11/21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009/07/14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SMSS.EXE >
[2009/07/14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2013/03/19 03:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013/08/29 02:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2013/08/02 06:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013/07/08 03:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=E65601CF4BC0CF3718AFBE56A9AD846F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22379_none_0aae4fa7491b124a\smss.exe
[2013/03/19 04:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013/08/02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\SysNative\smss.exe
[2013/08/02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe

< MD5 for: SPOOLSV.EXE >
[2012/02/11 07:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=85DAA09A98C9286D4EA2BA8D0E644377 -- C:\Windows\SysNative\spoolsv.exe
[2012/02/11 07:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=85DAA09A98C9286D4EA2BA8D0E644377 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17777_none_3433cdb2d8563d50\spoolsv.exe
[2010/11/21 04:24:27 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=B96C17B5DC1424D56EEA3A99E97428CD -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_3471a890d8284f57\spoolsv.exe
[2012/02/11 07:20:28 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=B9D7A4858CF32A6A15D2763F1DE47E0E -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.21921_none_34ed7a43f150b682\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012/10/03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011/09/29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013/05/08 07:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013/09/08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013/09/08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2010/11/21 04:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013/09/07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012/08/22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012/03/30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011/04/25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2013/05/08 07:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2011/06/21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2012/03/30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013/07/06 06:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013/01/03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011/04/25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013/01/04 06:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012/10/03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013/07/06 07:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2011/06/21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2012/08/22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011/09/29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: TDX.SYS >
[2010/11/21 04:24:32 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806 -- C:\Windows\SysNative\drivers\tdx.sys
[2010/11/21 04:24:32 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806 -- C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_4863cdbaf2b532f8\tdx.sys

< MD5 for: USER32.DLL >
[2010/11/21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010/11/21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010/11/21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010/11/21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll

< MD5 for: USERINIT.EXE >
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WDF01000.SYS >
[2013/06/25 23:56:05 | 000,785,624 | ---- | M] (Microsoft Corporation) MD5=37CE6867FC4A6827009A713A9737262C -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.1.7601.22374_none_d4c1be724dda0cc7\Wdf01000.sys
[2009/07/14 02:45:55 | 000,654,928 | ---- | M] (Microsoft Corporation) MD5=441BD2D7B4F98134C3A4F9FA570FD250 -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.1.7600.16385_none_d24809e1379d1f91\Wdf01000.sys
[2012/07/26 05:55:47 | 000,785,512 | ---- | M] (Microsoft Corporation) MD5=442783E2CB0DA19873B7A63833FF4CB4 -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.1.7601.17803_none_d482f2fd34846558\Wdf01000.sys
[2012/07/26 05:55:47 | 000,785,512 | ---- | M] (Microsoft Corporation) MD5=442783E2CB0DA19873B7A63833FF4CB4 -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.1.7601.22004_none_d50d68344da151bb\Wdf01000.sys
[2013/06/25 23:55:52 | 000,785,624 | ---- | M] (Microsoft Corporation) MD5=E2C933EDBC389386EBE6D2BA953F43D8 -- C:\Windows\SysNative\drivers\Wdf01000.sys
[2013/06/25 23:55:52 | 000,785,624 | ---- | M] (Microsoft Corporation) MD5=E2C933EDBC389386EBE6D2BA953F43D8 -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.1.7601.18198_none_d426811134c90d14\Wdf01000.sys

< MD5 for: WIN32K.SYS >
[2012/01/14 05:00:52 | 003,148,288 | ---- | M] (Microsoft Corporation) MD5=0777AD78CEF3B17D12C3A1988282952B -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21898_none_1750a188ca8132fd\win32k.sys
[2012/07/18 18:22:09 | 003,151,360 | ---- | M] (Microsoft Corporation) MD5=0BEA3EEDF5DA0C2160EB8C4EAC18AAD2 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22060_none_1768e904ca7044db\win32k.sys
[2011/03/03 04:52:08 | 003,135,488 | ---- | M] (Microsoft Corporation) MD5=0E7FBAD1692AACF9E0FF7E6624CC8B4C -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17570_none_16d49e79b15a964b\win32k.sys
[2012/05/15 02:25:43 | 003,148,800 | ---- | M] (Microsoft Corporation) MD5=1D7EDEAD6891810BCF8566B2319A8B11 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21995_none_174da290ca83e41f\win32k.sys
[2012/01/14 05:06:27 | 003,145,728 | ---- | M] (Microsoft Corporation) MD5=275D3946B0EC22BA13FE299E97ABF606 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17762_none_16e172c5b150a756\win32k.sys
[2013/01/04 04:19:37 | 003,155,968 | ---- | M] (Microsoft Corporation) MD5=2E54977CED249DEBFBBFB205DD27C89C -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22209_none_17b2cef2ca377b92\win32k.sys
[2013/04/10 04:18:13 | 003,156,480 | ---- | M] (Microsoft Corporation) MD5=32B9233C4A7A4A546436A26E28FF8AA6 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22296_none_174e7ec8ca832b06\win32k.sys
[2011/11/24 05:45:10 | 003,146,752 | ---- | M] (Microsoft Corporation) MD5=338E48AB7810E1B223DFECD82C44F5A3 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21866_none_176f10b8ca6aac7c\win32k.sys
[2012/10/18 19:25:58 | 003,149,824 | ---- | M] (Microsoft Corporation) MD5=34B419EDEAC6F12B34908DE3758F98C9 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17977_none_16dba817b1543c48\win32k.sys
[2012/11/22 04:28:17 | 003,151,872 | ---- | M] (Microsoft Corporation) MD5=3BB7D9504A6BAB5E49DD503F005955E6 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22171_none_175f1b48ca77774a\win32k.sys
[2011/09/29 05:03:32 | 003,144,704 | ---- | M] (Microsoft Corporation) MD5=3C8CD264F784BD3BBA3F3A815BEBDE48 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17697_none_16c6028db1647cb5\win32k.sys
[2013/08/08 02:20:43 | 003,155,456 | ---- | M] (Microsoft Corporation) MD5=42A88ECF903BFE11411D188DCE830E84 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18233_none_1702c28db13794b8\win32k.sys
[2012/06/12 04:08:36 | 003,148,800 | ---- | M] (Microsoft Corporation) MD5=511166D3F5D7EBA36DE48C4F5E195886 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17860_none_16df7417b15271cf\win32k.sys
[2012/11/23 04:26:31 | 003,149,824 | ---- | M] (Microsoft Corporation) MD5=523B9B64F2B6C630A2E0A87116C05F12 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18010_none_17155dbbb12a1683\win32k.sys
[2013/01/04 04:26:48 | 003,153,408 | ---- | M] (Microsoft Corporation) MD5=59E21156113E438D1D91AF4FC0C3B19F -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18043_none_16f7eed5b13fb65b\win32k.sys
[2011/09/06 04:03:17 | 003,138,048 | ---- | M] (Microsoft Corporation) MD5=671FE77C7083C752AB414EC331F24DCB -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17685_none_16ced1e5b15e2e16\win32k.sys
[2011/11/24 05:52:09 | 003,145,216 | ---- | M] (Microsoft Corporation) MD5=6E810D7C1E3881289733924CE9763B92 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17730_none_16ffe1f5b13a20d5\win32k.sys
[2013/06/05 04:34:27 | 003,153,920 | ---- | M] (Microsoft Corporation) MD5=73601028E7C44154318AE91D2EB2EDB3 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18176_none_16da81d5b155535a\win32k.sys
[2011/06/11 04:07:25 | 003,137,536 | ---- | M] (Microsoft Corporation) MD5=7A1BCE8E431CE1083E6807D43C1B0661 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17630_none_16ffe00fb13a23ae\win32k.sys
[2013/03/01 04:36:04 | 003,153,408 | ---- | M] (Microsoft Corporation) MD5=86F96630D28523F1C402C783F046DEF1 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18105_none_172530ffb11d766c\win32k.sys
[2012/03/31 03:56:14 | 003,148,800 | ---- | M] (Microsoft Corporation) MD5=88592AB8F8AE4F7264A936AEE682BBE5 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21955_none_1778e240ca63745b\win32k.sys
[2013/10/30 02:50:10 | 003,159,040 | ---- | M] (Microsoft Corporation) MD5=8E3FA314D78F4092648EF122E5AFE8A8 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22496_none_174e8294ca832554\win32k.sys
[2013/10/30 02:24:31 | 003,155,968 | ---- | M] (Microsoft Corporation) MD5=97D50B0CABF18A6D40F8883D02DDB519 -- C:\Windows\SysNative\win32k.sys
[2013/10/30 02:24:31 | 003,155,968 | ---- | M] (Microsoft Corporation) MD5=97D50B0CABF18A6D40F8883D02DDB519 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18300_none_17203359b121f207\win32k.sys
[2011/09/29 05:47:30 | 003,146,752 | ---- | M] (Microsoft Corporation) MD5=9A490D3113AD482914F98F0AA9254DB4 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21828_none_179c50fcca486f66\win32k.sys
[2011/09/06 04:45:20 | 003,140,096 | ---- | M] (Microsoft Corporation) MD5=9C7D0FD37532F0CE69C2F01B35364355 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21811_none_17a01ee2ca46a214\win32k.sys
[2012/10/18 19:14:46 | 003,151,872 | ---- | M] (Microsoft Corporation) MD5=9FE34DE5E7E97DA1AB228F71687BDB88 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22137_none_17905cb4ca519f90\win32k.sys
[2012/05/15 02:32:33 | 003,146,752 | ---- | M] (Microsoft Corporation) MD5=A0360F2DEFCBC40497A4F3D0599FE71A -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17842_none_16f71483b1406c9b\win32k.sys
[2013/04/10 04:30:50 | 003,153,920 | ---- | M] (Microsoft Corporation) MD5=A11523523B31086DD760C0189C763359 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18126_none_17109171b12cc7a5\win32k.sys
[2012/02/03 05:34:34 | 003,145,728 | ---- | M] (Microsoft Corporation) MD5=A3A7E9D10745A7CAC5F346370B81D08B -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17772_none_16d6a2d9b158c347\win32k.sys
[2010/11/21 04:24:16 | 003,126,272 | ---- | M] (Microsoft Corporation) MD5=A89392A32BA98468710FD7E38318934B -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17514_none_17197f29b1265401\win32k.sys
[2011/05/28 04:06:58 | 003,135,488 | ---- | M] (Microsoft Corporation) MD5=A8BB4C5B9D529FBE01C90024E0A7820E -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17622_none_170cb08fb1303a6b\win32k.sys
[2011/05/28 03:58:42 | 003,138,048 | ---- | M] (Microsoft Corporation) MD5=AA7F3250AE93B4312C31FE97AA46745F -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21735_none_178e7e4cca53422b\win32k.sys
[2012/06/12 03:58:04 | 003,151,872 | ---- | M] (Microsoft Corporation) MD5=BC91C50C20709D85A2137E689DC3ED19 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22016_none_17a4fa5cca425130\win32k.sys
[2012/11/22 04:26:40 | 003,149,824 | ---- | M] (Microsoft Corporation) MD5=C58923115CDE6071C3BF2FF063546E9F -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18009_none_17293041b119dea1\win32k.sys
[2012/11/23 04:28:21 | 003,152,384 | ---- | M] (Microsoft Corporation) MD5=C672AE7957256A51E4F4A0B16CFB8CDC -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22172_none_17601b92ca7690a1\win32k.sys
[2013/03/01 04:20:42 | 003,155,968 | ---- | M] (Microsoft Corporation) MD5=CB22E76FA82C144F1897A5EB886A9AC8 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22271_none_175f1d2eca777471\win32k.sys
[2013/08/08 02:21:02 | 003,158,528 | ---- | M] (Microsoft Corporation) MD5=D3F2D075504762AE2808B7CCD7B30EDA -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22416_none_17a501f4ca4245cc\win32k.sys
[2012/02/03 05:15:32 | 003,148,288 | ---- | M] (Microsoft Corporation) MD5=D743EB3F1917EE3D2861064D8A53E07F -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21914_none_17a321a6ca43eb40\win32k.sys
[2011/06/11 03:54:15 | 003,140,096 | ---- | M] (Microsoft Corporation) MD5=D9DC465D72719EB413FDD056B0F25EED -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21744_none_1782ae16ca5c44c5\win32k.sys
[2013/06/04 04:18:01 | 003,156,992 | ---- | M] (Microsoft Corporation) MD5=DFCA7B158161CB2A7DDCDDB51FE7940E -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22348_none_178690deca58cf26\win32k.sys
[2011/03/03 04:48:54 | 003,137,536 | ---- | M] (Microsoft Corporation) MD5=E5043EE4E7762CBF2E8D69E7D7E726E1 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21673_none_17613c22ca75821a\win32k.sys
[2012/07/18 19:15:06 | 003,148,800 | ---- | M] (Microsoft Corporation) MD5=F0D6864A7D52CE137E0A9D24795C3F0E -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17904_none_172456adb11e2cac\win32k.sys
[2012/03/31 04:10:03 | 003,146,240 | ---- | M] (Microsoft Corporation) MD5=F4C456F9235ED440B81107E951555411 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17803_none_1723547db11f162e\win32k.sys

< MD5 for: WINLOGON.EXE >
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< MD5 for: WINSRV.DLL >
[2013/01/04 06:46:09 | 000,215,040 | ---- | M] (Microsoft Corporation) MD5=0C27239FEA4DB8A2AAC9E502186B7264 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.18043_none_14830bbdb30e2246\winsrv.dll
[2012/08/20 19:27:20 | 000,215,040 | ---- | M] (Microsoft Corporation) MD5=111AFE35DD2D423EE8E176CA7B2BBDC7 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22091_none_14d49672cc561df0\winsrv.dll
[2011/05/14 08:11:21 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=1A589228B6DC007120F877DBBD6CB79D -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21728_none_15276bfecc16de2a\winsrv.dll
[2013/07/08 06:18:41 | 000,215,040 | ---- | M] (Microsoft Corporation) MD5=1F1DA89B6582F8728ECEB1C35438C1E7 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22379_none_14f23e4ccc3ea83b\winsrv.dll
[2011/05/14 08:24:33 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=3A8135A7DED2FA0DAD3BDE1B14865A8A -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17617_none_14a79ed5b2f20918\winsrv.dll
[2013/08/29 03:21:50 | 000,215,040 | ---- | M] (Microsoft Corporation) MD5=516D82106CAFAE156C61C5AB627A6409 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22436_none_151a7f04cc20e999\winsrv.dll
[2011/06/03 08:01:31 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=5AA1C7B5F471C4657BE38447BC397665 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21738_none_151c9c12cc1efa1b\winsrv.dll
[2013/01/04 06:43:41 | 000,215,040 | ---- | M] (Microsoft Corporation) MD5=5F38CFC96BCA5DD462E2B243B6E31849 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22209_none_153debdacc05e77d\winsrv.dll
[2012/10/04 18:45:55 | 000,215,040 | ---- | M] (Microsoft Corporation) MD5=72CC564BBC70DE268784BCE91EB8A28F -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17965_none_146f9457b31c5994\winsrv.dll
[2013/08/02 03:14:57 | 000,215,040 | ---- | M] (Microsoft Corporation) MD5=88EDD0B34EED542745931E581AD21A32 -- C:\Windows\SysNative\winsrv.dll
[2013/08/02 03:14:57 | 000,215,040 | ---- | M] (Microsoft Corporation) MD5=88EDD0B34EED542745931E581AD21A32 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.18229_none_149eb11db2f87cbc\winsrv.dll
[2013/08/02 07:23:33 | 000,215,040 | ---- | M] (Microsoft Corporation) MD5=99AACC82C6B8A8E976CA59CFD3C322EF -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22411_none_152b1d6acc153304\winsrv.dll
[2012/11/30 06:45:14 | 000,215,040 | ---- | M] (Microsoft Corporation) MD5=9E479C2B605C25DA4971ABA36250FAEF -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.18015_none_14a57c15b2f40121\winsrv.dll
[2011/06/03 07:57:44 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=9F761CE1C6C013120B2F0DB27D48C06F -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17625_none_149ace55b2fbf25b\winsrv.dll
[2011/06/24 06:27:05 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=C13D05A015346DED3D722BE285814495 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21756_none_1504fba6cc30ff4f\winsrv.dll
[2012/11/30 06:55:04 | 000,215,040 | ---- | M] (Microsoft Corporation) MD5=C2B1F6196C7FE1EA1BF827312B095D06 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22177_none_14f039eccc407b3f\winsrv.dll
[2012/10/04 18:43:44 | 000,215,040 | ---- | M] (Microsoft Corporation) MD5=CC44EBC3E04E76AABE19EB4A16663E4A -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22125_none_152448f4cc19bcdc\winsrv.dll
[2010/11/21 04:24:16 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=E0406AEF04B088D1C49FC78D0546F689 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17514_none_14a49c11b2f4bfec\winsrv.dll
[2011/06/24 06:34:53 | 000,214,528 | ---- | M] (Microsoft Corporation) MD5=EB6A48CC998E1090E44E8E7F1009A640 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17641_none_14812d55b30fc4e1\winsrv.dll
[2012/08/20 19:48:43 | 000,215,040 | ---- | M] (Microsoft Corporation) MD5=F46BBAAC1C4980F4D0DD463F190A42D3 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17932_none_148d033db306b9bc\winsrv.dll

< MD5 for: WS2_32.DLL >
[2010/11/21 04:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010/11/21 04:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010/11/21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010/11/21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

< MD5 for: WSCRIPT.EXE >
[2013/10/12 02:33:26 | 000,168,960 | ---- | M] (Microsoft Corporation) MD5=045451FA238A75305CC26AC982472367 -- C:\Windows\SysNative\wscript.exe
[2013/10/12 02:33:26 | 000,168,960 | ---- | M] (Microsoft Corporation) MD5=045451FA238A75305CC26AC982472367 -- C:\Windows\winsxs\amd64_microsoft-windows-scripting_31bf3856ad364e35_6.1.7601.18283_none_a6418c4d17334828\wscript.exe
[2013/10/14 03:29:32 | 000,168,960 | ---- | M] (Microsoft Corporation) MD5=19E75D5729FF6B5F637995225B181194 -- C:\Windows\winsxs\amd64_microsoft-windows-scripting_31bf3856ad364e35_6.1.7601.22480_none_a6c82a2030539914\wscript.exe
[2013/10/14 02:58:50 | 000,141,824 | ---- | M] (Microsoft Corporation) MD5=59E6F9BB291848B14F05EE194AF43327 -- C:\Windows\winsxs\wow64_microsoft-windows-scripting_31bf3856ad364e35_6.1.7601.22480_none_b11cd47264b45b0f\wscript.exe
[2009/07/14 02:39:57 | 000,168,960 | ---- | M] (Microsoft Corporation) MD5=8886E0697B0A93C521F99099EF643450 -- C:\Windows\winsxs\amd64_microsoft-windows-scripting_31bf3856ad364e35_6.1.7600.16385_none_a45d44bd1a0af822\wscript.exe
[2013/10/12 02:15:48 | 000,141,824 | ---- | M] (Microsoft Corporation) MD5=979D74799EA6C8B8167869A68DF5204A -- C:\Windows\SysWOW64\wscript.exe
[2013/10/12 02:15:48 | 000,141,824 | ---- | M] (Microsoft Corporation) MD5=979D74799EA6C8B8167869A68DF5204A -- C:\Windows\winsxs\wow64_microsoft-windows-scripting_31bf3856ad364e35_6.1.7601.18283_none_b096369f4b940a23\wscript.exe
[2009/07/14 02:14:49 | 000,141,824 | ---- | M] (Microsoft Corporation) MD5=D1AB72DB2BEDD2F255D35DA3DA0D4B16 -- C:\Windows\winsxs\wow64_microsoft-windows-scripting_31bf3856ad364e35_6.1.7600.16385_none_aeb1ef0f4e6bba1d\wscript.exe

< >

< %systemroot%\system32\logevent.dll /md5 >

< %systemroot%\system32\sceclt.dll /md5 >

< %systemroot%\system32\ntelogon.dll /md5 >

< %systemroot%\system32\consrv.dll /md5 >

< >

< %systemroot%\system32\logevent.dll /md5 /64 >

< %systemroot%\system32\sceclt.dll /md5 /64 >

< %systemroot%\system32\ntelogon.dll /md5 /64 >

< %systemroot%\system32\consrv.dll /md5 /64 >

< >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013/12/21 12:26:20 | 000,000,512 | ---- | M] () MD5=D85AFEDCD5D7D90810E681D6FED27F9C -- C:\PhysicalMBR.bin

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2011/06/16 05:53:46 | 000,924,632 | ---- | M] (Mozilla Corporation) MD5=6C9CD3ECBA6732661C8BBE37A877A2BD -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013/12/17 15:52:45 | 000,806,096 | ---- | M] (Microsoft Corporation) MD5=C8A8321292A459B0A17FB39A782A5C74 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %systemroot%\system32\Spool\prtprocs\*.* /s >
[2009/07/14 02:41:12 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\x64\jnwppr.dll
[2010/11/21 04:24:16 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\x64\winprint.dll
[2010/11/21 16:00:07 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\system32\Spool\prtprocs\x64\en-US\LXKPTPRC.DLL.mui

< %systemroot%\system32\drivers\*.sys /10 >

< %systemroot%\system32\drivers\*.sys /X >
[2009/06/10 22:14:29 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2009/06/10 22:14:29 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt
[2008/12/02 19:05:30 | 000,184,320 | ---- | M] (ASUSTeK) -- C:\Windows\system32\drivers\UpdateHelper.dll

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /10 >
[2013/12/17 15:52:45 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtmsft.dll
[2013/12/17 15:52:45 | 000,244,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtrans.dll
[2013/12/17 15:52:47 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\elshyph.dll
[2013/12/17 17:19:23 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2013/12/17 17:19:23 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2013/12/17 15:52:45 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\html.iec
[2013/12/17 15:52:45 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icardie.dll
[2013/12/17 15:52:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IEAdvpack.dll
[2013/12/17 15:52:45 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dat
[2013/12/17 15:52:45 | 000,238,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iedkcs32.dll
[2013/12/17 15:52:45 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieetwproxystub.dll
[2013/12/17 15:52:45 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iepeers.dll
[2013/12/17 15:52:45 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iernonce.dll
[2013/12/17 15:52:45 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesetup.dll
[2013/12/17 15:52:45 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesysprep.dll
[2013/12/17 15:52:45 | 000,016,284 | ---- | M] () -- C:\Windows\system32\ieuinit.inf
[2013/12/17 15:52:45 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieUnatt.exe
[2013/12/17 15:52:45 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iexpress.exe
[2013/12/17 15:52:45 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imgutil.dll
[2013/12/17 15:52:45 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inseng.dll
[2013/12/17 15:52:45 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\JavaScriptCollectionAgent.dll
[2013/12/17 15:52:45 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript.dll
[2013/12/17 15:52:45 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsIntl.dll
[2013/12/17 15:52:45 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\licmgr10.dll
[2013/12/17 15:52:45 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeeds.dll
[2013/12/17 15:52:45 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedsbs.dll
[2013/12/17 15:52:45 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedssync.exe
[2013/12/17 15:52:45 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshta.exe
[2013/12/17 15:52:45 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MshtmlDac.dll
[2013/12/17 15:52:45 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmled.dll
[2013/12/17 15:52:45 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmler.dll
[2013/12/17 15:52:45 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmlmedia.dll
[2013/12/17 15:52:45 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msls31.dll
[2013/12/17 15:52:45 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msrating.dll
[2013/12/17 15:52:45 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\occache.dll
[2013/12/16 16:15:27 | 000,767,492 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2013/12/17 15:52:45 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pngfilt.dll
[2013/12/17 15:52:45 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RegisterIEPKEYs.exe
[2013/12/17 15:52:45 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SetIEInstalledDate.exe
[2013/12/17 15:52:45 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tdc.ocx
[2013/12/17 15:52:45 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\url.dll
[2013/12/17 15:52:45 | 000,454,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vbscript.dll
[2013/12/17 15:52:45 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webcheck.dll
[2013/12/17 15:52:45 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wextract.exe
[5 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\*.dll /lockedfiles >
[2013/12/17 15:52:45 | 000,367,104 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2013/12/17 15:52:45 | 000,244,736 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2013/11/26 08:26:42 | 011,221,504 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[2009/07/14 02:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\LocationApi.dll
[2012/11/01 05:47:54 | 001,236,992 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msxml3.dll
[2013/10/12 03:03:31 | 000,163,840 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\scrrun.dll
[5 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\*.* /lockedfiles >
[2013/12/17 15:52:45 | 000,367,104 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2013/12/17 15:52:45 | 000,244,736 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2013/11/26 08:26:42 | 011,221,504 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[2009/07/14 02:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\LocationApi.dll
[2013/11/26 10:23:02 | 002,724,864 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\mshtml.tlb
[2009/07/14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msscript.ocx
[2012/11/01 05:47:54 | 001,236,992 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msxml3.dll
[2013/10/12 03:03:31 | 000,163,840 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\scrrun.dll
[2009/07/14 00:43:53 | 000,016,896 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\stdole2.tlb
[2013/10/12 03:04:36 | 000,121,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\wshom.ocx
[5 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\config\*.sav >

< >

< c:\$Recycle.Bin|L,N,U,@;true;true;true /FN >

< c:\Windows\Installer|L,N,U,@;true;true;true /FN >

< >

< %systemroot%\Tasks\*.job >
[2013/12/21 12:21:35 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/12/21 12:34:00 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013/12/20 16:28:00 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004605396-3039704758-1652441973-1000Core.job
[2013/12/21 12:28:00 | 000,000,958 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004605396-3039704758-1652441973-1000UA.job

< %systemroot%\*.* /U /s >
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[5 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[12 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %systemroot%\*. /rp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Nabídka Start\*.lnk /x >

< %ALLUSERSPROFILE%\Data Aplikácií\*.* >

< %ALLUSERSPROFILE%\Data Aplikácií\*.exe /s >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %APPDATA%\*. >
[2012/08/13 12:31:51 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Adobe
[2012/07/17 20:12:20 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\ATI
[2013/01/10 11:45:45 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Babylon
[2011/06/24 16:31:29 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\BluePeak-de
[2012/11/20 20:55:43 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\DAEMON Tools Lite
[2013/12/18 07:29:16 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\dclogs
[2012/05/11 09:04:04 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\ESET
[2013/09/28 19:29:35 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\FreeCall
[2012/09/26 19:15:34 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\GHISLER
[2012/09/05 18:44:11 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Google Chrome Backup
[2011/06/02 10:41:21 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Identities
[2011/06/02 11:42:16 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\InstallShield
[2011/06/02 11:43:14 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Intel Corporation
[2011/06/02 18:32:16 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Macromedia
[2012/12/06 11:30:10 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Mael
[2012/08/13 12:30:08 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\MapFactor
[2010/11/21 16:10:29 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Media Center Programs
[2012/12/25 12:35:37 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Media Player Classic
[2013/04/26 07:45:08 | 000,000,000 | --SD | M] -- C:\Users\Slavicek\AppData\Roaming\Microsoft
[2011/09/17 17:07:30 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\mkvtoolnix
[2011/06/02 12:07:29 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Mozilla
[2012/05/17 07:34:00 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\NVIDIA
[2011/10/17 13:18:37 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Orbit
[2013/07/31 09:21:57 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Origin
[2012/06/09 05:44:15 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\PlatinumHideIP
[2011/10/17 13:18:24 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\ProgSense
[2012/01/14 13:24:30 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\PSpad
[2011/07/03 12:54:16 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\PunkBuster
[2012/12/25 12:29:02 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Shark007
[2013/12/21 11:41:15 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Skype
[2011/08/24 08:29:45 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\skypePM
[2013/12/20 18:38:38 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\TeamViewer
[2012/11/22 06:23:08 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Theta
[2012/03/22 20:31:37 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\ts3overlay
[2012/07/12 15:02:50 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Ubisoft
[2013/12/19 09:56:33 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\VitySoft
[2012/12/25 13:18:56 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Win7codecs
[2011/09/29 23:31:44 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Winamp
[2011/06/02 16:39:56 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Windows SideBar
[2012/07/27 06:51:20 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\WinRAR
[2012/06/15 16:50:26 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\XRay Engine
[2012/08/14 10:22:32 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\YourFileDownloader
[2013/09/18 09:51:23 | 000,000,000 | ---D | M] -- C:\Users\Slavicek\AppData\Roaming\Zoner

< %APPDATA%\*.* >

< %APPDATA%\*.exe /s >
[2011/08/21 17:33:16 | 000,045,126 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{57019733-78E6-43DE-8E6D-55349F0FDE6F}\_25838CCE72A1AC2ABE5D8D.exe
[2011/08/21 17:33:16 | 000,045,126 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{57019733-78E6-43DE-8E6D-55349F0FDE6F}\_6FEFF9B68218417F98F549.exe
[2011/08/21 17:33:16 | 000,045,126 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{57019733-78E6-43DE-8E6D-55349F0FDE6F}\_B959C1FE92F059D1BDE1B4.exe
[2012/09/02 13:04:07 | 000,040,960 | ---- | M] (Macrovision Corporation) -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{AA12545D-5EB8-4078-AFD9-8E8DC0AE3A76}\ARPPRODUCTICON.exe
[2012/09/02 13:04:07 | 000,008,854 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{AA12545D-5EB8-4078-AFD9-8E8DC0AE3A76}\UNINST_Uninstall_GIG_AA12545D5EB84078AFD98E8DC0AE3A76.exe
[2012/09/02 13:04:07 | 000,040,960 | ---- | M] (Macrovision Corporation) -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{AA12545D-5EB8-4078-AFD9-8E8DC0AE3A76}\_BIOS.exe_AA12545D5EB84078AFD98E8DC0AE3A76.exe
[2013/12/18 19:57:53 | 000,119,808 | R--- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
[2011/06/11 06:57:35 | 000,015,086 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{D86B6C32-49BD-4A02-9C43-14E497018498}\ClickCleaner.exe
[2011/06/11 06:57:35 | 000,017,542 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{D86B6C32-49BD-4A02-9C43-14E497018498}\ContextMenuManager.exe
[2011/06/11 06:57:35 | 000,015,086 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{D86B6C32-49BD-4A02-9C43-14E497018498}\DiskAnalyzer.exe
[2011/06/11 06:57:35 | 000,015,086 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{D86B6C32-49BD-4A02-9C43-14E497018498}\DuplicateFilesFinder.exe
[2011/06/11 06:57:35 | 000,015,086 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{D86B6C32-49BD-4A02-9C43-14E497018498}\FileSecurity.exe
[2011/06/11 06:57:35 | 000,015,086 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{D86B6C32-49BD-4A02-9C43-14E497018498}\FileSplitter.exe
[2011/06/11 06:57:35 | 000,017,542 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{D86B6C32-49BD-4A02-9C43-14E497018498}\FreeMemory.exe
[2011/06/11 06:57:35 | 000,015,086 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{D86B6C32-49BD-4A02-9C43-14E497018498}\IEManager.exe
[2011/06/11 06:57:35 | 000,015,086 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{D86B6C32-49BD-4A02-9C43-14E497018498}\JunkFileCleaner.exe
[2011/06/11 06:57:35 | 000,005,430 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{D86B6C32-49BD-4A02-9C43-14E497018498}\LiveUpdate.exe
[2011/06/11 06:57:35 | 000,013,262 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{D86B6C32-49BD-4A02-9C43-14E497018498}\OptimizationWizard.exe
[2011/06/11 06:57:35 | 000,015,086 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{D86B6C32-49BD-4A02-9C43-14E497018498}\PrivacyProtector.exe
[2011/06/11 06:57:35 | 000,015,086 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{D86B6C32-49BD-4A02-9C43-14E497018498}\ProcessManager.exe
[2011/06/11 06:57:35 | 000,015,086 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{D86B6C32-49BD-4A02-9C43-14E497018498}\RegistryCleaner.exe
[2011/06/11 06:57:35 | 000,015,086 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{D86B6C32-49BD-4A02-9C43-14E497018498}\RegistryDefrag.exe
[2011/06/11 06:57:35 | 000,015,086 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{D86B6C32-49BD-4A02-9C43-14E497018498}\RepairCenter.exe
[2011/06/11 06:57:35 | 000,015,086 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{D86B6C32-49BD-4A02-9C43-14E497018498}\RunShortcutCreator.exe
[2011/06/11 06:57:35 | 000,015,086 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{D86B6C32-49BD-4A02-9C43-14E497018498}\ServiceManager.exe
[2011/06/11 06:57:35 | 000,017,542 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{D86B6C32-49BD-4A02-9C43-14E497018498}\SmartUninstaller.exe
[2011/06/11 06:57:35 | 000,015,086 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{D86B6C32-49BD-4A02-9C43-14E497018498}\StartupManager.exe
[2011/06/11 06:57:35 | 000,010,134 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{D86B6C32-49BD-4A02-9C43-14E497018498}\SystemFolder_msiexec.exe
[2011/06/11 06:57:35 | 000,007,886 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{D86B6C32-49BD-4A02-9C43-14E497018498}\SystemInfo.exe
[2011/06/11 06:57:35 | 000,017,542 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{D86B6C32-49BD-4A02-9C43-14E497018498}\TaskSchedulerManager.exe
[2011/06/11 06:57:35 | 000,017,542 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{D86B6C32-49BD-4A02-9C43-14E497018498}\VisualCustomizer.exe
[2011/06/11 06:57:35 | 000,092,560 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{D86B6C32-49BD-4A02-9C43-14E497018498}\Windows7Manager.exe
[2011/06/11 06:57:35 | 000,013,262 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\Microsoft\Installer\{D86B6C32-49BD-4A02-9C43-14E497018498}\WinUtilities.exe
[2011/02/17 22:46:25 | 000,835,440 | ---- | M] () -- C:\Users\Slavicek\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe
[2011/06/12 12:50:06 | 012,487,264 | ---- | M] (ZONER software ) -- C:\Users\Slavicek\AppData\Roaming\Zoner\NLMDB\product.0034\autoupdate.cz\ZPS13_Update_Build06.exe
[2013/09/18 09:49:49 | 012,505,560 | ---- | M] (ZONER software ) -- C:\Users\Slavicek\AppData\Roaming\Zoner\NLMDB\product.0034\autoupdate.cz\ZPS13_Update_Build07.exe

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\system32|bak;true;false;false /fp >

< %PROGRAMFILES%|bak;true;false;false /fp >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2008/01/20 21:21:40 | 001,233,920 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Users\Slavicek\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011/06/14 06:39:12 | 000,136,176 | ---- | M] (Google Inc.)
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2013/11/14 16:42:42 | 020,584,608 | R--- | M] (Skype Technologies S.A.)
"HP Deskjet 3510 series (NET)" = "C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN3581PJRQ05Y8:NW" -scfn "HP Deskjet 3510 series (NET)" -AutoStart 1 -- [2012/10/17 03:29:50 | 002,573,416 | ---- | M] (Hewlett-Packard Co.)
"Zoner Photo Studio Service 16" = "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe"
"Windows Drivers" = C:\ProgramData\WinUpdate\windrv.exe -- [2013/12/17 21:39:59 | 000,335,872 | ---- | M] ()
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2013/10/28 09:29:38 | 003,675,352 | ---- | M] (Disc Soft Ltd)
"Zoner Photo Studio Autoupdate" = "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE" -- [2013/09/16 20:41:10 | 000,800,280 | ---- | M] (ZONER software)

========== Alternate Data Streams ==========

@Alternate Data Stream - 228 bytes -> C:\ProgramData\TEMP:8927A071
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:B468194E
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:4FC01C57

< End of report >

Re: Winlog.exe CPU usage 40%, GPU Usage 90%

Napsal: 21 pro 2013 13:25
od durod
ComboFix 13-12-20.01 - Slavicek . 12. 2013 13:18:04.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.8169.6438 [GMT 1:00]
Running from: c:\users\Slavicek\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Mozilla Firefox\searchplugins\search.xml
c:\programdata\winupdate
c:\programdata\winupdate\backtrace.dll
c:\programdata\winupdate\diablo130302.cl
c:\programdata\winupdate\diakgcn121016.cl
c:\programdata\winupdate\example.conf
c:\programdata\winupdate\libblkmaker-0.1-0.dll
c:\programdata\winupdate\libblkmaker_jansson-0.1-0.dll
c:\programdata\winupdate\libcurl-4.dll
c:\programdata\winupdate\libevent-2-0-5.dll
c:\programdata\winupdate\libhidapi-0.dll
c:\programdata\winupdate\libjansson-4.dll
c:\programdata\winupdate\libusb-1.0.dll
c:\programdata\winupdate\miner.php
c:\programdata\winupdate\pdcurses.dll
c:\programdata\winupdate\phatk121016.cl
c:\programdata\winupdate\poclbm130302.cl
c:\programdata\winupdate\poclbm130302GeForceGTX670gv1w256l4pOpenCL1_1CUDA4_2_1.bin
c:\programdata\winupdate\pthreadGC2.dll
c:\programdata\winupdate\scrypt130511.cl
c:\programdata\winupdate\windrv.exe
c:\programdata\winupdate\winlog.exe
c:\programdata\winupdate\zlib1.dll
c:\users\Slavicek\AppData\Local\MICROS~1\Windows\Temp\sfamcc00001.dll
c:\users\Slavicek\AppData\Local\MICROS~1\Windows\Temp\sfareca00001.dll
c:\users\Slavicek\AppData\Local\Microsoft\Windows\Temp\sfamcc00001.dll
c:\users\Slavicek\AppData\Local\Microsoft\Windows\Temp\sfareca00001.dll
c:\users\Slavicek\AppData\Roaming\dclogs
c:\users\Slavicek\AppData\Roaming\dclogs\2013-12-17-3.dc
c:\users\Slavicek\AppData\Roaming\dclogs\2013-12-18-4.dc
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\frapsvid.dll
c:\windows\SysWow64\SET8427.tmp
c:\windows\SysWow64\tmp2CF2.tmp
c:\windows\SysWow64\tmp2D02.tmp
c:\windows\SysWow64\tmpB0D1.tmp
c:\windows\SysWow64\tmpB0E2.tmp
.
.
((((((((((((((((((((((((( Files Created from 2013-11-21 to 2013-12-21 )))))))))))))))))))))))))))))))
.
.
2013-12-21 12:20 . 2013-12-21 12:20 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-12-21 12:20 . 2013-12-21 12:20 -------- d-----w- c:\users\Slavicek\AppData\Local\temp
2013-12-21 11:26 . 2013-12-21 11:26 512 ----a-w- C:\PhysicalMBR.bin
2013-12-20 21:54 . 2013-12-20 21:54 -------- d-----w- C:\FRST
2013-12-20 17:38 . 2013-12-20 17:38 -------- d-----w- c:\users\Slavicek\AppData\Roaming\TeamViewer
2013-12-20 17:36 . 2013-12-20 17:36 -------- d-----w- c:\program files (x86)\TeamViewer
2013-12-20 15:46 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{607F8912-C15C-4E39-8E5A-5C6B6830D7F1}\mpengine.dll
2013-12-20 15:44 . 2013-12-20 15:44 -------- d-----w- c:\program files (x86)\MSECache
2013-12-19 08:56 . 2013-12-19 08:56 -------- d-----w- c:\users\Slavicek\.objectdb
2013-12-19 08:56 . 2013-12-19 08:56 -------- d-----w- c:\users\Slavicek\AppData\Roaming\VitySoft
2013-12-19 08:56 . 2013-12-19 08:56 -------- d-----w- c:\programdata\Oracle
2013-12-19 08:56 . 2013-12-19 08:56 312744 ----a-w- c:\windows\system32\javaws.exe
2013-12-19 08:56 . 2013-12-19 08:56 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-12-19 08:56 . 2013-12-19 08:56 189352 ----a-w- c:\windows\system32\javaw.exe
2013-12-19 08:56 . 2013-12-19 08:56 189352 ----a-w- c:\windows\system32\java.exe
2013-12-19 08:56 . 2013-12-19 08:56 -------- d-----w- c:\program files\Java
2013-12-18 19:27 . 2013-12-18 19:27 25640 ----a-w- c:\windows\gdrv.sys
2013-12-18 18:57 . 2013-12-18 18:57 119808 ----a-r- c:\users\Slavicek\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
2013-12-18 13:22 . 2013-12-18 13:22 234010 ----a-w- c:\windows\system32\poclbm130302GeForceGTX670gv1w256l4pOpenCL1_1CUDA4_2_1.bin
2013-12-18 13:20 . 2013-12-18 13:20 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-12-18 07:27 . 2013-12-18 07:27 -------- d-----w- c:\program files (x86)\Rockstar Games
2013-12-17 17:18 . 2013-12-17 17:18 -------- d-----w- c:\program files (x86)\pdfforge Toolbar
2013-12-17 17:18 . 2013-12-17 17:18 -------- d-----w- c:\program files (x86)\Common Files\Spigot
2013-12-17 17:18 . 2013-12-17 17:18 -------- d-----w- c:\program files (x86)\Application Updater
2013-12-17 14:54 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-12-16 20:11 . 2013-09-12 08:58 9281032 ----a-w- c:\windows\system32\nvcuda.dll
2013-12-16 19:24 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-12-16 19:24 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-12-16 19:24 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-12-16 19:24 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-12-16 19:24 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-12-16 19:24 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-12-16 19:24 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-12-16 15:16 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-16 15:16 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-16 15:16 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-16 15:16 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-16 15:16 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-16 15:14 . 2013-12-16 15:14 -------- d-----w- c:\windows\Migration
2013-12-16 15:08 . 2013-10-12 02:30 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-12-16 15:08 . 2013-10-12 02:29 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-12-16 15:08 . 2013-10-12 02:29 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-12-16 15:08 . 2013-10-12 02:03 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-12-16 15:08 . 2013-10-12 02:01 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-21 12:21 . 2013-12-21 12:21 0 ----a-w- c:\windows\AutoKMS.tmp
2013-12-18 09:57 . 2011-06-02 15:19 381440 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-12-17 16:19 . 2012-11-12 06:49 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-17 16:19 . 2011-06-24 18:01 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-17 14:52 . 2013-12-17 14:52 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-12-17 14:52 . 2013-12-17 14:52 208384 ----a-w- c:\windows\SysWow64\webcheck.dll
2013-12-01 13:42 . 2011-06-02 11:23 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-11-19 02:33 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-27 08:12 . 2013-10-27 08:12 1884448 ----a-w- c:\windows\system32\nvdispco6433165.dll
2013-10-27 08:12 . 2013-10-27 08:12 1511712 ----a-w- c:\windows\system32\nvdispgenco6433165.dll
2013-09-26 14:05 . 2013-09-26 14:06 1487859 ----a-w- c:\windows\unins000.exe
2013-09-25 01:57 . 2013-12-16 15:09 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2012-08-13 07:58 . 2013-03-01 11:04 1061344 ----a-w- c:\program files (x86)\GPU-Z.0.6.4.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{B922D405-6D13-4A2B-AE89-08A030DA4402}"= "c:\program files (x86)\pdfforge Toolbar\IE\8.5\pdfforgeToolbarIE.dll" [2013-12-13 1398080]
.
[HKEY_CLASSES_ROOT\clsid\{b922d405-6d13-4a2b-ae89-08a030da4402}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
2013-12-13 10:35 1398080 ----a-w- c:\program files (x86)\pdfforge Toolbar\IE\8.5\pdfforgeToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{B922D405-6D13-4A2B-AE89-08A030DA4402}"= "c:\program files (x86)\pdfforge Toolbar\IE\8.5\pdfforgeToolbarIE.dll" [2013-12-13 1398080]
.
[HKEY_CLASSES_ROOT\clsid\{b922d405-6d13-4a2b-ae89-08a030da4402}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-20 1233920]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"HP Deskjet 3510 series (NET)"="c:\program files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe" [2012-10-17 2573416]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE" [2013-09-16 800280]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-10-17 284440]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"HWiNFO64"="c:\program files\HWiNFO64\HWiNFO64.EXE" [2012-11-20 2478552]
"SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2013-12-13 1383232]
.
c:\users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MSIAfterburner - odkaz.lnk - c:\program files (x86)\MSI Afterburner\MSIAfterburner.exe [2013-3-1 425016]
speedfan - odkaz.lnk - c:\program files (x86)\SpeedFan\speedfan.exe [2013-3-1 4523928]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R3 ALSysIO;ALSysIO;z:\temp\ALSysIO64.sys;z:\temp\ALSysIO64.sys [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 atillk64;atillk64;e:\install\flashATI\ati_winflash_2.0.1.14\atillk64.sys;e:\install\flashATI\ati_winflash_2.0.1.14\atillk64.sys [x]
R3 ATSZIO;ATSZIO;c:\program files (x86)\ASUS\ASUS PC Diagnostics\ATSZIO64.sys;c:\program files (x86)\ASUS\ASUS PC Diagnostics\ATSZIO64.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;e:\install\everest\kerneld.amd64;e:\install\everest\kerneld.amd64 [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 getbus;getbus;l:\temp\getbus.sys;l:\temp\getbus.sys [x]
R3 GPCIDrv;GPCIDrv;c:\program files (x86)\GIGABYTE\atBIOS\GPCIDrv64.sys;c:\program files (x86)\GIGABYTE\atBIOS\GPCIDrv64.sys [x]
R3 GPU-Z;GPU-Z;c:\users\Slavicek\AppData\Local\MICROS~1\Windows\Temp\GPU-Z.sys;c:\users\Slavicek\AppData\Local\MICROS~1\Windows\Temp\GPU-Z.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RAMDiskVE;RAMDiskVE;c:\windows\system32\Drivers\RAMDiskVE.sys;c:\windows\SYSNATIVE\Drivers\RAMDiskVE.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 vpcuxd;USB Virtualization Stub Service;c:\windows\system32\DRIVERS\vpcuxd.sys;c:\windows\SYSNATIVE\DRIVERS\vpcuxd.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [x]
R4 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmpfd.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys;c:\program files (x86)\MSI Afterburner\RTCore64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-15 15:39]
.
2013-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-15 15:39]
.
2013-12-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004605396-3039704758-1652441973-1000Core.job
- c:\users\Slavicek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-14 05:39]
.
2013-12-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004605396-3039704758-1652441973-1000UA.job
- c:\users\Slavicek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-14 05:39]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2918656]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-02 11545192]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"AutoKMS"="c:\windows\AutoKMS.exe" [2013-03-01 615936]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=;ftp=;https=;
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=827316&p=
FF - prefs.js: network.proxy.type - 4
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-Zoner Photo Studio Service 16 - c:\program files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEc:\program files\Zoner\Photo Studio 16\Program32\ZPSService.exe
Wow6432Node-HKCU-Run-Windows Drivers - c:\programdata\WinUpdate\windrv.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-6103-4188-8184-5707 - i:\down\RapidShareManager\uninstall.exe
AddRemove-Afterburner - z:\msi afterburner\uninstall.exe
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-{1AA94747-3BF6-4237-9E1A-7B3067738FE1} - z:\temp\_tc\update.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2416472 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2487367 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2656351 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2572078 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2604121 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2633870 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656351 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656405 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2686827 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-YourFileDownloader - c:\program files (x86)\YourFileDownloader\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\EverestDriver]
"ImagePath"="\??\e:\install\everest\kerneld.amd64"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\TeamViewer\Version9\TeamViewer.exe
c:\program files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe
c:\program files (x86)\TeamViewer\Version9\tv_w32.exe
.
**************************************************************************
.
Completion time: 2013-12-21 13:22:38 - machine was rebooted
ComboFix-quarantined-files.txt 2013-12-21 12:22
.
Pre-Run: 13 027 241 984 bytes free
Post-Run: 14 838 132 736 bytes free
.
- - End Of File - - 11C9450B6EF3F407625CDDA6CC717E39

Re: Winlog.exe CPU usage 40%, GPU Usage 90%

Napsal: 21 pro 2013 13:44
od durod
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-12-2013 02
Ran by Slavicek (administrator) on SLAVICEK-PC on 21-12-2013 13:42:02
Running from C:\Users\Slavicek\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: 041B
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Spigot, Inc.) C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Almico Software (www.almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(REALiX) C:\Program Files\HWiNFO64\HWiNFO64.EXE
(Spigot, Inc.) C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
() C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicator.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Slavicek\Desktop\FRSTLauncher.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2918656 2011-01-12] (ESET)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AutoKMS] - C:\Windows\AutoKMS.exe [615936 2013-03-01] ()
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [HP Deskjet 3510 series (NET)] - C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKCU\...\Run: [Zoner Photo Studio Autoupdate] - C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe [800280 2013-09-16] (ZONER software)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-10-17] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HWiNFO64] - C:\Program Files\HWiNFO64\HWiNFO64.EXE [2478552 2012-11-20] (REALiX)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [SearchSettings] - C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [1383232 2013-12-13] (Spigot, Inc.)
HKU\Mcx1-SLAVICEK-PC\...\Winlogon: [Shell] C:\Windows\eHome\McrMgr.exe [343552 2009-07-14] (Microsoft Corporation) <==== ATTENTION
Startup: C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MSIAfterburner - odkaz.lnk
ShortcutTarget: MSIAfterburner - odkaz.lnk -> C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe ()
Startup: C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\speedfan - odkaz.lnk
ShortcutTarget: speedfan - odkaz.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe (Almico Software (www.almico.com))

==================== Internet (Whitelisted) ====================

ProxyServer: http=;ftp=;https=;
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7EF0238D0AFACC01
URLSearchHook: HKCU - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\8.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {90268043-C27E-4C78-9869-F1C292187594} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKCU - {90268043-C27E-4C78-9869-F1C292187594} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\8.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
Toolbar: HKLM-x32 - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\8.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default
FF DefaultSearchEngine: Yahoo
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Yahoo
FF Homepage: hxxp://www.seznam.cz/
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=827316&p=
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - c:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.116.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.132.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.140.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - c:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - c:\PROGRA~2\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Slavicek\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Slavicek\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Slavicek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\searchplugins\seznam.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\zoznam-sk.xml
FF Extension: WebTran - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
FF Extension: Auto Copy - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}
FF Extension: Armada Custom Toolbar - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\{29c0f5ff-3564-46bc-9f4a-50c73f426486}
FF Extension: Back to Top - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\{3C9A65A6-9563-4485-BA4A-4BCD698BCFB4}
FF Extension: Address Bar Search - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}
FF Extension: Aging Tabs - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\aging-tabs@design-noir.de.xpi
FF Extension: Add-on Compatibility Reporter - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\compatibility@addons.mozilla.org.xpi
FF Extension: FireGestures - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\firegestures@xuldev.org.xpi
FF Extension: No Name - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\pdfforge@mybrowserbar.com
FF Extension: No Name - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\sfStatistics.xml
FF Extension: Instrument Test - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\testpilot@labs.mozilla.com.xpi
FF Extension: Session Manager - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
FF Extension: PDF Download - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi
FF Extension: Flashblock - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi
FF Extension: Adblock Plus - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Download Statusbar - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
FF Extension: Tab Mix Plus - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF Extension: Mouse Gestures Redox - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\{FFA36170-80B1-4535-B0E3-A4569E497DD0}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

==================== Services (Whitelisted) =================

S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [42360 2011-01-12] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [810144 2011-01-12] (ESET)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-04-13] ()
S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [x]
S4 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [x]

==================== Drivers (Whitelisted) ====================

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [31360 2011-10-18] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-25] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 atillk64; E:\Install\flashATI\ati_winflash_2.0.1.14\atillk64.sys [14608 2006-07-19] (ATI Technologies Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2012-11-20] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-18] (Disc Soft Ltd)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [170640 2010-12-21] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141264 2010-12-21] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [125296 2010-12-21] (ESET)
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\atBIOS\GPCIDrv64.sys [14376 2010-02-04] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [29672 2012-12-15] (REALiX(tm))
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2012-11-20] ()
S3 RAMDiskVE; C:\Windows\System32\Drivers\RAMDiskVE.sys [63696 2010-11-21] ()
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-01-23] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2013-12-18] (Duplex Secure Ltd.)
U3 abrbb8ym; C:\Windows\System32\Drivers\abrbb8ym.sys [0 ] (Microsoft Corporation)
S3 ALSysIO; \??\z:\Temp\ALSysIO64.sys [x]
S3 amdkmdag; system32\DRIVERS\atikmdag.sys [x]
S3 ATSZIO; \??\C:\Program Files (x86)\ASUS\ASUS PC Diagnostics\ATSZIO64.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 cpuz132; \??\c:\Temp\cpuz132\cpuz132_x64.sys [x]
S3 EverestDriver; \??\E:\Install\everest\kerneld.amd64 [x]
S3 getbus; \??\l:\Temp\getbus.sys [x]
S3 GPU-Z; \??\c:\Users\Slavicek\AppData\Local\MICROS~1\Windows\Temp\GPU-Z.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-21 13:42 - 2013-12-21 13:42 - 00021459 _____ C:\Users\Slavicek\Desktop\FRST.txt
2013-12-21 13:22 - 2013-12-21 13:22 - 00028894 _____ C:\ComboFix.txt
2013-12-21 13:13 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-12-21 13:13 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-12-21 13:13 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-12-21 13:13 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-12-21 13:13 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-12-21 13:13 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-12-21 13:13 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-12-21 13:13 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-12-21 13:12 - 2013-12-21 13:22 - 00000000 ____D C:\Qoobox
2013-12-21 13:12 - 2013-12-21 13:21 - 00000000 ____D C:\Windows\erdnt
2013-12-21 13:12 - 2013-12-21 13:06 - 05155033 ____R (Swearware) C:\Users\Slavicek\Desktop\ComboFix.exe
2013-12-21 12:42 - 2013-12-21 12:42 - 00097886 _____ C:\Users\Slavicek\Desktop\Extras.Txt
2013-12-21 12:41 - 2013-12-21 12:41 - 00531032 _____ C:\Users\Slavicek\Desktop\OTL.Txt
2013-12-21 12:26 - 2013-12-21 12:26 - 00000512 _____ C:\PhysicalMBR.bin
2013-12-21 12:23 - 2013-12-21 12:22 - 00602112 _____ (OldTimer Tools) C:\Users\Slavicek\Desktop\OTL.exe
2013-12-21 11:33 - 2013-12-21 12:20 - 00000000 ____D C:\Users\Slavicek\Documents\Stasznost
2013-12-20 22:54 - 2013-12-20 22:54 - 00000000 ____D C:\FRST
2013-12-20 22:54 - 2013-12-20 22:53 - 02193141 _____ (Farbar) C:\Users\Slavicek\Desktop\FRST64.exe
2013-12-20 22:54 - 2013-12-20 22:53 - 00112640 _____ (forum.viry.cz) C:\Users\Slavicek\Desktop\FRSTLauncher.exe
2013-12-20 21:55 - 2013-12-20 21:55 - 00000146 _____ C:\Users\Slavicek\Desktop\Zvuk - odkaz.lnk
2013-12-20 18:38 - 2013-12-20 18:38 - 00000000 ____D C:\Users\Slavicek\AppData\Roaming\TeamViewer
2013-12-20 18:36 - 2013-12-20 18:36 - 00001173 _____ C:\Users\Public\Desktop\TeamViewer 9.lnk
2013-12-20 18:36 - 2013-12-20 18:36 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-12-20 16:44 - 2013-12-20 16:44 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-12-19 09:56 - 2013-12-19 09:56 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-12-19 09:56 - 2013-12-19 09:56 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-12-19 09:56 - 2013-12-19 09:56 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-12-19 09:56 - 2013-12-19 09:56 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-12-19 09:56 - 2013-12-19 09:56 - 00000000 ____D C:\Users\Slavicek\AppData\Roaming\VitySoft
2013-12-19 09:56 - 2013-12-19 09:56 - 00000000 ____D C:\Users\Slavicek\.objectdb
2013-12-19 09:56 - 2013-12-19 09:56 - 00000000 ____D C:\ProgramData\Oracle
2013-12-19 09:56 - 2013-12-19 09:56 - 00000000 ____D C:\Program Files\Java
2013-12-18 20:27 - 2013-12-18 20:27 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-12-18 19:57 - 2013-12-18 19:58 - 00000000 ____D C:\Users\Slavicek\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2013-12-18 19:57 - 2013-12-18 19:57 - 00002588 _____ C:\Users\Slavicek\Desktop\Windows 7 USB DVD Download Tool.lnk
2013-12-18 19:57 - 2013-12-18 19:57 - 00000000 ____D C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2013-12-18 18:35 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-18 18:35 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-18 18:35 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-18 18:35 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-18 18:35 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-18 18:35 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-18 18:35 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-18 18:35 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-18 18:35 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-18 18:35 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-18 18:35 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-18 18:35 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-18 18:35 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-18 18:35 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-18 18:35 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-18 18:35 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-18 18:35 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-18 18:35 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-18 18:35 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-18 18:35 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-18 18:35 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-18 18:35 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-18 18:35 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-18 18:35 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-18 18:35 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-18 18:35 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-18 18:35 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-18 18:35 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-18 18:35 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-18 18:35 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-18 18:35 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-18 14:52 - 2013-12-19 16:40 - 00000000 ____D C:\Users\Slavicek\Documents\Vakcina
2013-12-18 14:22 - 2013-12-18 14:22 - 00234010 _____ C:\Windows\system32\poclbm130302GeForceGTX670gv1w256l4pOpenCL1_1CUDA4_2_1.bin
2013-12-18 14:20 - 2013-12-18 14:20 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-12-18 10:57 - 2013-12-18 10:57 - 00001957 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-12-18 08:27 - 2013-12-18 08:27 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2013-12-18 08:24 - 2013-12-18 08:24 - 00000752 _____ C:\Users\Public\Desktop\Max Payne 3.lnk
2013-12-18 08:02 - 2013-12-18 08:02 - 00000000 ____D C:\Users\Slavicek\Documents\Rockstar Games
2013-12-17 18:18 - 2013-12-17 18:18 - 00000000 ____D C:\Program Files (x86)\pdfforge Toolbar
2013-12-17 18:18 - 2013-12-17 18:18 - 00000000 ____D C:\Program Files (x86)\Application Updater
2013-12-17 17:18 - 2013-12-17 17:18 - 00000000 ___SH C:\Users\Slavicek\AppData\Local\Microsoft\Windows\WebCacheLock.dat
2013-12-17 15:54 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-17 15:52 - 2013-12-17 15:54 - 00009538 _____ C:\Windows\IE11_main.log
2013-12-17 15:52 - 2013-12-17 15:52 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-17 15:52 - 2013-12-17 15:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-17 15:52 - 2013-12-17 15:52 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-17 15:52 - 2013-12-17 15:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-17 15:52 - 2013-12-17 15:52 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-17 15:52 - 2013-12-17 15:52 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-17 15:52 - 2013-12-17 15:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-16 21:11 - 2013-09-12 09:58 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-12-16 21:11 - 2013-09-12 09:58 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 00458528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-12-16 21:11 - 2013-09-12 09:58 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-12-16 21:11 - 2013-06-16 13:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-12-16 21:11 - 2013-06-16 13:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-12-16 21:11 - 2013-01-29 09:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2013-12-16 20:24 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-12-16 20:24 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-12-16 20:24 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-12-16 20:24 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-12-16 20:24 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-12-16 20:24 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-12-16 20:24 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-12-16 16:16 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-16 16:16 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-16 16:16 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-16 16:16 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-16 16:09 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-16 16:09 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-16 16:09 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-16 16:09 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-16 16:09 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-16 16:09 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-16 16:09 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-16 16:09 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-16 16:09 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-16 16:09 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-16 16:09 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-16 16:09 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-16 16:09 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-16 16:09 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-16 16:09 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-16 16:09 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-16 16:09 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-16 16:09 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-12-16 16:09 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-12-16 16:09 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-12-16 16:09 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-12-16 16:09 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-12-16 16:09 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-16 16:09 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-12-16 16:09 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-12-16 16:09 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-12-16 16:09 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-16 16:09 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-12-16 16:09 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-12-16 16:09 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-12-16 16:09 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-12-16 16:09 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-12-16 16:09 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-12-16 16:09 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-12-16 16:09 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-12-16 16:09 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-12-16 16:09 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-12-16 16:09 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-12-16 16:09 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-12-16 16:09 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-12-16 16:09 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-12-16 16:09 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-12-16 16:09 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-12-16 16:09 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-12-16 16:09 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-12-16 16:09 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-12-16 16:09 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-12-16 16:09 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-12-16 16:09 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-12-16 16:09 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-12-16 16:09 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-12-16 16:09 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-12-16 16:09 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-12-16 16:09 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-12-16 16:09 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-12-16 16:09 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-12-16 16:09 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-12-16 16:09 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-12-16 16:09 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-12-16 16:09 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-12-16 16:09 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-12-16 16:09 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-12-16 16:09 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-12-16 16:09 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-12-16 16:09 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-12-16 16:09 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-12-16 16:09 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-12-16 16:09 - 2013-07-12 11:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-12-16 16:09 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-12-16 16:09 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-12-16 16:09 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-12-16 16:09 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-12-16 16:09 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-12-16 16:09 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-12-16 16:09 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-12-16 16:09 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-12-16 16:09 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-12-16 16:09 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-12-16 16:09 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-12-16 16:09 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-12-16 16:09 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-12-16 16:09 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-12-16 16:09 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-12-16 16:09 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-12-16 16:09 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-12-16 16:09 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-12-16 16:09 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-12-16 16:09 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-12-16 16:09 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-12-16 16:08 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-12-16 16:08 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-12-16 16:08 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-12-16 16:08 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-12-16 16:08 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-12-16 09:22 - 2013-12-16 09:22 - 00013160 _____ C:\Users\Slavicek\Desktop\Registration New Pack.txt
2013-12-08 19:15 - 2013-12-08 19:15 - 00002937 _____ C:\Users\Slavicek\Documents\Žádost+o+úrok+z+prodlení_urg_email.odt
2013-12-07 21:02 - 2013-12-07 21:03 - 00000000 ____D C:\Users\Slavicek\Documents\Finanční arb

==================== One Month Modified Files and Folders =======

2013-12-21 13:42 - 2013-12-21 13:42 - 00021459 _____ C:\Users\Slavicek\Desktop\FRST.txt
2013-12-21 13:39 - 2013-03-13 18:16 - 00000000 __SHD C:\Users\Slavicek\AppData\Local\Microsoft\Windows\WebCache
2013-12-21 13:39 - 2013-03-01 12:04 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2013-12-21 13:39 - 2011-07-15 16:39 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-21 13:39 - 2011-06-02 10:41 - 04980736 ____H C:\Users\Slavicek\AppData\Local\Microsoft\Windows\UsrClass.dat
2013-12-21 13:39 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-21 13:39 - 2009-07-14 05:51 - 00012350 _____ C:\Windows\setupact.log
2013-12-21 13:38 - 2012-06-14 12:41 - 00003034 _____ C:\Windows\System32\Tasks\MSIAfterburner
2013-12-21 13:38 - 2011-06-02 10:41 - 01075423 _____ C:\Windows\WindowsUpdate.log
2013-12-21 13:38 - 2011-06-02 10:41 - 00000000 ____D C:\Users\Slavicek\AppData\Local\Microsoft\Windows\Caches
2013-12-21 13:34 - 2011-07-15 16:39 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-21 13:28 - 2011-06-14 06:39 - 00000958 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004605396-3039704758-1652441973-1000UA.job
2013-12-21 13:28 - 2009-07-14 05:45 - 00025712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-21 13:28 - 2009-07-14 05:45 - 00025712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-21 13:25 - 2009-07-14 06:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-21 13:22 - 2013-12-21 13:22 - 00028894 _____ C:\ComboFix.txt
2013-12-21 13:22 - 2013-12-21 13:12 - 00000000 ____D C:\Qoobox
2013-12-21 13:21 - 2013-12-21 13:12 - 00000000 ____D C:\Windows\erdnt
2013-12-21 13:21 - 2013-03-01 12:49 - 00000000 __SHD C:\Users\Slavicek\AppData\Local\Microsoft\Windows\Dočasné internetové súbory
2013-12-21 13:21 - 2010-11-21 04:47 - 00394764 _____ C:\Windows\PFRO.log
2013-12-21 13:21 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-12-21 13:06 - 2013-12-21 13:12 - 05155033 ____R (Swearware) C:\Users\Slavicek\Desktop\ComboFix.exe
2013-12-21 12:42 - 2013-12-21 12:42 - 00097886 _____ C:\Users\Slavicek\Desktop\Extras.Txt
2013-12-21 12:41 - 2013-12-21 12:41 - 00531032 _____ C:\Users\Slavicek\Desktop\OTL.Txt
2013-12-21 12:35 - 2013-03-01 12:04 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2013-12-21 12:26 - 2013-12-21 12:26 - 00000512 _____ C:\PhysicalMBR.bin
2013-12-21 12:22 - 2013-12-21 12:23 - 00602112 _____ (OldTimer Tools) C:\Users\Slavicek\Desktop\OTL.exe
2013-12-21 12:20 - 2013-12-21 11:33 - 00000000 ____D C:\Users\Slavicek\Documents\Stasznost
2013-12-21 11:41 - 2011-06-12 12:25 - 00000000 ____D C:\Users\Slavicek\AppData\Roaming\Skype
2013-12-20 22:54 - 2013-12-20 22:54 - 00000000 ____D C:\FRST
2013-12-20 22:53 - 2013-12-20 22:54 - 02193141 _____ (Farbar) C:\Users\Slavicek\Desktop\FRST64.exe
2013-12-20 22:53 - 2013-12-20 22:54 - 00112640 _____ (forum.viry.cz) C:\Users\Slavicek\Desktop\FRSTLauncher.exe
2013-12-20 21:55 - 2013-12-20 21:55 - 00000146 _____ C:\Users\Slavicek\Desktop\Zvuk - odkaz.lnk
2013-12-20 21:34 - 2009-07-14 05:45 - 00350688 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-20 18:38 - 2013-12-20 18:38 - 00000000 ____D C:\Users\Slavicek\AppData\Roaming\TeamViewer
2013-12-20 18:36 - 2013-12-20 18:36 - 00001173 _____ C:\Users\Public\Desktop\TeamViewer 9.lnk
2013-12-20 18:36 - 2013-12-20 18:36 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-12-20 16:50 - 2011-06-02 16:23 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-20 16:44 - 2013-12-20 16:44 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-12-20 16:44 - 2013-03-01 11:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-12-20 16:28 - 2011-06-14 06:39 - 00000906 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004605396-3039704758-1652441973-1000Core.job
2013-12-19 20:10 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-19 16:40 - 2013-12-18 14:52 - 00000000 ____D C:\Users\Slavicek\Documents\Vakcina
2013-12-19 09:56 - 2013-12-19 09:56 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-12-19 09:56 - 2013-12-19 09:56 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-12-19 09:56 - 2013-12-19 09:56 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-12-19 09:56 - 2013-12-19 09:56 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-12-19 09:56 - 2013-12-19 09:56 - 00000000 ____D C:\Users\Slavicek\AppData\Roaming\VitySoft
2013-12-19 09:56 - 2013-12-19 09:56 - 00000000 ____D C:\Users\Slavicek\.objectdb
2013-12-19 09:56 - 2013-12-19 09:56 - 00000000 ____D C:\ProgramData\Oracle
2013-12-19 09:56 - 2013-12-19 09:56 - 00000000 ____D C:\Program Files\Java
2013-12-19 09:56 - 2011-06-02 10:41 - 00000000 ____D C:\Users\Slavicek
2013-12-18 20:28 - 2012-12-25 14:56 - 02621440 ____H C:\Users\Mcx1-SLAVICEK-PC\AppData\Local\Microsoft\Windows\UsrClass.dat
2013-12-18 20:28 - 2011-06-02 11:42 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-18 20:27 - 2013-12-18 20:27 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-12-18 19:58 - 2013-12-18 19:57 - 00000000 ____D C:\Users\Slavicek\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2013-12-18 19:57 - 2013-12-18 19:57 - 00002588 _____ C:\Users\Slavicek\Desktop\Windows 7 USB DVD Download Tool.lnk
2013-12-18 19:57 - 2013-12-18 19:57 - 00000000 ____D C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2013-12-18 14:22 - 2013-12-18 14:22 - 00234010 _____ C:\Windows\system32\poclbm130302GeForceGTX670gv1w256l4pOpenCL1_1CUDA4_2_1.bin
2013-12-18 14:20 - 2013-12-18 14:20 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-12-18 14:20 - 2011-08-10 20:13 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2013-12-18 10:57 - 2013-12-18 10:57 - 00001957 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-12-18 10:57 - 2011-06-05 10:09 - 00003160 _____ C:\Windows\System32\Tasks\SidebarExecute
2013-12-18 10:57 - 2011-06-02 16:19 - 00381440 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2013-12-18 08:27 - 2013-12-18 08:27 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2013-12-18 08:24 - 2013-12-18 08:24 - 00000752 _____ C:\Users\Public\Desktop\Max Payne 3.lnk
2013-12-18 08:02 - 2013-12-18 08:02 - 00000000 ____D C:\Users\Slavicek\Documents\Rockstar Games
2013-12-17 22:46 - 2011-06-02 18:14 - 00000000 ____D C:\xGames
2013-12-17 18:18 - 2013-12-17 18:18 - 00000000 ____D C:\Program Files (x86)\pdfforge Toolbar
2013-12-17 18:18 - 2013-12-17 18:18 - 00000000 ____D C:\Program Files (x86)\Application Updater
2013-12-17 17:19 - 2012-11-12 07:49 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-17 17:19 - 2011-06-24 19:01 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-17 17:18 - 2013-12-17 17:18 - 00000000 ___SH C:\Users\Slavicek\AppData\Local\Microsoft\Windows\WebCacheLock.dat
2013-12-17 17:18 - 2011-06-02 10:41 - 00001420 _____ C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-17 17:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\sk-SK
2013-12-17 17:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\sk-SK
2013-12-17 17:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-17 15:54 - 2013-12-17 15:52 - 00009538 _____ C:\Windows\IE11_main.log
2013-12-17 15:52 - 2013-12-17 15:52 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-17 15:52 - 2013-12-17 15:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-17 15:52 - 2013-12-17 15:52 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-17 15:52 - 2013-12-17 15:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-17 15:52 - 2013-12-17 15:52 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-17 15:52 - 2013-12-17 15:52 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-17 15:52 - 2013-12-17 15:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-17 15:52 - 2013-12-17 15:52 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-17 15:52 - 2013-12-17 15:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-16 21:12 - 2013-01-30 12:41 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-16 21:09 - 2011-06-03 15:57 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-12-16 21:09 - 2011-06-02 11:55 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-12-16 20:49 - 2012-05-10 17:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-12-16 20:49 - 2011-09-15 05:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-12-16 16:15 - 2011-06-28 10:57 - 00767492 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-16 16:12 - 2013-01-30 12:40 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-12-16 16:11 - 2013-08-14 09:59 - 00000000 ____D C:\Windows\system32\MRT
2013-12-16 09:22 - 2013-12-16 09:22 - 00013160 _____ C:\Users\Slavicek\Desktop\Registration New Pack.txt
2013-12-13 15:29 - 2011-07-15 16:39 - 00003936 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-13 15:29 - 2011-07-15 16:39 - 00003684 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-08 19:15 - 2013-12-08 19:15 - 00002937 _____ C:\Users\Slavicek\Documents\Žádost+o+úrok+z+prodlení_urg_email.odt
2013-12-07 21:03 - 2013-12-07 21:02 - 00000000 ____D C:\Users\Slavicek\Documents\Finanční arb
2013-12-07 20:42 - 2011-06-12 12:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-07 20:42 - 2011-06-12 12:25 - 00000000 ____D C:\ProgramData\Skype
2013-12-07 20:40 - 2012-12-25 14:56 - 00000000 ____D C:\Users\Mcx1-SLAVICEK-PC
2013-12-07 20:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-12-07 20:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2013-12-06 16:23 - 2011-06-14 06:39 - 00003938 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1004605396-3039704758-1652441973-1000UA
2013-12-06 16:23 - 2011-06-14 06:39 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1004605396-3039704758-1652441973-1000Core
2013-12-06 08:53 - 2012-11-13 09:24 - 00002492 _____ C:\Users\Slavicek\Desktop\Google Chrome.lnk
2013-12-01 14:42 - 2011-06-02 12:23 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-26 12:54 - 2013-12-18 18:35 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 11:19 - 2013-12-18 18:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 11:18 - 2013-12-18 18:35 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 11:11 - 2013-12-18 18:35 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 10:48 - 2013-12-18 18:35 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 10:46 - 2013-12-18 18:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 10:41 - 2013-12-18 18:35 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 10:29 - 2013-12-18 18:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 10:27 - 2013-12-18 18:35 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 10:23 - 2013-12-18 18:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 10:21 - 2013-12-18 18:35 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 10:18 - 2013-12-18 18:35 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 10:18 - 2013-12-18 18:35 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 10:16 - 2013-12-18 18:35 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 09:57 - 2013-12-18 18:35 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 09:38 - 2013-12-18 18:35 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 09:38 - 2013-12-18 18:35 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 09:35 - 2013-12-18 18:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 09:32 - 2013-12-18 18:35 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 09:28 - 2013-12-18 18:35 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 09:16 - 2013-12-18 18:35 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 09:02 - 2013-12-18 18:35 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 08:48 - 2013-12-18 18:35 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 08:32 - 2013-12-18 18:35 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 08:26 - 2013-12-18 18:35 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 08:07 - 2013-12-18 18:35 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 07:40 - 2013-12-18 18:35 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 07:34 - 2013-12-18 18:35 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 07:34 - 2013-12-18 18:35 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 07:33 - 2013-12-18 18:35 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 07:27 - 2013-12-18 18:35 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-23 19:26 - 2013-12-16 16:09 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-11-23 18:47 - 2013-12-16 16:09 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll

Some content of TEMP:
====================
C:\Users\Slavicek\AppData\Local\Microsoft\Windows\Temp\sfamcc00001.dll
C:\Users\Slavicek\AppData\Local\Microsoft\Windows\Temp\sfareca00001.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-20 17:13




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (SSD) (Fixed) (Total:89.43 GB) (Free:13.95 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:345.57 GB) (Free:9.81 GB) NTFS
Drive e: (Install_FIlmy) (Fixed) (Total:585.94 GB) (Free:56.93 GB) NTFS
Drive g: () (Removable) (Total:3.73 GB) (Free:0.72 GB) NTFS
Drive h: (Nový zväzok) (Fixed) (Total:376.27 GB) (Free:3.3 GB) NTFS
Drive i: () (Fixed) (Total:110 GB) (Free:57.07 GB) NTFS
Drive j: (Adrika) (Fixed) (Total:109.89 GB) (Free:85.4 GB) NTFS

Available physical RAM: 6038.86 MB
Total physical RAM: 8168.8 MB
Percentage of memory in use: 26%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 89 GB) (Disk ID: 3FBA4E6A)
Partition 1: (Active) - (Size=89 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 9B64CFD8)
Partition 1: (Not Active) - (Size=376 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=220 GB) - (Type=OF Extended)
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 4284FF7D)
Partition 1: (Not Active) - (Size=346 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=586 GB) - (Type=07 NTFS)
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 4 GB) (Disk ID: 00000000)
Partition 1: (Active) - (Size=4 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004605396-3039704758-1652441973-1000Core.job => C:\Users\Slavicek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004605396-3039704758-1652441973-1000UA.job => C:\Users\Slavicek\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57
AlternateDataStreams: C:\ProgramData\TEMP:8927A071
AlternateDataStreams: C:\ProgramData\TEMP:B468194E

==================== Security Center ==================

AV: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Slavicek\Desktop" je 8 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\Slavicek\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pocket Navigator Installer 6.0
C:\Program Files (x86)\Navigator11\Setup Utility\clickertray.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Winlog.exe CPU usage 40%, GPU Usage 90%

Napsal: 21 pro 2013 16:29
od durod
https://www.virustotal.com/cs/file/d9c8 ... 387639621/
https://www.virustotal.com/cs/file/029c ... 387639809/
https://www.virustotal.com/cs/file/2010 ... 387640026/

Re: Winlog.exe CPU usage 40%, GPU Usage 90%

Napsal: 21 pro 2013 20:36
od durod
po probehnuti combofixu je vse OK....co to bylo za havet?

Re: Winlog.exe CPU usage 40%, GPU Usage 90%

Napsal: 22 pro 2013 18:59
od durod
# AdwCleaner v3.015 - Report created 22/12/2013 at 12:00:21
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Slavicek - SLAVICEK-PC
# Running from : C:\Users\Slavicek\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : Application Updater

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Anti-phishing Domain Advisor
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Program Files (x86)\Application Updater
Folder Deleted : C:\Program Files (x86)\pdfforge Toolbar
Folder Deleted : C:\Program Files (x86)\Common Files\Spigot
Folder Deleted : C:\Users\Slavicek\AppData\Local\apn
Folder Deleted : C:\Users\Slavicek\AppData\Local\Babylon
Folder Deleted : C:\Users\Slavicek\AppData\LocalLow\pdfforge
Folder Deleted : C:\Users\Slavicek\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Slavicek\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Slavicek\AppData\Roaming\yourfiledownloader
File Deleted : C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\Extensions\pdfforge@mybrowserbar.com
File Deleted : C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\searchplugins\Askcom.xml
File Deleted : C:\Windows\System32\Tasks\Your File Updater

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B922D405-6D13-4A2B-AE89-08A030DA4402}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B922D405-6D13-4A2B-AE89-08A030DA4402}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\pdfforge
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKCU\Software\AppDataLow\Software\pdfforge
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\Software\pdfforge
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\Software\YourFileDownloader

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v5.0 (sk)

[ File : C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\cksie3dt.default\prefs.js ]

Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("extensions.toolbar@ask.com.install-event-fired", true);

-\\ Google Chrome v

[ File : C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [5660 octets] - [22/12/2013 11:51:51]
AdwCleaner[R1].txt - [5703 octets] - [22/12/2013 11:57:53]
AdwCleaner[S0].txt - [5482 octets] - [22/12/2013 12:00:21]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5542 octets] ##########

@ KMS....chtel jsem vyzkouset MS Access

diky za pomoc, vse je OK....
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz