Dobrý večer prajem,
poprosil by som o pomoc, prípadne radu, kam sa obrátiť s problémom:
Asi pred mesiacom som mal na C: - systémový disk - 40GB voľného miesta z 60.
Všimol som si, že zrazu je tam len 20GB. Každým dňom je o nikoľlo GB menej. Kontroloval som veľkosť Program files aj Program data aj Users aj Windows. Nedochádza k významnejším zmenám.
Na tomto fóre som požiadal o pomoc, nebol nájdený žiadny malware.
Podľa pokynu som odinštaloval Spyware terminato a nainštaloval Malwarebytes Antimalware. Dvojková verzia skončila modrou obrazovkou. MBAM 1.75 nič nenašla. Keď sa miesto kriticky zmenšovalo na necelých 5GB, v panike som ešte odinštaloval niekoľko programov.
Zvláštnosť: Piriform Defraggler mi ukázal 4% fragmentovaných súborov. Po defragmentácii sa zvýšila fragmentácia na 20%. Momentále okolo 37%. Fragmentované sú systémové súbory.
Ďalšie ALE: windovsovský nástroj na defragmentáciu stále ukazuje len 1%.
Trošku mi to pripomína kedysi známy vírus "OneHalf".
Ďakujem za Váš čas a ochotu.
Jožo
---------
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-11-2014
Ran by janka (administrator) on JANKA-PC on 25-11-2014 18:04:29
Running from C:\Users\janka\Desktop
Loaded Profile: janka (Available profiles: janka)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Nalpeiron Ltd.) C:\Windows\System32\nlssrv32.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(acer) C:\Program Files\Acer\Empowering Technology\ePower\ePowerSvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
() C:\Windows\PLFSetI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CyberLink) C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(C. Ghisler & Co.) C:\Program Files\Total Commander\TOTALCMD.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox 4.0 Beta 7\firefox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(forum.viry.cz) C:\Users\janka\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7625248 2009-07-23] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1557800 2009-08-28] (Synaptics Incorporated)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [eAudio] => C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [1286144 2007-04-26] (CyberLink)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [IaNvSrv] => C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe [33304 2009-07-13] (Intel Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-21] (AVAST Software)
HKU\S-1-5-21-192176685-3027731864-3682753610-1000\...\MountPoints2: {38a766b6-537f-11e4-97a0-001b247917f7} - F:\AutoRun.exe
HKU\S-1-5-21-192176685-3027731864-3682753610-1000\...\MountPoints2: {38a766bd-537f-11e4-97a0-001b247917f7} - F:\AutoRun.exe
HKU\S-1-5-21-192176685-3027731864-3682753610-1000\...\MountPoints2: {5de8db8c-f8db-11df-bdf8-001b247917f7} - G:\autorun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk
ShortcutTarget: Empowering Technology Launcher.lnk -> C:\Program Files\Acer\Empowering Technology\eAPLauncher.exe (Acer Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-192176685-3027731864-3682753610-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-192176685-3027731864-3682753610-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCAD9DA8CDB8CCB01
SearchScopes: HKLM -> DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 195.146.132.58 195.146.128.62
FireFox:
========
FF ProfilePath: C:\Users\janka\AppData\Roaming\Mozilla\Firefox\Profiles\n3ytitto.default
FF Homepage: about:home
FF NetworkProxy: "type", 1
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\janka\AppData\Roaming\Mozilla\Firefox\Profiles\n3ytitto.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Users\janka\AppData\Roaming\Mozilla\Firefox\Profiles\n3ytitto.default\searchplugins\facebook-search.xml
FF SearchPlugin: C:\Users\janka\AppData\Roaming\Mozilla\Firefox\Profiles\n3ytitto.default\searchplugins\googletranslate.xml
FF Extension: DownloadHelper - C:\Users\janka\AppData\Roaming\Mozilla\Firefox\Profiles\n3ytitto.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: Adblock Plus - C:\Users\janka\AppData\Roaming\Mozilla\Firefox\Profiles\n3ytitto.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-10]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-06]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox 4.0 Beta 7\firefox.exe
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-19]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-19] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3192344 2014-11-19] (Avast Software)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [13080 2010-05-11] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 nlsX86cc; C:\Windows\system32\nlssrv32.exe [66560 2012-01-31] (Nalpeiron Ltd.) [File not signed]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 WMIService; C:\Program Files\Acer\Empowering Technology\ePower\ePowerSvc.exe [167936 2007-09-20] (acer) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-11-19] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-11-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-11-19] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-11-19] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-11-21] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2014-11-19] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-11-19] ()
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [79576 2014-11-24] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119000 2014-11-25] (Malwarebytes Corporation)
R3 nuvotoncir; C:\Windows\System32\DRIVERS\nuvotoncir.sys [44544 2009-06-24] (Nuvoton Technology Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [104744 2009-03-25] (MCCI Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-11-25] () [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [218192 2014-11-19] (Avast Software)
S3 WLAN(WLAN); C:\Windows\System32\DRIVERS\zd1211u.sys [248320 2004-10-06] (ZyDAS Technology Corporation) [File not signed]
U3 abxclr3s; C:\Windows\system32\Drivers\abxclr3s.sys [0 ] (Microsoft Corporation)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-03-09] () [File not signed]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-25 18:04 - 2014-11-25 18:05 - 00011671 _____ () C:\Users\janka\Desktop\FRST.txt
2014-11-25 18:04 - 2014-11-25 18:04 - 00000000 ____D () C:\FRST
2014-11-25 16:43 - 2014-11-25 18:03 - 00112640 _____ (forum.viry.cz) C:\Users\janka\Desktop\FRSTLauncher.exe
2014-11-25 16:43 - 2014-11-25 16:39 - 01110016 _____ (Farbar) C:\Users\janka\Desktop\FRST.exe
2014-11-25 14:54 - 2014-11-25 14:55 - 00160288 _____ () C:\Windows\Minidump\112514-51293-01.dmp
2014-11-25 14:50 - 2014-11-25 14:50 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-25 14:47 - 2014-11-25 14:54 - 00000112 _____ () C:\Windows\setupact.log
2014-11-25 14:47 - 2014-11-25 14:47 - 00000318 _____ () C:\Windows\PFRO.log
2014-11-25 14:47 - 2014-11-25 14:47 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-25 14:43 - 2014-11-25 14:46 - 00000000 ____D () C:\AdwCleaner
2014-11-24 19:31 - 2014-11-25 14:51 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-11-24 19:30 - 2014-11-25 14:49 - 00000000 ____D () C:\Users\janka\Desktop\mbar
2014-11-24 19:30 - 2014-11-24 19:30 - 00079576 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-22 07:22 - 2014-11-22 07:22 - 00000247 _____ () C:\Windows\system32\2014-11-22-06-22-38.007-aswFe.exe-3976.log
2014-11-22 07:16 - 2014-11-22 07:22 - 00000247 _____ () C:\Windows\system32\2014-11-22-06-16-15.071-aswFe.exe-4912.log
2014-11-22 00:46 - 2014-11-22 00:46 - 00000000 ____D () C:\Program Files\Mozilla Firefox 4.0 Beta 7
2014-11-19 14:38 - 2014-11-19 14:38 - 00000197 _____ () C:\Windows\system32\2014-11-19-13-38-52.068-AvastVBoxSVC.exe-1436.log
2014-11-19 14:22 - 2014-11-19 14:22 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-19 14:22 - 2014-11-19 14:22 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-12 10:47 - 2014-11-12 10:47 - 00000247 _____ () C:\Windows\system32\2014-11-12-09-47-01.002-aswFe.exe-5048.log
2014-11-12 10:33 - 2014-11-12 10:46 - 00000247 _____ () C:\Windows\system32\2014-11-12-09-33-13.088-aswFe.exe-3132.log
2014-11-11 13:21 - 2014-11-11 13:27 - 00000247 _____ () C:\Windows\system32\2014-11-11-12-21-28.032-aswFe.exe-5948.log
2014-11-11 11:29 - 2014-11-11 11:29 - 00001027 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-11 11:29 - 2014-11-11 11:29 - 00000000 ____D () C:\Users\janka\AppData\Roaming\Malwarebytes
2014-11-11 11:29 - 2014-11-11 11:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-11-11 11:29 - 2014-11-11 11:29 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-11-11 11:29 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-11 11:28 - 2014-11-11 11:28 - 00000197 _____ () C:\Windows\system32\2014-11-11-10-28-50.019-AvastVBoxSVC.exe-5224.log
2014-11-11 11:05 - 2014-11-11 11:05 - 00000247 _____ () C:\Windows\system32\2014-11-11-10-05-29.079-aswFe.exe-5068.log
2014-11-11 10:59 - 2014-11-11 11:05 - 00000247 _____ () C:\Windows\system32\2014-11-11-09-59-40.081-aswFe.exe-5228.log
2014-11-11 10:59 - 2014-11-11 10:59 - 00000197 _____ () C:\Windows\system32\2014-11-11-09-59-35.045-AvastVBoxSVC.exe-3056.log
2014-11-11 10:18 - 2014-11-11 10:18 - 00000197 _____ () C:\Windows\system32\2014-11-11-09-18-49.085-AvastVBoxSVC.exe-5628.log
2014-11-11 10:05 - 2014-11-11 10:05 - 00000247 _____ () C:\Windows\system32\2014-11-11-09-05-03.002-aswFe.exe-4204.log
2014-11-11 09:54 - 2014-11-11 09:54 - 00000197 _____ () C:\Windows\system32\2014-11-11-08-54-24.045-AvastVBoxSVC.exe-4184.log
2014-11-11 07:27 - 2014-11-11 07:27 - 00000247 _____ () C:\Windows\system32\2014-11-11-06-27-47.002-aswFe.exe-1188.log
2014-11-11 07:22 - 2014-11-11 07:27 - 00000247 _____ () C:\Windows\system32\2014-11-11-06-22-25.065-aswFe.exe-2776.log
2014-11-11 07:06 - 2014-11-11 07:06 - 00000197 _____ () C:\Windows\system32\2014-11-11-06-06-14.016-AvastVBoxSVC.exe-5676.log
2014-11-11 06:05 - 2014-11-11 06:05 - 00000247 _____ () C:\Windows\system32\2014-11-11-05-05-34.085-aswFe.exe-6128.log
2014-11-11 05:57 - 2014-11-11 06:05 - 00000247 _____ () C:\Windows\system32\2014-11-11-04-57-23.074-aswFe.exe-4736.log
2014-11-11 05:50 - 2014-11-11 05:50 - 00000197 _____ () C:\Windows\system32\2014-11-11-04-50-13.007-AvastVBoxSVC.exe-4576.log
2014-11-09 13:13 - 2014-11-09 13:22 - 00000247 _____ () C:\Windows\system32\2014-11-09-12-13-07.087-aswFe.exe-5192.log
2014-11-09 13:03 - 2014-11-09 13:03 - 00000197 _____ () C:\Windows\system32\2014-11-09-12-03-52.097-AvastVBoxSVC.exe-4272.log
2014-11-04 15:39 - 2014-11-04 15:46 - 00000247 _____ () C:\Windows\system32\2014-11-04-14-39-57.087-aswFe.exe-4428.log
2014-11-04 15:39 - 2014-11-04 15:39 - 00000197 _____ () C:\Windows\system32\2014-11-04-14-39-53.046-AvastVBoxSVC.exe-4684.log
2014-11-03 12:22 - 2014-11-03 12:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-10-26 12:31 - 2014-10-26 12:31 - 00000197 _____ () C:\Windows\system32\2014-10-26-11-31-26.055-AvastVBoxSVC.exe-3412.log
2014-10-26 11:56 - 2014-09-29 01:41 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-26 11:56 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-26 11:56 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-26 11:56 - 2014-09-19 01:50 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-26 11:56 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-26 11:55 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-26 11:55 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-26 11:55 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-26 11:55 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-26 11:55 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-26 11:55 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-26 11:55 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-26 11:55 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-26 11:55 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-26 11:55 - 2014-09-19 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-26 11:55 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-26 11:55 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-26 11:55 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-26 11:55 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-26 11:55 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-26 11:55 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-26 11:55 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-26 11:55 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-26 11:55 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-26 11:55 - 2014-09-19 01:44 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-26 11:55 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-26 11:55 - 2014-09-19 01:20 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-26 11:55 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-26 11:55 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-26 11:55 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-26 11:55 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-26 11:55 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-26 11:55 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-26 11:55 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-26 11:55 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-26 11:55 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-26 11:55 - 2014-07-17 02:39 - 00919552 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-26 11:55 - 2014-07-17 02:39 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-26 11:55 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-26 11:55 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-10-26 11:55 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-26 11:55 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-26 11:55 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-26 11:55 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-26 11:55 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-10-26 11:55 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-10-26 11:55 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-10-26 11:55 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-10-26 11:55 - 2014-07-09 02:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-10-26 11:55 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-10-26 11:55 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-26 11:55 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-26 11:55 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-26 11:54 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-26 11:54 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-26 11:51 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-25 15:05 - 2009-07-14 05:34 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-25 15:05 - 2009-07-14 05:34 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-25 15:02 - 2014-01-31 15:25 - 01618088 _____ () C:\Windows\WindowsUpdate.log
2014-11-25 14:54 - 2010-12-17 11:51 - 00000000 ____D () C:\Windows\Minidump
2014-11-25 14:54 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-25 12:16 - 2010-12-02 19:14 - 00084520 _____ () C:\Users\janka\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-25 12:15 - 2009-07-14 05:33 - 01678176 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-24 20:17 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-24 20:10 - 2010-11-25 22:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-24 20:09 - 2010-11-25 21:57 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-11-24 20:09 - 2009-07-14 05:52 - 00000000 ____D () C:\Program Files\MSBuild
2014-11-24 20:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-11-24 20:08 - 2009-07-14 08:50 - 00000000 ____D () C:\Windows\ShellNew
2014-11-24 15:51 - 2011-12-03 05:29 - 00000000 ____D () C:\Users\janka\AppData\Roaming\vlc
2014-11-24 05:18 - 2012-05-06 15:35 - 00000000 ____D () C:\Users\janka\AppData\Local\CrashDumps
2014-11-24 02:00 - 2010-11-25 22:47 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-11-24 01:58 - 2010-11-25 22:47 - 00000000 ____D () C:\Program Files\Adobe
2014-11-24 01:49 - 2010-11-25 22:47 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-23 22:17 - 2014-08-15 23:49 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.boj
2014-11-23 18:44 - 2011-03-04 01:14 - 00716744 _____ () C:\Windows\system32\perfh019.dat
2014-11-23 18:44 - 2011-03-04 01:14 - 00151050 _____ () C:\Windows\system32\perfc019.dat
2014-11-23 18:44 - 2011-03-04 00:31 - 00145744 _____ () C:\Windows\system32\perfh01B.dat
2014-11-23 18:44 - 2011-03-04 00:31 - 00037250 _____ () C:\Windows\system32\perfc01B.dat
2014-11-23 18:44 - 2010-11-25 21:02 - 04345386 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-22 14:01 - 2010-11-25 21:36 - 00000000 ____D () C:\Users\janka\Documents\Bluetooth Exchange Folder
2014-11-22 07:03 - 2011-02-24 20:20 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-22 07:00 - 2012-03-17 10:58 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-21 02:22 - 2013-11-09 11:05 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-11-19 19:10 - 2011-03-22 18:34 - 00000000 ____D () C:\Windows\pss
2014-11-19 14:37 - 2013-10-01 07:53 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-11-19 14:37 - 2013-10-01 07:53 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-11-19 14:22 - 2014-10-23 06:22 - 00002005 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-11-19 14:22 - 2014-04-23 03:03 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-19 14:22 - 2013-12-18 04:18 - 00091496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-11-19 14:22 - 2013-09-06 12:29 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-19 14:22 - 2013-09-06 12:28 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2014-11-19 14:22 - 2013-09-06 12:28 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-19 14:22 - 2012-02-24 04:24 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-15 09:05 - 2010-11-25 20:58 - 00000000 ____D () C:\Users\janka
2014-11-11 11:29 - 2014-10-03 11:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-11 10:26 - 2009-07-14 05:53 - 00032568 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-11 09:50 - 2010-11-25 22:44 - 00000000 ____D () C:\Program Files\Total Commander
2014-11-04 14:30 - 2010-11-25 21:14 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-26 13:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-10-26 12:23 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-10-26 12:23 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ru-RU
2014-10-26 12:23 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\fr-FR
2014-10-26 12:23 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-10-26 12:13 - 2013-08-12 11:19 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-26 12:01 - 2010-11-25 22:01 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Some content of TEMP:
====================
C:\Users\janka\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:58.5 GB) (Free:5.91 GB) NTFS
Drive d: () (Fixed) (Total:90.45 GB) (Free:32.17 GB) NTFS
Drive f: (Elements) (Fixed) (Total:1397.26 GB) (Free:618.14 GB) NTFS
Available physical RAM: 899.09 MB
Total physical RAM: 2046.41 MB
Percentage of memory in use: 56%
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\Windows:nlsPreferences
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\janka\Desktop" je 30 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Belkin Storage Manager
"C:\Program Files\Belkin Storage Manager\StorageManager.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant
"C:\Program Files\Unlocker\UnlockerAssistant.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^802.11b+g USB Wireless LAN Utility.lnk
C:\PROGRA~1\WLAN\802~1.11B\ZDWlan.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim o pomoc - system "odkrajuje" týždenne 10GB z disku C:
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
yossarian2
- Návštěvník
- Příspěvky: 48
- Registrován: 29 pro 2009 18:32
-
yossarian2
- Návštěvník
- Příspěvky: 48
- Registrován: 29 pro 2009 18:32
Re: Prosim o pomoc - system "odkrajuje" týždenne 10GB z disk
Ešte doplním: odstránil som niekoľko bodov obnovy. Pokúsil som sa obnoviť systém, ale neúspešne:
Toto mi vypísalo:
Obnovovanie systému sa nedokončilo úspešne. Systémové súbory a nastavenia počítača sa nezmenili.
Podrobnosti:
Nástroj Obnovovanie systému zlyhal pri kopírovaní databázy Registry z bodu obnovenia.
Počas obnovovania systému sa vyskytla neznáma chyba (0x80070570)
Toto mi vypísalo:
Obnovovanie systému sa nedokončilo úspešne. Systémové súbory a nastavenia počítača sa nezmenili.
Podrobnosti:
Nástroj Obnovovanie systému zlyhal pri kopírovaní databázy Registry z bodu obnovenia.
Počas obnovovania systému sa vyskytla neznáma chyba (0x80070570)
-
yossarian2
- Návštěvník
- Příspěvky: 48
- Registrován: 29 pro 2009 18:32
Re: Prosim o pomoc - system "odkrajuje" týždenne 10GB z disk
Už zmätkujem. Ešte som zabudol napísať, že po reštarte mi vždy v adr.:
C:\Users\janka\AppData\Local\Temp\..
vygeneruje súbor, tuším sa volá rtkbmnt.exe, ktorý je viazaný na proces rovnakého mena. Ten som zhodil v správcovi úloh a vymazal.
Ešte doplním do prílohy Addition.rar
C:\Users\janka\AppData\Local\Temp\..
vygeneruje súbor, tuším sa volá rtkbmnt.exe, ktorý je viazaný na proces rovnakého mena. Ten som zhodil v správcovi úloh a vymazal.
Ešte doplním do prílohy Addition.rar
- Přílohy
-
- Addition.rar
- (5.78 KiB) Staženo 35 x
Re: Prosim o pomoc - system "odkrajuje" týždenne 10GB z disk
Zdravim 
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
yossarian2
- Návštěvník
- Příspěvky: 48
- Registrován: 29 pro 2009 18:32
Re: Prosim o pomoc - system "odkrajuje" týždenne 10GB z disk
OTL beží. Pozerám, že je tam nastavené File age - 30 days. Pred mesiacom som si všimol úbytok miesta z cca 40GB na polovicu, problém pravdepodobne vznikol ešte skôr.
Do popisu doplním: približne v tom období mi odišiel Router Belkin N+ a menil som ho za D-Link. Mohlo by to mať súvis, alebo aj nie.
Do popisu doplním: približne v tom období mi odišiel Router Belkin N+ a menil som ho za D-Link. Mohlo by to mať súvis, alebo aj nie.
-
yossarian2
- Návštěvník
- Příspěvky: 48
- Registrován: 29 pro 2009 18:32
Re: Prosim o pomoc - system "odkrajuje" týždenne 10GB z disk
OTL logfile created on: 25. 11. 2014 20:15:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\janka\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
2,00 Gb Total Physical Memory | 0,95 Gb Available Physical Memory | 47,48% Memory free
4,00 Gb Paging File | 2,63 Gb Available in Paging File | 65,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58,50 Gb Total Space | 5,83 Gb Free Space | 9,97% Space Free | Partition Type: NTFS
Drive D: | 90,45 Gb Total Space | 32,17 Gb Free Space | 35,57% Space Free | Partition Type: NTFS
Drive F: | 1397,26 Gb Total Space | 618,87 Gb Free Space | 44,29% Space Free | Partition Type: NTFS
Computer Name: JANKA-PC | User Name: janka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/11/25 20:09:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\janka\Desktop\OTL.exe
PRC - [2014/11/22 00:46:21 | 000,337,520 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox 4.0 Beta 7\firefox.exe
PRC - [2014/11/21 02:22:27 | 005,226,600 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014/11/19 14:22:06 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/09/12 10:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/07/22 18:17:50 | 003,643,160 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/11/23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/01/31 20:36:52 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\System32\nlssrv32.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/01 18:03:12 | 000,582,944 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2009/06/04 19:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/07/29 19:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2007/09/20 13:57:28 | 000,167,936 | ---- | M] (acer) -- C:\Program Files\Acer\Empowering Technology\ePower\ePowerSvc.exe
PRC - [2007/06/21 21:34:06 | 001,071,048 | ---- | M] (C. Ghisler & Co.) -- C:\Program Files\Total Commander\TOTALCMD.EXE
PRC - [2007/04/26 17:54:56 | 001,286,144 | ---- | M] (CyberLink) -- C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
========== Modules (No Company Name) ==========
MOD - [2014/11/22 00:46:18 | 003,758,192 | ---- | M] () -- C:\Program Files\Mozilla Firefox 4.0 Beta 7\mozjs.dll
MOD - [2014/11/19 14:22:12 | 038,562,088 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/07/22 23:49:54 | 000,036,864 | ---- | M] () -- C:\Program Files\CCleaner\Lang\lang-1051.dll
MOD - [2010/03/09 03:55:56 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2008/07/29 19:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2007/06/21 21:34:08 | 000,032,768 | ---- | M] () -- C:\Program Files\Total Commander\WCMZIP32.DLL
MOD - [2007/06/21 07:01:00 | 000,163,328 | ---- | M] () -- C:\Program Files\Total Commander\UNRAR.DLL
========== Services (SafeList) ==========
SRV - [2014/11/22 00:46:19 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/11/19 14:37:46 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/11/19 14:22:06 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/11/19 14:21:54 | 003,192,344 | ---- | M] (Avast Software) [On_Demand | Stopped] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV - [2014/09/19 01:50:15 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014/09/12 10:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/05/27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/02/04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012/01/31 20:36:52 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\System32\nlssrv32.exe -- (nlsX86cc)
SRV - [2011/02/28 18:13:12 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/05/11 10:34:05 | 000,013,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe -- (c2wts)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/01 18:03:12 | 000,582,944 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007/09/20 13:57:28 | 000,167,936 | ---- | M] (acer) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (abxclr3s)
DRV - [2014/11/25 14:50:48 | 000,119,000 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2014/11/24 19:30:37 | 000,079,576 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV - [2014/11/22 07:03:35 | 000,787,800 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsnx.sys -- (aswSnx)
DRV - [2014/11/21 02:22:25 | 000,423,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP)
DRV - [2014/11/19 14:22:16 | 000,206,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/11/19 14:22:16 | 000,091,496 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswstm.sys -- (aswStm)
DRV - [2014/11/19 14:22:15 | 000,081,768 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014/11/19 14:22:15 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswmonflt.sys -- (aswMonFlt)
DRV - [2014/11/19 14:22:15 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014/11/19 14:22:15 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2014/11/19 14:21:54 | 000,218,192 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/11/25 22:29:43 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010/11/20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/11/11 00:11:46 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010/11/11 00:11:46 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2010/11/11 00:11:46 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010/03/09 03:52:44 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2009/08/06 16:16:00 | 009,824,000 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/07/13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
DRV - [2009/07/01 18:05:10 | 000,232,472 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\iaNvStor.sys -- (iaNvStor)
DRV - [2009/06/25 16:58:10 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2009/06/25 16:25:58 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2009/06/25 16:10:48 | 000,044,544 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2009/06/24 14:03:02 | 000,044,544 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nuvotoncir.sys -- (nuvotoncir)
DRV - [2009/03/25 16:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009/03/25 16:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic)
DRV - [2009/03/25 16:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt)
DRV - [2009/03/25 16:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009/03/25 16:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus)
DRV - [2009/03/25 16:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5)
DRV - [2009/03/25 16:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2007/05/26 13:37:28 | 000,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2004/10/06 18:49:04 | 000,248,320 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZD1211U.sys -- (WLAN(WLAN)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-192176685-3027731864-3682753610-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-192176685-3027731864-3682753610-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CA D9 DA 8C DB 8C CB 01 [binary data]
IE - HKU\S-1-5-21-192176685-3027731864-3682753610-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-192176685-3027731864-3682753610-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-192176685-3027731864-3682753610-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-192176685-3027731864-3682753610-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-192176685-3027731864-3682753610-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.24
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0
FF - prefs.js..network.proxy.type: 1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/11/19 14:22:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 7\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 7\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
[2010/11/25 21:03:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\janka\AppData\Roaming\mozilla\Extensions
[2014/11/22 23:58:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\janka\AppData\Roaming\mozilla\Firefox\Profiles\n3ytitto.default\extensions
[2014/09/06 00:47:03 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\janka\AppData\Roaming\mozilla\Firefox\Profiles\n3ytitto.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014/11/12 17:57:55 | 000,979,699 | ---- | M] () (No name found) -- C:\Users\janka\AppData\Roaming\mozilla\firefox\profiles\n3ytitto.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/08/06 07:38:26 | 000,001,937 | ---- | M] () -- C:\Users\janka\AppData\Roaming\mozilla\firefox\profiles\n3ytitto.default\searchplugins\duckduckgo.xml
[2014/08/06 07:41:27 | 000,000,851 | ---- | M] () -- C:\Users\janka\AppData\Roaming\mozilla\firefox\profiles\n3ytitto.default\searchplugins\facebook-search.xml
[2014/08/06 07:30:49 | 000,001,669 | ---- | M] () -- C:\Users\janka\AppData\Roaming\mozilla\firefox\profiles\n3ytitto.default\searchplugins\googletranslate.xml
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe (Intel Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.146.132.58 195.146.128.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{33A595D6-AFE2-4919-8A38-BDAE038B5657}: DhcpNameServer = 195.146.132.58 195.146.128.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{45A0A979-8DF3-4323-BE03-6BAA9BEC62F5}: DhcpNameServer = 192.168.2.1 192.168.2.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/07/10 03:06:41 | 000,000,000 | RH-D | M] - F:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002/10/16 13:56:50 | 000,000,036 | RH-- | M] () - F:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{38a766b6-537f-11e4-97a0-001b247917f7}\Shell - "" = AutoRun
O33 - MountPoints2\{38a766b6-537f-11e4-97a0-001b247917f7}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{38a766bd-537f-11e4-97a0-001b247917f7}\Shell - "" = AutoRun
O33 - MountPoints2\{38a766bd-537f-11e4-97a0-001b247917f7}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{5de8db8c-f8db-11df-bdf8-001b247917f7}\Shell - "" = AutoRun
O33 - MountPoints2\{5de8db8c-f8db-11df-bdf8-001b247917f7}\Shell\AutoRun\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014/11/25 20:09:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\janka\Desktop\OTL.exe
[2014/11/25 18:04:10 | 000,000,000 | ---D | C] -- C:\FRST
[2014/11/25 16:43:25 | 001,110,016 | ---- | C] (Farbar) -- C:\Users\janka\Desktop\FRST.exe
[2014/11/25 16:43:01 | 000,112,640 | ---- | C] (forum.viry.cz) -- C:\Users\janka\Desktop\FRSTLauncher.exe
[2014/11/25 14:50:48 | 000,119,000 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/11/25 14:43:21 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/11/24 20:08:43 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/11/24 19:31:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014/11/24 19:30:37 | 000,079,576 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/11/24 19:30:27 | 000,000,000 | ---D | C] -- C:\Users\janka\Desktop\mbar
[2014/11/22 00:46:03 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox 4.0 Beta 7
[2014/11/19 14:22:18 | 000,291,352 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/11/19 14:22:15 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/11/11 11:29:54 | 000,000,000 | ---D | C] -- C:\Users\janka\AppData\Roaming\Malwarebytes
[2014/11/11 11:29:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/11/11 11:29:32 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/11/11 11:29:31 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014/11/03 12:22:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/11/25 20:18:28 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/11/25 20:09:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\janka\Desktop\OTL.exe
[2014/11/25 18:03:47 | 000,029,696 | ---- | M] () -- C:\Users\janka\AppData\Local\MSGBOX.EXE
[2014/11/25 18:03:47 | 000,015,327 | ---- | M] () -- C:\Users\janka\Desktop\LM.bat
[2014/11/25 18:03:16 | 000,112,640 | ---- | M] (forum.viry.cz) -- C:\Users\janka\Desktop\FRSTLauncher.exe
[2014/11/25 16:39:10 | 001,110,016 | ---- | M] (Farbar) -- C:\Users\janka\Desktop\FRST.exe
[2014/11/25 15:05:33 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/11/25 15:05:33 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/11/25 14:54:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/11/25 14:54:27 | 1609,363,456 | -HS- | M] () -- C:\hiberfil.sys
[2014/11/25 14:50:48 | 000,119,000 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/11/25 12:15:53 | 001,678,176 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/11/24 19:30:37 | 000,079,576 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/11/23 22:17:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.boj
[2014/11/23 18:44:16 | 000,737,860 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2014/11/23 18:44:16 | 000,716,744 | ---- | M] () -- C:\Windows\System32\perfh019.dat
[2014/11/23 18:44:16 | 000,689,352 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2014/11/23 18:44:16 | 000,660,984 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014/11/23 18:44:16 | 000,654,480 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/11/23 18:44:16 | 000,151,050 | ---- | M] () -- C:\Windows\System32\perfc019.dat
[2014/11/23 18:44:16 | 000,149,788 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2014/11/23 18:44:16 | 000,149,324 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2014/11/23 18:44:16 | 000,145,744 | ---- | M] () -- C:\Windows\System32\perfh01B.dat
[2014/11/23 18:44:16 | 000,141,634 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014/11/23 18:44:16 | 000,122,352 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/11/23 18:44:16 | 000,037,250 | ---- | M] () -- C:\Windows\System32\perfc01B.dat
[2014/11/22 07:03:35 | 000,787,800 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsnx.sys
[2014/11/21 02:22:25 | 000,423,784 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsp.sys
[2014/11/19 14:37:46 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/11/19 14:37:46 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/11/19 14:22:30 | 000,002,005 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2014/11/19 14:22:16 | 000,206,248 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/11/19 14:22:16 | 000,091,496 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswstm.sys
[2014/11/19 14:22:15 | 000,291,352 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/11/19 14:22:15 | 000,081,768 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/11/19 14:22:15 | 000,070,384 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswmonflt.sys
[2014/11/19 14:22:15 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/11/19 14:22:15 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/11/19 14:22:15 | 000,024,184 | ---- | M] () -- C:\Windows\System32\drivers\aswHwid.sys
[2014/11/11 11:29:38 | 000,001,027 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/11/04 14:30:58 | 000,229,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/11/25 20:18:28 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/11/25 18:03:47 | 000,029,696 | ---- | C] () -- C:\Users\janka\AppData\Local\MSGBOX.EXE
[2014/11/25 18:03:47 | 000,015,327 | ---- | C] () -- C:\Users\janka\Desktop\LM.bat
[2014/11/11 11:29:38 | 000,001,027 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/23 03:03:41 | 000,024,184 | ---- | C] () -- C:\Windows\System32\drivers\aswHwid.sys
[2013/09/06 12:29:02 | 000,206,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/09/06 12:28:59 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/06/10 17:09:14 | 000,032,768 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2011/07/08 14:51:25 | 000,008,704 | ---- | C] () -- C:\Users\janka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/09 10:28:04 | 000,007,604 | ---- | C] () -- C:\Users\janka\AppData\Local\Resmon.ResmonCfg
========== ZeroAccess Check ==========
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/25 02:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013/10/21 10:35:17 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\AVAST Software
[2013/08/24 07:00:16 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\DAEMON Tools Lite
[2010/11/25 21:05:11 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\ESET
[2010/12/12 15:25:22 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\GHISLER
[2014/07/26 03:47:28 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\IrfanView
[2010/12/27 07:48:16 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\LangSoft
[2011/06/25 20:14:08 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\PhotoFiltre Studio X
[2012/02/17 14:57:19 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\Thinstall
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009/07/14 05:53:46 | 000,032,568 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/07/14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2014/08/15 23:49:43 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.boj
< >
< MD5 for: AGP440.SYS >
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.20551_none_ba8f50ac390d52ad\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.20666_none_ba8984183910ea78\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.20671_none_ba79b2ba391d87b6\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16552_none_dd2bf0ef82c7be83\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.20669_none_ddb1bfd49be72b9f\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010/05/11 10:48:57 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=2632B7125E0730E019532CFCFFFFBFC0 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.20538_none_e28cf2983c0715a1\autochk.exe
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010/05/11 10:19:15 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=656D1EC977E3C5316A62DBBE52CB9663 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16397_none_5f76e2ae05214e5a\cdrom.sys
[2010/05/11 10:19:15 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=A26D70218A51D85E6AA74CA1DA8EFBE2 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.20493_none_5ffc7e511e4288c8\cdrom.sys
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010/05/11 11:51:13 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BB63132C854BC53D2826F4D4B92C9C35 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.20595_none_5ffe80cb1e40b89d\cdrom.sys
[2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2012/06/02 05:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012/04/24 05:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2012/04/24 05:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2013/05/10 05:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013/05/13 05:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2012/04/24 05:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2013/07/09 14:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013/07/09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\System32\cryptsvc.dll
[2013/07/09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2012/06/02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2009/07/14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010/11/20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013/05/11 05:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2013/05/10 06:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2012/06/02 05:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2013/10/05 02:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll
[2012/06/02 05:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll
[2012/04/24 05:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2010/05/11 13:23:56 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=016D7144F3B717A0850DACC75F08DD3D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20658_none_52380e6ef412967a\explorer.exe
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2010/05/11 10:35:10 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2010/05/11 10:35:10 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
< MD5 for: HAL.DLL >
[2010/11/20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010/11/20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2010/05/11 11:50:08 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=5643BEF4C4268790D5B32BC863368A0C -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16504_none_ab54cba9babdce35\hal.dll
[2009/07/14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
[2010/05/11 11:50:08 | 000,194,440 | ---- | M] (Microsoft Corporation) MD5=9B6828EB09DCC6D316E0ED28B6981844 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.20618_none_abd799b0d3dfef4c\hal.dll
[2010/05/11 10:18:36 | 000,194,632 | ---- | M] (Microsoft Corporation) MD5=AC6A0383DE79C8306199FD6D3B8B77A5 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.20495_none_ab7e15a6d4238881\hal.dll
[2010/05/11 10:18:36 | 000,194,632 | ---- | M] (Microsoft Corporation) MD5=C501C6A946524FDAD89EA3F59DE7C324 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16399_none_aaf87a03bb024e13\hal.dll
< MD5 for: IASTOR.SYS >
[2009/06/04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009/06/04 18:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2009/06/04 18:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows\System32\drivers\iaStor.sys
[2009/06/04 18:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_4f144d6467fc7c22\iaStor.sys
< MD5 for: IASTORV.SYS >
[2010/05/11 13:59:39 | 000,332,168 | ---- | M] (Intel Corporation) MD5=0E91F3DA853BEB74A1E63B3621C989F5 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20667_none_af88e99f022724e4\iaStorV.sys
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011/03/11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011/03/11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011/03/11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009/07/14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009/07/14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\isapnp.sys
[2009/07/14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys
[2009/07/14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.20551_none_ba8f50ac390d52ad\isapnp.sys
[2009/07/14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.20666_none_ba8984183910ea78\isapnp.sys
[2009/07/14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.20671_none_ba79b2ba391d87b6\isapnp.sys
[2009/07/14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\isapnp.sys
< MD5 for: LSASS.EXE >
[2014/05/30 08:34:43 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=0421593A1955FE63245B700560B44600 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22705_none_a8e74cccd4220539\lsass.exe
[2011/11/17 08:09:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=05F38CB7CAB3CE8E9A1812D517DA93EF -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\lsass.exe
[2014/05/30 08:52:03 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=213601D688579B98F576BA7CA88496DE -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18489_none_a80b2dfdbb41b005\lsass.exe
[2013/09/25 01:54:21 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=559C7769B397F07E12725EE55337D4C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_a8a66792d452b56a\lsass.exe
[2014/04/12 03:06:16 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=627B40EB2595D8FCF1960F33389EB7D3 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_a8af3ab6d44c6119\lsass.exe
[2014/04/12 03:06:16 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=627B40EB2595D8FCF1960F33389EB7D3 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22712_none_a8d97c02d42cd525\lsass.exe
[2014/04/12 03:06:16 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=627B40EB2595D8FCF1960F33389EB7D3 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22736_none_a8c7dd52d4397263\lsass.exe
[2014/04/12 03:06:16 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=627B40EB2595D8FCF1960F33389EB7D3 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22807_none_a8e94f46d420350e\lsass.exe
[2013/09/25 01:49:20 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=803B370865D907EA21DC0C2B6A8936B5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_a80cf783bb41b5b7\lsass.exe
[2011/11/17 06:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsass.exe
[2011/11/17 06:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_a828bb43bb2beb28\lsass.exe
[2012/06/02 05:40:31 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=A6034689ACF9D14973F8384AD5A5451E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_a6eb42a4d70be51e\lsass.exe
[2011/11/17 06:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\lsass.exe
[2011/11/17 06:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_a656d407bdf6641e\lsass.exe
[2014/04/12 03:11:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=DD17E1573651293D4ED31053795B3471 -- C:\Windows\System32\lsass.exe
[2014/04/12 03:11:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=DD17E1573651293D4ED31053795B3471 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_a8306bf1bb26a837\lsass.exe
[2014/04/12 03:11:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=DD17E1573651293D4ED31053795B3471 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18496_none_a7fd5d33bb4c7ff1\lsass.exe
[2014/04/12 03:11:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=DD17E1573651293D4ED31053795B3471 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18526_none_a8490e8dbb13b981\lsass.exe
[2009/07/14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009/07/14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009/07/14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[2009/07/14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20667_none_a6c221e8d72a628b\lsass.exe
[2009/07/14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe
[2012/06/02 05:51:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FA7B950E4CA6AA260C4EABA19E03644D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_a8d76e24d42eb666\lsass.exe
[2011/11/17 06:24:04 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FBCB2DFA40862DAA7B1534C9538208A5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsass.exe
< MD5 for: NDIS.SYS >
[2012/08/22 18:05:16 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=15B74B6283CEBCCE3054C1001CA01B5E -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_aa0491cf93ad1c31\ndis.sys
[2009/07/14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2010/05/11 14:12:45 | 000,711,568 | ---- | M] (Microsoft Corporation) MD5=3CB507AB001DFFACA301CFE177631CCC -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.20683_none_a82521ed968209f3\ndis.sys
[2012/08/22 18:16:46 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\System32\drivers\ndis.sys
[2012/08/22 18:16:46 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_a9bdfee47a5cd154\ndis.sys
[2010/11/20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys
< MD5 for: NETLOGON.DLL >
[2010/05/11 10:40:51 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=1819416B655E675244682E8261BBF020 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.20576_none_fe237c4db262181f\netlogon.dll
[2010/05/11 12:27:58 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=63B462CADA8761DBE16F0575536C324B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.20621_none_fe548c5db23e0ade\netlogon.dll
[2010/05/11 12:02:25 | 000,564,736 | ---- | M] (Microsoft Corporation) MD5=9755225FBB961E77A8DABF4117159A59 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.20643_none_fe40ed19b24c756e\netlogon.dll
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVRAID.SYS >
[2009/07/14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys
[2010/11/20 13:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvraid.sys
[2010/11/20 13:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvraid.sys
[2011/03/11 06:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\drivers\nvraid.sys
[2011/03/11 06:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvraid.sys
[2011/03/11 06:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvraid.sys
[2011/03/11 06:28:10 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=E3B840350A72CA6F39BD2BEF85A2BCFB -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvraid.sys
[2011/03/11 06:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvraid.sys
[2011/03/11 06:52:25 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=FCD5C3542A85EEBA7D0833B7E5086C10 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011/03/11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011/03/11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011/03/11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/05/11 10:37:15 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=53B13B258970B6B5A1FE09F26EB3B3A6 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.20527_none_38b0b74c535a2c7c\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
[2010/05/11 11:35:27 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B218D0D5250E979049771B25E552EEA2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.20617_none_38bb891e53520db2\scecli.dll
< MD5 for: SMSS.EXE >
[2009/07/14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe
[2013/07/08 04:02:28 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=634E0B45780F502304592C5615A31089 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22379_none_ae8fb42390bda114\smss.exe
[2013/08/29 01:51:28 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=D2A72C71CD6C18A99E920EC5761F0C7D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_aeb7f4db909fe272\smss.exe
[2014/04/12 03:06:24 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=D8A5E3B8EB601B897AC78B060177E460 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_ae9f57f190b2c89d\smss.exe
[2013/03/19 03:49:16 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=DE91DCC7BC55E940979097E98F743205 -- C:\Windows\System32\smss.exe
[2013/03/19 03:49:16 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=DE91DCC7BC55E940979097E98F743205 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_ae40f33e7774c473\smss.exe
[2013/05/06 04:02:20 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=EC745C0949B101129AB6D39CD63808A6 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22318_none_aecf9361908de017\smss.exe
< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
< MD5 for: TCPIP.SYS >
[2011/04/25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011/06/21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011/09/29 17:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2012/08/22 18:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011/04/25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009/07/14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013/01/03 06:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010/11/20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011/09/29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013/01/04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013/07/06 06:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013/07/06 05:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2014/04/05 03:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\System32\drivers\tcpip.sys
[2014/04/05 03:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_b513c4dfc4b513b9\tcpip.sys
[2012/03/30 11:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011/09/29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2010/05/11 14:24:18 | 001,289,096 | ---- | M] (Microsoft Corporation) MD5=5D6A83E928F22AF5AC9868B162FFAD0D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_b38009a0e0d5a32d\tcpip.sys
[2013/05/08 07:15:22 | 001,309,032 | ---- | M] (Microsoft Corporation) MD5=6088D01FAD49729EA0A5A3D9B9BA8B84 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_b5b3fe00ddc19aaa\tcpip.sys
[2010/05/11 14:24:18 | 001,285,000 | ---- | M] (Microsoft Corporation) MD5=63170B9EE1D0EF0032F0408605671D1A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_b30e0d41c7a5fe2f\tcpip.sys
[2011/09/29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2013/09/07 03:06:48 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011/04/25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013/01/03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012/03/30 11:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011/04/25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012/03/30 10:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011/06/21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010/06/14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2012/08/22 18:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2010/06/14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2013/01/04 05:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2011/06/21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2010/05/11 11:00:46 | 001,288,192 | ---- | M] (Microsoft Corporation) MD5=C534E7C87422B720820CAA23F7235ADE -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16512_none_b33d1ad7c783c119\tcpip.sys
[2013/09/08 03:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2010/05/11 11:22:44 | 001,287,256 | ---- | M] (Microsoft Corporation) MD5=CB79D3F4BE0AC26892980330E448018D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20567_none_b395a792e0c56e24\tcpip.sys
[2013/05/08 06:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_b508ef41c4bd3835\tcpip.sys
[2012/10/03 17:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2010/05/11 11:00:46 | 001,287,048 | ---- | M] (Microsoft Corporation) MD5=D78C447AE8255AC872F1694868D571E2 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20628_none_b3c1e972e0a414de\tcpip.sys
[2013/11/26 12:07:37 | 001,309,632 | ---- | M] (Microsoft Corporation) MD5=DC08335B30D83FB61E9EFE6FDD09D40D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_b5a530b8ddcd4b8d\tcpip.sys
[2011/06/21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012/10/03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012/03/30 11:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys
[2014/04/05 03:16:21 | 001,310,144 | ---- | M] (Microsoft Corporation) MD5=EA47AB18E289333AB94397D77CA6E3A1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_b59293a4dddacc9b\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010/05/11 11:27:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=1C4707299926AF0E555C2DC98E411B59 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20574_none_702cc58d4f5b790f\winlogon.exe
[2014/07/16 03:56:14 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=4F37B93C14AEE313BEC52A23AFB15C2E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_7224b2134c7555fa\winlogon.exe
[2014/07/17 02:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\System32\winlogon.exe
[2014/07/17 02:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_71a5e34e334f9d18\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2014/03/04 10:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2010/05/11 10:57:46 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=AB59486E41610AB13B1555D7D585AE8F -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20548_none_705136794f3f8a98\winlogon.exe
[2010/05/11 10:57:46 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=B151128D1FEBF745BC7EFDE9FACB165A -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16440_none_6fbf975e36292016\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2014/03/04 11:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010/11/20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\System32\ws2_32.dll
[2010/11/20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009/07/14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[16 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2014/10/20 16:00:24 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\Adobe
[2011/01/04 14:06:36 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\Ahead
[2013/10/21 10:35:17 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\AVAST Software
[2013/08/24 07:00:16 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\DAEMON Tools Lite
[2013/03/08 04:00:15 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\dvdcss
[2010/11/25 21:05:11 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\ESET
[2010/12/12 15:25:22 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\GHISLER
[2011/06/25 20:12:24 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\Identities
[2010/11/25 21:38:06 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\InstallShield
[2014/07/26 03:47:28 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\IrfanView
[2010/12/27 07:48:16 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\LangSoft
[2010/11/25 21:05:04 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\Macromedia
[2014/11/11 11:29:54 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\Malwarebytes
[2009/07/14 08:50:20 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\Media Center Programs
[2014/01/10 23:35:09 | 000,000,000 | --SD | M] -- C:\Users\janka\AppData\Roaming\Microsoft
[2010/11/25 21:03:18 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\Mozilla
[2011/06/25 20:14:08 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\PhotoFiltre Studio X
[2012/04/02 10:55:45 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\Sony Corporation
[2012/02/17 14:57:19 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\Thinstall
[2014/11/25 19:57:26 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\vlc
[2010/11/25 21:57:16 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\WinRAR
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\janka\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
2,00 Gb Total Physical Memory | 0,95 Gb Available Physical Memory | 47,48% Memory free
4,00 Gb Paging File | 2,63 Gb Available in Paging File | 65,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58,50 Gb Total Space | 5,83 Gb Free Space | 9,97% Space Free | Partition Type: NTFS
Drive D: | 90,45 Gb Total Space | 32,17 Gb Free Space | 35,57% Space Free | Partition Type: NTFS
Drive F: | 1397,26 Gb Total Space | 618,87 Gb Free Space | 44,29% Space Free | Partition Type: NTFS
Computer Name: JANKA-PC | User Name: janka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/11/25 20:09:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\janka\Desktop\OTL.exe
PRC - [2014/11/22 00:46:21 | 000,337,520 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox 4.0 Beta 7\firefox.exe
PRC - [2014/11/21 02:22:27 | 005,226,600 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014/11/19 14:22:06 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/09/12 10:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/07/22 18:17:50 | 003,643,160 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/11/23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/01/31 20:36:52 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\System32\nlssrv32.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/01 18:03:12 | 000,582,944 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2009/06/04 19:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/07/29 19:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2007/09/20 13:57:28 | 000,167,936 | ---- | M] (acer) -- C:\Program Files\Acer\Empowering Technology\ePower\ePowerSvc.exe
PRC - [2007/06/21 21:34:06 | 001,071,048 | ---- | M] (C. Ghisler & Co.) -- C:\Program Files\Total Commander\TOTALCMD.EXE
PRC - [2007/04/26 17:54:56 | 001,286,144 | ---- | M] (CyberLink) -- C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
========== Modules (No Company Name) ==========
MOD - [2014/11/22 00:46:18 | 003,758,192 | ---- | M] () -- C:\Program Files\Mozilla Firefox 4.0 Beta 7\mozjs.dll
MOD - [2014/11/19 14:22:12 | 038,562,088 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/07/22 23:49:54 | 000,036,864 | ---- | M] () -- C:\Program Files\CCleaner\Lang\lang-1051.dll
MOD - [2010/03/09 03:55:56 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2008/07/29 19:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2007/06/21 21:34:08 | 000,032,768 | ---- | M] () -- C:\Program Files\Total Commander\WCMZIP32.DLL
MOD - [2007/06/21 07:01:00 | 000,163,328 | ---- | M] () -- C:\Program Files\Total Commander\UNRAR.DLL
========== Services (SafeList) ==========
SRV - [2014/11/22 00:46:19 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/11/19 14:37:46 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/11/19 14:22:06 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/11/19 14:21:54 | 003,192,344 | ---- | M] (Avast Software) [On_Demand | Stopped] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV - [2014/09/19 01:50:15 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014/09/12 10:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/05/27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/02/04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012/01/31 20:36:52 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\System32\nlssrv32.exe -- (nlsX86cc)
SRV - [2011/02/28 18:13:12 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/05/11 10:34:05 | 000,013,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe -- (c2wts)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/01 18:03:12 | 000,582,944 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007/09/20 13:57:28 | 000,167,936 | ---- | M] (acer) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (abxclr3s)
DRV - [2014/11/25 14:50:48 | 000,119,000 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2014/11/24 19:30:37 | 000,079,576 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV - [2014/11/22 07:03:35 | 000,787,800 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsnx.sys -- (aswSnx)
DRV - [2014/11/21 02:22:25 | 000,423,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP)
DRV - [2014/11/19 14:22:16 | 000,206,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/11/19 14:22:16 | 000,091,496 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswstm.sys -- (aswStm)
DRV - [2014/11/19 14:22:15 | 000,081,768 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014/11/19 14:22:15 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswmonflt.sys -- (aswMonFlt)
DRV - [2014/11/19 14:22:15 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014/11/19 14:22:15 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2014/11/19 14:21:54 | 000,218,192 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/11/25 22:29:43 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010/11/20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/11/11 00:11:46 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010/11/11 00:11:46 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2010/11/11 00:11:46 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010/03/09 03:52:44 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2009/08/06 16:16:00 | 009,824,000 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/07/13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
DRV - [2009/07/01 18:05:10 | 000,232,472 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\iaNvStor.sys -- (iaNvStor)
DRV - [2009/06/25 16:58:10 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2009/06/25 16:25:58 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2009/06/25 16:10:48 | 000,044,544 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2009/06/24 14:03:02 | 000,044,544 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nuvotoncir.sys -- (nuvotoncir)
DRV - [2009/03/25 16:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009/03/25 16:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic)
DRV - [2009/03/25 16:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt)
DRV - [2009/03/25 16:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009/03/25 16:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus)
DRV - [2009/03/25 16:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5)
DRV - [2009/03/25 16:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2007/05/26 13:37:28 | 000,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2004/10/06 18:49:04 | 000,248,320 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZD1211U.sys -- (WLAN(WLAN)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-192176685-3027731864-3682753610-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-192176685-3027731864-3682753610-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CA D9 DA 8C DB 8C CB 01 [binary data]
IE - HKU\S-1-5-21-192176685-3027731864-3682753610-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-192176685-3027731864-3682753610-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-192176685-3027731864-3682753610-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-192176685-3027731864-3682753610-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-192176685-3027731864-3682753610-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.24
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0
FF - prefs.js..network.proxy.type: 1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/11/19 14:22:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 7\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 7\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
[2010/11/25 21:03:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\janka\AppData\Roaming\mozilla\Extensions
[2014/11/22 23:58:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\janka\AppData\Roaming\mozilla\Firefox\Profiles\n3ytitto.default\extensions
[2014/09/06 00:47:03 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\janka\AppData\Roaming\mozilla\Firefox\Profiles\n3ytitto.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014/11/12 17:57:55 | 000,979,699 | ---- | M] () (No name found) -- C:\Users\janka\AppData\Roaming\mozilla\firefox\profiles\n3ytitto.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/08/06 07:38:26 | 000,001,937 | ---- | M] () -- C:\Users\janka\AppData\Roaming\mozilla\firefox\profiles\n3ytitto.default\searchplugins\duckduckgo.xml
[2014/08/06 07:41:27 | 000,000,851 | ---- | M] () -- C:\Users\janka\AppData\Roaming\mozilla\firefox\profiles\n3ytitto.default\searchplugins\facebook-search.xml
[2014/08/06 07:30:49 | 000,001,669 | ---- | M] () -- C:\Users\janka\AppData\Roaming\mozilla\firefox\profiles\n3ytitto.default\searchplugins\googletranslate.xml
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe (Intel Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.146.132.58 195.146.128.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{33A595D6-AFE2-4919-8A38-BDAE038B5657}: DhcpNameServer = 195.146.132.58 195.146.128.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{45A0A979-8DF3-4323-BE03-6BAA9BEC62F5}: DhcpNameServer = 192.168.2.1 192.168.2.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/07/10 03:06:41 | 000,000,000 | RH-D | M] - F:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002/10/16 13:56:50 | 000,000,036 | RH-- | M] () - F:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{38a766b6-537f-11e4-97a0-001b247917f7}\Shell - "" = AutoRun
O33 - MountPoints2\{38a766b6-537f-11e4-97a0-001b247917f7}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{38a766bd-537f-11e4-97a0-001b247917f7}\Shell - "" = AutoRun
O33 - MountPoints2\{38a766bd-537f-11e4-97a0-001b247917f7}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{5de8db8c-f8db-11df-bdf8-001b247917f7}\Shell - "" = AutoRun
O33 - MountPoints2\{5de8db8c-f8db-11df-bdf8-001b247917f7}\Shell\AutoRun\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014/11/25 20:09:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\janka\Desktop\OTL.exe
[2014/11/25 18:04:10 | 000,000,000 | ---D | C] -- C:\FRST
[2014/11/25 16:43:25 | 001,110,016 | ---- | C] (Farbar) -- C:\Users\janka\Desktop\FRST.exe
[2014/11/25 16:43:01 | 000,112,640 | ---- | C] (forum.viry.cz) -- C:\Users\janka\Desktop\FRSTLauncher.exe
[2014/11/25 14:50:48 | 000,119,000 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/11/25 14:43:21 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/11/24 20:08:43 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/11/24 19:31:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014/11/24 19:30:37 | 000,079,576 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/11/24 19:30:27 | 000,000,000 | ---D | C] -- C:\Users\janka\Desktop\mbar
[2014/11/22 00:46:03 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox 4.0 Beta 7
[2014/11/19 14:22:18 | 000,291,352 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/11/19 14:22:15 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/11/11 11:29:54 | 000,000,000 | ---D | C] -- C:\Users\janka\AppData\Roaming\Malwarebytes
[2014/11/11 11:29:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/11/11 11:29:32 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/11/11 11:29:31 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014/11/03 12:22:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/11/25 20:18:28 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/11/25 20:09:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\janka\Desktop\OTL.exe
[2014/11/25 18:03:47 | 000,029,696 | ---- | M] () -- C:\Users\janka\AppData\Local\MSGBOX.EXE
[2014/11/25 18:03:47 | 000,015,327 | ---- | M] () -- C:\Users\janka\Desktop\LM.bat
[2014/11/25 18:03:16 | 000,112,640 | ---- | M] (forum.viry.cz) -- C:\Users\janka\Desktop\FRSTLauncher.exe
[2014/11/25 16:39:10 | 001,110,016 | ---- | M] (Farbar) -- C:\Users\janka\Desktop\FRST.exe
[2014/11/25 15:05:33 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/11/25 15:05:33 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/11/25 14:54:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/11/25 14:54:27 | 1609,363,456 | -HS- | M] () -- C:\hiberfil.sys
[2014/11/25 14:50:48 | 000,119,000 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/11/25 12:15:53 | 001,678,176 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/11/24 19:30:37 | 000,079,576 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/11/23 22:17:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.boj
[2014/11/23 18:44:16 | 000,737,860 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2014/11/23 18:44:16 | 000,716,744 | ---- | M] () -- C:\Windows\System32\perfh019.dat
[2014/11/23 18:44:16 | 000,689,352 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2014/11/23 18:44:16 | 000,660,984 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014/11/23 18:44:16 | 000,654,480 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/11/23 18:44:16 | 000,151,050 | ---- | M] () -- C:\Windows\System32\perfc019.dat
[2014/11/23 18:44:16 | 000,149,788 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2014/11/23 18:44:16 | 000,149,324 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2014/11/23 18:44:16 | 000,145,744 | ---- | M] () -- C:\Windows\System32\perfh01B.dat
[2014/11/23 18:44:16 | 000,141,634 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014/11/23 18:44:16 | 000,122,352 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/11/23 18:44:16 | 000,037,250 | ---- | M] () -- C:\Windows\System32\perfc01B.dat
[2014/11/22 07:03:35 | 000,787,800 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsnx.sys
[2014/11/21 02:22:25 | 000,423,784 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsp.sys
[2014/11/19 14:37:46 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/11/19 14:37:46 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/11/19 14:22:30 | 000,002,005 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2014/11/19 14:22:16 | 000,206,248 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/11/19 14:22:16 | 000,091,496 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswstm.sys
[2014/11/19 14:22:15 | 000,291,352 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/11/19 14:22:15 | 000,081,768 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/11/19 14:22:15 | 000,070,384 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswmonflt.sys
[2014/11/19 14:22:15 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/11/19 14:22:15 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/11/19 14:22:15 | 000,024,184 | ---- | M] () -- C:\Windows\System32\drivers\aswHwid.sys
[2014/11/11 11:29:38 | 000,001,027 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/11/04 14:30:58 | 000,229,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/11/25 20:18:28 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/11/25 18:03:47 | 000,029,696 | ---- | C] () -- C:\Users\janka\AppData\Local\MSGBOX.EXE
[2014/11/25 18:03:47 | 000,015,327 | ---- | C] () -- C:\Users\janka\Desktop\LM.bat
[2014/11/11 11:29:38 | 000,001,027 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/23 03:03:41 | 000,024,184 | ---- | C] () -- C:\Windows\System32\drivers\aswHwid.sys
[2013/09/06 12:29:02 | 000,206,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/09/06 12:28:59 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/06/10 17:09:14 | 000,032,768 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2011/07/08 14:51:25 | 000,008,704 | ---- | C] () -- C:\Users\janka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/09 10:28:04 | 000,007,604 | ---- | C] () -- C:\Users\janka\AppData\Local\Resmon.ResmonCfg
========== ZeroAccess Check ==========
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/25 02:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013/10/21 10:35:17 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\AVAST Software
[2013/08/24 07:00:16 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\DAEMON Tools Lite
[2010/11/25 21:05:11 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\ESET
[2010/12/12 15:25:22 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\GHISLER
[2014/07/26 03:47:28 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\IrfanView
[2010/12/27 07:48:16 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\LangSoft
[2011/06/25 20:14:08 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\PhotoFiltre Studio X
[2012/02/17 14:57:19 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\Thinstall
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009/07/14 05:53:46 | 000,032,568 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/07/14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2014/08/15 23:49:43 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.boj
< >
< MD5 for: AGP440.SYS >
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.20551_none_ba8f50ac390d52ad\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.20666_none_ba8984183910ea78\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.20671_none_ba79b2ba391d87b6\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16552_none_dd2bf0ef82c7be83\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.20669_none_ddb1bfd49be72b9f\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010/05/11 10:48:57 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=2632B7125E0730E019532CFCFFFFBFC0 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.20538_none_e28cf2983c0715a1\autochk.exe
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010/05/11 10:19:15 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=656D1EC977E3C5316A62DBBE52CB9663 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16397_none_5f76e2ae05214e5a\cdrom.sys
[2010/05/11 10:19:15 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=A26D70218A51D85E6AA74CA1DA8EFBE2 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.20493_none_5ffc7e511e4288c8\cdrom.sys
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010/05/11 11:51:13 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BB63132C854BC53D2826F4D4B92C9C35 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.20595_none_5ffe80cb1e40b89d\cdrom.sys
[2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2012/06/02 05:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012/04/24 05:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2012/04/24 05:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2013/05/10 05:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013/05/13 05:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2012/04/24 05:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2013/07/09 14:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013/07/09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\System32\cryptsvc.dll
[2013/07/09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2012/06/02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2009/07/14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010/11/20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013/05/11 05:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2013/05/10 06:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2012/06/02 05:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2013/10/05 02:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll
[2012/06/02 05:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll
[2012/04/24 05:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2010/05/11 13:23:56 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=016D7144F3B717A0850DACC75F08DD3D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20658_none_52380e6ef412967a\explorer.exe
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2010/05/11 10:35:10 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2010/05/11 10:35:10 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
< MD5 for: HAL.DLL >
[2010/11/20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010/11/20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2010/05/11 11:50:08 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=5643BEF4C4268790D5B32BC863368A0C -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16504_none_ab54cba9babdce35\hal.dll
[2009/07/14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
[2010/05/11 11:50:08 | 000,194,440 | ---- | M] (Microsoft Corporation) MD5=9B6828EB09DCC6D316E0ED28B6981844 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.20618_none_abd799b0d3dfef4c\hal.dll
[2010/05/11 10:18:36 | 000,194,632 | ---- | M] (Microsoft Corporation) MD5=AC6A0383DE79C8306199FD6D3B8B77A5 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.20495_none_ab7e15a6d4238881\hal.dll
[2010/05/11 10:18:36 | 000,194,632 | ---- | M] (Microsoft Corporation) MD5=C501C6A946524FDAD89EA3F59DE7C324 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16399_none_aaf87a03bb024e13\hal.dll
< MD5 for: IASTOR.SYS >
[2009/06/04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009/06/04 18:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2009/06/04 18:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows\System32\drivers\iaStor.sys
[2009/06/04 18:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_4f144d6467fc7c22\iaStor.sys
< MD5 for: IASTORV.SYS >
[2010/05/11 13:59:39 | 000,332,168 | ---- | M] (Intel Corporation) MD5=0E91F3DA853BEB74A1E63B3621C989F5 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20667_none_af88e99f022724e4\iaStorV.sys
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011/03/11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011/03/11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011/03/11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009/07/14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009/07/14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\isapnp.sys
[2009/07/14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys
[2009/07/14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.20551_none_ba8f50ac390d52ad\isapnp.sys
[2009/07/14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.20666_none_ba8984183910ea78\isapnp.sys
[2009/07/14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.20671_none_ba79b2ba391d87b6\isapnp.sys
[2009/07/14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\isapnp.sys
< MD5 for: LSASS.EXE >
[2014/05/30 08:34:43 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=0421593A1955FE63245B700560B44600 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22705_none_a8e74cccd4220539\lsass.exe
[2011/11/17 08:09:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=05F38CB7CAB3CE8E9A1812D517DA93EF -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\lsass.exe
[2014/05/30 08:52:03 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=213601D688579B98F576BA7CA88496DE -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18489_none_a80b2dfdbb41b005\lsass.exe
[2013/09/25 01:54:21 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=559C7769B397F07E12725EE55337D4C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_a8a66792d452b56a\lsass.exe
[2014/04/12 03:06:16 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=627B40EB2595D8FCF1960F33389EB7D3 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_a8af3ab6d44c6119\lsass.exe
[2014/04/12 03:06:16 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=627B40EB2595D8FCF1960F33389EB7D3 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22712_none_a8d97c02d42cd525\lsass.exe
[2014/04/12 03:06:16 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=627B40EB2595D8FCF1960F33389EB7D3 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22736_none_a8c7dd52d4397263\lsass.exe
[2014/04/12 03:06:16 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=627B40EB2595D8FCF1960F33389EB7D3 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22807_none_a8e94f46d420350e\lsass.exe
[2013/09/25 01:49:20 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=803B370865D907EA21DC0C2B6A8936B5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_a80cf783bb41b5b7\lsass.exe
[2011/11/17 06:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsass.exe
[2011/11/17 06:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_a828bb43bb2beb28\lsass.exe
[2012/06/02 05:40:31 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=A6034689ACF9D14973F8384AD5A5451E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_a6eb42a4d70be51e\lsass.exe
[2011/11/17 06:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\lsass.exe
[2011/11/17 06:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_a656d407bdf6641e\lsass.exe
[2014/04/12 03:11:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=DD17E1573651293D4ED31053795B3471 -- C:\Windows\System32\lsass.exe
[2014/04/12 03:11:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=DD17E1573651293D4ED31053795B3471 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_a8306bf1bb26a837\lsass.exe
[2014/04/12 03:11:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=DD17E1573651293D4ED31053795B3471 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18496_none_a7fd5d33bb4c7ff1\lsass.exe
[2014/04/12 03:11:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=DD17E1573651293D4ED31053795B3471 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18526_none_a8490e8dbb13b981\lsass.exe
[2009/07/14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009/07/14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009/07/14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[2009/07/14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20667_none_a6c221e8d72a628b\lsass.exe
[2009/07/14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe
[2012/06/02 05:51:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FA7B950E4CA6AA260C4EABA19E03644D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_a8d76e24d42eb666\lsass.exe
[2011/11/17 06:24:04 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FBCB2DFA40862DAA7B1534C9538208A5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsass.exe
< MD5 for: NDIS.SYS >
[2012/08/22 18:05:16 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=15B74B6283CEBCCE3054C1001CA01B5E -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_aa0491cf93ad1c31\ndis.sys
[2009/07/14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2010/05/11 14:12:45 | 000,711,568 | ---- | M] (Microsoft Corporation) MD5=3CB507AB001DFFACA301CFE177631CCC -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.20683_none_a82521ed968209f3\ndis.sys
[2012/08/22 18:16:46 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\System32\drivers\ndis.sys
[2012/08/22 18:16:46 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_a9bdfee47a5cd154\ndis.sys
[2010/11/20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys
< MD5 for: NETLOGON.DLL >
[2010/05/11 10:40:51 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=1819416B655E675244682E8261BBF020 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.20576_none_fe237c4db262181f\netlogon.dll
[2010/05/11 12:27:58 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=63B462CADA8761DBE16F0575536C324B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.20621_none_fe548c5db23e0ade\netlogon.dll
[2010/05/11 12:02:25 | 000,564,736 | ---- | M] (Microsoft Corporation) MD5=9755225FBB961E77A8DABF4117159A59 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.20643_none_fe40ed19b24c756e\netlogon.dll
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVRAID.SYS >
[2009/07/14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys
[2010/11/20 13:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvraid.sys
[2010/11/20 13:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvraid.sys
[2011/03/11 06:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\drivers\nvraid.sys
[2011/03/11 06:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvraid.sys
[2011/03/11 06:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvraid.sys
[2011/03/11 06:28:10 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=E3B840350A72CA6F39BD2BEF85A2BCFB -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvraid.sys
[2011/03/11 06:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvraid.sys
[2011/03/11 06:52:25 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=FCD5C3542A85EEBA7D0833B7E5086C10 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011/03/11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011/03/11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011/03/11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/05/11 10:37:15 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=53B13B258970B6B5A1FE09F26EB3B3A6 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.20527_none_38b0b74c535a2c7c\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
[2010/05/11 11:35:27 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B218D0D5250E979049771B25E552EEA2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.20617_none_38bb891e53520db2\scecli.dll
< MD5 for: SMSS.EXE >
[2009/07/14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe
[2013/07/08 04:02:28 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=634E0B45780F502304592C5615A31089 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22379_none_ae8fb42390bda114\smss.exe
[2013/08/29 01:51:28 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=D2A72C71CD6C18A99E920EC5761F0C7D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_aeb7f4db909fe272\smss.exe
[2014/04/12 03:06:24 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=D8A5E3B8EB601B897AC78B060177E460 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_ae9f57f190b2c89d\smss.exe
[2013/03/19 03:49:16 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=DE91DCC7BC55E940979097E98F743205 -- C:\Windows\System32\smss.exe
[2013/03/19 03:49:16 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=DE91DCC7BC55E940979097E98F743205 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_ae40f33e7774c473\smss.exe
[2013/05/06 04:02:20 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=EC745C0949B101129AB6D39CD63808A6 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22318_none_aecf9361908de017\smss.exe
< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
< MD5 for: TCPIP.SYS >
[2011/04/25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011/06/21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011/09/29 17:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2012/08/22 18:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011/04/25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009/07/14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013/01/03 06:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010/11/20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011/09/29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013/01/04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013/07/06 06:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013/07/06 05:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2014/04/05 03:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\System32\drivers\tcpip.sys
[2014/04/05 03:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_b513c4dfc4b513b9\tcpip.sys
[2012/03/30 11:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011/09/29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2010/05/11 14:24:18 | 001,289,096 | ---- | M] (Microsoft Corporation) MD5=5D6A83E928F22AF5AC9868B162FFAD0D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_b38009a0e0d5a32d\tcpip.sys
[2013/05/08 07:15:22 | 001,309,032 | ---- | M] (Microsoft Corporation) MD5=6088D01FAD49729EA0A5A3D9B9BA8B84 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_b5b3fe00ddc19aaa\tcpip.sys
[2010/05/11 14:24:18 | 001,285,000 | ---- | M] (Microsoft Corporation) MD5=63170B9EE1D0EF0032F0408605671D1A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_b30e0d41c7a5fe2f\tcpip.sys
[2011/09/29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2013/09/07 03:06:48 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011/04/25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013/01/03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012/03/30 11:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011/04/25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012/03/30 10:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011/06/21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010/06/14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2012/08/22 18:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2010/06/14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2013/01/04 05:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2011/06/21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2010/05/11 11:00:46 | 001,288,192 | ---- | M] (Microsoft Corporation) MD5=C534E7C87422B720820CAA23F7235ADE -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16512_none_b33d1ad7c783c119\tcpip.sys
[2013/09/08 03:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2010/05/11 11:22:44 | 001,287,256 | ---- | M] (Microsoft Corporation) MD5=CB79D3F4BE0AC26892980330E448018D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20567_none_b395a792e0c56e24\tcpip.sys
[2013/05/08 06:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_b508ef41c4bd3835\tcpip.sys
[2012/10/03 17:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2010/05/11 11:00:46 | 001,287,048 | ---- | M] (Microsoft Corporation) MD5=D78C447AE8255AC872F1694868D571E2 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20628_none_b3c1e972e0a414de\tcpip.sys
[2013/11/26 12:07:37 | 001,309,632 | ---- | M] (Microsoft Corporation) MD5=DC08335B30D83FB61E9EFE6FDD09D40D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_b5a530b8ddcd4b8d\tcpip.sys
[2011/06/21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012/10/03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012/03/30 11:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys
[2014/04/05 03:16:21 | 001,310,144 | ---- | M] (Microsoft Corporation) MD5=EA47AB18E289333AB94397D77CA6E3A1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_b59293a4dddacc9b\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010/05/11 11:27:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=1C4707299926AF0E555C2DC98E411B59 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20574_none_702cc58d4f5b790f\winlogon.exe
[2014/07/16 03:56:14 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=4F37B93C14AEE313BEC52A23AFB15C2E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_7224b2134c7555fa\winlogon.exe
[2014/07/17 02:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\System32\winlogon.exe
[2014/07/17 02:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_71a5e34e334f9d18\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2014/03/04 10:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2010/05/11 10:57:46 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=AB59486E41610AB13B1555D7D585AE8F -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20548_none_705136794f3f8a98\winlogon.exe
[2010/05/11 10:57:46 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=B151128D1FEBF745BC7EFDE9FACB165A -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16440_none_6fbf975e36292016\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2014/03/04 11:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010/11/20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\System32\ws2_32.dll
[2010/11/20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009/07/14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[16 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2014/10/20 16:00:24 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\Adobe
[2011/01/04 14:06:36 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\Ahead
[2013/10/21 10:35:17 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\AVAST Software
[2013/08/24 07:00:16 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\DAEMON Tools Lite
[2013/03/08 04:00:15 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\dvdcss
[2010/11/25 21:05:11 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\ESET
[2010/12/12 15:25:22 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\GHISLER
[2011/06/25 20:12:24 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\Identities
[2010/11/25 21:38:06 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\InstallShield
[2014/07/26 03:47:28 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\IrfanView
[2010/12/27 07:48:16 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\LangSoft
[2010/11/25 21:05:04 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\Macromedia
[2014/11/11 11:29:54 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\Malwarebytes
[2009/07/14 08:50:20 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\Media Center Programs
[2014/01/10 23:35:09 | 000,000,000 | --SD | M] -- C:\Users\janka\AppData\Roaming\Microsoft
[2010/11/25 21:03:18 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\Mozilla
[2011/06/25 20:14:08 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\PhotoFiltre Studio X
[2012/04/02 10:55:45 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\Sony Corporation
[2012/02/17 14:57:19 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\Thinstall
[2014/11/25 19:57:26 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\vlc
[2010/11/25 21:57:16 | 000,000,000 | ---D | M] -- C:\Users\janka\AppData\Roaming\WinRAR
-
yossarian2
- Návštěvník
- Příspěvky: 48
- Registrován: 29 pro 2009 18:32
Re: Prosim o pomoc - system "odkrajuje" týždenne 10GB z disk
< %APPDATA%\*.exe /s >
[2011/02/04 14:52:44 | 000,010,134 | R--- | M] () -- C:\Users\janka\AppData\Roaming\Microsoft\Installer\{C12D7D54-7DE8-4DF7-AB2D-8A5ECFB2F89B}\ARPPRODUCTICON.exe
[2011/02/04 14:52:44 | 000,065,536 | R--- | M] (Macrovision Corporation) -- C:\Users\janka\AppData\Roaming\Microsoft\Installer\{C12D7D54-7DE8-4DF7-AB2D-8A5ECFB2F89B}\StorageManager.exe_C12D7D547DE84DF7AB2D8A5ECFB2F89B.exe
[2011/02/04 14:52:44 | 000,008,854 | R--- | M] () -- C:\Users\janka\AppData\Roaming\Microsoft\Installer\{C12D7D54-7DE8-4DF7-AB2D-8A5ECFB2F89B}\UNINST_Uninstall_B_C12D7D547DE84DF7AB2D8A5ECFB2F89B.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010/11/25 22:29:43 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
[2014/11/24 19:30:37 | 000,079,576 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\system32\drivers\mbamchameleon.sys
[2014/11/25 14:50:48 | 000,119,000 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\system32\drivers\MBAMSwissArmy.sys
< %systemroot%\system32\*.* /3 >
[2014/11/25 14:50:58 | 000,000,197 | ---- | M] () -- C:\Windows\system32\2014-11-25-13-50-42.042-AvastVBoxSVC.exe-3360.log
[2014/11/25 15:05:33 | 000,014,224 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/11/25 15:05:33 | 000,014,224 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/11/25 12:15:53 | 001,678,176 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT
[2014/11/23 18:44:16 | 000,141,634 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2014/11/23 18:44:16 | 000,149,324 | ---- | M] () -- C:\Windows\system32\perfc007.dat
[2014/11/23 18:44:16 | 000,122,352 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2014/11/23 18:44:16 | 000,149,788 | ---- | M] () -- C:\Windows\system32\perfc00C.dat
[2014/11/23 18:44:16 | 000,151,050 | ---- | M] () -- C:\Windows\system32\perfc019.dat
[2014/11/23 18:44:16 | 000,037,250 | ---- | M] () -- C:\Windows\system32\perfc01B.dat
[2014/11/23 18:44:16 | 000,660,984 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2014/11/23 18:44:16 | 000,689,352 | ---- | M] () -- C:\Windows\system32\perfh007.dat
[2014/11/23 18:44:16 | 000,654,480 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2014/11/23 18:44:16 | 000,737,860 | ---- | M] () -- C:\Windows\system32\perfh00C.dat
[2014/11/23 18:44:16 | 000,716,744 | ---- | M] () -- C:\Windows\system32\perfh019.dat
[2014/11/23 18:44:16 | 000,145,744 | ---- | M] () -- C:\Windows\system32\perfh01B.dat
[2014/11/23 18:44:16 | 004,345,386 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014/11/25 20:18:28 | 000,000,512 | ---- | M] () MD5=91F57B3DF5DA62D42068892E026F70C0 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2014/11/19 14:22:05 | 000,072,480 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2006/11/09 22:31:32 | 000,163,840 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2011/06/30 15:14:36 | 000,001,702 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\licenses\loaderbinarylegal.txt
[2010/11/25 22:30:19 | 000,057,728 | ---- | M] () -- \Users\janka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2010/11/25 22:30:19 | 000,057,728 | ---- | M] () -- \Users\janka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2010/11/25 22:30:20 | 000,057,728 | ---- | M] () -- \Users\janka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009/07/14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2011/03/04 02:47:42 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2011/03/04 02:47:42 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2011/03/04 02:47:42 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2011/03/04 00:44:42 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_de-de_cd7e3a305679601f.manifest
[2011/03/04 00:44:42 | 000,035,920 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_de-de_cd7e3a305679601f_winload.exe.mui_3bc5b827
[2011/03/04 00:44:42 | 000,030,800 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_de-de_cd7e3a305679601f_winresume.exe.mui_ff8b5358
[2009/07/14 08:42:17 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 08:42:17 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2009/07/14 08:42:17 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2011/03/04 02:08:10 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_18f1e30c385073eb.manifest
[2011/03/04 02:08:10 | 000,035,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_18f1e30c385073eb_winload.exe.mui_3bc5b827
[2011/03/04 02:08:10 | 000,030,784 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_18f1e30c385073eb_winresume.exe.mui_ff8b5358
[2011/03/04 01:14:00 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_bf9027dd965c678b.manifest
[2011/03/04 01:14:00 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_bf9027dd965c678b_winload.exe.mui_3bc5b827
[2011/03/04 01:14:00 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_bf9027dd965c678b_winresume.exe.mui_ff8b5358
[2011/02/28 18:20:28 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011/02/28 18:20:28 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011/02/28 18:20:28 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009/07/14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009/07/13 18:54:50 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009/07/13 18:59:34 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_de-de_cd7e3a305679601f.manifest
[2009/07/14 08:41:36 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/13 18:59:56 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_18f1e30c385073eb.manifest
[2009/07/13 18:59:58 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_bf9027dd965c678b.manifest
[2009/07/14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2010/05/11 10:34:53 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2010/05/11 10:34:53 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010/05/11 13:32:53 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20667_none_5b9e5158e7060a9d.manifest
[2010/11/20 05:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009/07/14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/18 12:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 05:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/04 11:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/04/12 03:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2014/05/13 22:17:02 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014/08/15 23:24:16 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2014/07/10 23:24:10 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010/11/04 17:53:40 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2010/11/04 18:00:16 | 000,098,304 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\System.RunTime.Serialization.Resources.dll
[2010/11/04 18:00:28 | 000,102,400 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\System.RunTime.Serialization.Resources.dll
[2010/11/04 17:55:10 | 000,126,976 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ru\System.RunTime.Serialization.Resources.dll
[2011/06/30 15:13:52 | 000,026,761 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\plugins\com.serialio.win32.x86_2.10.2.0.jar
[2011/06/30 15:13:52 | 000,049,508 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\plugins\com.serialio_2.11.7.13.jar
[2011/06/30 15:14:56 | 000,002,239 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\plugins\com.sonyericsson.cs.serialcommunication_2.11.7.13.jar
[2013/07/08 13:43:48 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/07/08 13:49:06 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2013/07/08 13:41:58 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2013/07/08 13:48:21 | 000,024,576 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_ru_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/06/24 00:43:20 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/13 03:37:50 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:02:37 | 000,098,304 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_de_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:58:51 | 000,102,400 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_fr_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:56:03 | 000,126,976 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_ru_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2014/07/10 23:24:10 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014/10/26 12:32:55 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\91eb4f41130c65ef17f0fee1d3ab48fb\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/10/26 12:36:41 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\b1e0939384cc320d6ac7b8921ccc2877\System.Runtime.Serialization.ni.dll
[2014/09/11 00:47:35 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\e67230bbca0858b6ff4caccfb4595fa8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/09/11 00:47:35 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\e67230bbca0858b6ff4caccfb4595fa8\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014/10/26 12:17:21 | 002,822,144 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll
[2014/10/26 12:17:21 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll.aux
[2014/06/23 20:26:26 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll
[2014/06/23 20:26:26 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll.aux
[2013/09/11 21:33:38 | 001,052,320 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\271D3094BCCDF293393A43ACD974EFD3\4.5.50938\System.Runtime.Serialization.dll.x86
[2013/09/11 21:33:38 | 001,052,320 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\271D3094BCCDF293393A43ACD974EFD3\4.5.50938\System.Runtime.Serialization.dll_gac_x86
[2013/09/11 21:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 20:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013/09/11 20:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013/09/11 20:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2014/07/23 00:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/09/11 20:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013/09/11 20:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2014/06/24 00:43:20 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/04 17:53:34 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/11/04 17:59:44 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\DE\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010/11/04 18:00:12 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\fr\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010/11/04 17:55:06 | 000,024,576 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\ru\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/07/10 23:24:11 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014/07/23 00:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013/09/11 21:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 20:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/09/11 20:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/09/11 20:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/09/11 20:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013/09/11 20:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009/07/13 18:38:14 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009/07/13 18:39:22 | 000,005,632 | ---- | M] () -- \Windows\System32\de-DE\serialui.dll.mui
[2009/07/14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009/07/13 18:39:44 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009/07/13 18:41:04 | 000,011,776 | ---- | M] () -- \Windows\System32\drivers\de-DE\serial.sys.mui
[2009/07/14 08:42:06 | 000,010,240 | ---- | M] () -- \Windows\System32\drivers\en-US\serial.sys.mui
[2009/07/13 18:40:48 | 000,011,776 | ---- | M] () -- \Windows\System32\drivers\fr-FR\serial.sys.mui
[2009/07/13 18:40:54 | 000,010,752 | ---- | M] () -- \Windows\System32\drivers\ru-RU\serial.sys.mui
[2009/07/13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009/07/14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009/07/13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009/07/13 18:10:04 | 000,005,120 | ---- | M] () -- \Windows\System32\en-US\serialui.dll.mui
[2009/07/13 18:46:16 | 000,005,632 | ---- | M] () -- \Windows\System32\fr-FR\serialui.dll.mui
[2009/07/13 18:39:00 | 000,005,120 | ---- | M] () -- \Windows\System32\ru-RU\serialui.dll.mui
[2009/07/14 08:42:02 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009/07/14 03:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009/07/14 03:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2011/03/04 02:47:40 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2011/03/04 00:44:42 | 000,005,632 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_de-de_e8a6ad183d1aaa86_serialui.dll.mui_7d29d2a3
[2011/03/04 00:58:26 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b_serialui.dll.mui_7d29d2a3
[2011/03/04 02:08:10 | 000,005,632 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_341a55f41ef1be52_serialui.dll.mui_7d29d2a3
[2011/03/04 01:14:01 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_dab89ac57cfdb1f2_serialui.dll.mui_7d29d2a3
[2009/07/14 08:42:18 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009/07/14 03:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010/05/11 11:07:40 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16482_none_a6aa58c87482ec04.manifest
[2010/05/11 11:07:40 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.20593_none_8fdd9b8a8e297f02.manifest
[2010/05/11 12:08:35 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.20664_none_8fda83c08e2c4cef.manifest
[2010/11/20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012/10/05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2014/07/02 06:57:49 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29.manifest
[2014/07/14 03:04:09 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf.manifest
[2012/10/05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2014/07/02 07:07:46 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7.manifest
[2014/07/14 03:04:27 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e.manifest
[2009/07/13 18:54:22 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009/07/13 18:58:46 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_de-de_62953c77a121889f.manifest
[2009/07/14 08:41:44 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2009/07/13 18:59:10 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_fr-fr_bceb5ef1dd5ef833.manifest
[2009/07/13 18:59:12 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_ru-ru_ddd0024544b2f993.manifest
[2012/10/05 20:04:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012/10/05 18:12:58 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_de-de_626f1d4da174828e.manifest
[2012/10/05 18:12:04 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2012/10/05 18:11:42 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_fr-fr_bcc53fc7ddb1f222.manifest
[2012/10/05 19:58:15 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_ru-ru_dda9e31b4505f382.manifest
[2014/07/02 07:50:42 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_cs-cz_342b81c984259c43.manifest
[2014/07/02 07:50:16 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_de-de_626b62f3a177cc32.manifest
[2014/07/02 06:39:48 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_en-us_8f47fbdfbfd0e755.manifest
[2014/07/02 07:44:47 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_fr-fr_bcc1856dddb53bc6.manifest
[2014/07/02 08:05:01 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_ru-ru_dda628c145093d26.manifest
[2014/07/14 04:14:58 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_cs-cz_342c98db84249bf9.manifest
[2014/07/14 04:14:51 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_de-de_626c7a05a176cbe8.manifest
[2014/07/14 02:45:53 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_en-us_8f4912f1bfcfe70b.manifest
[2014/07/14 04:01:58 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_fr-fr_bcc29c7fddb43b7c.manifest
[2014/07/14 04:02:10 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_ru-ru_dda73fd345083cdc.manifest
[2012/10/05 20:02:24 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2012/10/05 18:12:23 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_de-de_4b9d788fbb1f7786.manifest
[2012/10/05 18:12:20 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2012/10/05 18:12:42 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_fr-fr_a5f39b09f75ce71a.manifest
[2012/10/05 20:04:34 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_ru-ru_c6d83e5d5eb0e87a.manifest
[2014/07/02 21:15:55 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_cs-cz_1d5edb2f9dcc15f1.manifest
[2014/07/02 21:48:33 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_de-de_4b9ebc59bb1e45e0.manifest
[2014/07/02 06:46:32 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_en-us_787b5545d9776103.manifest
[2014/07/02 21:20:09 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_fr-fr_a5f4ded3f75bb574.manifest
[2014/07/02 21:45:18 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_ru-ru_c6d982275eafb6d4.manifest
[2014/07/14 04:04:07 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_cs-cz_1d5fdb799dcb2f48.manifest
[2014/07/14 04:14:15 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_de-de_4b9fbca3bb1d5f37.manifest
[2014/07/14 02:46:55 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_en-us_787c558fd9767a5a.manifest
[2014/07/14 04:16:49 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_fr-fr_a5f5df1df75acecb.manifest
[2014/07/14 04:13:55 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_ru-ru_c6da82715eaed02b.manifest
[2009/07/14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010/05/11 11:07:40 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16482_none_d6ed8e629c29ed37.manifest
[2010/05/11 11:07:40 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.20593_none_c020d124b5d08035.manifest
[2010/05/11 12:08:35 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.20664_none_c01db95ab5d34e22.manifest
[2010/11/20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012/10/05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2014/07/02 07:00:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c.manifest
[2014/07/14 03:06:40 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12.manifest
[2012/10/05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2014/07/02 07:10:04 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a.manifest
[2014/07/14 03:06:53 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061.manifest
[2009/07/14 02:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009/07/14 02:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009/07/14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010/05/11 11:07:40 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16482_none_dbc83a2fdd008779.manifest
[2010/05/11 11:07:40 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.20593_none_c4fb7cf1f6a71a77.manifest
[2010/05/11 12:08:34 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.20664_none_c4f86527f6a9e864.manifest
[2010/11/20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012/10/05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2014/07/02 06:58:58 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e.manifest
[2014/07/14 03:05:25 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754.manifest
[2012/10/05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2014/07/02 07:08:55 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c.manifest
[2014/07/14 03:05:41 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3.manifest
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/24 00:43:20 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.18523_none_1c70653de072abde\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/24 00:43:36 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.22733_none_05a3bea3fa19258c\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 14:14:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/06/10 14:14:06 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_de-de_04033657f706a133\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009/06/10 14:14:06 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_fr-fr_5e5958d2334410c7\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009/06/10 14:14:04 | 000,024,576 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_ru-ru_7f3dfc259a981227\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/07/08 13:43:48 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7601.18523_cs-cz_d5997ba9da0ab4d7\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/07/08 13:49:06 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7601.18523_de-de_03d95cd3f75ce4c6\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2013/07/08 13:41:58 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7601.18523_fr-fr_5e2f7f4e339a545a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2013/07/08 13:48:21 | 000,024,576 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7601.18523_ru-ru_7f1422a19aee55ba\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/06/10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010/05/11 11:07:47 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16482_none_a6aa58c87482ec04\System.Runtime.Serialization.dll
[2010/05/11 11:07:47 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.20593_none_8fdd9b8a8e297f02\System.Runtime.Serialization.dll
[2010/05/11 12:08:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.20664_none_8fda83c08e2c4cef\System.Runtime.Serialization.dll
[2010/11/05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012/10/05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2014/03/09 22:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29\System.Runtime.Serialization.dll
[2014/07/10 23:24:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf\System.Runtime.Serialization.dll
[2012/10/05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2014/03/17 15:38:28 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7\System.Runtime.Serialization.dll
[2014/07/08 00:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e\System.Runtime.Serialization.dll
[2009/06/08 10:38:48 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009/06/08 10:37:28 | 000,098,304 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_de-de_62953c77a121889f\System.RunTime.Serialization.Resources.dll
[2009/06/08 10:37:02 | 000,102,400 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_fr-fr_bceb5ef1dd5ef833\System.RunTime.Serialization.Resources.dll
[2009/06/08 10:37:06 | 000,126,976 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_ru-ru_ddd0024544b2f993\System.RunTime.Serialization.Resources.dll
[2010/11/13 02:55:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010/11/13 00:19:34 | 000,098,304 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_de-de_626f1d4da174828e\System.RunTime.Serialization.Resources.dll
[2010/11/13 00:35:57 | 000,102,400 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_fr-fr_bcc53fc7ddb1f222\System.RunTime.Serialization.Resources.dll
[2010/11/13 00:40:43 | 000,126,976 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_ru-ru_dda9e31b4505f382\System.RunTime.Serialization.Resources.dll
[2010/11/13 03:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_cs-cz_342b81c984259c43\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:02:37 | 000,098,304 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_de-de_626b62f3a177cc32\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:58:51 | 000,102,400 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_fr-fr_bcc1856dddb53bc6\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:56:03 | 000,126,976 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_ru-ru_dda628c145093d26\System.RunTime.Serialization.Resources.dll
[2010/11/13 03:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_cs-cz_342c98db84249bf9\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:02:37 | 000,098,304 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_de-de_626c7a05a176cbe8\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:58:51 | 000,102,400 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_fr-fr_bcc29c7fddb43b7c\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:56:03 | 000,126,976 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_ru-ru_dda73fd345083cdc\System.RunTime.Serialization.Resources.dll
[2010/11/13 03:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:02:37 | 000,098,304 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_de-de_4b9d788fbb1f7786\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:58:51 | 000,102,400 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_fr-fr_a5f39b09f75ce71a\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:56:03 | 000,126,976 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_ru-ru_c6d83e5d5eb0e87a\System.RunTime.Serialization.Resources.dll
[2010/11/13 03:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_cs-cz_1d5edb2f9dcc15f1\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:02:37 | 000,098,304 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_de-de_4b9ebc59bb1e45e0\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:58:51 | 000,102,400 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_fr-fr_a5f4ded3f75bb574\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:56:03 | 000,126,976 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_ru-ru_c6d982275eafb6d4\System.RunTime.Serialization.Resources.dll
[2010/11/13 03:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_cs-cz_1d5fdb799dcb2f48\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:02:37 | 000,098,304 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_de-de_4b9fbca3bb1d5f37\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:58:51 | 000,102,400 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_fr-fr_a5f5df1df75acecb\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:56:03 | 000,126,976 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_ru-ru_c6da82715eaed02b\System.RunTime.Serialization.Resources.dll
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010/05/11 11:07:47 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16482_none_d6ed8e629c29ed37\System.Runtime.Serialization.dll
[2010/05/11 11:07:47 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.20593_none_c020d124b5d08035\System.Runtime.Serialization.dll
[2010/05/11 12:08:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.20664_none_c01db95ab5d34e22\System.Runtime.Serialization.dll
[2010/11/05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2014/03/09 22:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c\System.Runtime.Serialization.dll
[2014/07/10 23:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12\System.Runtime.Serialization.dll
[2012/10/05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2014/03/17 15:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a\System.Runtime.Serialization.dll
[2014/07/08 00:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061\System.Runtime.Serialization.dll
[2009/07/13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2009/06/10 14:14:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c002c1170ca9a88f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/06/10 14:14:06 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_de-de_5a68367a04c5f928\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009/06/10 14:14:06 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_a5dbdf55e69d0cf4\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009/06/10 14:14:04 | 000,024,576 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_4c7a242744a90094\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/11/04 17:53:34 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_c233d4df09982c29\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/11/04 17:59:44 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_de-de_5c994a4201b47cc2\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010/11/04 18:00:12 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_fr-fr_a80cf31de38b908e\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010/11/04 17:55:06 | 000,024,576 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_ru-ru_4eab37ef4197842e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/11/04 17:53:34 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_c227ede109a14864\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/11/04 17:59:44 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_de-de_5c8d634401bd98fd\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010/11/04 18:00:12 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_fr-fr_a8010c1fe394acc9\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010/11/04 17:55:06 | 000,024,576 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_ru-ru_4e9f50f141a0a069\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/11/04 17:53:34 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.22731_cs-cz_c2a4bc1222c8ce98\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/11/04 17:59:44 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.22731_de-de_5d0a31751ae51f31\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010/11/04 18:00:12 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.22731_fr-fr_a87dda50fcbc32fd\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010/11/04 17:55:06 | 000,024,576 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.22731_ru-ru_4f1c1f225ac8269d\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/07/13 18:38:14 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009/07/13 18:39:22 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_de-de_e8a6ad183d1aaa86\serialui.dll.mui
[2009/07/13 18:10:04 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b\serialui.dll.mui
[2009/07/13 18:46:16 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_341a55f41ef1be52\serialui.dll.mui
[2009/07/13 18:39:00 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_dab89ac57cfdb1f2\serialui.dll.mui
[2009/07/14 08:42:02 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009/06/08 10:38:48 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2009/06/08 10:37:28 | 000,098,304 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_de-de_f7afde17abeebf65\System.RunTime.Serialization.Resources.dll
[2009/06/08 10:37:02 | 000,102,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_432386f38dc5d331\System.RunTime.Serialization.Resources.dll
[2009/06/08 10:37:06 | 000,126,976 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_e9c1cbc4ebd1c6d1\System.RunTime.Serialization.Resources.dll
[2010/11/04 17:53:40 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010/11/04 18:00:16 | 000,098,304 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_de-de_f9e0f1dfa8dd42ff\System.RunTime.Serialization.Resources.dll
[2010/11/04 18:00:28 | 000,102,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_fr-fr_45549abb8ab456cb\System.RunTime.Serialization.Resources.dll
[2010/11/04 17:55:10 | 000,126,976 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_ru-ru_ebf2df8ce8c04a6b\System.RunTime.Serialization.Resources.dll
[2010/11/04 17:53:40 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_5f6f957eb0ca0ea1\System.RunTime.Serialization.Resources.dll
[2010/11/04 18:00:16 | 000,098,304 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_de-de_f9d50ae1a8e65f3a\System.RunTime.Serialization.Resources.dll
[2010/11/04 18:00:28 | 000,102,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_fr-fr_4548b3bd8abd7306\System.RunTime.Serialization.Resources.dll
[2010/11/04 17:55:10 | 000,126,976 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_ru-ru_ebe6f88ee8c966a6\System.RunTime.Serialization.Resources.dll
[2010/11/04 17:53:40 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.22733_cs-cz_5fee6443c9efc783\System.RunTime.Serialization.Resources.dll
[2010/11/04 18:00:16 | 000,098,304 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.22733_de-de_fa53d9a6c20c181c\System.RunTime.Serialization.Resources.dll
[2010/11/04 18:00:28 | 000,102,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.22733_fr-fr_45c78282a3e32be8\System.RunTime.Serialization.Resources.dll
[2010/11/04 17:55:10 | 000,126,976 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.22733_ru-ru_ec65c75401ef1f88\System.RunTime.Serialization.Resources.dll
[2009/07/13 18:39:44 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009/07/13 18:41:04 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_de-de_5ef1ee0ca5ac4a2f\serial.sys.mui
[2009/07/14 08:42:06 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_07e2c405948a55f4\serial.sys.mui
[2009/07/13 18:40:48 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_aa6596e887835dfb\serial.sys.mui
[2009/07/13 18:40:54 | 000,010,752 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_5103dbb9e58f519b\serial.sys.mui
[2009/07/14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009/07/13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010/05/11 11:07:47 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16482_none_dbc83a2fdd008779\System.Runtime.Serialization.dll
[2010/05/11 11:07:47 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.20593_none_c4fb7cf1f6a71a77\System.Runtime.Serialization.dll
[2010/05/11 12:08:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.20664_none_c4f86527f6a9e864\System.Runtime.Serialization.dll
[2010/11/05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2014/03/09 22:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e\System.Runtime.Serialization.dll
[2014/07/10 23:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754\System.Runtime.Serialization.dll
[2012/10/05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
[2014/03/17 15:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c\System.Runtime.Serialization.dll
[2014/07/08 00:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3\System.Runtime.Serialization.dll
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 6168 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
< End of report >
[2011/02/04 14:52:44 | 000,010,134 | R--- | M] () -- C:\Users\janka\AppData\Roaming\Microsoft\Installer\{C12D7D54-7DE8-4DF7-AB2D-8A5ECFB2F89B}\ARPPRODUCTICON.exe
[2011/02/04 14:52:44 | 000,065,536 | R--- | M] (Macrovision Corporation) -- C:\Users\janka\AppData\Roaming\Microsoft\Installer\{C12D7D54-7DE8-4DF7-AB2D-8A5ECFB2F89B}\StorageManager.exe_C12D7D547DE84DF7AB2D8A5ECFB2F89B.exe
[2011/02/04 14:52:44 | 000,008,854 | R--- | M] () -- C:\Users\janka\AppData\Roaming\Microsoft\Installer\{C12D7D54-7DE8-4DF7-AB2D-8A5ECFB2F89B}\UNINST_Uninstall_B_C12D7D547DE84DF7AB2D8A5ECFB2F89B.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010/11/25 22:29:43 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
[2014/11/24 19:30:37 | 000,079,576 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\system32\drivers\mbamchameleon.sys
[2014/11/25 14:50:48 | 000,119,000 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\system32\drivers\MBAMSwissArmy.sys
< %systemroot%\system32\*.* /3 >
[2014/11/25 14:50:58 | 000,000,197 | ---- | M] () -- C:\Windows\system32\2014-11-25-13-50-42.042-AvastVBoxSVC.exe-3360.log
[2014/11/25 15:05:33 | 000,014,224 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/11/25 15:05:33 | 000,014,224 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/11/25 12:15:53 | 001,678,176 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT
[2014/11/23 18:44:16 | 000,141,634 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2014/11/23 18:44:16 | 000,149,324 | ---- | M] () -- C:\Windows\system32\perfc007.dat
[2014/11/23 18:44:16 | 000,122,352 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2014/11/23 18:44:16 | 000,149,788 | ---- | M] () -- C:\Windows\system32\perfc00C.dat
[2014/11/23 18:44:16 | 000,151,050 | ---- | M] () -- C:\Windows\system32\perfc019.dat
[2014/11/23 18:44:16 | 000,037,250 | ---- | M] () -- C:\Windows\system32\perfc01B.dat
[2014/11/23 18:44:16 | 000,660,984 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2014/11/23 18:44:16 | 000,689,352 | ---- | M] () -- C:\Windows\system32\perfh007.dat
[2014/11/23 18:44:16 | 000,654,480 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2014/11/23 18:44:16 | 000,737,860 | ---- | M] () -- C:\Windows\system32\perfh00C.dat
[2014/11/23 18:44:16 | 000,716,744 | ---- | M] () -- C:\Windows\system32\perfh019.dat
[2014/11/23 18:44:16 | 000,145,744 | ---- | M] () -- C:\Windows\system32\perfh01B.dat
[2014/11/23 18:44:16 | 004,345,386 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014/11/25 20:18:28 | 000,000,512 | ---- | M] () MD5=91F57B3DF5DA62D42068892E026F70C0 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2014/11/19 14:22:05 | 000,072,480 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2006/11/09 22:31:32 | 000,163,840 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2011/06/30 15:14:36 | 000,001,702 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\licenses\loaderbinarylegal.txt
[2010/11/25 22:30:19 | 000,057,728 | ---- | M] () -- \Users\janka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2010/11/25 22:30:19 | 000,057,728 | ---- | M] () -- \Users\janka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2010/11/25 22:30:20 | 000,057,728 | ---- | M] () -- \Users\janka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009/07/14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2011/03/04 02:47:42 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2011/03/04 02:47:42 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2011/03/04 02:47:42 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2011/03/04 00:44:42 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_de-de_cd7e3a305679601f.manifest
[2011/03/04 00:44:42 | 000,035,920 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_de-de_cd7e3a305679601f_winload.exe.mui_3bc5b827
[2011/03/04 00:44:42 | 000,030,800 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_de-de_cd7e3a305679601f_winresume.exe.mui_ff8b5358
[2009/07/14 08:42:17 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 08:42:17 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2009/07/14 08:42:17 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2011/03/04 02:08:10 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_18f1e30c385073eb.manifest
[2011/03/04 02:08:10 | 000,035,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_18f1e30c385073eb_winload.exe.mui_3bc5b827
[2011/03/04 02:08:10 | 000,030,784 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_18f1e30c385073eb_winresume.exe.mui_ff8b5358
[2011/03/04 01:14:00 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_bf9027dd965c678b.manifest
[2011/03/04 01:14:00 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_bf9027dd965c678b_winload.exe.mui_3bc5b827
[2011/03/04 01:14:00 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_bf9027dd965c678b_winresume.exe.mui_ff8b5358
[2011/02/28 18:20:28 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011/02/28 18:20:28 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011/02/28 18:20:28 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009/07/14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009/07/13 18:54:50 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009/07/13 18:59:34 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_de-de_cd7e3a305679601f.manifest
[2009/07/14 08:41:36 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/13 18:59:56 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_18f1e30c385073eb.manifest
[2009/07/13 18:59:58 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_bf9027dd965c678b.manifest
[2009/07/14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2010/05/11 10:34:53 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2010/05/11 10:34:53 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010/05/11 13:32:53 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20667_none_5b9e5158e7060a9d.manifest
[2010/11/20 05:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009/07/14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/18 12:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 05:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/04 11:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/04/12 03:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2014/05/13 22:17:02 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014/08/15 23:24:16 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2014/07/10 23:24:10 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010/11/04 17:53:40 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2010/11/04 18:00:16 | 000,098,304 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\System.RunTime.Serialization.Resources.dll
[2010/11/04 18:00:28 | 000,102,400 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\System.RunTime.Serialization.Resources.dll
[2010/11/04 17:55:10 | 000,126,976 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ru\System.RunTime.Serialization.Resources.dll
[2011/06/30 15:13:52 | 000,026,761 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\plugins\com.serialio.win32.x86_2.10.2.0.jar
[2011/06/30 15:13:52 | 000,049,508 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\plugins\com.serialio_2.11.7.13.jar
[2011/06/30 15:14:56 | 000,002,239 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\plugins\com.sonyericsson.cs.serialcommunication_2.11.7.13.jar
[2013/07/08 13:43:48 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/07/08 13:49:06 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2013/07/08 13:41:58 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2013/07/08 13:48:21 | 000,024,576 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_ru_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/06/24 00:43:20 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/13 03:37:50 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:02:37 | 000,098,304 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_de_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:58:51 | 000,102,400 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_fr_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:56:03 | 000,126,976 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_ru_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2014/07/10 23:24:10 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014/10/26 12:32:55 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\91eb4f41130c65ef17f0fee1d3ab48fb\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/10/26 12:36:41 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\b1e0939384cc320d6ac7b8921ccc2877\System.Runtime.Serialization.ni.dll
[2014/09/11 00:47:35 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\e67230bbca0858b6ff4caccfb4595fa8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/09/11 00:47:35 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\e67230bbca0858b6ff4caccfb4595fa8\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014/10/26 12:17:21 | 002,822,144 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll
[2014/10/26 12:17:21 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll.aux
[2014/06/23 20:26:26 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll
[2014/06/23 20:26:26 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll.aux
[2013/09/11 21:33:38 | 001,052,320 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\271D3094BCCDF293393A43ACD974EFD3\4.5.50938\System.Runtime.Serialization.dll.x86
[2013/09/11 21:33:38 | 001,052,320 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\271D3094BCCDF293393A43ACD974EFD3\4.5.50938\System.Runtime.Serialization.dll_gac_x86
[2013/09/11 21:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 20:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013/09/11 20:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013/09/11 20:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2014/07/23 00:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/09/11 20:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013/09/11 20:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2014/06/24 00:43:20 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/04 17:53:34 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/11/04 17:59:44 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\DE\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010/11/04 18:00:12 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\fr\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010/11/04 17:55:06 | 000,024,576 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\ru\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/07/10 23:24:11 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014/07/23 00:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013/09/11 21:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 20:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/09/11 20:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/09/11 20:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/09/11 20:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013/09/11 20:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009/07/13 18:38:14 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009/07/13 18:39:22 | 000,005,632 | ---- | M] () -- \Windows\System32\de-DE\serialui.dll.mui
[2009/07/14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009/07/13 18:39:44 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009/07/13 18:41:04 | 000,011,776 | ---- | M] () -- \Windows\System32\drivers\de-DE\serial.sys.mui
[2009/07/14 08:42:06 | 000,010,240 | ---- | M] () -- \Windows\System32\drivers\en-US\serial.sys.mui
[2009/07/13 18:40:48 | 000,011,776 | ---- | M] () -- \Windows\System32\drivers\fr-FR\serial.sys.mui
[2009/07/13 18:40:54 | 000,010,752 | ---- | M] () -- \Windows\System32\drivers\ru-RU\serial.sys.mui
[2009/07/13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009/07/14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009/07/13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009/07/13 18:10:04 | 000,005,120 | ---- | M] () -- \Windows\System32\en-US\serialui.dll.mui
[2009/07/13 18:46:16 | 000,005,632 | ---- | M] () -- \Windows\System32\fr-FR\serialui.dll.mui
[2009/07/13 18:39:00 | 000,005,120 | ---- | M] () -- \Windows\System32\ru-RU\serialui.dll.mui
[2009/07/14 08:42:02 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009/07/14 03:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009/07/14 03:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2011/03/04 02:47:40 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2011/03/04 00:44:42 | 000,005,632 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_de-de_e8a6ad183d1aaa86_serialui.dll.mui_7d29d2a3
[2011/03/04 00:58:26 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b_serialui.dll.mui_7d29d2a3
[2011/03/04 02:08:10 | 000,005,632 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_341a55f41ef1be52_serialui.dll.mui_7d29d2a3
[2011/03/04 01:14:01 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_dab89ac57cfdb1f2_serialui.dll.mui_7d29d2a3
[2009/07/14 08:42:18 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009/07/14 03:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010/05/11 11:07:40 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16482_none_a6aa58c87482ec04.manifest
[2010/05/11 11:07:40 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.20593_none_8fdd9b8a8e297f02.manifest
[2010/05/11 12:08:35 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.20664_none_8fda83c08e2c4cef.manifest
[2010/11/20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012/10/05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2014/07/02 06:57:49 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29.manifest
[2014/07/14 03:04:09 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf.manifest
[2012/10/05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2014/07/02 07:07:46 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7.manifest
[2014/07/14 03:04:27 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e.manifest
[2009/07/13 18:54:22 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009/07/13 18:58:46 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_de-de_62953c77a121889f.manifest
[2009/07/14 08:41:44 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2009/07/13 18:59:10 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_fr-fr_bceb5ef1dd5ef833.manifest
[2009/07/13 18:59:12 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_ru-ru_ddd0024544b2f993.manifest
[2012/10/05 20:04:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012/10/05 18:12:58 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_de-de_626f1d4da174828e.manifest
[2012/10/05 18:12:04 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2012/10/05 18:11:42 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_fr-fr_bcc53fc7ddb1f222.manifest
[2012/10/05 19:58:15 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_ru-ru_dda9e31b4505f382.manifest
[2014/07/02 07:50:42 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_cs-cz_342b81c984259c43.manifest
[2014/07/02 07:50:16 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_de-de_626b62f3a177cc32.manifest
[2014/07/02 06:39:48 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_en-us_8f47fbdfbfd0e755.manifest
[2014/07/02 07:44:47 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_fr-fr_bcc1856dddb53bc6.manifest
[2014/07/02 08:05:01 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_ru-ru_dda628c145093d26.manifest
[2014/07/14 04:14:58 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_cs-cz_342c98db84249bf9.manifest
[2014/07/14 04:14:51 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_de-de_626c7a05a176cbe8.manifest
[2014/07/14 02:45:53 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_en-us_8f4912f1bfcfe70b.manifest
[2014/07/14 04:01:58 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_fr-fr_bcc29c7fddb43b7c.manifest
[2014/07/14 04:02:10 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_ru-ru_dda73fd345083cdc.manifest
[2012/10/05 20:02:24 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2012/10/05 18:12:23 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_de-de_4b9d788fbb1f7786.manifest
[2012/10/05 18:12:20 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2012/10/05 18:12:42 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_fr-fr_a5f39b09f75ce71a.manifest
[2012/10/05 20:04:34 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_ru-ru_c6d83e5d5eb0e87a.manifest
[2014/07/02 21:15:55 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_cs-cz_1d5edb2f9dcc15f1.manifest
[2014/07/02 21:48:33 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_de-de_4b9ebc59bb1e45e0.manifest
[2014/07/02 06:46:32 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_en-us_787b5545d9776103.manifest
[2014/07/02 21:20:09 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_fr-fr_a5f4ded3f75bb574.manifest
[2014/07/02 21:45:18 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_ru-ru_c6d982275eafb6d4.manifest
[2014/07/14 04:04:07 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_cs-cz_1d5fdb799dcb2f48.manifest
[2014/07/14 04:14:15 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_de-de_4b9fbca3bb1d5f37.manifest
[2014/07/14 02:46:55 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_en-us_787c558fd9767a5a.manifest
[2014/07/14 04:16:49 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_fr-fr_a5f5df1df75acecb.manifest
[2014/07/14 04:13:55 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_ru-ru_c6da82715eaed02b.manifest
[2009/07/14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010/05/11 11:07:40 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16482_none_d6ed8e629c29ed37.manifest
[2010/05/11 11:07:40 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.20593_none_c020d124b5d08035.manifest
[2010/05/11 12:08:35 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.20664_none_c01db95ab5d34e22.manifest
[2010/11/20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012/10/05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2014/07/02 07:00:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c.manifest
[2014/07/14 03:06:40 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12.manifest
[2012/10/05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2014/07/02 07:10:04 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a.manifest
[2014/07/14 03:06:53 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061.manifest
[2009/07/14 02:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009/07/14 02:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009/07/14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010/05/11 11:07:40 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16482_none_dbc83a2fdd008779.manifest
[2010/05/11 11:07:40 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.20593_none_c4fb7cf1f6a71a77.manifest
[2010/05/11 12:08:34 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.20664_none_c4f86527f6a9e864.manifest
[2010/11/20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012/10/05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2014/07/02 06:58:58 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e.manifest
[2014/07/14 03:05:25 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754.manifest
[2012/10/05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2014/07/02 07:08:55 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c.manifest
[2014/07/14 03:05:41 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3.manifest
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/24 00:43:20 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.18523_none_1c70653de072abde\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/24 00:43:36 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.22733_none_05a3bea3fa19258c\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 14:14:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/06/10 14:14:06 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_de-de_04033657f706a133\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009/06/10 14:14:06 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_fr-fr_5e5958d2334410c7\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009/06/10 14:14:04 | 000,024,576 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_ru-ru_7f3dfc259a981227\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/07/08 13:43:48 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7601.18523_cs-cz_d5997ba9da0ab4d7\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/07/08 13:49:06 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7601.18523_de-de_03d95cd3f75ce4c6\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2013/07/08 13:41:58 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7601.18523_fr-fr_5e2f7f4e339a545a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2013/07/08 13:48:21 | 000,024,576 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7601.18523_ru-ru_7f1422a19aee55ba\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/06/10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010/05/11 11:07:47 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16482_none_a6aa58c87482ec04\System.Runtime.Serialization.dll
[2010/05/11 11:07:47 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.20593_none_8fdd9b8a8e297f02\System.Runtime.Serialization.dll
[2010/05/11 12:08:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.20664_none_8fda83c08e2c4cef\System.Runtime.Serialization.dll
[2010/11/05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012/10/05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2014/03/09 22:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29\System.Runtime.Serialization.dll
[2014/07/10 23:24:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf\System.Runtime.Serialization.dll
[2012/10/05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2014/03/17 15:38:28 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7\System.Runtime.Serialization.dll
[2014/07/08 00:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e\System.Runtime.Serialization.dll
[2009/06/08 10:38:48 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009/06/08 10:37:28 | 000,098,304 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_de-de_62953c77a121889f\System.RunTime.Serialization.Resources.dll
[2009/06/08 10:37:02 | 000,102,400 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_fr-fr_bceb5ef1dd5ef833\System.RunTime.Serialization.Resources.dll
[2009/06/08 10:37:06 | 000,126,976 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_ru-ru_ddd0024544b2f993\System.RunTime.Serialization.Resources.dll
[2010/11/13 02:55:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010/11/13 00:19:34 | 000,098,304 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_de-de_626f1d4da174828e\System.RunTime.Serialization.Resources.dll
[2010/11/13 00:35:57 | 000,102,400 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_fr-fr_bcc53fc7ddb1f222\System.RunTime.Serialization.Resources.dll
[2010/11/13 00:40:43 | 000,126,976 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_ru-ru_dda9e31b4505f382\System.RunTime.Serialization.Resources.dll
[2010/11/13 03:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_cs-cz_342b81c984259c43\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:02:37 | 000,098,304 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_de-de_626b62f3a177cc32\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:58:51 | 000,102,400 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_fr-fr_bcc1856dddb53bc6\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:56:03 | 000,126,976 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_ru-ru_dda628c145093d26\System.RunTime.Serialization.Resources.dll
[2010/11/13 03:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_cs-cz_342c98db84249bf9\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:02:37 | 000,098,304 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_de-de_626c7a05a176cbe8\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:58:51 | 000,102,400 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_fr-fr_bcc29c7fddb43b7c\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:56:03 | 000,126,976 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_ru-ru_dda73fd345083cdc\System.RunTime.Serialization.Resources.dll
[2010/11/13 03:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:02:37 | 000,098,304 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_de-de_4b9d788fbb1f7786\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:58:51 | 000,102,400 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_fr-fr_a5f39b09f75ce71a\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:56:03 | 000,126,976 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_ru-ru_c6d83e5d5eb0e87a\System.RunTime.Serialization.Resources.dll
[2010/11/13 03:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_cs-cz_1d5edb2f9dcc15f1\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:02:37 | 000,098,304 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_de-de_4b9ebc59bb1e45e0\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:58:51 | 000,102,400 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_fr-fr_a5f4ded3f75bb574\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:56:03 | 000,126,976 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_ru-ru_c6d982275eafb6d4\System.RunTime.Serialization.Resources.dll
[2010/11/13 03:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_cs-cz_1d5fdb799dcb2f48\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:02:37 | 000,098,304 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_de-de_4b9fbca3bb1d5f37\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:58:51 | 000,102,400 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_fr-fr_a5f5df1df75acecb\System.RunTime.Serialization.Resources.dll
[2010/11/13 01:56:03 | 000,126,976 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_ru-ru_c6da82715eaed02b\System.RunTime.Serialization.Resources.dll
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010/05/11 11:07:47 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16482_none_d6ed8e629c29ed37\System.Runtime.Serialization.dll
[2010/05/11 11:07:47 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.20593_none_c020d124b5d08035\System.Runtime.Serialization.dll
[2010/05/11 12:08:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.20664_none_c01db95ab5d34e22\System.Runtime.Serialization.dll
[2010/11/05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2014/03/09 22:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c\System.Runtime.Serialization.dll
[2014/07/10 23:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12\System.Runtime.Serialization.dll
[2012/10/05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2014/03/17 15:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a\System.Runtime.Serialization.dll
[2014/07/08 00:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061\System.Runtime.Serialization.dll
[2009/07/13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2009/06/10 14:14:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c002c1170ca9a88f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/06/10 14:14:06 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_de-de_5a68367a04c5f928\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009/06/10 14:14:06 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_a5dbdf55e69d0cf4\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009/06/10 14:14:04 | 000,024,576 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_4c7a242744a90094\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/11/04 17:53:34 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_c233d4df09982c29\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/11/04 17:59:44 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_de-de_5c994a4201b47cc2\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010/11/04 18:00:12 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_fr-fr_a80cf31de38b908e\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010/11/04 17:55:06 | 000,024,576 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_ru-ru_4eab37ef4197842e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/11/04 17:53:34 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_c227ede109a14864\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/11/04 17:59:44 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_de-de_5c8d634401bd98fd\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010/11/04 18:00:12 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_fr-fr_a8010c1fe394acc9\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010/11/04 17:55:06 | 000,024,576 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_ru-ru_4e9f50f141a0a069\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/11/04 17:53:34 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.22731_cs-cz_c2a4bc1222c8ce98\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/11/04 17:59:44 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.22731_de-de_5d0a31751ae51f31\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010/11/04 18:00:12 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.22731_fr-fr_a87dda50fcbc32fd\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010/11/04 17:55:06 | 000,024,576 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.22731_ru-ru_4f1c1f225ac8269d\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/07/13 18:38:14 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009/07/13 18:39:22 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_de-de_e8a6ad183d1aaa86\serialui.dll.mui
[2009/07/13 18:10:04 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b\serialui.dll.mui
[2009/07/13 18:46:16 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_341a55f41ef1be52\serialui.dll.mui
[2009/07/13 18:39:00 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_dab89ac57cfdb1f2\serialui.dll.mui
[2009/07/14 08:42:02 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009/06/08 10:38:48 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2009/06/08 10:37:28 | 000,098,304 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_de-de_f7afde17abeebf65\System.RunTime.Serialization.Resources.dll
[2009/06/08 10:37:02 | 000,102,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_432386f38dc5d331\System.RunTime.Serialization.Resources.dll
[2009/06/08 10:37:06 | 000,126,976 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_e9c1cbc4ebd1c6d1\System.RunTime.Serialization.Resources.dll
[2010/11/04 17:53:40 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010/11/04 18:00:16 | 000,098,304 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_de-de_f9e0f1dfa8dd42ff\System.RunTime.Serialization.Resources.dll
[2010/11/04 18:00:28 | 000,102,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_fr-fr_45549abb8ab456cb\System.RunTime.Serialization.Resources.dll
[2010/11/04 17:55:10 | 000,126,976 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_ru-ru_ebf2df8ce8c04a6b\System.RunTime.Serialization.Resources.dll
[2010/11/04 17:53:40 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_5f6f957eb0ca0ea1\System.RunTime.Serialization.Resources.dll
[2010/11/04 18:00:16 | 000,098,304 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_de-de_f9d50ae1a8e65f3a\System.RunTime.Serialization.Resources.dll
[2010/11/04 18:00:28 | 000,102,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_fr-fr_4548b3bd8abd7306\System.RunTime.Serialization.Resources.dll
[2010/11/04 17:55:10 | 000,126,976 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_ru-ru_ebe6f88ee8c966a6\System.RunTime.Serialization.Resources.dll
[2010/11/04 17:53:40 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.22733_cs-cz_5fee6443c9efc783\System.RunTime.Serialization.Resources.dll
[2010/11/04 18:00:16 | 000,098,304 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.22733_de-de_fa53d9a6c20c181c\System.RunTime.Serialization.Resources.dll
[2010/11/04 18:00:28 | 000,102,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.22733_fr-fr_45c78282a3e32be8\System.RunTime.Serialization.Resources.dll
[2010/11/04 17:55:10 | 000,126,976 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.22733_ru-ru_ec65c75401ef1f88\System.RunTime.Serialization.Resources.dll
[2009/07/13 18:39:44 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009/07/13 18:41:04 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_de-de_5ef1ee0ca5ac4a2f\serial.sys.mui
[2009/07/14 08:42:06 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_07e2c405948a55f4\serial.sys.mui
[2009/07/13 18:40:48 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_aa6596e887835dfb\serial.sys.mui
[2009/07/13 18:40:54 | 000,010,752 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_5103dbb9e58f519b\serial.sys.mui
[2009/07/14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009/07/13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010/05/11 11:07:47 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16482_none_dbc83a2fdd008779\System.Runtime.Serialization.dll
[2010/05/11 11:07:47 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.20593_none_c4fb7cf1f6a71a77\System.Runtime.Serialization.dll
[2010/05/11 12:08:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.20664_none_c4f86527f6a9e864\System.Runtime.Serialization.dll
[2010/11/05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2014/03/09 22:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e\System.Runtime.Serialization.dll
[2014/07/10 23:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754\System.Runtime.Serialization.dll
[2012/10/05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
[2014/03/17 15:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c\System.Runtime.Serialization.dll
[2014/07/08 00:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3\System.Runtime.Serialization.dll
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 6168 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
< End of report >
-
yossarian2
- Návštěvník
- Příspěvky: 48
- Registrován: 29 pro 2009 18:32
Re: Prosim o pomoc - system "odkrajuje" týždenne 10GB z disk
Extras.txt
OTL Extras logfile created on: 25. 11. 2014 20:15:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\janka\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
2,00 Gb Total Physical Memory | 0,95 Gb Available Physical Memory | 47,48% Memory free
4,00 Gb Paging File | 2,63 Gb Available in Paging File | 65,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58,50 Gb Total Space | 5,83 Gb Free Space | 9,97% Space Free | Partition Type: NTFS
Drive D: | 90,45 Gb Total Space | 32,17 Gb Free Space | 35,57% Space Free | Partition Type: NTFS
Drive F: | 1397,26 Gb Total Space | 618,87 Gb Free Space | 44,29% Space Free | Partition Type: NTFS
Computer Name: JANKA-PC | User Name: janka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-192176685-3027731864-3682753610-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 4.0 Beta 7\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{007B9FEE-09DB-4BE7-9823-2E793CC954E0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0118416E-5A73-45FC-B3EE-B10DAD52C97D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{01B0121A-8162-4FD8-82DC-F56B88092515}" = lport=137 | protocol=17 | dir=in | app=system |
"{0E5313AA-C1C5-45E2-BB87-6FA606EE3FF9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{19076CA9-C667-411D-A95F-172F2C8D67F0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2BA80575-7EA4-4E0C-AC04-25CB64A2A2C2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{60ACCC1A-91DE-408E-855A-0E279BBD45F1}" = rport=445 | protocol=6 | dir=out | app=system |
"{61B2AB55-29B7-4DD1-B9D9-6FBFFEA94C98}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{73CA1FF4-0410-42EB-96AA-50D91FBBD4FA}" = rport=10243 | protocol=6 | dir=out | app=system |
"{799DD54C-A002-4B05-BED8-94E2578F34E2}" = lport=138 | protocol=17 | dir=in | app=system |
"{92803307-9AA6-4893-8D5B-460F1617EEA3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{942746BC-9F47-4217-8D40-90E92B42CFD6}" = rport=137 | protocol=17 | dir=out | app=system |
"{A7BD591C-2F2A-4017-9EC5-1F1C9CE1E5DF}" = rport=138 | protocol=17 | dir=out | app=system |
"{C060E4E4-8EDE-4B39-A10A-153DCA6AF8C0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C8819E23-2EA1-4BA5-B070-C7453A9C0717}" = lport=139 | protocol=6 | dir=in | app=system |
"{CB3F5E28-C7EB-4BB4-917B-489B6BCC46E4}" = rport=139 | protocol=6 | dir=out | app=system |
"{CDE01DA2-A122-48E4-A9E0-E25F87B33D38}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DEB46AFB-9318-4E26-BD8A-18EE17CCE52A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DFB102B4-8D93-4B16-A1EC-0D79607E7EE9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E84CABA9-2C9C-4C89-98BC-6C4E38EBD589}" = lport=2869 | protocol=6 | dir=in | app=system |
"{ED188CB3-2CF5-4324-83CA-777BC0F1670F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F4C4802E-B857-4BC9-B806-C2247814B608}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F88FFFB5-176B-4873-888C-2BDCD6C1E2F8}" = lport=445 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{072B5B79-F669-4998-9506-EEE95CB9EDC4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{074325A2-0CD2-45E2-9A97-53E19804EDEB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{29D1FEF4-F057-4F48-9A8F-D9520CE92260}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2A9FC954-6C3D-4695-B697-139FAA53EA42}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2EE3B4D5-E7BA-4E70-B237-6DB40A5A69EE}" = protocol=6 | dir=in | app=c:\program files\avast software\avast\ng\vbox\aswfe.exe |
"{3E7D8E07-FAF5-4057-A955-79A6708C55DD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{460D820E-48F6-4744-AA02-F0261738AF70}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{491BBFD9-9238-49C7-A739-7593C9E2A3A1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{53DBC42C-6E8E-4F2B-802E-C4E142D030A0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5A1FE4CE-81D8-4060-A262-7C0B8695EED1}" = protocol=6 | dir=out | app=system |
"{5D8E85CF-EE1A-46D0-A3A7-A1D134AD1FB1}" = protocol=17 | dir=in | app=c:\program files\avast software\avast\ng\vbox\aswfe.exe |
"{726D5DF4-DC33-4029-AE06-14AC5BE6088B}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{92E95273-6E91-4E07-9588-8C5BE8B816BC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{95D8F9A9-E4BC-4B9E-AB12-083A18D47FEE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9A3DE633-7276-4D68-AD7D-4292B6FF26EA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AB5C488C-9302-4C2B-894A-DAF8AC62808E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B3EC86A3-EF12-48F9-BF4F-6F1E657F8351}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CC92A453-9138-43F3-A9AF-54BF25BC98B6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D321D6A9-BB14-467D-BC5C-3EA73B741BB4}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{DBAC49F4-5C25-4635-B721-A30790293D61}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{1DDD0BC0-8965-4279-B0DC-303D27C86C7C}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{B61A40E5-06ED-4F63-AB2C-88065CBF58F0}C:\program files\belkin storage manager\storagemanager.exe" = protocol=6 | dir=in | app=c:\program files\belkin storage manager\storagemanager.exe |
"TCP Query User{BF194BBB-92EC-4376-A50B-1EA0BD7E85CF}D:\games\civilization 2\civ2.exe" = protocol=6 | dir=in | app=d:\games\civilization 2\civ2.exe |
"UDP Query User{3F8A2EE1-FE8D-4492-A45F-02906996BB79}C:\program files\belkin storage manager\storagemanager.exe" = protocol=17 | dir=in | app=c:\program files\belkin storage manager\storagemanager.exe |
"UDP Query User{9AC259CA-8A58-4971-AAEE-7BAA90B9F676}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{F7BB7462-D5EA-45E8-BCD1-5208AD3AD8D6}D:\games\civilization 2\civ2.exe" = protocol=17 | dir=in | app=d:\games\civilization 2\civ2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{235BBFC6-D863-4066-A01A-3BD504C31051}" = Nero 7 Ultra Edition
"{26A24AE4-039D-4CA4-87B4-2F03217067FF}" = Java 7 Update 67
"{26A24AE4-039D-4CA4-87B4-2F83218025F0}" = Java 8 Update 25
"{2D3858B1-226A-420D-9C9D-B51864E85429}" = Nuvoton CIR Device Driver
"{31423F74-36B2-4d24-B10D-CD00BFB7C118}" = Intel(R) Turbo Memory
"{3EAAC5FD-E209-4856-8C49-D4EA40F85032}" = Mobile Connect
"{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}" = Sid Meier's Civilization 4
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{581CE7EA-A30D-0000-1211-088635773309}" = 802.11b+g USB Wireless LAN Adapter
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5U8xx Media Driver ver.3.62.02
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager and Intel(R) Turbo Memory
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.09) - Czech
"{C12D7D54-7DE8-4DF7-AB2D-8A5ECFB2F89B}" = Belkin Storage Manager
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.165
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"avast" = Avast Free Antivirus
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Defraggler" = Defraggler
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Mozilla Firefox 34.0 (x86 cs)" = Mozilla Firefox 34.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"Unlocker" = Unlocker 1.8.9
"Update Engine" = Sony Ericsson Update Engine
"VLC media player" = VLC media player
"WinRAR archiver" = WinRAR 5.11 (32-bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-192176685-3027731864-3682753610-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PhotoFiltre Studio X" = PhotoFiltre Studio X
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 16. 12. 2013 0:54:45 | Computer Name = janka-PC | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: firefox.exe, verzia: 27.0.0.5091, časová
značka: 0x52a6f6e1 Názov chybového modulu: xul.dll, verzia: 27.0.0.5091, časová
značka: 0x52a6f6af Kód výnimky: 0xc0000005 Odstup chyby: 0x00123b77 Identifikácia chybného
procesu: 0xbd4 Čas spustenia chybnej aplikácie: 0x01cefa07e2eb8a1d Cesta chybnej
aplikácie: C:\Program Files\Mozilla Firefox 4.0 Beta 7\firefox.exe Cesta chybného
modulu: C:\Program Files\Mozilla Firefox 4.0 Beta 7\xul.dll Identifikácia hlásenia:
2ea32659-660e-11e3-ad65-001b247917f7
Error - 17. 12. 2013 6:07:27 | Computer Name = janka-PC | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: SpywareTerminatorUpdate.exe, verzia: 3.0.0.41,
časová značka: 0x513077e0 Názov chybového modulu: TorrentDll.dll, verzia: 3.0.0.1,
časová značka: 0x4dbe5f67 Kód výnimky: 0xc0000417 Odstup chyby: 0x00132780 Identifikácia
chybného procesu: 0x1098 Čas spustenia chybnej aplikácie: 0x01cefb048c1c9757 Cesta
chybnej aplikácie: C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
Cesta
chybného modulu: C:\Program Files\Spyware Terminator\TorrentDll.dll Identifikácia
hlásenia: 07ff9446-6703-11e3-ad65-001b247917f7
Error - 17. 12. 2013 23:22:19 | Computer Name = janka-PC | Source = ESENT | ID = 455
Description = Windows (3636) Windows: Error -1811 occurred while opening logfile
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00008.log.
Error - 17. 12. 2013 23:22:19 | Computer Name = janka-PC | Source = Windows Search Service | ID = 9000
Description =
Error - 17. 12. 2013 23:22:19 | Computer Name = janka-PC | Source = Windows Search Service | ID = 7040
Description =
Error - 17. 12. 2013 23:22:19 | Computer Name = janka-PC | Source = Windows Search Service | ID = 7042
Description =
Error - 17. 12. 2013 23:22:19 | Computer Name = janka-PC | Source = Windows Search Service | ID = 9002
Description =
Error - 17. 12. 2013 23:22:19 | Computer Name = janka-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 17. 12. 2013 23:22:20 | Computer Name = janka-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 17. 12. 2013 23:22:20 | Computer Name = janka-PC | Source = Windows Search Service | ID = 3028
Description =
[ System Events ]
Error - 23. 11. 2014 20:12:21 | Computer Name = janka-PC | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.
Error - 23. 11. 2014 20:14:51 | Computer Name = janka-PC | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.
Error - 23. 11. 2014 20:19:53 | Computer Name = janka-PC | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.
Error - 23. 11. 2014 20:24:22 | Computer Name = janka-PC | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.
Error - 23. 11. 2014 23:37:44 | Computer Name = janka-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.
Error - 24. 11. 2014 14:28:56 | Computer Name = janka-PC | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Display Driver Service sa neočakávane ukončila. Služba
sa týmto spôsobom ukončila už 1-krát.
Error - 24. 11. 2014 14:34:50 | Computer Name = janka-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 19:32:20 on ?24. ?11. ?2014 was unexpected.
Error - 24. 11. 2014 14:35:19 | Computer Name = JANKA-PC | Source = BugCheck | ID = 1001
Description =
Error - 25. 11. 2014 9:55:01 | Computer Name = JANKA-PC | Source = BugCheck | ID = 1001
Description =
Error - 25. 11. 2014 9:55:34 | Computer Name = janka-PC | Source = Service Control Manager | ID = 7011
Description = Počas čakania na odpoveď transakcie od služby MBAMService bol dosiahnutý
časový limit (30000 ms).
< End of report >
OTL Extras logfile created on: 25. 11. 2014 20:15:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\janka\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
2,00 Gb Total Physical Memory | 0,95 Gb Available Physical Memory | 47,48% Memory free
4,00 Gb Paging File | 2,63 Gb Available in Paging File | 65,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58,50 Gb Total Space | 5,83 Gb Free Space | 9,97% Space Free | Partition Type: NTFS
Drive D: | 90,45 Gb Total Space | 32,17 Gb Free Space | 35,57% Space Free | Partition Type: NTFS
Drive F: | 1397,26 Gb Total Space | 618,87 Gb Free Space | 44,29% Space Free | Partition Type: NTFS
Computer Name: JANKA-PC | User Name: janka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-192176685-3027731864-3682753610-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 4.0 Beta 7\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{007B9FEE-09DB-4BE7-9823-2E793CC954E0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0118416E-5A73-45FC-B3EE-B10DAD52C97D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{01B0121A-8162-4FD8-82DC-F56B88092515}" = lport=137 | protocol=17 | dir=in | app=system |
"{0E5313AA-C1C5-45E2-BB87-6FA606EE3FF9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{19076CA9-C667-411D-A95F-172F2C8D67F0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2BA80575-7EA4-4E0C-AC04-25CB64A2A2C2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{60ACCC1A-91DE-408E-855A-0E279BBD45F1}" = rport=445 | protocol=6 | dir=out | app=system |
"{61B2AB55-29B7-4DD1-B9D9-6FBFFEA94C98}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{73CA1FF4-0410-42EB-96AA-50D91FBBD4FA}" = rport=10243 | protocol=6 | dir=out | app=system |
"{799DD54C-A002-4B05-BED8-94E2578F34E2}" = lport=138 | protocol=17 | dir=in | app=system |
"{92803307-9AA6-4893-8D5B-460F1617EEA3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{942746BC-9F47-4217-8D40-90E92B42CFD6}" = rport=137 | protocol=17 | dir=out | app=system |
"{A7BD591C-2F2A-4017-9EC5-1F1C9CE1E5DF}" = rport=138 | protocol=17 | dir=out | app=system |
"{C060E4E4-8EDE-4B39-A10A-153DCA6AF8C0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C8819E23-2EA1-4BA5-B070-C7453A9C0717}" = lport=139 | protocol=6 | dir=in | app=system |
"{CB3F5E28-C7EB-4BB4-917B-489B6BCC46E4}" = rport=139 | protocol=6 | dir=out | app=system |
"{CDE01DA2-A122-48E4-A9E0-E25F87B33D38}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DEB46AFB-9318-4E26-BD8A-18EE17CCE52A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DFB102B4-8D93-4B16-A1EC-0D79607E7EE9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E84CABA9-2C9C-4C89-98BC-6C4E38EBD589}" = lport=2869 | protocol=6 | dir=in | app=system |
"{ED188CB3-2CF5-4324-83CA-777BC0F1670F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F4C4802E-B857-4BC9-B806-C2247814B608}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F88FFFB5-176B-4873-888C-2BDCD6C1E2F8}" = lport=445 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{072B5B79-F669-4998-9506-EEE95CB9EDC4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{074325A2-0CD2-45E2-9A97-53E19804EDEB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{29D1FEF4-F057-4F48-9A8F-D9520CE92260}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2A9FC954-6C3D-4695-B697-139FAA53EA42}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2EE3B4D5-E7BA-4E70-B237-6DB40A5A69EE}" = protocol=6 | dir=in | app=c:\program files\avast software\avast\ng\vbox\aswfe.exe |
"{3E7D8E07-FAF5-4057-A955-79A6708C55DD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{460D820E-48F6-4744-AA02-F0261738AF70}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{491BBFD9-9238-49C7-A739-7593C9E2A3A1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{53DBC42C-6E8E-4F2B-802E-C4E142D030A0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5A1FE4CE-81D8-4060-A262-7C0B8695EED1}" = protocol=6 | dir=out | app=system |
"{5D8E85CF-EE1A-46D0-A3A7-A1D134AD1FB1}" = protocol=17 | dir=in | app=c:\program files\avast software\avast\ng\vbox\aswfe.exe |
"{726D5DF4-DC33-4029-AE06-14AC5BE6088B}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{92E95273-6E91-4E07-9588-8C5BE8B816BC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{95D8F9A9-E4BC-4B9E-AB12-083A18D47FEE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9A3DE633-7276-4D68-AD7D-4292B6FF26EA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AB5C488C-9302-4C2B-894A-DAF8AC62808E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B3EC86A3-EF12-48F9-BF4F-6F1E657F8351}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CC92A453-9138-43F3-A9AF-54BF25BC98B6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D321D6A9-BB14-467D-BC5C-3EA73B741BB4}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{DBAC49F4-5C25-4635-B721-A30790293D61}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{1DDD0BC0-8965-4279-B0DC-303D27C86C7C}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{B61A40E5-06ED-4F63-AB2C-88065CBF58F0}C:\program files\belkin storage manager\storagemanager.exe" = protocol=6 | dir=in | app=c:\program files\belkin storage manager\storagemanager.exe |
"TCP Query User{BF194BBB-92EC-4376-A50B-1EA0BD7E85CF}D:\games\civilization 2\civ2.exe" = protocol=6 | dir=in | app=d:\games\civilization 2\civ2.exe |
"UDP Query User{3F8A2EE1-FE8D-4492-A45F-02906996BB79}C:\program files\belkin storage manager\storagemanager.exe" = protocol=17 | dir=in | app=c:\program files\belkin storage manager\storagemanager.exe |
"UDP Query User{9AC259CA-8A58-4971-AAEE-7BAA90B9F676}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{F7BB7462-D5EA-45E8-BCD1-5208AD3AD8D6}D:\games\civilization 2\civ2.exe" = protocol=17 | dir=in | app=d:\games\civilization 2\civ2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{235BBFC6-D863-4066-A01A-3BD504C31051}" = Nero 7 Ultra Edition
"{26A24AE4-039D-4CA4-87B4-2F03217067FF}" = Java 7 Update 67
"{26A24AE4-039D-4CA4-87B4-2F83218025F0}" = Java 8 Update 25
"{2D3858B1-226A-420D-9C9D-B51864E85429}" = Nuvoton CIR Device Driver
"{31423F74-36B2-4d24-B10D-CD00BFB7C118}" = Intel(R) Turbo Memory
"{3EAAC5FD-E209-4856-8C49-D4EA40F85032}" = Mobile Connect
"{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}" = Sid Meier's Civilization 4
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{581CE7EA-A30D-0000-1211-088635773309}" = 802.11b+g USB Wireless LAN Adapter
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5U8xx Media Driver ver.3.62.02
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager and Intel(R) Turbo Memory
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.09) - Czech
"{C12D7D54-7DE8-4DF7-AB2D-8A5ECFB2F89B}" = Belkin Storage Manager
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.165
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"avast" = Avast Free Antivirus
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Defraggler" = Defraggler
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Mozilla Firefox 34.0 (x86 cs)" = Mozilla Firefox 34.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"Unlocker" = Unlocker 1.8.9
"Update Engine" = Sony Ericsson Update Engine
"VLC media player" = VLC media player
"WinRAR archiver" = WinRAR 5.11 (32-bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-192176685-3027731864-3682753610-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PhotoFiltre Studio X" = PhotoFiltre Studio X
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 16. 12. 2013 0:54:45 | Computer Name = janka-PC | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: firefox.exe, verzia: 27.0.0.5091, časová
značka: 0x52a6f6e1 Názov chybového modulu: xul.dll, verzia: 27.0.0.5091, časová
značka: 0x52a6f6af Kód výnimky: 0xc0000005 Odstup chyby: 0x00123b77 Identifikácia chybného
procesu: 0xbd4 Čas spustenia chybnej aplikácie: 0x01cefa07e2eb8a1d Cesta chybnej
aplikácie: C:\Program Files\Mozilla Firefox 4.0 Beta 7\firefox.exe Cesta chybného
modulu: C:\Program Files\Mozilla Firefox 4.0 Beta 7\xul.dll Identifikácia hlásenia:
2ea32659-660e-11e3-ad65-001b247917f7
Error - 17. 12. 2013 6:07:27 | Computer Name = janka-PC | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: SpywareTerminatorUpdate.exe, verzia: 3.0.0.41,
časová značka: 0x513077e0 Názov chybového modulu: TorrentDll.dll, verzia: 3.0.0.1,
časová značka: 0x4dbe5f67 Kód výnimky: 0xc0000417 Odstup chyby: 0x00132780 Identifikácia
chybného procesu: 0x1098 Čas spustenia chybnej aplikácie: 0x01cefb048c1c9757 Cesta
chybnej aplikácie: C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
Cesta
chybného modulu: C:\Program Files\Spyware Terminator\TorrentDll.dll Identifikácia
hlásenia: 07ff9446-6703-11e3-ad65-001b247917f7
Error - 17. 12. 2013 23:22:19 | Computer Name = janka-PC | Source = ESENT | ID = 455
Description = Windows (3636) Windows: Error -1811 occurred while opening logfile
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00008.log.
Error - 17. 12. 2013 23:22:19 | Computer Name = janka-PC | Source = Windows Search Service | ID = 9000
Description =
Error - 17. 12. 2013 23:22:19 | Computer Name = janka-PC | Source = Windows Search Service | ID = 7040
Description =
Error - 17. 12. 2013 23:22:19 | Computer Name = janka-PC | Source = Windows Search Service | ID = 7042
Description =
Error - 17. 12. 2013 23:22:19 | Computer Name = janka-PC | Source = Windows Search Service | ID = 9002
Description =
Error - 17. 12. 2013 23:22:19 | Computer Name = janka-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 17. 12. 2013 23:22:20 | Computer Name = janka-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 17. 12. 2013 23:22:20 | Computer Name = janka-PC | Source = Windows Search Service | ID = 3028
Description =
[ System Events ]
Error - 23. 11. 2014 20:12:21 | Computer Name = janka-PC | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.
Error - 23. 11. 2014 20:14:51 | Computer Name = janka-PC | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.
Error - 23. 11. 2014 20:19:53 | Computer Name = janka-PC | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.
Error - 23. 11. 2014 20:24:22 | Computer Name = janka-PC | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.
Error - 23. 11. 2014 23:37:44 | Computer Name = janka-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.
Error - 24. 11. 2014 14:28:56 | Computer Name = janka-PC | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Display Driver Service sa neočakávane ukončila. Služba
sa týmto spôsobom ukončila už 1-krát.
Error - 24. 11. 2014 14:34:50 | Computer Name = janka-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 19:32:20 on ?24. ?11. ?2014 was unexpected.
Error - 24. 11. 2014 14:35:19 | Computer Name = JANKA-PC | Source = BugCheck | ID = 1001
Description =
Error - 25. 11. 2014 9:55:01 | Computer Name = JANKA-PC | Source = BugCheck | ID = 1001
Description =
Error - 25. 11. 2014 9:55:34 | Computer Name = janka-PC | Source = Service Control Manager | ID = 7011
Description = Počas čakania na odpoveď transakcie od služby MBAMService bol dosiahnutý
časový limit (30000 ms).
< End of report >
Re: Prosim o pomoc - system "odkrajuje" týždenne 10GB z disk
Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.) Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc! Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte
Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradkuPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
yossarian2
- Návštěvník
- Příspěvky: 48
- Registrován: 29 pro 2009 18:32
Re: Prosim o pomoc - system "odkrajuje" týždenne 10GB z disk
Zdravím,
ostalo mi otvorené okno OTL. mám ho krížikom zatvoriť a potom pokračovať podľa pokynov?
ostalo mi otvorené okno OTL. mám ho krížikom zatvoriť a potom pokračovať podľa pokynov?
Re: Prosim o pomoc - system "odkrajuje" týždenne 10GB z disk
Jasne. OTL normalne zavrete, ale nechte ho v pc, jeste ho budem potrebovat.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
yossarian2
- Návštěvník
- Příspěvky: 48
- Registrován: 29 pro 2009 18:32
Re: Prosim o pomoc - system "odkrajuje" týždenne 10GB z disk
ComboFix 14-11-25.01 - janka . 11. 2014 9:24.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.421.1051.18.2046.789 [GMT 1:00]
Running from: c:\users\janka\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 0 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\janka\AppData\Local\MSGBOX.EXE
F:\autorun.inf
.
.
((((((((((((((((((((((((( Files Created from 2014-10-26 to 2014-11-26 )))))))))))))))))))))))))))))))
.
.
2014-11-26 08:50 . 2014-11-26 08:50 -------- d-----w- c:\users\janka\AppData\Local\temp
2014-11-26 08:50 . 2014-11-26 08:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-26 02:01 . 2014-11-26 02:01 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{205C15FD-78B5-4675-A004-514A16830C77}\offreg.dll
2014-11-25 19:18 . 2014-11-25 19:18 512 ----a-w- C:\PhysicalMBR.bin
2014-11-25 17:04 . 2014-11-25 17:06 -------- d-----w- C:\FRST
2014-11-25 13:50 . 2014-11-25 13:50 119000 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-11-25 13:43 . 2014-11-25 13:46 -------- d-----w- C:\AdwCleaner
2014-11-24 18:31 . 2014-11-25 13:51 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-11-24 18:30 . 2014-11-24 18:30 79576 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-23 03:30 . 2014-11-02 04:17 8941456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{205C15FD-78B5-4675-A004-514A16830C77}\mpengine.dll
2014-11-21 23:46 . 2014-11-21 23:46 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 7
2014-11-19 13:22 . 2014-11-19 13:22 291352 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-19 13:22 . 2014-11-19 13:22 43152 ----a-w- c:\windows\avastSS.scr
2014-11-11 10:29 . 2014-11-11 10:29 -------- d-----w- c:\users\janka\AppData\Roaming\Malwarebytes
2014-11-11 10:29 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-11 10:29 . 2014-11-11 10:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-22 06:03 . 2011-02-24 19:20 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-21 01:22 . 2013-11-09 10:05 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-11-19 13:37 . 2013-10-01 06:53 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-11-19 13:37 . 2013-10-01 06:53 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-11-19 13:22 . 2013-12-18 03:18 91496 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-11-19 13:22 . 2013-09-06 11:29 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-19 13:22 . 2014-04-23 02:03 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-19 13:22 . 2013-09-06 11:28 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-19 13:22 . 2013-09-06 11:28 70384 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2014-11-19 13:22 . 2012-02-24 03:24 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-11-04 13:30 . 2010-11-25 20:14 229000 ------w- c:\windows\system32\MpSigStub.exe
2014-10-19 09:04 . 2014-08-16 07:25 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-09-29 00:41 . 2014-10-26 10:56 2379264 ----a-w- c:\windows\system32\win32k.sys
2014-09-25 22:32 . 2014-10-26 10:55 2017280 ----a-w- c:\windows\system32\inetcpl.cpl
2014-09-25 01:40 . 2014-10-26 10:56 519680 ----a-w- c:\windows\system32\qdvd.dll
2014-09-19 01:25 . 2014-10-26 10:55 4201472 ----a-w- c:\windows\system32\jscript9.dll
2014-09-19 01:14 . 2014-10-26 10:55 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-09-19 01:14 . 2014-10-26 10:55 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-09-19 01:02 . 2014-10-26 10:55 454656 ----a-w- c:\windows\system32\vbscript.dll
2014-09-19 01:01 . 2014-10-26 10:55 61952 ----a-w- c:\windows\system32\iesetup.dll
2014-09-19 01:01 . 2014-10-26 10:56 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-09-19 00:59 . 2014-10-26 10:55 61952 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-09-19 00:50 . 2014-10-26 10:55 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2014-09-19 00:50 . 2014-10-26 10:56 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-09-19 00:49 . 2014-10-26 10:55 597504 ----a-w- c:\windows\system32\jscript9diag.dll
2014-09-19 00:44 . 2014-10-26 10:55 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-09-19 00:36 . 2014-10-26 10:56 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-09-19 00:18 . 2014-10-26 10:55 1068032 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-09-18 23:59 . 2014-10-26 10:55 1810944 ----a-w- c:\windows\system32\wininet.dll
2014-09-18 01:32 . 2014-10-26 10:54 2363904 ----a-w- c:\windows\system32\msi.dll
2014-09-13 01:40 . 2014-10-26 10:51 67072 ----a-w- c:\windows\system32\packager.dll
2014-09-09 21:47 . 2014-09-25 13:22 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-04 05:04 . 2014-10-26 10:55 372736 ----a-w- c:\windows\system32\rastls.dll
2013-06-19 15:14 . 2013-06-19 15:14 4167680 ----a-w- c:\program files\GUT4A0C.tmp
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-19 13:22 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-23 7625248]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-08-28 1557800]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-06 13797920]
"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2007-04-26 1286144]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"IaNvSrv"="c:\program files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe" [2009-07-13 33304]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-11-21 5226600]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\program files\Acer\Empowering Technology\eAPLauncher.exe 9999 [2010-11-25 535336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^802.11b+g USB Wireless LAN Utility.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\802.11b+g USB Wireless LAN Utility.lnk
backup=c:\windows\pss\802.11b+g USB Wireless LAN Utility.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Belkin Storage Manager]
2009-02-03 16:40 858624 ----a-w- c:\program files\Belkin Storage Manager\StorageManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2010-03-09 02:52 15872 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe
.
R3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-11-19 3192344]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 29472]
R3 c2wts;Claims to Windows Token Service;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe [2010-05-11 13080]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-09-19 108032]
R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2014-11-24 79576]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-11-25 119000]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-28 1343400]
R3 WLAN(WLAN);802.11b+g USB Wireless LAN Adapter Driver(WLAN);c:\windows\system32\DRIVERS\zd1211u.sys [2004-10-06 248320]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaNvStor;Intel(R) Turbo Memory Controller;c:\windows\system32\DRIVERS\iaNvStor.sys [2009-07-01 232472]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-25 691696]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-11-22 787800]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-11-21 423784]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-11-19 24184]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-11-19 70384]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-11-19 91496]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [2012-01-31 66560]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-11-19 218192]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 nuvotoncir;Nuvoton IR Transceiver;c:\windows\system32\DRIVERS\nuvotoncir.sys [2009-06-24 44544]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
.
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 195.146.132.58 195.146.128.62
FF - ProfilePath - c:\users\janka\AppData\Roaming\Mozilla\Firefox\Profiles\n3ytitto.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.type - 1
.
- - - - ORPHANS REMOVED - - - -
.
HKLM_ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
.
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7601
.
CreateFile("\\.\PHYSICALDRIVE1"): Proces nemôže získať prístup k súboru, pretože daný súbor práve používa iný proces.
device: opened successfully
user: error reading MBR
kernel: MBR read successfully
user != kernel MBR !!!
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-11-26 09:53:13
ComboFix-quarantined-files.txt 2014-11-26 08:53
.
Pre-Run: 4 938 526 720 bytes free
Post-Run: 4 825 997 312 bytes free
.
- - End Of File - - 4DA7648EA14B5E6E44520A66A28937C9
5FB38429D5D77768867C76DCBDB35194
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.421.1051.18.2046.789 [GMT 1:00]
Running from: c:\users\janka\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 0 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\janka\AppData\Local\MSGBOX.EXE
F:\autorun.inf
.
.
((((((((((((((((((((((((( Files Created from 2014-10-26 to 2014-11-26 )))))))))))))))))))))))))))))))
.
.
2014-11-26 08:50 . 2014-11-26 08:50 -------- d-----w- c:\users\janka\AppData\Local\temp
2014-11-26 08:50 . 2014-11-26 08:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-26 02:01 . 2014-11-26 02:01 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{205C15FD-78B5-4675-A004-514A16830C77}\offreg.dll
2014-11-25 19:18 . 2014-11-25 19:18 512 ----a-w- C:\PhysicalMBR.bin
2014-11-25 17:04 . 2014-11-25 17:06 -------- d-----w- C:\FRST
2014-11-25 13:50 . 2014-11-25 13:50 119000 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-11-25 13:43 . 2014-11-25 13:46 -------- d-----w- C:\AdwCleaner
2014-11-24 18:31 . 2014-11-25 13:51 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-11-24 18:30 . 2014-11-24 18:30 79576 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-23 03:30 . 2014-11-02 04:17 8941456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{205C15FD-78B5-4675-A004-514A16830C77}\mpengine.dll
2014-11-21 23:46 . 2014-11-21 23:46 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 7
2014-11-19 13:22 . 2014-11-19 13:22 291352 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-19 13:22 . 2014-11-19 13:22 43152 ----a-w- c:\windows\avastSS.scr
2014-11-11 10:29 . 2014-11-11 10:29 -------- d-----w- c:\users\janka\AppData\Roaming\Malwarebytes
2014-11-11 10:29 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-11 10:29 . 2014-11-11 10:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-22 06:03 . 2011-02-24 19:20 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-21 01:22 . 2013-11-09 10:05 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-11-19 13:37 . 2013-10-01 06:53 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-11-19 13:37 . 2013-10-01 06:53 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-11-19 13:22 . 2013-12-18 03:18 91496 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-11-19 13:22 . 2013-09-06 11:29 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-19 13:22 . 2014-04-23 02:03 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-19 13:22 . 2013-09-06 11:28 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-19 13:22 . 2013-09-06 11:28 70384 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2014-11-19 13:22 . 2012-02-24 03:24 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-11-04 13:30 . 2010-11-25 20:14 229000 ------w- c:\windows\system32\MpSigStub.exe
2014-10-19 09:04 . 2014-08-16 07:25 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-09-29 00:41 . 2014-10-26 10:56 2379264 ----a-w- c:\windows\system32\win32k.sys
2014-09-25 22:32 . 2014-10-26 10:55 2017280 ----a-w- c:\windows\system32\inetcpl.cpl
2014-09-25 01:40 . 2014-10-26 10:56 519680 ----a-w- c:\windows\system32\qdvd.dll
2014-09-19 01:25 . 2014-10-26 10:55 4201472 ----a-w- c:\windows\system32\jscript9.dll
2014-09-19 01:14 . 2014-10-26 10:55 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-09-19 01:14 . 2014-10-26 10:55 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-09-19 01:02 . 2014-10-26 10:55 454656 ----a-w- c:\windows\system32\vbscript.dll
2014-09-19 01:01 . 2014-10-26 10:55 61952 ----a-w- c:\windows\system32\iesetup.dll
2014-09-19 01:01 . 2014-10-26 10:56 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-09-19 00:59 . 2014-10-26 10:55 61952 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-09-19 00:50 . 2014-10-26 10:55 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2014-09-19 00:50 . 2014-10-26 10:56 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-09-19 00:49 . 2014-10-26 10:55 597504 ----a-w- c:\windows\system32\jscript9diag.dll
2014-09-19 00:44 . 2014-10-26 10:55 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-09-19 00:36 . 2014-10-26 10:56 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-09-19 00:18 . 2014-10-26 10:55 1068032 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-09-18 23:59 . 2014-10-26 10:55 1810944 ----a-w- c:\windows\system32\wininet.dll
2014-09-18 01:32 . 2014-10-26 10:54 2363904 ----a-w- c:\windows\system32\msi.dll
2014-09-13 01:40 . 2014-10-26 10:51 67072 ----a-w- c:\windows\system32\packager.dll
2014-09-09 21:47 . 2014-09-25 13:22 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-04 05:04 . 2014-10-26 10:55 372736 ----a-w- c:\windows\system32\rastls.dll
2013-06-19 15:14 . 2013-06-19 15:14 4167680 ----a-w- c:\program files\GUT4A0C.tmp
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-19 13:22 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-23 7625248]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-08-28 1557800]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-06 13797920]
"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2007-04-26 1286144]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"IaNvSrv"="c:\program files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe" [2009-07-13 33304]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-11-21 5226600]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\program files\Acer\Empowering Technology\eAPLauncher.exe 9999 [2010-11-25 535336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^802.11b+g USB Wireless LAN Utility.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\802.11b+g USB Wireless LAN Utility.lnk
backup=c:\windows\pss\802.11b+g USB Wireless LAN Utility.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Belkin Storage Manager]
2009-02-03 16:40 858624 ----a-w- c:\program files\Belkin Storage Manager\StorageManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2010-03-09 02:52 15872 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe
.
R3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-11-19 3192344]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 29472]
R3 c2wts;Claims to Windows Token Service;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe [2010-05-11 13080]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-09-19 108032]
R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2014-11-24 79576]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-11-25 119000]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-28 1343400]
R3 WLAN(WLAN);802.11b+g USB Wireless LAN Adapter Driver(WLAN);c:\windows\system32\DRIVERS\zd1211u.sys [2004-10-06 248320]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaNvStor;Intel(R) Turbo Memory Controller;c:\windows\system32\DRIVERS\iaNvStor.sys [2009-07-01 232472]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-25 691696]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-11-22 787800]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-11-21 423784]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-11-19 24184]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-11-19 70384]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-11-19 91496]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [2012-01-31 66560]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-11-19 218192]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 nuvotoncir;Nuvoton IR Transceiver;c:\windows\system32\DRIVERS\nuvotoncir.sys [2009-06-24 44544]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
.
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 195.146.132.58 195.146.128.62
FF - ProfilePath - c:\users\janka\AppData\Roaming\Mozilla\Firefox\Profiles\n3ytitto.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.type - 1
.
- - - - ORPHANS REMOVED - - - -
.
HKLM_ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
.
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7601
.
CreateFile("\\.\PHYSICALDRIVE1"): Proces nemôže získať prístup k súboru, pretože daný súbor práve používa iný proces.
device: opened successfully
user: error reading MBR
kernel: MBR read successfully
user != kernel MBR !!!
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-11-26 09:53:13
ComboFix-quarantined-files.txt 2014-11-26 08:53
.
Pre-Run: 4 938 526 720 bytes free
Post-Run: 4 825 997 312 bytes free
.
- - End Of File - - 4DA7648EA14B5E6E44520A66A28937C9
5FB38429D5D77768867C76DCBDB35194
Re: Prosim o pomoc - system "odkrajuje" týždenne 10GB z disk
Vypnete trvale Windows Defender Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód: Vybrat vše
KillAll::
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
Reboot::Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.
Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradkuPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
yossarian2
- Návštěvník
- Příspěvky: 48
- Registrován: 29 pro 2009 18:32
Re: Prosim o pomoc - system "odkrajuje" týždenne 10GB z disk
ComboFix 14-11-25.01 - janka . 11. 2014 19:05:03.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.421.1051.18.2046.831 [GMT 1:00]
Running from: c:\users\janka\Desktop\ComboFix.exe
Command switches used :: c:\users\janka\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2014-10-26 to 2014-11-26 )))))))))))))))))))))))))))))))
.
.
2014-11-26 18:14 . 2014-11-26 18:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-26 18:14 . 2014-11-26 18:14 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2014-11-26 08:50 . 2014-11-26 18:19 -------- d-----w- c:\users\janka\AppData\Local\temp
2014-11-25 19:18 . 2014-11-25 19:18 512 ----a-w- C:\PhysicalMBR.bin
2014-11-25 17:04 . 2014-11-25 17:06 -------- d-----w- C:\FRST
2014-11-25 13:50 . 2014-11-25 13:50 119000 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-11-25 13:43 . 2014-11-25 13:46 -------- d-----w- C:\AdwCleaner
2014-11-24 18:31 . 2014-11-25 13:51 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-11-24 18:30 . 2014-11-24 18:30 79576 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-23 03:30 . 2014-11-02 04:17 8941456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{205C15FD-78B5-4675-A004-514A16830C77}\mpengine.dll
2014-11-21 23:46 . 2014-11-21 23:46 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 7
2014-11-19 13:22 . 2014-11-19 13:22 291352 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-19 13:22 . 2014-11-19 13:22 43152 ----a-w- c:\windows\avastSS.scr
2014-11-11 10:29 . 2014-11-11 10:29 -------- d-----w- c:\users\janka\AppData\Roaming\Malwarebytes
2014-11-11 10:29 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-11 10:29 . 2014-11-11 10:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-22 06:03 . 2011-02-24 19:20 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-21 01:22 . 2013-11-09 10:05 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-11-19 13:37 . 2013-10-01 06:53 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-11-19 13:37 . 2013-10-01 06:53 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-11-19 13:22 . 2013-12-18 03:18 91496 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-11-19 13:22 . 2013-09-06 11:29 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-19 13:22 . 2014-04-23 02:03 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-19 13:22 . 2013-09-06 11:28 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-19 13:22 . 2013-09-06 11:28 70384 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2014-11-19 13:22 . 2012-02-24 03:24 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-11-04 13:30 . 2010-11-25 20:14 229000 ------w- c:\windows\system32\MpSigStub.exe
2014-10-19 09:04 . 2014-08-16 07:25 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-09-29 00:41 . 2014-10-26 10:56 2379264 ----a-w- c:\windows\system32\win32k.sys
2014-09-25 22:32 . 2014-10-26 10:55 2017280 ----a-w- c:\windows\system32\inetcpl.cpl
2014-09-25 01:40 . 2014-10-26 10:56 519680 ----a-w- c:\windows\system32\qdvd.dll
2014-09-19 01:25 . 2014-10-26 10:55 4201472 ----a-w- c:\windows\system32\jscript9.dll
2014-09-19 01:14 . 2014-10-26 10:55 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-09-19 01:14 . 2014-10-26 10:55 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-09-19 01:02 . 2014-10-26 10:55 454656 ----a-w- c:\windows\system32\vbscript.dll
2014-09-19 01:01 . 2014-10-26 10:55 61952 ----a-w- c:\windows\system32\iesetup.dll
2014-09-19 01:01 . 2014-10-26 10:56 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-09-19 00:59 . 2014-10-26 10:55 61952 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-09-19 00:50 . 2014-10-26 10:55 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2014-09-19 00:50 . 2014-10-26 10:56 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-09-19 00:49 . 2014-10-26 10:55 597504 ----a-w- c:\windows\system32\jscript9diag.dll
2014-09-19 00:44 . 2014-10-26 10:55 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-09-19 00:36 . 2014-10-26 10:56 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-09-19 00:18 . 2014-10-26 10:55 1068032 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-09-18 23:59 . 2014-10-26 10:55 1810944 ----a-w- c:\windows\system32\wininet.dll
2014-09-18 01:32 . 2014-10-26 10:54 2363904 ----a-w- c:\windows\system32\msi.dll
2014-09-13 01:40 . 2014-10-26 10:51 67072 ----a-w- c:\windows\system32\packager.dll
2014-09-09 21:47 . 2014-09-25 13:22 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-04 05:04 . 2014-10-26 10:55 372736 ----a-w- c:\windows\system32\rastls.dll
2013-06-19 15:14 . 2013-06-19 15:14 4167680 ----a-w- c:\program files\GUT4A0C.tmp
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-19 13:22 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-23 7625248]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-08-28 1557800]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-06 13797920]
"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2007-04-26 1286144]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"IaNvSrv"="c:\program files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe" [2009-07-13 33304]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-11-21 5226600]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\program files\Acer\Empowering Technology\eAPLauncher.exe 9999 [2010-11-25 535336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:5229c7d727 /dir:C:\Program
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^802.11b+g USB Wireless LAN Utility.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\802.11b+g USB Wireless LAN Utility.lnk
backup=c:\windows\pss\802.11b+g USB Wireless LAN Utility.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Belkin Storage Manager]
2009-02-03 16:40 858624 ----a-w- c:\program files\Belkin Storage Manager\StorageManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2010-03-09 02:52 15872 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe
.
R3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-11-19 3192344]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 29472]
R3 c2wts;Claims to Windows Token Service;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe [2010-05-11 13080]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-09-19 108032]
R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2014-11-24 79576]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-11-25 119000]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-28 1343400]
R3 WLAN(WLAN);802.11b+g USB Wireless LAN Adapter Driver(WLAN);c:\windows\system32\DRIVERS\zd1211u.sys [2004-10-06 248320]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaNvStor;Intel(R) Turbo Memory Controller;c:\windows\system32\DRIVERS\iaNvStor.sys [2009-07-01 232472]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-25 691696]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-11-22 787800]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-11-21 423784]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-11-19 24184]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-11-19 70384]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-11-19 91496]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [2012-01-31 66560]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-11-19 218192]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 nuvotoncir;Nuvoton IR Transceiver;c:\windows\system32\DRIVERS\nuvotoncir.sys [2009-06-24 44544]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 195.146.132.58 195.146.128.62
FF - ProfilePath - c:\users\janka\AppData\Roaming\Mozilla\Firefox\Profiles\n3ytitto.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.type - 1
.
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(3868)
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Acer\Empowering Technology\ePower\ePowerSvc.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\users\janka\AppData\Local\Temp\RtkBtMnt.exe
c:\program files\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Completion time: 2014-11-26 19:25:56 - machine was rebooted
ComboFix-quarantined-files.txt 2014-11-26 18:25
ComboFix2.txt 2014-11-26 08:53
.
Pre-Run: 4 093 276 160 bytes free
Post-Run: 4 099 891 200 bytes free
.
- - End Of File - - B0112811914E79AC64F02D188DBFB9CD
5FB38429D5D77768867C76DCBDB35194
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.421.1051.18.2046.831 [GMT 1:00]
Running from: c:\users\janka\Desktop\ComboFix.exe
Command switches used :: c:\users\janka\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2014-10-26 to 2014-11-26 )))))))))))))))))))))))))))))))
.
.
2014-11-26 18:14 . 2014-11-26 18:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-26 18:14 . 2014-11-26 18:14 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2014-11-26 08:50 . 2014-11-26 18:19 -------- d-----w- c:\users\janka\AppData\Local\temp
2014-11-25 19:18 . 2014-11-25 19:18 512 ----a-w- C:\PhysicalMBR.bin
2014-11-25 17:04 . 2014-11-25 17:06 -------- d-----w- C:\FRST
2014-11-25 13:50 . 2014-11-25 13:50 119000 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-11-25 13:43 . 2014-11-25 13:46 -------- d-----w- C:\AdwCleaner
2014-11-24 18:31 . 2014-11-25 13:51 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-11-24 18:30 . 2014-11-24 18:30 79576 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-23 03:30 . 2014-11-02 04:17 8941456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{205C15FD-78B5-4675-A004-514A16830C77}\mpengine.dll
2014-11-21 23:46 . 2014-11-21 23:46 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 7
2014-11-19 13:22 . 2014-11-19 13:22 291352 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-19 13:22 . 2014-11-19 13:22 43152 ----a-w- c:\windows\avastSS.scr
2014-11-11 10:29 . 2014-11-11 10:29 -------- d-----w- c:\users\janka\AppData\Roaming\Malwarebytes
2014-11-11 10:29 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-11 10:29 . 2014-11-11 10:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-22 06:03 . 2011-02-24 19:20 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-21 01:22 . 2013-11-09 10:05 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-11-19 13:37 . 2013-10-01 06:53 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-11-19 13:37 . 2013-10-01 06:53 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-11-19 13:22 . 2013-12-18 03:18 91496 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-11-19 13:22 . 2013-09-06 11:29 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-19 13:22 . 2014-04-23 02:03 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-19 13:22 . 2013-09-06 11:28 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-19 13:22 . 2013-09-06 11:28 70384 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2014-11-19 13:22 . 2012-02-24 03:24 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-11-04 13:30 . 2010-11-25 20:14 229000 ------w- c:\windows\system32\MpSigStub.exe
2014-10-19 09:04 . 2014-08-16 07:25 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-09-29 00:41 . 2014-10-26 10:56 2379264 ----a-w- c:\windows\system32\win32k.sys
2014-09-25 22:32 . 2014-10-26 10:55 2017280 ----a-w- c:\windows\system32\inetcpl.cpl
2014-09-25 01:40 . 2014-10-26 10:56 519680 ----a-w- c:\windows\system32\qdvd.dll
2014-09-19 01:25 . 2014-10-26 10:55 4201472 ----a-w- c:\windows\system32\jscript9.dll
2014-09-19 01:14 . 2014-10-26 10:55 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-09-19 01:14 . 2014-10-26 10:55 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-09-19 01:02 . 2014-10-26 10:55 454656 ----a-w- c:\windows\system32\vbscript.dll
2014-09-19 01:01 . 2014-10-26 10:55 61952 ----a-w- c:\windows\system32\iesetup.dll
2014-09-19 01:01 . 2014-10-26 10:56 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-09-19 00:59 . 2014-10-26 10:55 61952 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-09-19 00:50 . 2014-10-26 10:55 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2014-09-19 00:50 . 2014-10-26 10:56 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-09-19 00:49 . 2014-10-26 10:55 597504 ----a-w- c:\windows\system32\jscript9diag.dll
2014-09-19 00:44 . 2014-10-26 10:55 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-09-19 00:36 . 2014-10-26 10:56 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-09-19 00:18 . 2014-10-26 10:55 1068032 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-09-18 23:59 . 2014-10-26 10:55 1810944 ----a-w- c:\windows\system32\wininet.dll
2014-09-18 01:32 . 2014-10-26 10:54 2363904 ----a-w- c:\windows\system32\msi.dll
2014-09-13 01:40 . 2014-10-26 10:51 67072 ----a-w- c:\windows\system32\packager.dll
2014-09-09 21:47 . 2014-09-25 13:22 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-04 05:04 . 2014-10-26 10:55 372736 ----a-w- c:\windows\system32\rastls.dll
2013-06-19 15:14 . 2013-06-19 15:14 4167680 ----a-w- c:\program files\GUT4A0C.tmp
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-19 13:22 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-23 7625248]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-08-28 1557800]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-06 13797920]
"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2007-04-26 1286144]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"IaNvSrv"="c:\program files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe" [2009-07-13 33304]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-11-21 5226600]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\program files\Acer\Empowering Technology\eAPLauncher.exe 9999 [2010-11-25 535336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:5229c7d727 /dir:C:\Program
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^802.11b+g USB Wireless LAN Utility.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\802.11b+g USB Wireless LAN Utility.lnk
backup=c:\windows\pss\802.11b+g USB Wireless LAN Utility.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Belkin Storage Manager]
2009-02-03 16:40 858624 ----a-w- c:\program files\Belkin Storage Manager\StorageManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2010-03-09 02:52 15872 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe
.
R3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-11-19 3192344]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 29472]
R3 c2wts;Claims to Windows Token Service;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe [2010-05-11 13080]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-09-19 108032]
R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2014-11-24 79576]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-11-25 119000]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-28 1343400]
R3 WLAN(WLAN);802.11b+g USB Wireless LAN Adapter Driver(WLAN);c:\windows\system32\DRIVERS\zd1211u.sys [2004-10-06 248320]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaNvStor;Intel(R) Turbo Memory Controller;c:\windows\system32\DRIVERS\iaNvStor.sys [2009-07-01 232472]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-25 691696]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-11-22 787800]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-11-21 423784]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-11-19 24184]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-11-19 70384]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-11-19 91496]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [2012-01-31 66560]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-11-19 218192]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 nuvotoncir;Nuvoton IR Transceiver;c:\windows\system32\DRIVERS\nuvotoncir.sys [2009-06-24 44544]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 195.146.132.58 195.146.128.62
FF - ProfilePath - c:\users\janka\AppData\Roaming\Mozilla\Firefox\Profiles\n3ytitto.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.type - 1
.
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(3868)
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Acer\Empowering Technology\ePower\ePowerSvc.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\users\janka\AppData\Local\Temp\RtkBtMnt.exe
c:\program files\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Completion time: 2014-11-26 19:25:56 - machine was rebooted
ComboFix-quarantined-files.txt 2014-11-26 18:25
ComboFix2.txt 2014-11-26 08:53
.
Pre-Run: 4 093 276 160 bytes free
Post-Run: 4 099 891 200 bytes free
.
- - End Of File - - B0112811914E79AC64F02D188DBFB9CD
5FB38429D5D77768867C76DCBDB35194
Re: Prosim o pomoc - system "odkrajuje" týždenne 10GB z disk
Postupujte podle navodu kolegy
vyosek píše:
- Kliknete na volbu Change parametrs
- V okne Additional Option zakliknete vsechny moznosti
- Kliknete na OK
- Utilite prikazte, at skenuje - klik na Start Scan
- Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
- Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
- Pokud mate vsude Skip, kliknete na Continue
- Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte
Postupujte podle navodu kolegy
vyosek píše:
- Ulozte nejlepe na Plochu a rozbalte
- Spustte kliknutim na mbar
- Nyni postupne kliknete na Next a Update
- Po dokonceni update (aktualizace) databaze kliknete opet na Next
- Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
- Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
- Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
- Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
- PC bude restartovan
- Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?