VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Malware?

https://forum.viry.cz:443/viewtopic.php?t=145558

Stránka 1 z 1

Malware?

Napsal: 07 srp 2015 10:15
od woprsalek
Ahoj, mohli by jste mi pomoci? Díky

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jirka at 2015-08-07 11:09:27
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 48 GB (36%) free of 131 GB
Total RAM: 1875 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:10:51, on 7.8.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17909)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\TightVNC\tvnserver.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Jirka\Downloads\RSIT.exe
C:\Program Files\trend micro\Jirka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Jirka\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Program Files\TightVNC\tvnserver.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

--
End of file - 5206 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\Bidaily Synchronize Task[pr].job - c:\programdata\{8e08737a-34ff-cf65-8e08-8737a34fcde8}\dota 2 music_ laning 2.exe --startup=1 --single
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-06-09 10082920]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-11-06 283160]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-12-14 146032]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 181360]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-12-14 190064]
"tvncontrol"=C:\Program Files\TightVNC\tvnserver.exe [2013-07-19 1690096]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 981688]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"uTorrent"=C:\Users\Jirka\AppData\Roaming\uTorrent\uTorrent.exe [2015-07-22 1793376]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-02-19 5503768]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-14 330752]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"ShutdownWithoutLogon"=1
"NoDispSettingsPage"=0
"NoDispScrSavPage"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveTrack"=0
"NoFileAssociate"=0
"NoClose"=0
"StartMenuLogoff"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-08-07 11:09:27 ----D---- C:\rsit
2015-08-07 11:09:27 ----D---- C:\Program Files\trend micro
2015-08-07 11:05:21 ----D---- C:\ProgramData\bc09bfab00001cb0
2015-08-07 10:56:43 ----D---- C:\ProgramData\9d00c13c000021dd
2015-08-07 10:53:43 ----D---- C:\AdwCleaner
2015-08-07 10:08:14 ----D---- C:\Program Files\McAfee Security Scan
2015-07-22 18:30:11 ----A---- C:\Windows\system32\lpk.dll
2015-07-22 18:30:11 ----A---- C:\Windows\system32\fontsub.dll
2015-07-22 18:30:11 ----A---- C:\Windows\system32\dciman32.dll
2015-07-22 18:30:11 ----A---- C:\Windows\system32\atmlib.dll
2015-07-22 18:30:11 ----A---- C:\Windows\system32\atmfd.dll
2015-07-15 11:34:47 ----A---- C:\Windows\system32\wksprt.exe
2015-07-15 11:34:47 ----A---- C:\Windows\system32\mstscax.dll
2015-07-15 11:34:46 ----A---- C:\Windows\system32\tsgqec.dll
2015-07-15 11:34:46 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-07-15 11:34:43 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-15 11:34:43 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-15 11:34:43 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-15 11:34:43 ----A---- C:\Windows\system32\kerberos.dll
2015-07-15 11:34:43 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-15 11:34:43 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-15 11:34:43 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-15 11:34:43 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-15 11:34:43 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-07-15 11:34:42 ----A---- C:\Windows\system32\wdigest.dll
2015-07-15 11:34:42 ----A---- C:\Windows\system32\TSpkg.dll
2015-07-15 11:34:42 ----A---- C:\Windows\system32\sspisrv.dll
2015-07-15 11:34:42 ----A---- C:\Windows\system32\sspicli.dll
2015-07-15 11:34:42 ----A---- C:\Windows\system32\schannel.dll
2015-07-15 11:34:42 ----A---- C:\Windows\system32\secur32.dll
2015-07-15 11:34:42 ----A---- C:\Windows\system32\ncrypt.dll
2015-07-15 11:34:42 ----A---- C:\Windows\system32\msaudite.dll
2015-07-15 11:34:42 ----A---- C:\Windows\system32\lsass.exe
2015-07-15 11:34:42 ----A---- C:\Windows\system32\cryptbase.dll
2015-07-15 11:34:42 ----A---- C:\Windows\system32\credssp.dll
2015-07-15 11:34:42 ----A---- C:\Windows\system32\auditpol.exe
2015-07-15 11:34:42 ----A---- C:\Windows\system32\adtschema.dll
2015-07-15 11:34:41 ----A---- C:\Windows\system32\msobjs.dll
2015-07-15 11:34:38 ----A---- C:\Windows\system32\win32k.sys
2015-07-15 11:34:36 ----A---- C:\Windows\system32\msihnd.dll
2015-07-15 11:34:36 ----A---- C:\Windows\system32\msiexec.exe
2015-07-15 11:34:36 ----A---- C:\Windows\system32\msi.dll
2015-07-15 11:34:36 ----A---- C:\Windows\system32\consent.exe
2015-07-15 11:34:36 ----A---- C:\Windows\system32\authui.dll
2015-07-15 11:34:36 ----A---- C:\Windows\system32\appinfo.dll
2015-07-15 11:34:35 ----A---- C:\Windows\system32\msimsg.dll
2015-07-15 11:34:21 ----A---- C:\Windows\system32\ole32.dll
2015-07-15 11:34:20 ----A---- C:\Windows\system32\gdi32.dll
2015-07-15 11:34:19 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 11:34:19 ----A---- C:\Windows\system32\rdpcorets.dll
2015-07-15 11:34:18 ----A---- C:\Windows\system32\cewmdm.dll
2015-07-15 11:34:16 ----A---- C:\Windows\system32\jscript9diag.dll
2015-07-15 11:34:16 ----A---- C:\Windows\system32\jscript9.dll
2015-07-15 11:34:11 ----A---- C:\Windows\system32\urlmon.dll
2015-07-15 11:34:11 ----A---- C:\Windows\system32\ieui.dll
2015-07-15 11:34:11 ----A---- C:\Windows\system32\ieframe.dll
2015-07-15 11:34:10 ----A---- C:\Windows\system32\mshtml.dll
2015-07-15 11:34:09 ----A---- C:\Windows\system32\iertutil.dll
2015-07-15 11:33:15 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 11:33:15 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-07-15 11:33:14 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 11:33:14 ----A---- C:\Windows\system32\iernonce.dll
2015-07-15 11:33:14 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-07-15 11:33:14 ----A---- C:\Windows\system32\iedkcs32.dll
2015-07-15 11:33:14 ----A---- C:\Windows\system32\ie4uinit.exe
2015-07-15 11:33:13 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-15 11:33:13 ----A---- C:\Windows\system32\jsproxy.dll
2015-07-15 11:33:13 ----A---- C:\Windows\system32\ieUnatt.exe
2015-07-15 11:33:13 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-15 11:33:13 ----A---- C:\Windows\system32\dxtmsft.dll
2015-07-15 11:33:12 ----A---- C:\Windows\system32\msrating.dll
2015-07-15 11:33:12 ----A---- C:\Windows\system32\iesetup.dll
2015-07-15 11:33:11 ----A---- C:\Windows\system32\wininet.dll
2015-07-15 11:33:11 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 11:33:10 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-15 11:33:08 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-07-15 11:33:08 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-15 11:33:08 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-15 11:33:05 ----A---- C:\Windows\system32\vbscript.dll
2015-07-15 11:33:05 ----A---- C:\Windows\system32\jscript.dll
2015-07-14 17:58:48 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-07-14 17:58:46 ----D---- C:\Windows\system32\Macromed
2015-07-14 17:30:38 ----A---- C:\Windows\system32\perfi00C.dat
2015-07-14 17:30:37 ----A---- C:\Windows\system32\perfh00C.dat
2015-07-14 17:30:37 ----A---- C:\Windows\system32\perfd00C.dat
2015-07-14 17:30:37 ----A---- C:\Windows\system32\perfc00C.dat
2015-07-14 17:30:35 ----A---- C:\Windows\system32\perfi001.dat
2015-07-14 17:30:34 ----A---- C:\Windows\system32\perfh001.dat
2015-07-14 17:30:34 ----A---- C:\Windows\system32\perfd001.dat
2015-07-14 17:30:34 ----A---- C:\Windows\system32\perfc001.dat
2015-07-14 17:30:33 ----A---- C:\Windows\system32\perfi008.dat
2015-07-14 17:30:31 ----A---- C:\Windows\system32\perfh008.dat
2015-07-14 17:30:31 ----A---- C:\Windows\system32\perfd008.dat
2015-07-14 17:30:31 ----A---- C:\Windows\system32\perfc008.dat
2015-07-14 17:30:30 ----A---- C:\Windows\system32\prfi0816.dat
2015-07-14 17:30:29 ----A---- C:\Windows\system32\prfh0816.dat
2015-07-14 17:30:29 ----A---- C:\Windows\system32\prfd0816.dat
2015-07-14 17:30:29 ----A---- C:\Windows\system32\prfc0816.dat
2015-07-14 17:30:28 ----A---- C:\Windows\system32\perfi010.dat
2015-07-14 17:30:26 ----A---- C:\Windows\system32\perfh010.dat
2015-07-14 17:30:26 ----A---- C:\Windows\system32\perfd010.dat
2015-07-14 17:30:26 ----A---- C:\Windows\system32\perfc010.dat
2015-07-14 17:24:58 ----D---- C:\Windows\el-GR
2015-07-14 17:24:49 ----D---- C:\Windows\system32\el
2015-07-14 17:24:48 ----D---- C:\Windows\system32\drivers\el-GR
2015-07-14 17:24:37 ----D---- C:\Windows\lt-LT
2015-07-14 17:24:33 ----D---- C:\Windows\system32\drivers\lt-LT
2015-07-14 17:24:28 ----SD---- C:\Windows\system32\GWX
2015-07-14 17:24:22 ----D---- C:\Windows\it-IT
2015-07-14 17:24:06 ----D---- C:\Windows\system32\drivers\it-IT
2015-07-14 17:24:06 ----D---- C:\Windows\system32\0410
2015-07-14 17:23:58 ----D---- C:\Windows\system32\it
2015-07-14 17:23:44 ----D---- C:\Windows\system32\ar
2015-07-14 17:23:44 ----D---- C:\Windows\ar-SA
2015-07-14 17:23:43 ----D---- C:\Windows\system32\drivers\ar-SA
2015-07-14 17:23:03 ----D---- C:\Windows\fr-FR
2015-07-14 17:22:39 ----D---- C:\Windows\system32\040C
2015-07-14 17:22:37 ----D---- C:\Windows\system32\fr
2015-07-14 17:22:37 ----D---- C:\Windows\system32\drivers\fr-FR
2015-07-14 17:22:06 ----D---- C:\Windows\pt-PT
2015-07-14 17:21:25 ----D---- C:\Windows\system32\drivers\pt-PT
2015-07-14 17:20:46 ----D---- C:\Windows\system32\pt
2015-07-14 12:05:03 ----D---- C:\Program Files\Microsoft Silverlight
2015-07-14 12:00:35 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2015-07-14 11:30:21 ----A---- C:\Windows\system32\UtcResources.dll
2015-07-14 11:30:21 ----A---- C:\Windows\system32\tdh.dll
2015-07-14 11:30:21 ----A---- C:\Windows\system32\srcore.dll
2015-07-14 11:30:21 ----A---- C:\Windows\system32\srclient.dll
2015-07-14 11:30:21 ----A---- C:\Windows\system32\smss.exe
2015-07-14 11:30:21 ----A---- C:\Windows\system32\rstrui.exe
2015-07-14 11:30:21 ----A---- C:\Windows\system32\diagtrack.dll
2015-07-14 11:30:21 ----A---- C:\Windows\system32\apisetschema.dll
2015-07-14 11:30:20 ----A---- C:\Windows\system32\sechost.dll
2015-07-14 11:30:19 ----A---- C:\Windows\system32\typeperf.exe
2015-07-14 11:30:19 ----A---- C:\Windows\system32\tracerpt.exe
2015-07-14 11:30:19 ----A---- C:\Windows\system32\relog.exe
2015-07-14 11:30:19 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-07-14 11:30:19 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-07-14 11:30:19 ----A---- C:\Windows\system32\ntdll.dll
2015-07-14 11:30:19 ----A---- C:\Windows\system32\logman.exe
2015-07-14 11:30:19 ----A---- C:\Windows\system32\diskperf.exe
2015-07-14 11:30:18 ----A---- C:\Windows\system32\csrsrv.dll
2015-07-14 11:30:18 ----A---- C:\Windows\system32\advapi32.dll
2015-07-14 11:27:46 ----A---- C:\Windows\system32\TSWorkspace.dll
2015-07-14 10:52:11 ----D---- C:\Program Files\4chan Plus
2015-07-12 00:02:26 ----A---- C:\Windows\system32\perfi015.dat
2015-07-12 00:02:23 ----A---- C:\Windows\system32\perfh015.dat
2015-07-12 00:02:23 ----A---- C:\Windows\system32\perfd015.dat
2015-07-12 00:02:23 ----A---- C:\Windows\system32\perfc015.dat
2015-07-12 00:02:22 ----A---- C:\Windows\system32\prfi0404.dat
2015-07-12 00:02:20 ----A---- C:\Windows\system32\prfh0404.dat
2015-07-12 00:02:20 ----A---- C:\Windows\system32\prfd0404.dat
2015-07-12 00:02:20 ----A---- C:\Windows\system32\prfc0404.dat
2015-07-12 00:02:19 ----A---- C:\Windows\system32\perfi006.dat
2015-07-12 00:02:18 ----A---- C:\Windows\system32\perfh006.dat
2015-07-12 00:02:18 ----A---- C:\Windows\system32\perfd006.dat
2015-07-12 00:02:17 ----A---- C:\Windows\system32\perfc006.dat
2015-07-12 00:02:16 ----A---- C:\Windows\system32\prfi0416.dat
2015-07-12 00:02:15 ----A---- C:\Windows\system32\prfh0416.dat
2015-07-12 00:02:15 ----A---- C:\Windows\system32\prfd0416.dat
2015-07-12 00:02:15 ----A---- C:\Windows\system32\prfc0416.dat
2015-07-12 00:02:14 ----A---- C:\Windows\system32\perfi00A.dat
2015-07-12 00:02:12 ----A---- C:\Windows\system32\perfh00A.dat
2015-07-12 00:02:12 ----A---- C:\Windows\system32\perfd00A.dat
2015-07-12 00:02:12 ----A---- C:\Windows\system32\perfc00A.dat
2015-07-12 00:02:11 ----A---- C:\Windows\system32\perfi019.dat
2015-07-12 00:02:09 ----A---- C:\Windows\system32\perfh019.dat
2015-07-12 00:02:09 ----A---- C:\Windows\system32\perfd019.dat
2015-07-12 00:02:09 ----A---- C:\Windows\system32\perfc019.dat
2015-07-11 23:53:13 ----D---- C:\Windows\da-DK
2015-07-11 23:53:12 ----D---- C:\Windows\system32\drivers\da-DK
2015-07-11 23:52:58 ----D---- C:\Windows\system32\da
2015-07-11 23:52:45 ----D---- C:\Windows\system32\es
2015-07-11 23:52:45 ----D---- C:\Windows\system32\drivers\es-ES
2015-07-11 23:52:45 ----D---- C:\Windows\system32\0C0A
2015-07-11 23:52:27 ----D---- C:\Windows\es-ES
2015-07-11 23:52:14 ----D---- C:\Windows\zh-TW
2015-07-11 23:52:13 ----D---- C:\Windows\system32\zh-CHT
2015-07-11 23:52:01 ----D---- C:\Windows\system32\drivers\zh-TW
2015-07-11 23:52:01 ----D---- C:\Windows\system32\drivers\zh-HK
2015-07-11 23:51:45 ----D---- C:\Windows\pl-PL
2015-07-11 23:51:44 ----D---- C:\Windows\system32\drivers\pl-PL
2015-07-11 23:51:28 ----D---- C:\Windows\system32\pl
2015-07-11 23:51:15 ----D---- C:\Windows\system32\drivers\ru-RU
2015-07-11 23:51:13 ----D---- C:\Windows\system32\ru
2015-07-11 23:50:56 ----D---- C:\Windows\ru-RU
2015-07-11 23:50:36 ----D---- C:\Windows\pt-BR
2015-07-11 23:50:02 ----D---- C:\Windows\system32\drivers\pt-BR
2015-07-11 20:55:29 ----D---- C:\Windows\Migration
2015-07-11 20:47:23 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-11 20:47:23 ----A---- C:\Windows\system32\wups2.dll
2015-07-11 20:47:23 ----A---- C:\Windows\system32\wucltux.dll
2015-07-11 20:47:23 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-11 20:47:23 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-11 20:47:23 ----A---- C:\Windows\system32\wuapi.dll
2015-07-11 20:47:23 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-11 20:47:22 ----A---- C:\Windows\system32\wups.dll
2015-07-11 20:47:22 ----A---- C:\Windows\system32\wudriver.dll
2015-07-11 20:47:22 ----A---- C:\Windows\system32\wuapp.exe
2015-07-11 20:47:22 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-11 20:47:16 ----A---- C:\Windows\system32\charmap.exe
2015-07-11 20:47:15 ----A---- C:\Windows\system32\oleaut32.dll
2015-07-11 20:47:12 ----A---- C:\Windows\system32\KBDYAK.DLL
2015-07-11 20:47:12 ----A---- C:\Windows\system32\KBDTAT.DLL
2015-07-11 20:47:12 ----A---- C:\Windows\system32\KBDRU1.DLL
2015-07-11 20:47:12 ----A---- C:\Windows\system32\KBDRU.DLL
2015-07-11 20:47:12 ----A---- C:\Windows\system32\KBDBASH.DLL
2015-07-11 20:47:09 ----A---- C:\Windows\system32\dwmcore.dll
2015-07-11 20:47:09 ----A---- C:\Windows\system32\dwmapi.dll
2015-07-11 20:47:08 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2015-07-11 20:47:08 ----A---- C:\Windows\system32\RMActivate_isv.exe
2015-07-11 20:47:08 ----A---- C:\Windows\system32\RMActivate.exe
2015-07-11 20:47:07 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2015-07-11 20:47:07 ----A---- C:\Windows\system32\secproc_ssp.dll
2015-07-11 20:47:07 ----A---- C:\Windows\system32\secproc_isv.dll
2015-07-11 20:47:07 ----A---- C:\Windows\system32\secproc.dll
2015-07-11 20:47:07 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2015-07-11 20:47:07 ----A---- C:\Windows\system32\msdrm.dll
2015-07-11 20:46:59 ----A---- C:\Windows\system32\shimeng.dll
2015-07-11 20:46:59 ----A---- C:\Windows\system32\sdbinst.exe
2015-07-11 20:46:59 ----A---- C:\Windows\system32\apphelp.dll
2015-07-11 20:46:59 ----A---- C:\Windows\system32\aelupsvc.dll
2015-07-11 20:46:23 ----A---- C:\Windows\system32\drivers\stream.sys
2015-07-11 20:46:23 ----A---- C:\Windows\system32\d3d10warp.dll
2015-07-11 20:46:10 ----A---- C:\Windows\system32\wwansvc.dll
2015-07-11 20:45:57 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-11 20:44:15 ----A---- C:\Windows\system32\drivers\ntfs.sys
2015-07-11 20:42:19 ----A---- C:\Windows\system32\WsmWmiPl.dll
2015-07-11 20:42:19 ----A---- C:\Windows\system32\WsmSvc.dll
2015-07-11 20:42:19 ----A---- C:\Windows\system32\WsmAuto.dll
2015-07-11 20:42:19 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2015-07-11 20:42:19 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2015-07-08 20:17:40 ----D---- C:\Program Files\Unsightly Exam

======List of files/folders modified in the last 1 month======

2015-08-07 11:09:32 ----D---- C:\Windows\Temp
2015-08-07 11:09:27 ----RD---- C:\Program Files
2015-08-07 11:05:21 ----HD---- C:\ProgramData
2015-08-07 11:03:46 ----D---- C:\Users\Jirka\AppData\Roaming\uTorrent
2015-08-07 11:02:25 ----A---- C:\Windows\system32\log.txt
2015-08-07 11:00:40 ----D---- C:\Windows\system32\config
2015-08-07 11:00:13 ----D---- C:\Windows
2015-08-07 10:58:38 ----D---- C:\Windows\system32\Tasks
2015-08-07 10:58:37 ----D---- C:\Windows\system32\drivers
2015-08-07 10:58:36 ----D---- C:\Program Files\Common Files
2015-08-07 10:58:28 ----SHD---- C:\System Volume Information
2015-08-07 10:51:25 ----D---- C:\Windows\Prefetch
2015-08-07 10:40:01 ----SHD---- C:\Windows\Installer
2015-08-07 10:40:01 ----HD---- C:\Config.Msi
2015-08-07 10:36:39 ----D---- C:\Program Files\Google
2015-08-07 10:35:40 ----D---- C:\Windows\Tasks
2015-08-07 10:27:23 ----D---- C:\Users\Jirka\AppData\Roaming\Seznam.cz
2015-08-07 10:27:10 ----D---- C:\Program Files\Seznam.cz
2015-08-07 10:25:52 ----AD---- C:\ProgramData\TEMP
2015-08-07 10:25:44 ----HD---- C:\Windows\system32\GroupPolicy
2015-08-07 10:16:09 ----SD---- C:\ProgramData\Microsoft
2015-08-07 10:08:13 ----D---- C:\ProgramData\McAfee Security Scan
2015-08-07 10:05:57 ----D---- C:\Windows\inf
2015-08-07 10:05:55 ----D---- C:\Windows\debug
2015-08-07 09:45:33 ----D---- C:\Windows\winsxs
2015-08-07 09:43:33 ----D---- C:\Windows\System32
2015-07-22 20:24:11 ----D---- C:\Program Files\Steam
2015-07-22 18:15:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-16 10:35:07 ----D---- C:\Windows\system32\catroot2
2015-07-15 14:58:56 ----D---- C:\Windows\rescache
2015-07-15 12:32:06 ----D---- C:\Windows\system32\pt-PT
2015-07-15 12:32:06 ----D---- C:\Windows\system32\it-IT
2015-07-15 12:32:06 ----D---- C:\Windows\system32\fr-FR
2015-07-15 12:32:06 ----D---- C:\Windows\system32\el-GR
2015-07-15 12:32:05 ----D---- C:\Windows\system32\lt-LT
2015-07-15 12:32:05 ----D---- C:\Windows\system32\ar-SA
2015-07-15 12:32:04 ----D---- C:\Windows\system32\zh-TW
2015-07-15 12:32:04 ----D---- C:\Windows\system32\tr-TR
2015-07-15 12:32:04 ----D---- C:\Windows\system32\ru-RU
2015-07-15 12:32:04 ----D---- C:\Windows\system32\pt-BR
2015-07-15 12:32:04 ----D---- C:\Windows\system32\pl-PL
2015-07-15 12:32:04 ----D---- C:\Windows\system32\es-ES
2015-07-15 12:32:04 ----D---- C:\Windows\system32\en-US
2015-07-15 12:32:04 ----D---- C:\Windows\system32\de-DE
2015-07-15 12:32:04 ----D---- C:\Windows\system32\da-DK
2015-07-15 12:32:04 ----D---- C:\Windows\system32\cs-CZ
2015-07-15 12:32:02 ----D---- C:\Windows\system32\zh-HK
2015-07-15 12:32:02 ----D---- C:\Windows\system32\th-TH
2015-07-15 12:32:02 ----D---- C:\Windows\system32\ro-RO
2015-07-15 12:32:02 ----D---- C:\Windows\system32\bg-BG
2015-07-15 12:31:44 ----D---- C:\Program Files\Internet Explorer
2015-07-15 12:17:03 ----D---- C:\Windows\system32\MRT
2015-07-15 12:10:52 ----D---- C:\ProgramData\Microsoft Help
2015-07-14 17:32:23 ----D---- C:\Windows\Logs
2015-07-14 17:24:59 ----D---- C:\Windows\servicing
2015-07-14 17:24:59 ----D---- C:\Windows\ehome
2015-07-14 17:24:59 ----D---- C:\Program Files\Windows Sidebar
2015-07-14 17:24:59 ----D---- C:\Program Files\Windows Photo Viewer
2015-07-14 17:24:59 ----D---- C:\Program Files\Windows Media Player
2015-07-14 17:24:59 ----D---- C:\Program Files\Windows Mail
2015-07-14 17:24:59 ----D---- C:\Program Files\Windows Journal
2015-07-14 17:24:59 ----D---- C:\Program Files\Windows Defender
2015-07-14 17:24:59 ----D---- C:\Program Files\DVD Maker
2015-07-14 17:24:59 ----D---- C:\Program Files\Common Files\System
2015-07-14 17:24:57 ----D---- C:\Windows\IME
2015-07-14 17:24:56 ----D---- C:\Windows\system32\winrm
2015-07-14 17:24:56 ----D---- C:\Windows\system32\oobe
2015-07-14 17:24:56 ----D---- C:\Windows\system32\migwiz
2015-07-14 17:24:56 ----D---- C:\Windows\PolicyDefinitions
2015-07-14 17:24:49 ----D---- C:\Windows\system32\XPSViewer
2015-07-14 17:24:49 ----D---- C:\Windows\system32\sysprep
2015-07-14 17:24:49 ----D---- C:\Windows\system32\slmgr
2015-07-14 17:24:49 ----D---- C:\Windows\system32\migration
2015-07-14 17:24:49 ----D---- C:\Windows\system32\Boot
2015-07-14 17:24:48 ----D---- C:\Windows\system32\WCN
2015-07-14 17:24:48 ----D---- C:\Windows\system32\MUI
2015-07-14 17:24:48 ----D---- C:\Windows\system32\drivers\UMDF
2015-07-14 17:24:48 ----D---- C:\Windows\system32\Dism
2015-07-14 17:24:47 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2015-07-14 17:24:47 ----D---- C:\Windows\system32\DriverStore
2015-07-14 17:24:44 ----D---- C:\Windows\system32\wbem
2015-07-14 17:24:44 ----D---- C:\Windows\system32\com
2015-07-14 17:24:44 ----D---- C:\Windows\AppPatch
2015-07-14 17:24:22 ----D---- C:\Windows\DigitalLocker
2015-07-14 17:24:07 ----D---- C:\Windows\system32\WinBioPlugIns
2015-07-14 17:24:07 ----D---- C:\Windows\system32\Setup
2015-07-14 17:23:54 ----D---- C:\Windows\system32\AdvancedInstallers
2015-07-13 21:57:43 ----D---- C:\Users\Jirka\AppData\Roaming\vlc
2015-07-13 13:20:52 ----D---- C:\Windows\Microsoft.NET
2015-07-11 23:49:32 ----RSD---- C:\Windows\Fonts
2015-07-11 20:57:14 ----RSD---- C:\Windows\assembly

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-06 354840]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 245096]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-12-23 243128]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2012-12-14 3759616]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-06-14 3520168]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-05 280576]
R3 MEI;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECI.sys [2011-11-10 46080]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-08-23 414824]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 AsrCDDrv;AsrCDDrv; \??\C:\Windows\system32\Drivers\AsrCDDrv.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 95408]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-20 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 24064]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-02 458464]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-07 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-02-07 277784]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 22216]
R2 tvnserver;TightVNC Server; C:\Program Files\TightVNC\tvnserver.exe [2013-07-19 1690096]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-07 363800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-07 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14 268976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\system32\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-07 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-19 102912]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [2015-06-26 235696]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 284504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2015-06-02 837312]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-11-13 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

Re: Malware?

Napsal: 08 srp 2015 08:51
od Márty84
Zdravim :)

:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Re: Malware?

Napsal: 12 srp 2015 22:51
od woprsalek
OTL logfile created on: 12.8.2015 17:55:53 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jirka\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17914)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,83 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 68,06% Memory free
3,66 Gb Paging File | 2,49 Gb Available in Paging File | 67,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 127,99 Gb Total Space | 47,12 Gb Free Space | 36,81% Space Free | Partition Type: NTFS
Drive D: | 337,77 Gb Total Space | 146,29 Gb Free Space | 43,31% Space Free | Partition Type: NTFS

Computer Name: LEO | User Name: Jirka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015.08.09 19:37:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jirka\Desktop\OTL.exe
PRC - [2015.08.07 14:01:43 | 006,109,776 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2015.08.07 14:01:41 | 000,146,600 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2015.08.07 14:01:29 | 003,218,624 | ---- | M] (Avast Software) -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
PRC - [2015.07.07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015.02.19 18:40:12 | 005,503,768 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe
PRC - [2013.07.19 13:12:00 | 001,690,096 | ---- | M] (GlavSoft LLC.) -- C:\Program Files\TightVNC\tvnserver.exe
PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.02.07 18:53:34 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.02.07 18:53:32 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.02.07 18:52:04 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012.02.02 23:25:30 | 000,458,464 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.06 00:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.11.06 00:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe


========== Modules (No Company Name) ==========

MOD - [2015.08.07 14:01:44 | 040,540,672 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2015.08.07 14:01:43 | 000,102,864 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2015.08.07 14:01:41 | 000,123,976 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2015.05.13 16:00:37 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\2358fe512cb3cfa00df9958dacb45d2c\IAStorUtil.ni.dll
MOD - [2015.05.13 15:56:45 | 012,438,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6949c4470a81970ec3de0a575d93babc\System.Windows.Forms.ni.dll
MOD - [2015.05.13 15:56:27 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1c3513960037508558358652f2d202a1\WindowsBase.ni.dll
MOD - [2015.05.13 15:56:13 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\007fc007edc388d9806dff94ee04f129\System.Configuration.ni.dll
MOD - [2015.05.13 12:45:04 | 011,923,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\21f876e85bfaa433a999a410eda373bc\System.Web.ni.dll
MOD - [2015.05.13 12:43:31 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5a401fd2a7689ff13fb54182953f9c40\System.Drawing.ni.dll
MOD - [2015.04.15 07:47:06 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0967cf5c31691f38d013263304d2dacb\System.Runtime.Remoting.ni.dll
MOD - [2015.02.19 23:40:16 | 000,053,248 | ---- | M] () -- C:\Program Files\CCleaner\Lang\lang-1029.dll
MOD - [2015.01.07 18:52:23 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\f473a3fb0073a13849f5206103f64a99\IAStorCommon.ni.dll
MOD - [2014.10.16 20:20:58 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014.10.16 20:20:51 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014.09.11 10:02:57 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2013.07.09 08:46:27 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2012.01.05 11:24:32 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll
MOD - [2010.11.13 04:37:03 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll


========== Services (SafeList) ==========

SRV - [2015.08.07 14:01:41 | 000,146,600 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2015.08.07 14:01:29 | 003,218,624 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV - [2015.07.14 21:08:19 | 000,268,976 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015.07.07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015.06.19 20:13:19 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2015.06.02 05:28:50 | 000,837,312 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2015.05.25 20:01:45 | 000,853,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2013.11.13 19:48:27 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013.07.19 13:12:00 | 001,690,096 | ---- | M] (GlavSoft LLC.) [Auto | Running] -- C:\Program Files\TightVNC\tvnserver.exe -- (tvnserver)
SRV - [2012.12.14 03:02:14 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.02.07 18:53:34 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.02.07 18:53:32 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.02.07 18:52:04 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012.02.02 23:25:30 | 000,458,464 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2010.11.06 00:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [File_System | On_Demand | Stopped] -- C:\Windows\system32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\Drivers\AsrCDDrv.sys -- (AsrCDDrv)
DRV - [2015.08.07 14:01:45 | 000,433,264 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2015.08.07 14:01:45 | 000,208,664 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2015.08.07 14:01:45 | 000,113,592 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswStm.sys -- (aswStm)
DRV - [2015.08.07 14:01:45 | 000,081,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2015.08.07 14:01:45 | 000,076,000 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2015.08.07 14:01:45 | 000,049,776 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2015.08.07 14:01:45 | 000,024,016 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2015.08.07 14:01:35 | 000,788,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2015.08.07 14:01:34 | 000,095,112 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ngvss.sys -- (ngvss)
DRV - [2015.08.07 14:01:29 | 000,220,752 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV - [2013.12.23 13:34:48 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2013.10.02 02:42:31 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012.08.23 16:46:55 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2012.08.23 16:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012.08.23 16:41:34 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2011.12.05 21:22:00 | 000,280,576 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2011.11.10 01:52:02 | 000,046,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI)
DRV - [2010.11.20 23:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 23:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010.11.20 23:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010.11.20 23:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010.11.20 23:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 23:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 23:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 23:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 23:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
IE - HKCU\..\SearchScopes\{9D9D91E0-6B7E-43B7-8A0E-31805098C539}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.28.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.28.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Jirka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015.08.07 14:01:49 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - Extension: No name found = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\
CHR - Extension: No name found = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2015.08.07 13:55:11 | 000,000,826 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [tvncontrol] C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC.)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [uTorrent] C:\Users\Jirka\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EF4A6071-B5B7-47BA-80F0-06CEEF769744}: DhcpNameServer = 10.0.0.138
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{fce6d24b-4c5a-11e3-8ad9-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{fce6d24b-4c5a-11e3-8ad9-806e6f6e6963}\Shell\AutoRun\command - "" = F:\ASRSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

Re: Malware?

Napsal: 12 srp 2015 22:51
od woprsalek
========== Files/Folders - Created Within 30 Days ==========

[2015.08.09 19:37:49 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jirka\Desktop\OTL.exe
[2015.08.07 14:02:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\vbox
[2015.08.07 14:02:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
[2015.08.07 14:01:53 | 000,788,784 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2015.08.07 14:01:53 | 000,433,264 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2015.08.07 14:01:53 | 000,208,664 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswVmm.sys
[2015.08.07 14:01:53 | 000,113,592 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
[2015.08.07 14:01:53 | 000,095,112 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\ngvss.sys
[2015.08.07 14:01:53 | 000,081,728 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2015.08.07 14:01:53 | 000,076,000 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2015.08.07 14:01:53 | 000,049,776 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRvrt.sys
[2015.08.07 14:01:53 | 000,024,016 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswHwid.sys
[2015.08.07 14:01:50 | 000,313,472 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2015.08.07 14:01:43 | 000,043,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2015.08.07 13:58:43 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2015.08.07 11:46:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015.08.07 11:09:27 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2015.08.07 11:09:27 | 000,000,000 | ---D | C] -- C:\rsit
[2015.08.07 11:05:21 | 000,000,000 | ---D | C] -- C:\ProgramData\bc09bfab00001cb0
[2015.08.07 10:56:43 | 000,000,000 | ---D | C] -- C:\ProgramData\9d00c13c000021dd
[2015.08.07 10:53:43 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015.08.07 10:36:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2015.07.22 18:30:11 | 000,299,008 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2015.07.22 18:30:11 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2015.07.22 18:30:11 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2015.07.22 18:30:11 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2015.07.15 11:34:47 | 000,355,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2015.07.15 11:34:46 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdvidcrl.dll
[2015.07.15 11:34:46 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2015.07.15 11:34:42 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2015.07.15 11:34:42 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2015.07.15 11:34:42 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2015.07.15 11:34:42 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2015.07.15 11:34:42 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2015.07.15 11:34:41 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2015.07.15 11:34:38 | 002,383,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2015.07.15 11:34:36 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2015.07.15 11:34:36 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2015.07.15 11:34:36 | 000,101,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2015.07.15 11:34:35 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2015.07.15 11:34:19 | 002,745,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2015.07.15 11:34:19 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RdpGroupPolicyExtension.dll
[2015.07.15 11:34:18 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cewmdm.dll
[2015.07.15 11:34:16 | 004,520,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2015.07.15 11:34:16 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2015.07.15 11:34:11 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2015.07.15 11:34:11 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2015.07.15 11:33:15 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2015.07.15 11:33:15 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2015.07.15 11:33:14 | 000,685,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2015.07.15 11:33:14 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2015.07.15 11:33:14 | 000,342,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2015.07.15 11:33:14 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2015.07.15 11:33:14 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2015.07.15 11:33:13 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2015.07.15 11:33:13 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2015.07.15 11:33:13 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2015.07.15 11:33:13 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2015.07.15 11:33:13 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2015.07.15 11:33:12 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2015.07.15 11:33:12 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2015.07.15 11:33:12 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2015.07.15 11:33:11 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2015.07.15 11:33:10 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2015.07.15 11:33:09 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2015.07.15 11:33:08 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2015.07.15 11:33:08 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2015.07.14 17:58:48 | 000,778,416 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2015.07.14 17:58:48 | 000,142,512 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2015.07.14 17:58:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2015.07.14 17:24:58 | 000,000,000 | ---D | C] -- C:\Windows\el-GR
[2015.07.14 17:24:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\el
[2015.07.14 17:24:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\el-GR
[2015.07.14 17:24:37 | 000,000,000 | ---D | C] -- C:\Windows\lt-LT
[2015.07.14 17:24:33 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\lt-LT
[2015.07.14 17:24:28 | 000,000,000 | --SD | C] -- C:\Windows\System32\GWX
[2015.07.14 17:24:22 | 000,000,000 | ---D | C] -- C:\Windows\it-IT
[2015.07.14 17:24:06 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\it-IT
[2015.07.14 17:24:06 | 000,000,000 | ---D | C] -- C:\Windows\System32\0410
[2015.07.14 17:23:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\it
[2015.07.14 17:23:44 | 000,000,000 | ---D | C] -- C:\Windows\ar-SA
[2015.07.14 17:23:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\ar
[2015.07.14 17:23:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ar-SA
[2015.07.14 17:23:03 | 000,000,000 | ---D | C] -- C:\Windows\fr-FR
[2015.07.14 17:22:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\040C
[2015.07.14 17:22:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\fr-FR
[2015.07.14 17:22:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\fr
[2015.07.14 17:22:06 | 000,000,000 | ---D | C] -- C:\Windows\pt-PT
[2015.07.14 17:21:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\pt-PT
[2015.07.14 17:20:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\pt
[2015.07.14 12:29:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\rdvgkmd.sys.mui
[2015.07.14 12:29:26 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\rdpwd.sys.mui
[2015.07.14 12:29:26 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\pnpmem.sys.mui
[2015.07.14 12:29:24 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\usbport.sys.mui
[2015.07.14 12:29:24 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\usbhub.sys.mui
[2015.07.14 12:29:24 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\tsusbhub.sys.mui
[2015.07.14 12:29:24 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\tsusbflt.sys.mui
[2015.07.14 12:29:21 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\battc.sys.mui
[2015.07.14 12:29:08 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\volsnap.sys.mui
[2015.07.14 12:29:08 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\tpm.sys.mui
[2015.07.14 12:29:08 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\el-GR\pscr.sys.mui
[2015.07.14 12:29:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\vhdmp.sys.mui
[2015.07.14 12:29:08 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\portcls.sys.mui
[2015.07.14 12:29:08 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\umbus.sys.mui
[2015.07.14 12:29:08 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\serscan.sys.mui
[2015.07.14 12:29:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\wd.sys.mui
[2015.07.14 12:29:05 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\mpio.sys.mui
[2015.07.14 12:29:05 | 000,033,792 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\el-GR\yk62x86.sys.mui
[2015.07.14 12:29:05 | 000,024,064 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\el-GR\e1y6032.sys.mui
[2015.07.14 12:29:05 | 000,024,064 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\el-GR\e1e6032.sys.mui
[2015.07.14 12:29:05 | 000,020,480 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\el-GR\E1G60I32.sys.mui
[2015.07.14 12:29:05 | 000,013,312 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\el-GR\k57nd60x.sys.mui
[2015.07.14 12:29:05 | 000,013,312 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\el-GR\b57nd60x.sys.mui
[2015.07.14 12:29:05 | 000,012,800 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\el-GR\e1q6032.sys.mui
[2015.07.14 12:29:05 | 000,012,800 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\el-GR\e1k6032.sys.mui
[2015.07.14 12:29:05 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\serial.sys.mui
[2015.07.14 12:29:05 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\msdsm.sys.mui
[2015.07.14 12:29:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\sermouse.sys.mui
[2015.07.14 12:29:05 | 000,006,144 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\el-GR\bcm4sbxp.sys.mui
[2015.07.14 12:29:05 | 000,005,632 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\el-GR\e100b325.sys.mui
[2015.07.14 12:29:05 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\mouclass.sys.mui
[2015.07.14 12:29:05 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\pcmcia.sys.mui
[2015.07.14 12:29:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\parport.sys.mui
[2015.07.14 12:29:05 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\ataport.sys.mui
[2015.07.14 12:29:05 | 000,003,072 | ---- | C] (VIA Technologies, Inc. ) -- C:\Windows\System32\drivers\el-GR\getn62.sys.mui
[2015.07.14 12:29:05 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\rndismpx.sys.mui
[2015.07.14 12:29:05 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\rndismp6.sys.mui
[2015.07.14 12:29:05 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\parvdm.sys.mui
[2015.07.14 12:29:05 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\MTConfig.sys.mui
[2015.07.14 12:29:05 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\mouhid.sys.mui
[2015.07.14 12:29:05 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\vwifibus.sys.mui
[2015.07.14 12:29:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\amdide.sys.mui
[2015.07.14 12:29:04 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\afd.sys.mui
[2015.07.14 12:29:02 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\bfe.dll.mui
[2015.07.14 12:29:02 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\tunnel.sys.mui
[2015.07.14 12:29:02 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\modem.sys.mui
[2015.07.14 12:29:02 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\wdf01000.sys.mui
[2015.07.14 12:29:02 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\usbrpm.sys.mui
[2015.07.14 12:29:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\ws2ifsl.sys.mui
[2015.07.14 12:29:01 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\tcpip.sys.mui
[2015.07.14 12:28:59 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\fvevol.sys.mui
[2015.07.14 12:28:59 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\scfilter.sys.mui
[2015.07.14 12:28:57 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\rdbss.sys.mui
[2015.07.14 12:28:56 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\pacer.sys.mui
[2015.07.14 12:28:56 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\qwavedrv.sys.mui
[2015.07.14 12:28:55 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\partmgr.sys.mui
[2015.07.14 12:28:53 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\ntfs.sys.mui
[2015.07.14 12:28:53 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\ndis.sys.mui
[2015.07.14 12:28:53 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\nwifi.sys.mui
[2015.07.14 12:28:53 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\ndisuio.sys.mui
[2015.07.14 12:28:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\ndiscap.sys.mui
[2015.07.14 12:28:49 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\mountmgr.sys.mui
[2015.07.14 12:28:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\luafv.sys.mui
[2015.07.14 12:28:46 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\http.sys.mui
[2015.07.14 12:28:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\fltmgr.sys.mui
[2015.07.14 12:28:41 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\volmgrx.sys.mui
[2015.07.14 12:28:35 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\el-GR\BrSerIb.sys.mui
[2015.07.14 12:28:35 | 000,011,776 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\el-GR\ltmdmnt.sys.mui
[2015.07.14 12:28:35 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\pci.sys.mui
[2015.07.14 12:28:35 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\isapnp.sys.mui
[2015.07.14 12:28:35 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\vdrvroot.sys.mui
[2015.07.14 12:28:35 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\mssmbios.sys.mui
[2015.07.14 12:28:35 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\VIAAGP.SYS.mui
[2015.07.14 12:28:35 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\ULIAGPKX.SYS.mui
[2015.07.14 12:28:35 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\SISAGP.SYS.mui
[2015.07.14 12:28:35 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\NV_AGP.SYS.mui
[2015.07.14 12:28:35 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\AMDAGP.SYS.mui
[2015.07.14 12:28:34 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\viac7.sys.mui
[2015.07.14 12:28:34 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\processr.sys.mui
[2015.07.14 12:28:34 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\intelppm.sys.mui
[2015.07.14 12:28:34 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\amdppm.sys.mui
[2015.07.14 12:28:34 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\amdk8.sys.mui
[2015.07.14 12:28:34 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\i8042prt.sys.mui
[2015.07.14 12:28:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\IPMIDrv.sys.mui
[2015.07.14 12:28:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\kbdclass.sys.mui
[2015.07.14 12:28:34 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\wacompen.sys.mui
[2015.07.14 12:28:34 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\hdaudbus.sys.mui
[2015.07.14 12:28:34 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\HdAudio.sys.mui
[2015.07.14 12:28:34 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\hidbth.sys.mui
[2015.07.14 12:28:34 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\Dot4usb.sys.mui
[2015.07.14 12:28:34 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\kbdhid.sys.mui
[2015.07.14 12:28:34 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\AGP440.sys.mui
[2015.07.14 12:28:34 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\disk.sys.mui
[2015.07.14 12:28:33 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\ohci1394.sys.mui
[2015.07.14 12:28:33 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\1394ohci.sys.mui
[2015.07.14 12:28:33 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\el-GR\BrSerId.sys.mui
[2015.07.14 12:28:33 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\acpi.sys.mui
[2015.07.14 12:28:33 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\bthport.sys.mui
[2015.07.14 12:28:33 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\bthpan.sys.mui
[2015.07.14 12:28:33 | 000,003,584 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\el-GR\atikmdag.sys.mui
[2015.07.14 12:28:33 | 000,003,072 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\el-GR\BrParwdm.sys.mui
[2015.07.14 12:28:33 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\UAGP35.SYS.mui
[2015.07.14 12:28:33 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\GAGP30KX.SYS.mui
[2015.07.14 12:28:33 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\BTHUSB.SYS.mui
[2015.07.14 12:28:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\cdrom.sys.mui
[2015.07.14 12:28:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\bthenum.sys.mui
[2015.07.14 12:20:37 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\lt-LT\portcls.sys.mui
[2015.07.14 12:20:36 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\lt-LT\serscan.sys.mui
[2015.07.14 12:20:33 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\lt-LT\ataport.sys.mui
[2015.07.14 12:20:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\lt-LT\amdide.sys.mui
[2015.07.14 12:20:31 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\lt-LT\tcpip.sys.mui
[2015.07.14 12:20:29 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\lt-LT\scfilter.sys.mui
[2015.07.14 12:20:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\lt-LT\bthport.sys.mui
[2015.07.14 12:20:08 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\lt-LT\hidbth.sys.mui
[2015.07.14 12:20:08 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\lt-LT\BTHUSB.SYS.mui
[2015.07.14 12:20:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\lt-LT\bthenum.sys.mui
[2015.07.14 12:11:11 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\rdvgkmd.sys.mui
[2015.07.14 12:11:10 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\rdpwd.sys.mui
[2015.07.14 12:11:08 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\usbport.sys.mui
[2015.07.14 12:11:08 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\usbhub.sys.mui
[2015.07.14 12:11:08 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\battc.sys.mui
[2015.07.14 12:11:08 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\tsusbhub.sys.mui
[2015.07.14 12:11:08 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\tsusbflt.sys.mui
[2015.07.14 12:11:07 | 000,012,800 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\it-IT\k57nd60x.sys.mui
[2015.07.14 12:10:56 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\volsnap.sys.mui
[2015.07.14 12:10:56 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\vhdmp.sys.mui
[2015.07.14 12:10:56 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\tpm.sys.mui
[2015.07.14 12:10:56 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\it-IT\pscr.sys.mui
[2015.07.14 12:10:56 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\portcls.sys.mui
[2015.07.14 12:10:56 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\umbus.sys.mui
[2015.07.14 12:10:56 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\serscan.sys.mui
[2015.07.14 12:10:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\wd.sys.mui
[2015.07.14 12:10:52 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\pcmcia.sys.mui
[2015.07.14 12:10:51 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\mpio.sys.mui
[2015.07.14 12:10:51 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\it-IT\yk62x86.sys.mui
[2015.07.14 12:10:51 | 000,022,016 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\it-IT\e1y6032.sys.mui
[2015.07.14 12:10:51 | 000,022,016 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\it-IT\e1e6032.sys.mui
[2015.07.14 12:10:51 | 000,018,944 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\it-IT\E1G60I32.sys.mui
[2015.07.14 12:10:51 | 000,012,800 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\it-IT\b57nd60x.sys.mui
[2015.07.14 12:10:51 | 000,011,776 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\it-IT\e1q6032.sys.mui
[2015.07.14 12:10:51 | 000,011,776 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\it-IT\e1k6032.sys.mui
[2015.07.14 12:10:51 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\serial.sys.mui
[2015.07.14 12:10:51 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\i8042prt.sys.mui
[2015.07.14 12:10:51 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\msdsm.sys.mui
[2015.07.14 12:10:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\sermouse.sys.mui
[2015.07.14 12:10:51 | 000,005,632 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\it-IT\bcm4sbxp.sys.mui
[2015.07.14 12:10:51 | 000,005,120 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\it-IT\e100b325.sys.mui
[2015.07.14 12:10:51 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\mouclass.sys.mui
[2015.07.14 12:10:51 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\parport.sys.mui
[2015.07.14 12:10:51 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\ataport.sys.mui
[2015.07.14 12:10:51 | 000,003,072 | ---- | C] (VIA Technologies, Inc. ) -- C:\Windows\System32\drivers\it-IT\getn62.sys.mui
[2015.07.14 12:10:51 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\scsiport.sys.mui
[2015.07.14 12:10:51 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\rndismpx.sys.mui
[2015.07.14 12:10:51 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\rndismp6.sys.mui
[2015.07.14 12:10:51 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\vwifibus.sys.mui
[2015.07.14 12:10:51 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\parvdm.sys.mui
[2015.07.14 12:10:51 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\MTConfig.sys.mui
[2015.07.14 12:10:51 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\mouhid.sys.mui
[2015.07.14 12:10:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\amdide.sys.mui
[2015.07.14 12:10:50 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\afd.sys.mui
[2015.07.14 12:10:48 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\tcpip.sys.mui
[2015.07.14 12:10:48 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\bfe.dll.mui
[2015.07.14 12:10:48 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\tunnel.sys.mui
[2015.07.14 12:10:48 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\modem.sys.mui
[2015.07.14 12:10:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\wdf01000.sys.mui
[2015.07.14 12:10:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\usbrpm.sys.mui
[2015.07.14 12:10:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\ws2ifsl.sys.mui
[2015.07.14 12:10:46 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\srv.sys.mui
[2015.07.14 12:10:45 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\fvevol.sys.mui
[2015.07.14 12:10:45 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\scfilter.sys.mui
[2015.07.14 12:10:44 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\rdbss.sys.mui
[2015.07.14 12:10:43 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\pacer.sys.mui
[2015.07.14 12:10:43 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\RNDISMP.sys.mui
[2015.07.14 12:10:43 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\qwavedrv.sys.mui
[2015.07.14 12:10:42 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\partmgr.sys.mui
[2015.07.14 12:10:40 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\ntfs.sys.mui
[2015.07.14 12:10:40 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\nwifi.sys.mui
[2015.07.14 12:10:39 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\ndis.sys.mui
[2015.07.14 12:10:39 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\ndisuio.sys.mui
[2015.07.14 12:10:38 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\ndiscap.sys.mui
[2015.07.14 12:10:37 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\mountmgr.sys.mui
[2015.07.14 12:10:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\luafv.sys.mui
[2015.07.14 12:10:35 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\ipnat.sys.mui
[2015.07.14 12:10:32 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\http.sys.mui
[2015.07.14 12:10:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\fltmgr.sys.mui
[2015.07.14 12:10:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\volmgrx.sys.mui
[2015.07.14 12:10:23 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\it-IT\BrSerIb.sys.mui
[2015.07.14 12:10:23 | 000,011,264 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\it-IT\ltmdmnt.sys.mui
[2015.07.14 12:10:23 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\pci.sys.mui
[2015.07.14 12:10:23 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\kbdclass.sys.mui
[2015.07.14 12:10:23 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\vdrvroot.sys.mui
[2015.07.14 12:10:23 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\isapnp.sys.mui
[2015.07.14 12:10:23 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\mssmbios.sys.mui
[2015.07.14 12:10:23 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\VIAAGP.SYS.mui
[2015.07.14 12:10:23 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\ULIAGPKX.SYS.mui
[2015.07.14 12:10:23 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\SISAGP.SYS.mui
[2015.07.14 12:10:23 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\pnpmem.sys.mui
[2015.07.14 12:10:23 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\NV_AGP.SYS.mui
[2015.07.14 12:10:23 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\kbdhid.sys.mui
[2015.07.14 12:10:23 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\AMDAGP.SYS.mui
[2015.07.14 12:10:23 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\AGP440.sys.mui
[2015.07.14 12:10:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\IPMIDrv.sys.mui
[2015.07.14 12:10:22 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\wacompen.sys.mui
[2015.07.14 12:10:22 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\HdAudio.sys.mui
[2015.07.14 12:10:22 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\hidbth.sys.mui
[2015.07.14 12:10:21 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\hdaudbus.sys.mui
[2015.07.14 12:10:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\Dot4usb.sys.mui
[2015.07.14 12:10:20 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\viac7.sys.mui
[2015.07.14 12:10:20 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\processr.sys.mui
[2015.07.14 12:10:20 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\intelppm.sys.mui
[2015.07.14 12:10:20 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\amdppm.sys.mui
[2015.07.14 12:10:20 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\amdk8.sys.mui
[2015.07.14 12:10:20 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\bthport.sys.mui
[2015.07.14 12:10:20 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\bthpan.sys.mui
[2015.07.14 12:10:20 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\disk.sys.mui
[2015.07.14 12:10:20 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\BTHUSB.SYS.mui
[2015.07.14 12:10:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\cdrom.sys.mui
[2015.07.14 12:10:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\bthenum.sys.mui
[2015.07.14 12:10:19 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\ohci1394.sys.mui
[2015.07.14 12:10:19 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\1394ohci.sys.mui
[2015.07.14 12:10:19 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\it-IT\BrSerId.sys.mui
[2015.07.14 12:10:19 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\acpi.sys.mui
[2015.07.14 12:10:19 | 000,003,584 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\it-IT\atikmdag.sys.mui
[2015.07.14 12:10:19 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\UAGP35.SYS.mui
[2015.07.14 12:10:19 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\GAGP30KX.SYS.mui
[2015.07.14 12:10:19 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\it-IT\BrParwdm.sys.mui
[2015.07.14 12:05:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2015.07.14 12:05:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2015.07.14 12:00:35 | 002,285,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2015.07.14 11:51:23 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\usbport.sys.mui
[2015.07.14 11:51:23 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\usbhub.sys.mui
[2015.07.14 11:51:23 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\tsusbhub.sys.mui
[2015.07.14 11:51:23 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\tsusbflt.sys.mui
[2015.07.14 11:51:23 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\scfilter.sys.mui
[2015.07.14 11:51:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\rdvgkmd.sys.mui
[2015.07.14 11:51:20 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\portcls.sys.mui
[2015.07.14 11:51:20 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\rdpwd.sys.mui
[2015.07.14 11:51:18 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\battc.sys.mui
[2015.07.14 11:51:03 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\volsnap.sys.mui
[2015.07.14 11:51:03 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\tpm.sys.mui
[2015.07.14 11:51:03 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\ar-SA\pscr.sys.mui
[2015.07.14 11:51:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\vhdmp.sys.mui
[2015.07.14 11:51:03 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\umbus.sys.mui
[2015.07.14 11:51:03 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\serscan.sys.mui
[2015.07.14 11:51:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\wd.sys.mui
[2015.07.14 11:50:59 | 000,032,768 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\ar-SA\yk62x86.sys.mui
[2015.07.14 11:50:59 | 000,015,872 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\ar-SA\E1G60I32.sys.mui
[2015.07.14 11:50:59 | 000,012,288 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\ar-SA\k57nd60x.sys.mui
[2015.07.14 11:50:59 | 000,005,120 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\ar-SA\e100b325.sys.mui
[2015.07.14 11:50:59 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\pcmcia.sys.mui
[2015.07.14 11:50:59 | 000,003,072 | ---- | C] (VIA Technologies, Inc. ) -- C:\Windows\System32\drivers\ar-SA\getn62.sys.mui
[2015.07.14 11:50:59 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\rndismpx.sys.mui
[2015.07.14 11:50:59 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\rndismp6.sys.mui
[2015.07.14 11:50:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\vwifibus.sys.mui
[2015.07.14 11:50:58 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\mpio.sys.mui
[2015.07.14 11:50:58 | 000,018,944 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\ar-SA\e1y6032.sys.mui
[2015.07.14 11:50:58 | 000,018,944 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\ar-SA\e1e6032.sys.mui
[2015.07.14 11:50:58 | 000,012,288 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\ar-SA\b57nd60x.sys.mui
[2015.07.14 11:50:58 | 000,010,752 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\ar-SA\e1q6032.sys.mui
[2015.07.14 11:50:58 | 000,010,240 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\ar-SA\e1k6032.sys.mui
[2015.07.14 11:50:58 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\i8042prt.sys.mui
[2015.07.14 11:50:58 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\serial.sys.mui
[2015.07.14 11:50:58 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\msdsm.sys.mui
[2015.07.14 11:50:58 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\sermouse.sys.mui
[2015.07.14 11:50:58 | 000,005,120 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\ar-SA\bcm4sbxp.sys.mui
[2015.07.14 11:50:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\mouclass.sys.mui
[2015.07.14 11:50:58 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\parport.sys.mui
[2015.07.14 11:50:58 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\mouhid.sys.mui
[2015.07.14 11:50:58 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\ataport.sys.mui
[2015.07.14 11:50:58 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\parvdm.sys.mui
[2015.07.14 11:50:58 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\MTConfig.sys.mui
[2015.07.14 11:50:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\amdide.sys.mui
[2015.07.14 11:50:56 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\bfe.dll.mui
[2015.07.14 11:50:56 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\wdf01000.sys.mui
[2015.07.14 11:50:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\ws2ifsl.sys.mui
[2015.07.14 11:50:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\usbrpm.sys.mui
[2015.07.14 11:50:54 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\tcpip.sys.mui
[2015.07.14 11:50:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\tunnel.sys.mui
[2015.07.14 11:50:54 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\modem.sys.mui
[2015.07.14 11:50:51 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\fvevol.sys.mui
[2015.07.14 11:50:49 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\rdbss.sys.mui
[2015.07.14 11:50:48 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\pacer.sys.mui
[2015.07.14 11:50:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\qwavedrv.sys.mui
[2015.07.14 11:50:47 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\partmgr.sys.mui
[2015.07.14 11:50:44 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\nwifi.sys.mui
[2015.07.14 11:50:43 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\ndis.sys.mui
[2015.07.14 11:50:43 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\ndisuio.sys.mui
[2015.07.14 11:50:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\ndiscap.sys.mui
[2015.07.14 11:50:40 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\mountmgr.sys.mui
[2015.07.14 11:50:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\luafv.sys.mui
[2015.07.14 11:50:36 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\http.sys.mui
[2015.07.14 11:50:33 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\fltmgr.sys.mui
[2015.07.14 11:50:31 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\volmgrx.sys.mui
[2015.07.14 11:50:27 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ar-SA\BrSerIb.sys.mui
[2015.07.14 11:50:27 | 000,009,216 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\ar-SA\ltmdmnt.sys.mui
[2015.07.14 11:50:27 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\pci.sys.mui
[2015.07.14 11:50:27 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\IPMIDrv.sys.mui
[2015.07.14 11:50:27 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\kbdclass.sys.mui
[2015.07.14 11:50:27 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\isapnp.sys.mui
[2015.07.14 11:50:27 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\vdrvroot.sys.mui
[2015.07.14 11:50:27 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\mssmbios.sys.mui
[2015.07.14 11:50:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\VIAAGP.SYS.mui
[2015.07.14 11:50:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\ULIAGPKX.SYS.mui
[2015.07.14 11:50:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\SISAGP.SYS.mui
[2015.07.14 11:50:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\pnpmem.sys.mui
[2015.07.14 11:50:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\NV_AGP.SYS.mui
[2015.07.14 11:50:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\kbdhid.sys.mui
[2015.07.14 11:50:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\AMDAGP.SYS.mui
[2015.07.14 11:50:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\AGP440.sys.mui
[2015.07.14 11:50:26 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\wacompen.sys.mui
[2015.07.14 11:50:26 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\hdaudbus.sys.mui
[2015.07.14 11:50:26 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\HdAudio.sys.mui
[2015.07.14 11:50:26 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\hidbth.sys.mui
[2015.07.14 11:50:26 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\Dot4usb.sys.mui
[2015.07.14 11:50:26 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\disk.sys.mui
[2015.07.14 11:50:25 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\viac7.sys.mui
[2015.07.14 11:50:25 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\processr.sys.mui
[2015.07.14 11:50:25 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\intelppm.sys.mui
[2015.07.14 11:50:25 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\amdppm.sys.mui
[2015.07.14 11:50:25 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\amdk8.sys.mui
[2015.07.14 11:50:25 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\ohci1394.sys.mui
[2015.07.14 11:50:25 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\1394ohci.sys.mui
[2015.07.14 11:50:25 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ar-SA\BrSerId.sys.mui
[2015.07.14 11:50:25 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\acpi.sys.mui
[2015.07.14 11:50:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\bthport.sys.mui
[2015.07.14 11:50:25 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\bthpan.sys.mui
[2015.07.14 11:50:25 | 000,003,072 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ar-SA\atikmdag.sys.mui
[2015.07.14 11:50:25 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\UAGP35.SYS.mui
[2015.07.14 11:50:25 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\GAGP30KX.SYS.mui
[2015.07.14 11:50:25 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\BTHUSB.SYS.mui
[2015.07.14 11:50:25 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ar-SA\BrParwdm.sys.mui
[2015.07.14 11:50:25 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\cdrom.sys.mui
[2015.07.14 11:50:25 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\bthenum.sys.mui
[2015.07.14 11:42:35 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\serscan.sys.mui
[2015.07.14 11:42:32 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\rdvgkmd.sys.mui
[2015.07.14 11:42:32 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\rdpwd.sys.mui
[2015.07.14 11:42:30 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\usbport.sys.mui
[2015.07.14 11:42:30 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\battc.sys.mui
[2015.07.14 11:42:29 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\tsusbhub.sys.mui
[2015.07.14 11:42:29 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\tsusbflt.sys.mui
[2015.07.14 11:42:18 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\volsnap.sys.mui
[2015.07.14 11:42:18 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\usbhub.sys.mui
[2015.07.14 11:42:18 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\fr-FR\pscr.sys.mui
[2015.07.14 11:42:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\vhdmp.sys.mui
[2015.07.14 11:42:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\tpm.sys.mui
[2015.07.14 11:42:18 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\portcls.sys.mui
[2015.07.14 11:42:18 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\umbus.sys.mui
[2015.07.14 11:42:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\wd.sys.mui
[2015.07.14 11:42:16 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\pcmcia.sys.mui
[2015.07.14 11:42:15 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\mpio.sys.mui
[2015.07.14 11:42:15 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\fr-FR\yk62x86.sys.mui
[2015.07.14 11:42:15 | 000,023,552 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\fr-FR\e1y6032.sys.mui
[2015.07.14 11:42:15 | 000,023,552 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\fr-FR\e1e6032.sys.mui
[2015.07.14 11:42:15 | 000,019,968 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\fr-FR\E1G60I32.sys.mui
[2015.07.14 11:42:15 | 000,012,800 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\fr-FR\k57nd60x.sys.mui
[2015.07.14 11:42:15 | 000,012,800 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\fr-FR\b57nd60x.sys.mui
[2015.07.14 11:42:15 | 000,012,288 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\fr-FR\e1q6032.sys.mui
[2015.07.14 11:42:15 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\serial.sys.mui
[2015.07.14 11:42:15 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\i8042prt.sys.mui
[2015.07.14 11:42:15 | 000,011,776 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\fr-FR\e1k6032.sys.mui
[2015.07.14 11:42:15 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\msdsm.sys.mui
[2015.07.14 11:42:15 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\sermouse.sys.mui
[2015.07.14 11:42:15 | 000,005,632 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\fr-FR\e100b325.sys.mui
[2015.07.14 11:42:15 | 000,005,632 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\fr-FR\bcm4sbxp.sys.mui
[2015.07.14 11:42:15 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\mouclass.sys.mui
[2015.07.14 11:42:15 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\parport.sys.mui
[2015.07.14 11:42:15 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\ataport.sys.mui
[2015.07.14 11:42:15 | 000,003,072 | ---- | C] (VIA Technologies, Inc. ) -- C:\Windows\System32\drivers\fr-FR\getn62.sys.mui
[2015.07.14 11:42:15 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\scsiport.sys.mui
[2015.07.14 11:42:15 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\rndismpx.sys.mui
[2015.07.14 11:42:15 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\rndismp6.sys.mui
[2015.07.14 11:42:15 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\parvdm.sys.mui
[2015.07.14 11:42:15 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\mouhid.sys.mui
[2015.07.14 11:42:15 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\vwifibus.sys.mui
[2015.07.14 11:42:15 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\MTConfig.sys.mui
[2015.07.14 11:42:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\amdide.sys.mui
[2015.07.14 11:42:14 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\afd.sys.mui
[2015.07.14 11:42:13 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\bfe.dll.mui
[2015.07.14 11:42:13 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\wdf01000.sys.mui
[2015.07.14 11:42:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\ws2ifsl.sys.mui
[2015.07.14 11:42:12 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\tcpip.sys.mui
[2015.07.14 11:42:12 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\tunnel.sys.mui
[2015.07.14 11:42:12 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\modem.sys.mui
[2015.07.14 11:42:12 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\usbrpm.sys.mui
[2015.07.14 11:42:10 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\srv.sys.mui
[2015.07.14 11:42:09 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\fvevol.sys.mui
[2015.07.14 11:42:09 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\scfilter.sys.mui
[2015.07.14 11:42:06 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\rdbss.sys.mui
[2015.07.14 11:42:06 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\RNDISMP.sys.mui
[2015.07.14 11:42:06 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\qwavedrv.sys.mui
[2015.07.14 11:42:05 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\pacer.sys.mui
[2015.07.14 11:42:05 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\partmgr.sys.mui
[2015.07.14 11:42:02 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\ntfs.sys.mui
[2015.07.14 11:42:02 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\ndis.sys.mui
[2015.07.14 11:42:02 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\nwifi.sys.mui
[2015.07.14 11:42:02 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\ndisuio.sys.mui
[2015.07.14 11:42:01 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\ndiscap.sys.mui
[2015.07.14 11:41:59 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\mountmgr.sys.mui
[2015.07.14 11:41:58 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\luafv.sys.mui
[2015.07.14 11:41:58 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\ipnat.sys.mui
[2015.07.14 11:41:56 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\http.sys.mui
[2015.07.14 11:41:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\fltmgr.sys.mui
[2015.07.14 11:41:51 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\volmgrx.sys.mui
[2015.07.14 11:41:49 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\pnpmem.sys.mui
[2015.07.14 11:41:48 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\viac7.sys.mui
[2015.07.14 11:41:48 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\processr.sys.mui
[2015.07.14 11:41:48 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\intelppm.sys.mui
[2015.07.14 11:41:48 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\fr-FR\BrSerIb.sys.mui
[2015.07.14 11:41:48 | 000,011,264 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\fr-FR\ltmdmnt.sys.mui
[2015.07.14 11:41:48 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\pci.sys.mui
[2015.07.14 11:41:48 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\IPMIDrv.sys.mui
[2015.07.14 11:41:48 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\kbdclass.sys.mui
[2015.07.14 11:41:48 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\wacompen.sys.mui
[2015.07.14 11:41:48 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\vdrvroot.sys.mui
[2015.07.14 11:41:48 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\isapnp.sys.mui
[2015.07.14 11:41:48 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\hdaudbus.sys.mui
[2015.07.14 11:41:48 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\HdAudio.sys.mui
[2015.07.14 11:41:48 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\mssmbios.sys.mui
[2015.07.14 11:41:48 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\hidbth.sys.mui
[2015.07.14 11:41:48 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\Dot4usb.sys.mui
[2015.07.14 11:41:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\VIAAGP.SYS.mui
[2015.07.14 11:41:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\ULIAGPKX.SYS.mui
[2015.07.14 11:41:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\SISAGP.SYS.mui
[2015.07.14 11:41:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\NV_AGP.SYS.mui
[2015.07.14 11:41:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\kbdhid.sys.mui
[2015.07.14 11:41:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\disk.sys.mui
[2015.07.14 11:41:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\AMDAGP.SYS.mui
[2015.07.14 11:41:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\AGP440.sys.mui
[2015.07.14 11:41:47 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\amdppm.sys.mui
[2015.07.14 11:41:47 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\amdk8.sys.mui
[2015.07.14 11:41:47 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\ohci1394.sys.mui
[2015.07.14 11:41:47 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\1394ohci.sys.mui
[2015.07.14 11:41:47 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\fr-FR\BrSerId.sys.mui
[2015.07.14 11:41:47 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\acpi.sys.mui
[2015.07.14 11:41:47 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\bthport.sys.mui
[2015.07.14 11:41:47 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\bthpan.sys.mui
[2015.07.14 11:41:47 | 000,003,584 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\fr-FR\atikmdag.sys.mui
[2015.07.14 11:41:47 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\UAGP35.SYS.mui
[2015.07.14 11:41:47 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\GAGP30KX.SYS.mui
[2015.07.14 11:41:47 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\BTHUSB.SYS.mui
[2015.07.14 11:41:47 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\fr-FR\BrParwdm.sys.mui
[2015.07.14 11:41:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\cdrom.sys.mui
[2015.07.14 11:41:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\bthenum.sys.mui
[2015.07.14 11:36:17 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\pt-PT\pscr.sys.mui
[2015.07.14 11:36:16 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\rdvgkmd.sys.mui
[2015.07.14 11:36:16 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\rdpwd.sys.mui
[2015.07.14 11:36:16 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\MTConfig.sys.mui
[2015.07.14 11:36:14 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\usbport.sys.mui
[2015.07.14 11:36:14 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\battc.sys.mui
[2015.07.14 11:36:14 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\tsusbhub.sys.mui
[2015.07.14 11:36:14 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\tsusbflt.sys.mui
[2015.07.14 11:36:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\IPMIDrv.sys.mui
[2015.07.14 11:36:01 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\volsnap.sys.mui
[2015.07.14 11:36:01 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\usbhub.sys.mui
[2015.07.14 11:36:01 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\vhdmp.sys.mui
[2015.07.14 11:36:01 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\tpm.sys.mui
[2015.07.14 11:36:01 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\portcls.sys.mui
[2015.07.14 11:36:01 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\umbus.sys.mui
[2015.07.14 11:36:01 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\serscan.sys.mui
[2015.07.14 11:36:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\wd.sys.mui
[2015.07.14 11:35:57 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\mpio.sys.mui
[2015.07.14 11:35:57 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\pt-PT\yk62x86.sys.mui
[2015.07.14 11:35:57 | 000,021,504 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\pt-PT\e1y6032.sys.mui
[2015.07.14 11:35:57 | 000,021,504 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\pt-PT\e1e6032.sys.mui
[2015.07.14 11:35:57 | 000,018,432 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\pt-PT\E1G60I32.sys.mui
[2015.07.14 11:35:57 | 000,012,800 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\pt-PT\k57nd60x.sys.mui
[2015.07.14 11:35:57 | 000,012,800 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\pt-PT\b57nd60x.sys.mui
[2015.07.14 11:35:57 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\serial.sys.mui
[2015.07.14 11:35:57 | 000,011,264 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\pt-PT\e1q6032.sys.mui
[2015.07.14 11:35:57 | 000,011,264 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\pt-PT\e1k6032.sys.mui
[2015.07.14 11:35:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\msdsm.sys.mui
[2015.07.14 11:35:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\sermouse.sys.mui
[2015.07.14 11:35:57 | 000,005,632 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\pt-PT\bcm4sbxp.sys.mui
[2015.07.14 11:35:57 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\mouclass.sys.mui
[2015.07.14 11:35:57 | 000,005,120 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\pt-PT\e100b325.sys.mui
[2015.07.14 11:35:57 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\pcmcia.sys.mui
[2015.07.14 11:35:57 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\parport.sys.mui
[2015.07.14 11:35:57 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\ataport.sys.mui
[2015.07.14 11:35:57 | 000,003,072 | ---- | C] (VIA Technologies, Inc. ) -- C:\Windows\System32\drivers\pt-PT\getn62.sys.mui
[2015.07.14 11:35:57 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\rndismpx.sys.mui
[2015.07.14 11:35:57 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\rndismp6.sys.mui
[2015.07.14 11:35:57 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\parvdm.sys.mui
[2015.07.14 11:35:57 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\mouhid.sys.mui
[2015.07.14 11:35:57 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\vwifibus.sys.mui
[2015.07.14 11:35:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\amdide.sys.mui
[2015.07.14 11:35:56 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\afd.sys.mui
[2015.07.14 11:35:55 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\bfe.dll.mui
[2015.07.14 11:35:55 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\wdf01000.sys.mui
[2015.07.14 11:35:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\ws2ifsl.sys.mui
[2015.07.14 11:35:54 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\tcpip.sys.mui
[2015.07.14 11:35:54 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\tunnel.sys.mui
[2015.07.14 11:35:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\modem.sys.mui
[2015.07.14 11:35:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\usbrpm.sys.mui
[2015.07.14 11:35:51 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\fvevol.sys.mui
[2015.07.14 11:35:51 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\scfilter.sys.mui
[2015.07.14 11:35:50 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\rdbss.sys.mui
[2015.07.14 11:35:48 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\pacer.sys.mui
[2015.07.14 11:35:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\qwavedrv.sys.mui
[2015.07.14 11:35:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\partmgr.sys.mui
[2015.07.14 11:35:45 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\ntfs.sys.mui
[2015.07.14 11:35:45 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\ndis.sys.mui
[2015.07.14 11:35:45 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\nwifi.sys.mui
[2015.07.14 11:35:45 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\ndisuio.sys.mui
[2015.07.14 11:35:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\ndiscap.sys.mui
[2015.07.14 11:35:42 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\mountmgr.sys.mui
[2015.07.14 11:35:41 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\luafv.sys.mui
[2015.07.14 11:35:38 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\http.sys.mui
[2015.07.14 11:35:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\fltmgr.sys.mui
[2015.07.14 11:35:33 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\volmgrx.sys.mui
[2015.07.14 11:35:29 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\i8042prt.sys.mui
[2015.07.14 11:35:29 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pt-PT\BrSerIb.sys.mui
[2015.07.14 11:35:29 | 000,011,264 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\pt-PT\ltmdmnt.sys.mui
[2015.07.14 11:35:29 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\pci.sys.mui
[2015.07.14 11:35:29 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\kbdclass.sys.mui
[2015.07.14 11:35:29 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\vdrvroot.sys.mui
[2015.07.14 11:35:29 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\isapnp.sys.mui
[2015.07.14 11:35:29 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\mssmbios.sys.mui
[2015.07.14 11:35:29 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\VIAAGP.SYS.mui
[2015.07.14 11:35:29 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\ULIAGPKX.SYS.mui
[2015.07.14 11:35:29 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\SISAGP.SYS.mui
[2015.07.14 11:35:29 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\pnpmem.sys.mui
[2015.07.14 11:35:29 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\NV_AGP.SYS.mui
[2015.07.14 11:35:29 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\kbdhid.sys.mui
[2015.07.14 11:35:29 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\AMDAGP.SYS.mui
[2015.07.14 11:35:29 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\AGP440.sys.mui
[2015.07.14 11:35:28 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\viac7.sys.mui
[2015.07.14 11:35:28 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\processr.sys.mui
[2015.07.14 11:35:28 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\intelppm.sys.mui
[2015.07.14 11:35:28 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\amdppm.sys.mui
[2015.07.14 11:35:28 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\wacompen.sys.mui
[2015.07.14 11:35:28 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\hdaudbus.sys.mui
[2015.07.14 11:35:28 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\HdAudio.sys.mui
[2015.07.14 11:35:28 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\hidbth.sys.mui
[2015.07.14 11:35:28 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\Dot4usb.sys.mui
[2015.07.14 11:35:28 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\disk.sys.mui
[2015.07.14 11:35:27 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\amdk8.sys.mui
[2015.07.14 11:35:27 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\ohci1394.sys.mui
[2015.07.14 11:35:27 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\1394ohci.sys.mui
[2015.07.14 11:35:27 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pt-PT\BrSerId.sys.mui
[2015.07.14 11:35:27 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\acpi.sys.mui
[2015.07.14 11:35:27 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\bthport.sys.mui
[2015.07.14 11:35:27 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\bthpan.sys.mui
[2015.07.14 11:35:27 | 000,003,584 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\pt-PT\atikmdag.sys.mui
[2015.07.14 11:35:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\UAGP35.SYS.mui
[2015.07.14 11:35:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\GAGP30KX.SYS.mui
[2015.07.14 11:35:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\BTHUSB.SYS.mui
[2015.07.14 11:35:27 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pt-PT\BrParwdm.sys.mui
[2015.07.14 11:35:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\cdrom.sys.mui
[2015.07.14 11:35:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\bthenum.sys.mui
[2015.07.14 11:30:21 | 000,853,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagtrack.dll
[2015.07.14 11:30:21 | 000,635,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2015.07.14 11:30:21 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2015.07.14 11:30:21 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2015.07.14 11:30:21 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UtcResources.dll
[2015.07.14 11:30:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2015.07.14 11:30:19 | 003,989,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2015.07.14 11:30:19 | 003,934,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2015.07.14 11:30:19 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tracerpt.exe
[2015.07.14 11:30:19 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2015.07.14 11:30:19 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\typeperf.exe
[2015.07.14 11:30:19 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2015.07.14 11:30:19 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskperf.exe
[2015.07.14 11:30:18 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2015.07.14 11:27:46 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWorkspace.dll
[2015.07.14 10:52:11 | 000,000,000 | ---D | C] -- C:\Program Files\4chan Plus
[1 C:\Users\Jirka\*.tmp files -> C:\Users\Jirka\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2015.08.12 17:48:59 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015.08.12 17:43:32 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015.08.12 17:42:56 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015.08.09 23:32:41 | 000,031,808 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.08.09 23:32:41 | 000,031,808 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.08.09 19:44:57 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015.08.09 19:37:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jirka\Desktop\OTL.exe
[2015.08.09 18:57:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.08.09 18:57:13 | 1474,711,552 | -HS- | M] () -- C:\hiberfil.sys
[2015.08.07 14:10:42 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2015.08.07 14:02:19 | 000,002,079 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2015.08.07 14:01:45 | 000,433,264 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2015.08.07 14:01:45 | 000,208,664 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswVmm.sys
[2015.08.07 14:01:45 | 000,113,592 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
[2015.08.07 14:01:45 | 000,081,728 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2015.08.07 14:01:45 | 000,076,000 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2015.08.07 14:01:45 | 000,049,776 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRvrt.sys
[2015.08.07 14:01:45 | 000,024,016 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswHwid.sys
[2015.08.07 14:01:43 | 000,313,472 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2015.08.07 14:01:43 | 000,043,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2015.08.07 14:01:35 | 000,788,784 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2015.08.07 14:01:34 | 000,095,112 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\ngvss.sys
[2015.08.07 13:55:11 | 000,000,826 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2015.08.07 10:36:51 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015.08.07 10:08:33 | 000,000,024 | ---- | M] () -- C:\Users\Jirka\AppData\Roaming\appdataFr25.bin
[2015.08.07 09:43:51 | 000,343,776 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2015.07.22 18:15:17 | 000,737,308 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2015.07.22 18:15:17 | 000,737,048 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
[2015.07.22 18:15:17 | 000,731,950 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2015.07.22 18:15:17 | 000,731,638 | ---- | M] () -- C:\Windows\System32\perfh010.dat
[2015.07.22 18:15:17 | 000,720,610 | ---- | M] () -- C:\Windows\System32\prfh0816.dat
[2015.07.22 18:15:17 | 000,716,192 | ---- | M] () -- C:\Windows\System32\perfh019.dat
[2015.07.22 18:15:17 | 000,705,472 | ---- | M] () -- C:\Windows\System32\prfh0416.dat
[2015.07.22 18:15:17 | 000,688,800 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2015.07.22 18:15:17 | 000,668,540 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2015.07.22 18:15:17 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015.07.22 18:15:17 | 000,648,274 | ---- | M] () -- C:\Windows\System32\perfh01F.dat
[2015.07.22 18:15:17 | 000,598,580 | ---- | M] () -- C:\Windows\System32\perfh008.dat
[2015.07.22 18:15:17 | 000,501,006 | ---- | M] () -- C:\Windows\System32\perfh006.dat
[2015.07.22 18:15:17 | 000,470,606 | ---- | M] () -- C:\Windows\System32\perfh001.dat
[2015.07.22 18:15:17 | 000,389,934 | ---- | M] () -- C:\Windows\System32\prfh0404.dat
[2015.07.22 18:15:17 | 000,158,130 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
[2015.07.22 18:15:17 | 000,155,528 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2015.07.22 18:15:17 | 000,152,562 | ---- | M] () -- C:\Windows\System32\prfc0816.dat
[2015.07.22 18:15:17 | 000,150,498 | ---- | M] () -- C:\Windows\System32\perfc019.dat
[2015.07.22 18:15:17 | 000,149,236 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2015.07.22 18:15:17 | 000,148,772 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2015.07.22 18:15:17 | 000,147,312 | ---- | M] () -- C:\Windows\System32\prfc0416.dat
[2015.07.22 18:15:17 | 000,146,502 | ---- | M] () -- C:\Windows\System32\perfc010.dat
[2015.07.22 18:15:17 | 000,141,200 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2015.07.22 18:15:17 | 000,139,656 | ---- | M] () -- C:\Windows\System32\perfc01F.dat
[2015.07.22 18:15:17 | 000,121,800 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015.07.22 18:15:17 | 000,114,746 | ---- | M] () -- C:\Windows\System32\prfc0404.dat
[2015.07.22 18:15:17 | 000,110,784 | ---- | M] () -- C:\Windows\System32\perfc008.dat
[2015.07.22 18:15:17 | 000,098,314 | ---- | M] () -- C:\Windows\System32\perfc006.dat
[2015.07.22 18:15:17 | 000,094,428 | ---- | M] () -- C:\Windows\System32\perfc001.dat
[2015.07.15 04:55:37 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2015.07.15 04:55:35 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2015.07.15 04:55:32 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2015.07.15 03:52:35 | 000,299,008 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2015.07.14 21:08:19 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2015.07.14 21:08:19 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2015.07.14 12:37:46 | 000,369,984 | ---- | M] () -- C:\Windows\System32\perfi008.dat
[2015.07.14 12:37:46 | 000,045,182 | ---- | M] () -- C:\Windows\System32\perfd008.dat
[2015.07.14 12:17:49 | 000,335,478 | ---- | M] () -- C:\Windows\System32\perfi010.dat
[2015.07.14 12:17:49 | 000,037,534 | ---- | M] () -- C:\Windows\System32\perfd010.dat
[2015.07.14 11:57:35 | 000,289,060 | ---- | M] () -- C:\Windows\System32\perfi001.dat
[2015.07.14 11:57:35 | 000,042,056 | ---- | M] () -- C:\Windows\System32\perfd001.dat
[2015.07.14 11:48:30 | 000,344,522 | ---- | M] () -- C:\Windows\System32\perfi00C.dat
[2015.07.14 11:48:30 | 000,038,160 | ---- | M] () -- C:\Windows\System32\perfd00C.dat
[2015.07.14 11:40:06 | 000,336,656 | ---- | M] () -- C:\Windows\System32\prfi0816.dat
[2015.07.14 11:40:06 | 000,040,548 | ---- | M] () -- C:\Windows\System32\prfd0816.dat
[1 C:\Users\Jirka\*.tmp files -> C:\Users\Jirka\*.tmp -> ]

========== Files Created - No Company Name ==========

[2015.08.09 19:44:57 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015.08.07 14:02:19 | 000,002,079 | ---- | C] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2015.08.07 10:36:51 | 000,002,205 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015.08.07 10:35:40 | 000,000,938 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015.08.07 10:35:40 | 000,000,934 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015.07.14 17:58:49 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015.07.14 17:30:38 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
[2015.07.14 17:30:37 | 000,737,308 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
[2015.07.14 17:30:37 | 000,149,236 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
[2015.07.14 17:30:37 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
[2015.07.14 17:30:35 | 000,289,060 | ---- | C] () -- C:\Windows\System32\perfi001.dat
[2015.07.14 17:30:34 | 000,470,606 | ---- | C] () -- C:\Windows\System32\perfh001.dat
[2015.07.14 17:30:34 | 000,094,428 | ---- | C] () -- C:\Windows\System32\perfc001.dat
[2015.07.14 17:30:34 | 000,042,056 | ---- | C] () -- C:\Windows\System32\perfd001.dat
[2015.07.14 17:30:33 | 000,369,984 | ---- | C] () -- C:\Windows\System32\perfi008.dat
[2015.07.14 17:30:31 | 000,598,580 | ---- | C] () -- C:\Windows\System32\perfh008.dat
[2015.07.14 17:30:31 | 000,110,784 | ---- | C] () -- C:\Windows\System32\perfc008.dat
[2015.07.14 17:30:31 | 000,045,182 | ---- | C] () -- C:\Windows\System32\perfd008.dat
[2015.07.14 17:30:30 | 000,336,656 | ---- | C] () -- C:\Windows\System32\prfi0816.dat
[2015.07.14 17:30:29 | 000,720,610 | ---- | C] () -- C:\Windows\System32\prfh0816.dat
[2015.07.14 17:30:29 | 000,152,562 | ---- | C] () -- C:\Windows\System32\prfc0816.dat
[2015.07.14 17:30:29 | 000,040,548 | ---- | C] () -- C:\Windows\System32\prfd0816.dat
[2015.07.14 17:30:28 | 000,335,478 | ---- | C] () -- C:\Windows\System32\perfi010.dat
[2015.07.14 17:30:26 | 000,731,638 | ---- | C] () -- C:\Windows\System32\perfh010.dat
[2015.07.14 17:30:26 | 000,146,502 | ---- | C] () -- C:\Windows\System32\perfc010.dat
[2015.07.14 17:30:26 | 000,037,534 | ---- | C] () -- C:\Windows\System32\perfd010.dat
[2015.07.12 00:02:26 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2015.07.12 00:02:23 | 000,731,950 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2015.07.12 00:02:23 | 000,155,528 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2015.07.12 00:02:23 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2015.07.12 00:02:22 | 000,117,840 | ---- | C] () -- C:\Windows\System32\prfi0404.dat
[2015.07.12 00:02:20 | 000,389,934 | ---- | C] () -- C:\Windows\System32\prfh0404.dat
[2015.07.12 00:02:20 | 000,114,746 | ---- | C] () -- C:\Windows\System32\prfc0404.dat
[2015.07.12 00:02:20 | 000,031,548 | ---- | C] () -- C:\Windows\System32\prfd0404.dat
[2015.07.12 00:02:19 | 000,306,636 | ---- | C] () -- C:\Windows\System32\perfi006.dat
[2015.07.12 00:02:18 | 000,501,006 | ---- | C] () -- C:\Windows\System32\perfh006.dat
[2015.07.12 00:02:18 | 000,039,236 | ---- | C] () -- C:\Windows\System32\perfd006.dat
[2015.07.12 00:02:17 | 000,098,314 | ---- | C] () -- C:\Windows\System32\perfc006.dat
[2015.07.12 00:02:16 | 000,323,154 | ---- | C] () -- C:\Windows\System32\prfi0416.dat
[2015.07.12 00:02:15 | 000,705,472 | ---- | C] () -- C:\Windows\System32\prfh0416.dat
[2015.07.12 00:02:15 | 000,147,312 | ---- | C] () -- C:\Windows\System32\prfc0416.dat
[2015.07.12 00:02:15 | 000,038,536 | ---- | C] () -- C:\Windows\System32\prfd0416.dat
[2015.07.12 00:02:14 | 000,341,432 | ---- | C] () -- C:\Windows\System32\perfi00A.dat
[2015.07.12 00:02:12 | 000,737,048 | ---- | C] () -- C:\Windows\System32\perfh00A.dat
[2015.07.12 00:02:12 | 000,158,130 | ---- | C] () -- C:\Windows\System32\perfc00A.dat
[2015.07.12 00:02:12 | 000,041,390 | ---- | C] () -- C:\Windows\System32\perfd00A.dat
[2015.07.12 00:02:11 | 000,336,704 | ---- | C] () -- C:\Windows\System32\perfi019.dat
[2015.07.12 00:02:09 | 000,716,192 | ---- | C] () -- C:\Windows\System32\perfh019.dat
[2015.07.12 00:02:09 | 000,150,498 | ---- | C] () -- C:\Windows\System32\perfc019.dat
[2015.07.12 00:02:09 | 000,039,446 | ---- | C] () -- C:\Windows\System32\perfd019.dat
[2015.06.22 11:27:17 | 000,000,024 | ---- | C] () -- C:\Users\Jirka\AppData\Roaming\appdataFr25.bin
[2014.06.19 11:40:20 | 000,000,024 | ---- | C] () -- C:\Users\Jirka\AppData\Roaming\temp.ini
[2014.05.13 16:59:38 | 000,000,221 | ---- | C] () -- C:\Windows\wininit.ini
[2013.11.13 22:49:22 | 000,688,800 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2013.11.13 22:49:22 | 000,648,274 | ---- | C] () -- C:\Windows\System32\perfh01F.dat
[2013.11.13 22:49:22 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2013.11.13 22:49:22 | 000,285,034 | ---- | C] () -- C:\Windows\System32\perfi01F.dat
[2013.11.13 22:49:22 | 000,148,772 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2013.11.13 22:49:22 | 000,139,656 | ---- | C] () -- C:\Windows\System32\perfc01F.dat
[2013.11.13 22:49:22 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2013.11.13 22:49:22 | 000,037,160 | ---- | C] () -- C:\Windows\System32\perfd01F.dat
[2013.11.13 15:39:00 | 000,015,128 | ---- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll
[2013.11.13 15:37:21 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2013.11.13 15:35:02 | 000,734,772 | ---- | C] () -- C:\Windows\System32\igkrng700.bin
[2013.11.13 15:35:02 | 000,557,476 | ---- | C] () -- C:\Windows\System32\igfcg700m.bin
[2013.11.13 15:35:02 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.02.13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.11.13 23:54:30 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\AVAST Software
[2013.12.23 13:36:42 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\DAEMON Tools Lite
[2013.11.13 16:05:38 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\GHISLER
[2013.11.14 00:42:24 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\IObit
[2015.08.07 10:27:23 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Seznam.cz
[2014.12.21 18:54:02 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Unity
[2015.08.09 19:33:02 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\uTorrent
[2013.12.30 19:12:03 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\wargaming.net

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:56E2E879

< End of report >

Re: Malware?

Napsal: 12 srp 2015 22:52
od woprsalek
OTL Extras logfile created on: 12.8.2015 17:55:53 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jirka\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17914)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,83 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 68,06% Memory free
3,66 Gb Paging File | 2,49 Gb Available in Paging File | 67,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 127,99 Gb Total Space | 47,12 Gb Free Space | 36,81% Space Free | Partition Type: NTFS
Drive D: | 337,77 Gb Total Space | 146,29 Gb Free Space | 43,31% Space Free | Partition Type: NTFS

Computer Name: LEO | User Name: Jirka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{5D9B6115-2DBD-4E27-A406-41F76C2D63B5}" = rport=80 | protocol=6 | dir=out | app=c:\program files\steam\steamapps\common\warframe\warframe.x64.exe |
"{87B60080-BB73-44AC-8F30-DE4B5DA30626}" = rport=80 | protocol=6 | dir=out | app=c:\program files\steam\steamapps\common\warframe\tools\remotecrashsender.exe |
"{F79EF1CD-7E22-45C3-BFA4-FAD9E1FCCA69}" = rport=80 | protocol=6 | dir=out | app=c:\program files\steam\steamapps\common\warframe\warframe.exe |
"{F8C20EA7-EE72-493B-8357-4EA0CBEDB101}" = rport=80 | protocol=6 | dir=out | app=c:\program files\steam\steamapps\common\warframe\tools\launcher.exe |
"{FAB59F3B-21B6-4159-8C26-27CB85B1D944}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{032F08C4-4121-4418-B6A3-751D7F51065D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{0F0358BF-2657-4269-A461-4CD4B4D45878}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{0FC9ED47-601E-4C02-93DA-06C01C7EF58E}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{305F2FFB-E259-4627-9091-64B1AD530C09}" = protocol=17 | dir=in | app=c:\users\jirka\appdata\roaming\utorrent\utorrent.exe |
"{37A87420-0C3A-479F-AB78-615E97ACACB2}" = protocol=6 | dir=in | app=c:\users\jirka\appdata\roaming\utorrent\utorrent.exe |
"{3F7A12F3-63C7-491A-B521-D5151A58DBB3}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\warframe\tools\launcher.exe |
"{45FD7BB5-983A-4950-9D7B-AD070F5539C0}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{4C5BCB04-7A67-4370-9795-60F670B3F082}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\warframe\warframe.exe |
"{4F83DE26-C8F2-48AC-91EB-0BCAC033D209}" = protocol=6 | dir=in | app=c:\program files\avast software\avast\ng\vbox\aswfe.exe |
"{6C0E1C61-1D81-4C36-9D84-BB9C2DD1BBE9}" = protocol=17 | dir=out | app=c:\program files\steam\steamapps\common\warframe\warframe.exe |
"{84B24EBD-CC3A-4F82-B369-3813CB58DEAD}" = protocol=17 | dir=out | app=c:\program files\steam\steamapps\common\warframe\warframe.x64.exe |
"{8527FF9B-DCA2-492E-AAFD-B6C58018277A}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{98CD9624-4048-49D2-B7C2-058965AFA4B9}" = protocol=6 | dir=in | app=c:\program files\steam\bin\steamwebhelper.exe |
"{A42F5CF5-22A1-4136-BDB3-9DC3C6B19992}" = protocol=6 | dir=in | app=c:\users\jirka\appdata\roaming\utorrent\utorrent.exe |
"{AD257CA3-A3D3-4032-87CE-0639E8CAE81D}" = dir=in | app=c:\program files\tightvnc\tvnserver.exe |
"{B0C61A8A-408B-47E0-B245-775E360D7D53}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\warframe\tools\launcher.exe |
"{B5BF9370-DADF-4B77-85A2-4E09A43806BB}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{B69FA8CE-BA21-4EF5-B040-A3BBF4CF6111}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{CA15AC1E-9953-4E58-9FEC-A824B414F314}" = protocol=17 | dir=in | app=c:\program files\steam\bin\steamwebhelper.exe |
"{CE4D4CF5-6ABC-4726-AEF6-55FFF77563BF}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{DDFF5D38-276C-4F94-854F-AE47F847AC5E}" = protocol=17 | dir=in | app=c:\program files\avast software\avast\ng\vbox\aswfe.exe |
"{EA8D36A7-7D71-42C0-AE65-F181DFCE002C}" = protocol=17 | dir=in | app=c:\users\jirka\appdata\roaming\utorrent\utorrent.exe |
"{ED7760FD-093F-4F4C-9064-630D48954DFC}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\warframe\warframe.x64.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{2AE79B77-E3FA-4F9C-93D7-4FC643516D6A}" = AVG 2013
"{3911CF56-9EF2-39BA-846A-C27BD3CD0685}" = Microsoft .NET Framework 4.5.2
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{51A66ED3-200E-4147-8D1E-E8D30936FD26}" = Intel® Trusted Connect Service Client
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{69EDC871-8A8A-34A8-B511-FF7CE3C4B0B7}" = Microsoft .NET Framework 4.5.2 (CSY)
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_SMALLBUSINESS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_SMALLBUSINESS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_SMALLBUSINESS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_SMALLBUSINESS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_SMALLBUSINESS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_SMALLBUSINESS_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_SMALLBUSINESS_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_SMALLBUSINESS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_SMALLBUSINESS_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_SMALLBUSINESS_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007
"{90120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.2 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-0804-1033-1959-001824147215}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.12)
"{D903B276-81AE-4AED-AEF9-45DACFBF16CE}" = TightVNC
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"Adobe Flash Player NPAPI" = Adobe Flash Player 18 NPAPI
"Avast" = Avast Free Antivirus
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"Google Chrome" = Google Chrome
"SMALLBUSINESS" = Microsoft Office Small Business 2007
"Steam" = Steam
"Steam App 230410" = Warframe
"Steam App 570" = Dota 2
"VLC media player" = VLC media player 2.0.6
"WinRAR archiver" = WinRAR 5.00 (32-bit)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 21.7.2015 5:06:56 | Computer Name = LEO | Source = WinMgmt | ID = 10
Description =

Error - 22.7.2015 12:13:24 | Computer Name = LEO | Source = WinMgmt | ID = 10
Description =

Error - 7.8.2015 3:45:33 | Computer Name = LEO | Source = WinMgmt | ID = 10
Description =

Error - 7.8.2015 4:25:47 | Computer Name = LEO | Source = Application Error | ID = 1000
Description = Název chybující aplikace: jsdrv.exe, verze: 1.42.1.1916, časové razítko:
0x556c9282 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18847, časové
razítko: 0x554d7b00 Kód výjimky: 0xc0000005 Posun chyby: 0x000098a6 ID chybujícího
procesu: 0x13b8 Čas spuštění chybující aplikace: 0x01d0d0eaa8f81b60 Cesta k chybující
aplikaci: C:\Program Files\ShopperPro\JSDriver\1.42.1.1899\jsdrv.exe Cesta k chybujícímu
modulu: C:\Windows\system32\KERNELBASE.dll ID zprávy: e7206dcf-3cdd-11e5-abed-bc5ff45ff775

Error - 7.8.2015 5:01:58 | Computer Name = LEO | Source = WinMgmt | ID = 10
Description =

Error - 7.8.2015 6:03:53 | Computer Name = LEO | Source = WinMgmt | ID = 10
Description =

Error - 7.8.2015 7:05:38 | Computer Name = LEO | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\Steam\steamapps\common\Warframe\Warframe.x64.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 7.8.2015 7:57:40 | Computer Name = LEO | Source = VSS | ID = 8194
Description =

Error - 9.8.2015 12:57:44 | Computer Name = LEO | Source = WinMgmt | ID = 10
Description =

Error - 9.8.2015 13:19:44 | Computer Name = LEO | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\Steam\steamapps\common\Warframe\Warframe.x64.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

[ System Events ]
Error - 7.8.2015 4:58:29 | Computer Name = LEO | Source = Service Control Manager | ID = 7031
Description = Služba TightVNC Server byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error - 7.8.2015 4:58:30 | Computer Name = LEO | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error - 7.8.2015 4:58:30 | Computer Name = LEO | Source = Service Control Manager | ID = 7034
Description = Služba Úložná technologie Intel(R) Rapid byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 7.8.2015 4:58:30 | Computer Name = LEO | Source = Service Control Manager | ID = 7034
Description = Služba Intel(R) Management and Security Application User Notification
Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error - 7.8.2015 4:58:31 | Computer Name = LEO | Source = Service Control Manager | ID = 7034
Description = Služba SystemPotent byla neočekávaně ukončena. Tento stav nastal již
1krát.

Error - 7.8.2015 4:58:39 | Computer Name = LEO | Source = Service Control Manager | ID = 7031
Description = Služba Intel(R) Capability Licensing Service Interface byla nečekaně
ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund:
Restartovat službu.

Error - 7.8.2015 4:58:39 | Computer Name = LEO | Source = Service Control Manager | ID = 7031
Description = Služba TightVNC Server byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error - 7.8.2015 4:58:39 | Computer Name = LEO | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 2 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error - 7.8.2015 4:59:09 | Computer Name = LEO | Source = Service Control Manager | ID = 7032
Description = Správce služeb se pokusil o opravnou akci (Restartovat službu) po
nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující
chybě: %%1056

Error - 9.8.2015 17:17:34 | Computer Name = LEO | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby lmhosts bylo dosaženo časového
limitu (30000 ms).


< End of report >

Re: Malware?

Napsal: 13 srp 2015 08:12
od Márty84
Nezkopiroval jste tam ten text, takze log je v podstate k nicemu. Zkuste to jeste jednou a tentokrat presne podle navodu.



13.9. pro neaktivitu :lock: http://forum.viry.cz/viewtopic.php?f=12&t=123975
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz