Pro - vyosek, pls.o kontrolu- část 1

[jaruneczka]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jaroslava at 2012-01-09 18:14:01
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 907 GB (95%) free of 954 GB
Total RAM: 4087 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:14:03, on 9.1.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files (x86)\Google\Google Talk\googletalk.exe
C:\Program Files\trend micro\Jaroslava.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKUS\S-1-5-21-2653022638-3998562978-713219669-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2653022638-3998562978-713219669-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: DES2 Service for Energy Saving. (DES2 Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: JMB36X - Unknown owner - C:\Windows\SysWOW64\XSrvSetup.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7273 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe"
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe"
"C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe"
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
C:\Windows\SysWOW64\XSrvSetup.exe
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Google Talk\googletalk.exe" /startmenu
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Jaroslava\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default

prefs.js - "browser.startup.homepage" - "www.centrum.cz"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.4.3&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}

C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\searchplugins\
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2011-11-10 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-11-29 3844768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2011-07-20 1055808]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-09-22 4035152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5]
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe [2011-12-29 620376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCU]
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [2009-10-15 375000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
C:\Program Files (x86)\Google\Google Talk\googletalk.exe [2007-01-01 3739648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui]
C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-01-08 1564368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2009-10-02 284696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ7.7\ICQ.exe [2012-01-08 127040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-17 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-02-17 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]
C:\Windows\RaidTool\xInsIDE.exe [2010-09-07 43608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Download Assistant]
C:\Windows\System32\LogiLDA.dll [2010-11-03 1580368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2009-11-25 95632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAC7302_Monitor]
C:\Windows\PixArt\PAC7302\Monitor.exe [2007-12-10 323584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\qttask.exe [2006-09-01 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-09-03 11464296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
c:\program files (x86)\common files\java\java update\jusched.exe [2011-06-09 254696]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCU"=C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [2009-10-15 375000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2012-01-08 249344]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-01-09 18:14:01 ----D---- C:\rsit
2012-01-09 12:51:20 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-01-09 12:51:20 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-01-09 12:51:20 ----A---- C:\Windows\SYSWOW64\java.exe
2012-01-09 12:48:50 ----D---- C:\ProgramData\Sun
2012-01-09 12:48:35 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2012-01-09 12:48:18 ----D---- C:\Program Files (x86)\Java
2012-01-08 21:38:55 ----SHD---- C:\$RECYCLE.BIN
2012-01-08 21:17:52 ----D---- C:\Users\Jaroslava\AppData\Roaming\Jewel Match 3
2012-01-08 21:10:26 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-01-08 20:30:46 ----A---- C:\Windows\SYSWOW64\Remover.ini
2012-01-08 20:30:46 ----A---- C:\Windows\SYSWOW64\Remove.exe
2012-01-08 20:30:44 ----D---- C:\Program Files (x86)\KYE SYSTEMS CORP
2012-01-08 20:30:43 ----D---- C:\Windows\PixArt
2012-01-08 20:30:43 ----A---- C:\Windows\SYSWOW64\SP7302.ini
2012-01-08 20:30:43 ----A---- C:\Windows\SYSWOW64\P7302USD.dll
2012-01-08 20:20:43 ----A---- C:\Windows\system32\drivers\PAC7302.SYS
2012-01-08 20:20:43 ----A---- C:\Windows\system32\CoInst_071029.dll
2012-01-08 20:03:44 ----D---- C:\Program Files (x86)\QuickTime
2012-01-08 20:03:41 ----D---- C:\ProgramData\Apple Computer
2012-01-08 20:03:16 ----D---- C:\Program Files (x86)\OLYMPUS
2012-01-08 20:02:11 ----D---- C:\Program Files (x86)\MSXML 4.0
2012-01-08 19:59:35 ----HD---- C:\ProgramData\CanonBJ
2012-01-08 18:13:49 ----A---- C:\Windows\system32\RegistryDefragBootTime.exe
2012-01-08 18:10:03 ----D---- C:\ProgramData\IObit
2012-01-08 18:09:57 ----D---- C:\Users\Jaroslava\AppData\Roaming\IObit
2012-01-08 18:09:47 ----D---- C:\Program Files (x86)\IObit
2012-01-08 17:47:50 ----D---- C:\Program Files\trend micro
2012-01-08 16:18:28 ----D---- C:\Users\Jaroslava\AppData\Roaming\Skype
2012-01-08 16:18:24 ----RD---- C:\Program Files (x86)\Skype
2012-01-08 16:18:23 ----D---- C:\ProgramData\Skype
2012-01-08 16:15:16 ----D---- C:\Program Files (x86)\ICQ6Toolbar
2012-01-08 16:15:16 ----D---- C:\Program Files (x86)\Guard-ICQ
2012-01-08 16:15:15 ----D---- C:\ProgramData\ICQ
2012-01-08 16:15:04 ----D---- C:\Users\Jaroslava\AppData\Roaming\ICQ
2012-01-08 16:14:58 ----D---- C:\Program Files (x86)\ICQ7.7
2012-01-08 16:02:06 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2012-01-08 16:02:03 ----D---- C:\ProgramData\NVIDIA
2012-01-08 16:01:54 ----A---- C:\Windows\system32\nvvsvc.exe
2012-01-08 16:01:54 ----A---- C:\Windows\system32\nvsvcr.dll
2012-01-08 16:01:54 ----A---- C:\Windows\system32\nvsvc64.dll
2012-01-08 16:01:54 ----A---- C:\Windows\system32\nvshext.dll
2012-01-08 16:01:54 ----A---- C:\Windows\system32\nvmctray.dll
2012-01-08 16:01:54 ----A---- C:\Windows\system32\nvcpl.dll
2012-01-08 16:01:54 ----A---- C:\Windows\system32\easyupdatusapiu64.dll
2012-01-08 16:01:49 ----D---- C:\Program Files (x86)\Adobe
2012-01-08 16:01:30 ----D---- C:\ProgramData\Adobe
2012-01-08 16:01:14 ----D---- C:\ProgramData\NVIDIA Corporation
2012-01-08 16:01:04 ----D---- C:\Program Files\NVIDIA Corporation
2012-01-08 15:58:35 ----A---- C:\Windows\system32\shell32.dll
2012-01-08 15:58:31 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-01-08 15:52:55 ----D---- C:\Users\Jaroslava\AppData\Roaming\OpenOffice.org
2012-01-08 15:51:20 ----D---- C:\Program Files (x86)\OpenOffice.org 3
2012-01-08 15:47:40 ----D---- C:\Program Files (x86)\Open Office
2012-01-08 15:27:09 ----D---- C:\Windows\system32\SPReview
2012-01-08 15:26:30 ----D---- C:\Windows\system32\EventProviders
2012-01-08 15:21:20 ----A---- C:\Windows\system32\netfxperf.dll
2012-01-08 15:21:20 ----A---- C:\Windows\system32\dfshim.dll
2012-01-08 15:21:12 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2012-01-08 15:21:09 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-01-08 15:21:09 ----A---- C:\Windows\system32\mstscax.dll
2012-01-08 15:21:09 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2012-01-08 15:21:09 ----A---- C:\Windows\system32\d3d10warp.dll
2012-01-08 15:21:06 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2012-01-08 15:21:03 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2012-01-08 15:21:03 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2012-01-08 15:21:03 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2012-01-08 15:21:02 ----A---- C:\Windows\system32\sysmain.dll
2012-01-08 15:21:01 ----A---- C:\Windows\system32\MSVidCtl.dll
2012-01-08 15:21:00 ----A---- C:\Windows\system32\wmp.dll
2012-01-08 15:20:59 ----A---- C:\Windows\system32\mscoree.dll
2012-01-08 15:20:58 ----A---- C:\Windows\system32\secproc_isv.dll
2012-01-08 15:20:58 ----A---- C:\Windows\system32\ntdll.dll
2012-01-08 15:20:58 ----A---- C:\Windows\system32\mmcndmgr.dll
2012-01-08 15:20:58 ----A---- C:\Windows\system32\mf.dll
2012-01-08 15:20:57 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2012-01-08 15:20:57 ----A---- C:\Windows\system32\xpsservices.dll
2012-01-08 15:20:57 ----A---- C:\Windows\system32\secproc.dll
2012-01-08 15:20:57 ----A---- C:\Windows\system32\RMActivate_isv.exe
2012-01-08 15:20:57 ----A---- C:\Windows\system32\RMActivate.exe
2012-01-08 15:20:55 ----A---- C:\Windows\SYSWOW64\secproc.dll
2012-01-08 15:20:55 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2012-01-08 15:20:55 ----A---- C:\Windows\system32\rpcrt4.dll
2012-01-08 15:20:54 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2012-01-08 15:20:53 ----A---- C:\Windows\system32\schedsvc.dll
2012-01-08 15:20:53 ----A---- C:\Windows\system32\ole32.dll
2012-01-08 15:20:52 ----A---- C:\Windows\system32\spwizui.dll
2012-01-08 15:20:51 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2012-01-08 15:20:50 ----A---- C:\Windows\SYSWOW64\mf.dll
2012-01-08 15:20:50 ----A---- C:\Windows\system32\wevtsvc.dll
2012-01-08 15:20:50 ----A---- C:\Windows\system32\taskschd.dll
2012-01-08 15:20:50 ----A---- C:\Windows\system32\RacEngn.dll
2012-01-08 15:20:50 ----A---- C:\Windows\system32\diagperf.dll
2012-01-08 15:20:49 ----A---- C:\Windows\system32\vssapi.dll
2012-01-08 15:20:49 ----A---- C:\Windows\system32\msxml3.dll
2012-01-08 15:20:49 ----A---- C:\Windows\system32\ExplorerFrame.dll
2012-01-08 15:20:48 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2012-01-08 15:20:48 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2012-01-08 15:20:48 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2012-01-08 15:20:47 ----A---- C:\Windows\system32\UIRibbon.dll
2012-01-08 15:20:47 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2012-01-08 15:20:46 ----A---- C:\Windows\SYSWOW64\wmp.dll
2012-01-08 15:20:45 ----A---- C:\Windows\system32\WsmSvc.dll
2012-01-08 15:20:45 ----A---- C:\Windows\system32\WMVCORE.DLL
2012-01-08 15:20:44 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2012-01-08 15:20:44 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2012-01-08 15:20:44 ----A---- C:\Windows\system32\rdpdd.dll
2012-01-08 15:20:44 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2012-01-08 15:20:44 ----A---- C:\Windows\system32\PresentationHost.exe
2012-01-08 15:20:43 ----A---- C:\Windows\system32\WinSAT.exe
2012-01-08 15:20:43 ----A---- C:\Windows\system32\spreview.exe
2012-01-08 15:20:43 ----A---- C:\Windows\system32\spinstall.exe
2012-01-08 15:20:43 ----A---- C:\Windows\system32\MPSSVC.dll
2012-01-08 15:20:43 ----A---- C:\Windows\system32\CertEnroll.dll
2012-01-08 15:20:42 ----A---- C:\Windows\system32\WMVDECOD.DLL
2012-01-08 15:20:42 ----A---- C:\Windows\system32\msxml6.dll
2012-01-08 15:20:42 ----A---- C:\Windows\system32\d3d9.dll
2012-01-08 15:20:41 ----A---- C:\Windows\SYSWOW64\RacEngn.dll
2012-01-08 15:20:41 ----A---- C:\Windows\system32\SearchFolder.dll
2012-01-08 15:20:41 ----A---- C:\Windows\system32\IKEEXT.DLL
2012-01-08 15:20:40 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2012-01-08 15:20:39 ----A---- C:\Windows\SYSWOW64\AuthFWSnapin.dll
2012-01-08 15:20:39 ----A---- C:\Windows\system32\VSSVC.exe
2012-01-08 15:20:39 ----A---- C:\Windows\system32\gpsvc.dll
2012-01-08 15:20:39 ----A---- C:\Windows\system32\dwmcore.dll
2012-01-08 15:20:39 ----A---- C:\Windows\system32\drivers\http.sys
2012-01-08 15:20:39 ----A---- C:\Windows\system32\dbgeng.dll
2012-01-08 15:20:36 ----A---- C:\Windows\system32\drivers\ndis.sys
2012-01-08 15:20:36 ----A---- C:\Windows\system32\crypt32.dll
2012-01-08 15:20:35 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2012-01-08 15:20:34 ----A---- C:\Windows\SYSWOW64\ole32.dll
2012-01-08 15:20:34 ----A---- C:\Windows\system32\TSWorkspace.dll
2012-01-08 15:20:34 ----A---- C:\Windows\system32\termsrv.dll
2012-01-08 15:20:34 ----A---- C:\Windows\system32\schannel.dll
2012-01-08 15:20:34 ----A---- C:\Windows\system32\qmgr.dll
2012-01-08 15:20:34 ----A---- C:\Windows\system32\lsasrv.dll
2012-01-08 15:20:34 ----A---- C:\Windows\system32\audiosrv.dll
2012-01-08 15:20:34 ----A---- C:\Windows\system32\actxprxy.dll
2012-01-08 15:20:33 ----A---- C:\Windows\system32\sqmapi.dll
2012-01-08 15:20:33 ----A---- C:\Windows\system32\netlogon.dll
2012-01-08 15:20:33 ----A---- C:\Windows\system32\mstsc.exe
2012-01-08 15:20:33 ----A---- C:\Windows\system32\imapi2fs.dll
2012-01-08 15:20:32 ----A---- C:\Windows\SYSWOW64\vssapi.dll
2012-01-08 15:20:32 ----A---- C:\Windows\SYSWOW64\SearchFolder.dll
2012-01-08 15:20:32 ----A---- C:\Windows\SYSWOW64\d3d9.dll
2012-01-08 15:20:32 ----A---- C:\Windows\system32\winhttp.dll
2012-01-08 15:20:32 ----A---- C:\Windows\system32\QAGENTRT.DLL
2012-01-08 15:20:32 ----A---- C:\Windows\system32\propsys.dll
2012-01-08 15:20:32 ----A---- C:\Windows\system32\msv1_0.dll
2012-01-08 15:20:32 ----A---- C:\Windows\system32\d3d11.dll
2012-01-08 15:20:31 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2012-01-08 15:20:31 ----A---- C:\Windows\system32\wbengine.exe
2012-01-08 15:20:31 ----A---- C:\Windows\system32\setupapi.dll
2012-01-08 15:20:31 ----A---- C:\Windows\system32\rpcss.dll
2012-01-08 15:20:30 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-01-08 15:20:30 ----A---- C:\Windows\system32\werconcpl.dll
2012-01-08 15:20:30 ----A---- C:\Windows\system32\user32.dll
2012-01-08 15:20:30 ----A---- C:\Windows\system32\taskeng.exe
2012-01-08 15:20:30 ----A---- C:\Windows\system32\odbc32.dll
2012-01-08 15:20:30 ----A---- C:\Windows\system32\authui.dll
2012-01-08 15:20:29 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2012-01-08 15:20:29 ----A---- C:\Windows\system32\WSDApi.dll
2012-01-08 15:20:29 ----A---- C:\Windows\system32\drivers\tdx.sys
2012-01-08 15:20:29 ----A---- C:\Windows\system32\drivers\netio.sys
2012-01-08 15:20:29 ----A---- C:\Windows\system32\dhcpcore.dll
2012-01-08 15:20:29 ----A---- C:\Windows\system32\certmgr.dll
2012-01-08 15:20:28 ----D---- C:\Users\Jaroslava\AppData\Roaming\IrfanView
2012-01-08 15:20:28 ----A---- C:\Windows\SYSWOW64\wer.dll
2012-01-08 15:20:28 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2012-01-08 15:20:28 ----A---- C:\Windows\SYSWOW64\certcli.dll
2012-01-08 15:20:28 ----A---- C:\Windows\system32\webio.dll
2012-01-08 15:20:28 ----A---- C:\Windows\system32\tsmf.dll
2012-01-08 15:20:28 ----A---- C:\Windows\system32\scavengeui.dll
2012-01-08 15:20:28 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2012-01-08 15:20:28 ----A---- C:\Windows\system32\ncsi.dll
2012-01-08 15:20:28 ----A---- C:\Windows\system32\localspl.dll
2012-01-08 15:20:28 ----A---- C:\Windows\system32\drivers\netbt.sys
2012-01-08 15:20:27 ----D---- C:\Program Files (x86)\IrfanView
2012-01-08 15:20:27 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2012-01-08 15:20:27 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2012-01-08 15:20:27 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2012-01-08 15:20:27 ----A---- C:\Windows\system32\shlwapi.dll
2012-01-08 15:20:27 ----A---- C:\Windows\system32\netshell.dll
2012-01-08 15:20:27 ----A---- C:\Windows\system32\msdtctm.dll
2012-01-08 15:20:27 ----A---- C:\Windows\system32\msdrm.dll
2012-01-08 15:20:27 ----A---- C:\Windows\system32\framedynos.dll
2012-01-08 15:20:26 ----A---- C:\Windows\SYSWOW64\tcpmonui.dll
2012-01-08 15:20:26 ----A---- C:\Windows\system32\ws2_32.dll
2012-01-08 15:20:26 ----A---- C:\Windows\system32\wmicmiplugin.dll
2012-01-08 15:20:26 ----A---- C:\Windows\system32\winlogon.exe
2012-01-08 15:20:26 ----A---- C:\Windows\system32\usp10.dll
2012-01-08 15:20:26 ----A---- C:\Windows\system32\nlasvc.dll
2012-01-08 15:20:26 ----A---- C:\Windows\system32\netcfgx.dll
2012-01-08 15:20:26 ----A---- C:\Windows\system32\drivers\cng.sys
2012-01-08 15:20:25 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2012-01-08 15:20:25 ----A---- C:\Windows\SYSWOW64\quartz.dll
2012-01-08 15:20:25 ----A---- C:\Windows\system32\wmpps.dll
2012-01-08 15:20:25 ----A---- C:\Windows\system32\Query.dll
2012-01-08 15:20:25 ----A---- C:\Windows\system32\quartz.dll
2012-01-08 15:20:25 ----A---- C:\Windows\system32\mswsock.dll
2012-01-08 15:20:25 ----A---- C:\Windows\system32\lsm.exe
2012-01-08 15:20:25 ----A---- C:\Windows\system32\dxgi.dll
2012-01-08 15:20:25 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-01-08 15:20:25 ----A---- C:\Windows\system32\comdlg32.dll
2012-01-08 15:20:25 ----A---- C:\Windows\system32\apphelp.dll
2012-01-08 15:20:24 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2012-01-08 15:20:24 ----A---- C:\Windows\SYSWOW64\tsmf.dll
2012-01-08 15:20:24 ----A---- C:\Windows\SYSWOW64\setupapi.dll
2012-01-08 15:20:24 ----A---- C:\Windows\SYSWOW64\dot3api.dll
2012-01-08 15:20:24 ----A---- C:\Windows\system32\wpdshext.dll
2012-01-08 15:20:24 ----A---- C:\Windows\system32\QAGENT.DLL
2012-01-08 15:20:24 ----A---- C:\Windows\system32\drvstore.dll
2012-01-08 15:20:24 ----A---- C:\Windows\system32\BFE.DLL
2012-01-08 15:20:24 ----A---- C:\Windows\system32\azroles.dll
2012-01-08 15:20:23 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2012-01-08 15:20:23 ----A---- C:\Windows\SYSWOW64\dbgeng.dll
2012-01-08 15:20:23 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2012-01-08 15:20:23 ----A---- C:\Windows\system32\win32spl.dll
2012-01-08 15:20:23 ----A---- C:\Windows\system32\Vault.dll
2012-01-08 15:20:23 ----A---- C:\Windows\system32\samsrv.dll
2012-01-08 15:20:23 ----A---- C:\Windows\system32\lpksetup.exe
2012-01-08 15:20:23 ----A---- C:\Windows\system32\DShowRdpFilter.dll
2012-01-08 15:20:23 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2012-01-08 15:20:23 ----A---- C:\Windows\system32\cmd.exe
2012-01-08 15:20:22 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2012-01-08 15:20:22 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2012-01-08 15:20:22 ----A---- C:\Windows\SYSWOW64\netcfgx.dll
2012-01-08 15:20:22 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2012-01-08 15:20:22 ----A---- C:\Windows\system32\WebClnt.dll
2012-01-08 15:20:21 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2012-01-08 15:20:21 ----A---- C:\Windows\SYSWOW64\webio.dll
2012-01-08 15:20:21 ----A---- C:\Windows\SYSWOW64\Query.dll
2012-01-08 15:20:21 ----A---- C:\Windows\system32\WindowsCodecs.dll
2012-01-08 15:20:21 ----A---- C:\Windows\system32\sxs.dll
2012-01-08 15:20:21 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2012-01-08 15:20:20 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2012-01-08 15:20:20 ----A---- C:\Windows\SYSWOW64\upnp.dll
2012-01-08 15:20:20 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-01-08 15:20:20 ----A---- C:\Windows\SYSWOW64\DShowRdpFilter.dll
2012-01-08 15:20:20 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2012-01-08 15:20:20 ----A---- C:\Windows\system32\Wldap32.dll
2012-01-08 15:20:20 ----A---- C:\Windows\system32\taskcomp.dll
2012-01-08 15:20:20 ----A---- C:\Windows\system32\pnidui.dll
2012-01-08 15:20:20 ----A---- C:\Windows\system32\mfds.dll
2012-01-08 15:20:20 ----A---- C:\Windows\system32\mcbuilder.exe
2012-01-08 15:20:20 ----A---- C:\Windows\system32\ipsmsnap.dll
2012-01-08 15:20:20 ----A---- C:\Windows\system32\hgprint.dll
2012-01-08 15:20:19 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2012-01-08 15:20:19 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2012-01-08 15:20:19 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2012-01-08 15:20:19 ----A---- C:\Windows\SYSWOW64\mmcndmgr.dll
2012-01-08 15:20:19 ----A---- C:\Windows\SYSWOW64\imapi2fs.dll
2012-01-08 15:20:19 ----A---- C:\Windows\system32\wuaueng.dll
2012-01-08 15:20:19 ----A---- C:\Windows\system32\webservices.dll
2012-01-08 15:20:19 ----A---- C:\Windows\system32\spoolsv.exe
2012-01-08 15:20:19 ----A---- C:\Windows\system32\SessEnv.dll
2012-01-08 15:20:18 ----A---- C:\Windows\SYSWOW64\usp10.dll
2012-01-08 15:20:18 ----A---- C:\Windows\SYSWOW64\shlwapi.dll
2012-01-08 15:20:18 ----A---- C:\Windows\SYSWOW64\SessEnv.dll
2012-01-08 15:20:18 ----A---- C:\Windows\SYSWOW64\PortableDeviceApi.dll
2012-01-08 15:20:18 ----A---- C:\Windows\SYSWOW64\mcbuilder.exe
2012-01-08 15:20:18 ----A---- C:\Windows\SYSWOW64\authui.dll
2012-01-08 15:20:18 ----A---- C:\Windows\system32\winsta.dll
2012-01-08 15:20:18 ----A---- C:\Windows\system32\sqlsrv32.dll
2012-01-08 15:20:18 ----A---- C:\Windows\system32\gdi32.dll
2012-01-08 15:20:18 ----A---- C:\Windows\system32\fveapi.dll
2012-01-08 15:20:18 ----A---- C:\Windows\system32\drivers\volsnap.sys
2012-01-08 15:20:18 ----A---- C:\Windows\system32\drivers\msrpc.sys
2012-01-08 15:20:18 ----A---- C:\Windows\system32\dot3api.dll
2012-01-08 15:20:17 ----A---- C:\Windows\system32\prncache.dll
2012-01-08 15:20:17 ----A---- C:\Windows\system32\mcmde.dll
2012-01-08 15:20:16 ----A---- C:\Windows\SYSWOW64\userenv.dll
2012-01-08 15:20:16 ----A---- C:\Windows\SYSWOW64\certmgr.dll
2012-01-08 15:20:16 ----A---- C:\Windows\system32\WMNetMgr.dll
2012-01-08 15:20:16 ----A---- C:\Windows\system32\wlanpref.dll
2012-01-08 15:20:16 ----A---- C:\Windows\system32\schtasks.exe
2012-01-08 15:20:15 ----A---- C:\Windows\SYSWOW64\xpsservices.dll
2012-01-08 15:20:15 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2012-01-08 15:20:15 ----A---- C:\Windows\SYSWOW64\drvstore.dll
2012-01-08 15:20:15 ----A---- C:\Windows\system32\wuapi.dll
2012-01-08 15:20:15 ----A---- C:\Windows\system32\wintrust.dll
2012-01-08 15:20:15 ----A---- C:\Windows\system32\vpnike.dll
2012-01-08 15:20:15 ----A---- C:\Windows\system32\userenv.dll
2012-01-08 15:20:15 ----A---- C:\Windows\system32\photowiz.dll
2012-01-08 15:20:15 ----A---- C:\Windows\system32\evr.dll
2012-01-08 15:20:15 ----A---- C:\Windows\system32\drivers\rdbss.sys
2012-01-08 15:20:15 ----A---- C:\Windows\system32\drivers\1394ohci.sys
2012-01-08 15:20:14 ----A---- C:\Windows\SYSWOW64\comdlg32.dll
2012-01-08 15:20:14 ----A---- C:\Windows\SYSWOW64\cmd.exe
2012-01-08 15:20:14 ----A---- C:\Windows\system32\wmpmde.dll
2012-01-08 15:20:14 ----A---- C:\Windows\system32\WMPEncEn.dll
2012-01-08 15:20:14 ----A---- C:\Windows\system32\wmpeffects.dll
2012-01-08 15:20:14 ----A---- C:\Windows\system32\SyncCenter.dll
2012-01-08 15:20:14 ----A---- C:\Windows\system32\sppobjs.dll
2012-01-08 15:20:14 ----A---- C:\Windows\system32\IPSECSVC.DLL
2012-01-08 15:20:14 ----A---- C:\Windows\system32\FXSSVC.exe
2012-01-08 15:20:14 ----A---- C:\Windows\system32\framedyn.dll
2012-01-08 15:20:14 ----A---- C:\Windows\system32\AudioSes.dll
2012-01-08 15:20:14 ----A---- C:\Windows\system32\aepdu.dll
2012-01-08 15:20:13 ----A---- C:\Windows\system32\srvsvc.dll
2012-01-08 15:20:13 ----A---- C:\Windows\system32\shsvcs.dll
2012-01-08 15:20:13 ----A---- C:\Windows\system32\mfreadwrite.dll
2012-01-08 15:20:13 ----A---- C:\Windows\system32\aeinv.dll
2012-01-08 15:20:12 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2012-01-08 15:20:12 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2012-01-08 15:20:12 ----A---- C:\Windows\SYSWOW64\user32.dll
2012-01-08 15:20:12 ----A---- C:\Windows\SYSWOW64\propsys.dll
2012-01-08 15:20:12 ----A---- C:\Windows\SYSWOW64\mfds.dll
2012-01-08 15:20:12 ----A---- C:\Windows\SYSWOW64\framedynos.dll
2012-01-08 15:20:12 ----A---- C:\Windows\system32\WinSATAPI.dll
2012-01-08 15:20:12 ----A---- C:\Windows\system32\stobject.dll
2012-01-08 15:20:12 ----A---- C:\Windows\system32\netdiagfx.dll
2012-01-08 15:20:12 ----A---- C:\Windows\system32\localsec.dll
2012-01-08 15:20:12 ----A---- C:\Windows\system32\iphlpsvc.dll
2012-01-08 15:20:12 ----A---- C:\Windows\system32\imapi2.dll
2012-01-08 15:20:12 ----A---- C:\Windows\system32\fde.dll
2012-01-08 15:20:12 ----A---- C:\Windows\system32\drivers\udfs.sys
2012-01-08 15:20:12 ----A---- C:\Windows\system32\credui.dll
2012-01-08 15:20:12 ----A---- C:\Windows\system32\cdd.dll
2012-01-08 15:20:12 ----A---- C:\Windows\system32\bcryptprimitives.dll
2012-01-08 15:20:11 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2012-01-08 15:20:11 ----A---- C:\Windows\SYSWOW64\azroles.dll
2012-01-08 15:20:11 ----A---- C:\Windows\system32\tcpipcfg.dll
2012-01-08 15:20:11 ----A---- C:\Windows\system32\spp.dll
2012-01-08 15:20:11 ----A---- C:\Windows\system32\QSHVHOST.DLL
2012-01-08 15:20:11 ----A---- C:\Windows\system32\netid.dll
2012-01-08 15:20:11 ----A---- C:\Windows\system32\inetpp.dll
2012-01-08 15:20:11 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2012-01-08 15:20:11 ----A---- C:\Windows\system32\davclnt.dll
2012-01-08 15:20:11 ----A---- C:\Windows\system32\biocpl.dll
2012-01-08 15:20:10 ----A---- C:\Windows\SYSWOW64\themeui.dll
2012-01-08 15:20:10 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2012-01-08 15:20:10 ----A---- C:\Windows\SYSWOW64\spp.dll
2012-01-08 15:20:10 ----A---- C:\Windows\SYSWOW64\credui.dll
2012-01-08 15:20:10 ----A---- C:\Windows\system32\scansetting.dll
2012-01-08 15:20:10 ----A---- C:\Windows\system32\profsvc.dll
2012-01-08 15:20:10 ----A---- C:\Windows\system32\printui.dll
2012-01-08 15:20:10 ----A---- C:\Windows\system32\pla.dll
2012-01-08 15:20:10 ----A---- C:\Windows\system32\PhotoScreensaver.scr
2012-01-08 15:20:10 ----A---- C:\Windows\system32\mspbda.dll
2012-01-08 15:20:10 ----A---- C:\Windows\system32\msinfo32.exe
2012-01-08 15:20:10 ----A---- C:\Windows\system32\gameux.dll
2012-01-08 15:20:10 ----A---- C:\Windows\splwow64.exe
2012-01-08 15:20:09 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2012-01-08 15:20:09 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2012-01-08 15:20:09 ----A---- C:\Windows\SYSWOW64\dhcpcore.dll
2012-01-08 15:20:09 ----A---- C:\Windows\system32\wusa.exe
2012-01-08 15:20:09 ----A---- C:\Windows\system32\wiaservc.dll
2012-01-08 15:20:09 ----A---- C:\Windows\system32\vds.exe
2012-01-08 15:20:09 ----A---- C:\Windows\system32\msdri.dll
2012-01-08 15:20:09 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2012-01-08 15:20:09 ----A---- C:\Windows\system32\drivers\pci.sys
2012-01-08 15:20:09 ----A---- C:\Windows\system32\cryptsvc.dll
2012-01-08 15:20:09 ----A---- C:\Windows\system32\aitagent.exe
2012-01-08 15:20:08 ----A---- C:\Windows\SYSWOW64\NaturalLanguage6.dll
2012-01-08 15:20:08 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2012-01-08 15:20:08 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2012-01-08 15:20:08 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2012-01-08 15:20:08 ----A---- C:\Windows\SYSWOW64\dbghelp.dll
2012-01-08 15:20:08 ----A---- C:\Windows\SYSWOW64\basecsp.dll
2012-01-08 15:20:08 ----A---- C:\Windows\system32\XpsRasterService.dll
2012-01-08 15:20:08 ----A---- C:\Windows\system32\wisptis.exe
2012-01-08 15:20:08 ----A---- C:\Windows\system32\rpchttp.dll
2012-01-08 15:20:08 ----A---- C:\Windows\system32\PkgMgr.exe
2012-01-08 15:20:08 ----A---- C:\Windows\system32\msi.dll
2012-01-08 15:20:08 ----A---- C:\Windows\system32\mscms.dll
2012-01-08 15:20:08 ----A---- C:\Windows\system32\FirewallControlPanel.dll
2012-01-08 15:20:08 ----A---- C:\Windows\system32\drivers\rasl2tp.sys
2012-01-08 15:20:07 ----A---- C:\Windows\SYSWOW64\WinSATAPI.dll
2012-01-08 15:20:07 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2012-01-08 15:20:07 ----A---- C:\Windows\SYSWOW64\evr.dll
2012-01-08 15:20:07 ----A---- C:\Windows\system32\sppwinob.dll
2012-01-08 15:20:07 ----A---- C:\Windows\system32\ocsetup.exe
2012-01-08 15:20:07 ----A---- C:\Windows\system32\ocsetapi.dll
2012-01-08 15:20:07 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2012-01-08 15:20:06 ----A---- C:\Windows\SYSWOW64\sqlsrv32.dll
2012-01-08 15:20:06 ----A---- C:\Windows\SYSWOW64\calc.exe
2012-01-08 15:20:06 ----A---- C:\Windows\system32\wpdbusenum.dll
2012-01-08 15:20:06 ----A---- C:\Windows\system32\wcncsvc.dll
2012-01-08 15:20:06 ----A---- C:\Windows\system32\upnp.dll
2012-01-08 15:20:06 ----A---- C:\Windows\system32\Robocopy.exe
2012-01-08 15:20:06 ----A---- C:\Windows\system32\rdpcore.dll
2012-01-08 15:20:06 ----A---- C:\Windows\system32\ntshrui.dll
2012-01-08 15:20:06 ----A---- C:\Windows\system32\mprapi.dll
2012-01-08 15:20:06 ----A---- C:\Windows\system32\eapphost.dll
2012-01-08 15:20:06 ----A---- C:\Windows\system32\eapp3hst.dll
2012-01-08 15:20:06 ----A---- C:\Windows\system32\DXP.dll
2012-01-08 15:20:06 ----A---- C:\Windows\system32\drivers\volmgr.sys
2012-01-08 15:20:06 ----A---- C:\Windows\system32\drivers\msdsm.sys
2012-01-08 15:20:06 ----A---- C:\Windows\system32\ci.dll
2012-01-08 15:20:05 ----A---- C:\Windows\SYSWOW64\UIRibbon.dll
2012-01-08 15:20:05 ----A---- C:\Windows\SYSWOW64\sxs.dll
2012-01-08 15:20:05 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-01-08 15:20:05 ----A---- C:\Windows\system32\thumbcache.dll
2012-01-08 15:20:05 ----A---- C:\Windows\system32\t2embed.dll
2012-01-08 15:20:05 ----A---- C:\Windows\system32\hal.dll
2012-01-08 15:20:05 ----A---- C:\Windows\system32\drivers\HpSAMD.sys
2012-01-08 15:20:04 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2012-01-08 15:20:04 ----A---- C:\Windows\SYSWOW64\stobject.dll
2012-01-08 15:20:04 ----A---- C:\Windows\SYSWOW64\netshell.dll
2012-01-08 15:20:04 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2012-01-08 15:20:04 ----A---- C:\Windows\system32\scecli.dll
2012-01-08 15:20:04 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2012-01-08 15:20:04 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2012-01-08 15:20:04 ----A---- C:\Windows\system32\DxpTaskSync.dll
2012-01-08 15:20:04 ----A---- C:\Windows\system32\dwmredir.dll
2012-01-08 15:20:04 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-01-08 15:20:04 ----A---- C:\Windows\system32\drivers\fvevol.sys
2012-01-08 15:20:03 ----A---- C:\Windows\SYSWOW64\prncache.dll
2012-01-08 15:20:03 ----A---- C:\Windows\SYSWOW64\printui.dll
2012-01-08 15:20:03 ----A---- C:\Windows\SYSWOW64\msi.dll
2012-01-08 15:20:03 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2012-01-08 15:20:03 ----A---- C:\Windows\system32\themeui.dll
2012-01-08 15:20:03 ----A---- C:\Windows\system32\sspicli.dll
2012-01-08 15:20:03 ----A---- C:\Windows\system32\puiobj.dll
2012-01-08 15:20:03 ----A---- C:\Windows\system32\onex.dll
2012-01-08 15:20:03 ----A---- C:\Windows\system32\nlaapi.dll
2012-01-08 15:20:03 ----A---- C:\Windows\system32\msasn1.dll
2012-01-08 15:20:03 ----A---- C:\Windows\system32\iasrad.dll
2012-01-08 15:20:03 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2012-01-08 15:20:03 ----A---- C:\Windows\system32\drivers\ipfltdrv.sys
2012-01-08 15:20:03 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2012-01-08 15:20:02 ----A---- C:\Windows\SYSWOW64\WSDApi.dll
2012-01-08 15:20:02 ----A---- C:\Windows\SYSWOW64\wmpeffects.dll
2012-01-08 15:20:02 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2012-01-08 15:20:02 ----A---- C:\Windows\SYSWOW64\net1.exe
2012-01-08 15:20:02 ----A---- C:\Windows\system32\aaclient.dll
2012-01-08 15:20:01 ----A---- C:\Windows\SYSWOW64\scansetting.dll
2012-01-08 15:20:01 ----A---- C:\Windows\system32\wdc.dll
2012-01-08 15:20:01 ----A---- C:\Windows\system32\scesrv.dll
2012-01-08 15:20:01 ----A---- C:\Windows\system32\rasmans.dll
2012-01-08 15:20:00 ----A---- C:\Windows\SYSWOW64\WMVCORE.DLL
2012-01-08 15:20:00 ----A---- C:\Windows\SYSWOW64\MMDevAPI.dll
2012-01-08 15:20:00 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2012-01-08 15:20:00 ----A---- C:\Windows\system32\wscapi.dll
2012-01-08 15:20:00 ----A---- C:\Windows\system32\wlangpui.dll
2012-01-08 15:20:00 ----A---- C:\Windows\system32\wiadefui.dll
2012-01-08 15:20:00 ----A---- C:\Windows\system32\VAN.dll
2012-01-08 15:20:00 ----A---- C:\Windows\system32\StructuredQuery.dll
2012-01-08 15:20:00 ----A---- C:\Windows\system32\SndVol.exe
2012-01-08 15:20:00 ----A---- C:\Windows\system32\sdengin2.dll
2012-01-08 15:20:00 ----A---- C:\Windows\system32\samcli.dll
2012-01-08 15:20:00 ----A---- C:\Windows\system32\netcenter.dll
2012-01-08 15:20:00 ----A---- C:\Windows\system32\msftedit.dll
2012-01-08 15:20:00 ----A---- C:\Windows\system32\iasacct.dll
2012-01-08 15:20:00 ----A---- C:\Windows\system32\dskquoui.dll
2012-01-08 15:20:00 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-01-08 15:20:00 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2012-01-08 15:19:59 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2012-01-08 15:19:59 ----A---- C:\Windows\SYSWOW64\wlangpui.dll
2012-01-08 15:19:59 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2012-01-08 15:19:59 ----A---- C:\Windows\SYSWOW64\QSHVHOST.DLL
2012-01-08 15:19:59 ----A---- C:\Windows\SYSWOW64\pnidui.dll
2012-01-08 15:19:59 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2012-01-08 15:19:59 ----A---- C:\Windows\system32\wucltux.dll
2012-01-08 15:19:59 ----A---- C:\Windows\system32\TabSvc.dll
2012-01-08 15:19:59 ----A---- C:\Windows\system32\srchadmin.dll
2012-01-08 15:19:59 ----A---- C:\Windows\system32\regapi.dll
2012-01-08 15:19:59 ----A---- C:\Windows\system32\QUTIL.DLL
2012-01-08 15:19:59 ----A---- C:\Windows\system32\drivers\termdd.sys
2012-01-08 15:19:59 ----A---- C:\Windows\system32\consent.exe
2012-01-08 15:19:58 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2012-01-08 15:19:58 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2012-01-08 15:19:58 ----A---- C:\Windows\SYSWOW64\webservices.dll
2012-01-08 15:19:58 ----A---- C:\Windows\SYSWOW64\SyncCenter.dll
2012-01-08 15:19:58 ----A---- C:\Windows\SYSWOW64\netdiagfx.dll
2012-01-08 15:19:58 ----A---- C:\Windows\SYSWOW64\fde.dll
2012-01-08 15:19:58 ----A---- C:\Windows\system32\WUDFSvc.dll
2012-01-08 15:19:58 ----A---- C:\Windows\system32\wksprt.exe
2012-01-08 15:19:58 ----A---- C:\Windows\system32\taskhost.exe
2012-01-08 15:19:58 ----A---- C:\Windows\system32\setupcl.exe
2012-01-08 15:19:58 ----A---- C:\Windows\system32\rastls.dll
2012-01-08 15:19:58 ----A---- C:\Windows\system32\drivers\msahci.sys
2012-01-08 15:19:58 ----A---- C:\Windows\system32\drivers\acpi.sys
2012-01-08 15:19:57 ----A---- C:\Windows\system32\tapisrv.dll
2012-01-08 15:19:57 ----A---- C:\Windows\system32\netiohlp.dll
2012-01-08 15:19:57 ----A---- C:\Windows\system32\mimefilt.dll
2012-01-08 15:19:56 ----A---- C:\Windows\SYSWOW64\winsta.dll
2012-01-08 15:19:56 ----A---- C:\Windows\SYSWOW64\WinSCard.dll
2012-01-08 15:19:56 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2012-01-08 15:19:56 ----A---- C:\Windows\SYSWOW64\pla.dll
2012-01-08 15:19:56 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2012-01-08 15:19:56 ----A---- C:\Windows\SYSWOW64\msasn1.dll
2012-01-08 15:19:56 ----A---- C:\Windows\system32\msconfig.exe
2012-01-08 15:19:56 ----A---- C:\Windows\system32\lsmproxy.dll
2012-01-08 15:19:56 ----A---- C:\Windows\system32\ListSvc.dll
2012-01-08 15:19:56 ----A---- C:\Windows\system32\hgcpl.dll
2012-01-08 15:19:56 ----A---- C:\Windows\system32\fdeploy.dll
2012-01-08 15:19:56 ----A---- C:\Windows\system32\drivers\sbp2port.sys
2012-01-08 15:19:56 ----A---- C:\Windows\system32\drivers\raspptp.sys
2012-01-08 15:19:56 ----A---- C:\Windows\system32\drivers\ks.sys
2012-01-08 15:19:56 ----A---- C:\Windows\system32\clusapi.dll
2012-01-08 15:19:56 ----A---- C:\Windows\system32\basecsp.dll
2012-01-08 15:19:56 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2012-01-08 15:19:55 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2012-01-08 15:19:55 ----A---- C:\Windows\SYSWOW64\imapi2.dll
2012-01-08 15:19:55 ----A---- C:\Windows\SYSWOW64\gameux.dll
2012-01-08 15:19:55 ----A---- C:\Windows\SYSWOW64\DXPTaskRingtone.dll
2012-01-08 15:19:55 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2012-01-08 15:19:55 ----A---- C:\Windows\system32\riched20.dll
2012-01-08 15:19:55 ----A---- C:\Windows\system32\mtxclu.dll
2012-01-08 15:19:55 ----A---- C:\Windows\system32\dnscmmc.dll
2012-01-08 15:19:54 ----A---- C:\Windows\SYSWOW64\WMPEncEn.dll
2012-01-08 15:19:54 ----A---- C:\Windows\SYSWOW64\onex.dll
2012-01-08 15:19:54 ----A---- C:\Windows\system32\sharemediacpl.dll
2012-01-08 15:19:54 ----A---- C:\Windows\system32\RpcRtRemote.dll
2012-01-08 15:19:54 ----A---- C:\Windows\system32\powercpl.dll
2012-01-08 15:19:54 ----A---- C:\Windows\system32\logoncli.dll
2012-01-08 15:19:54 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-01-08 15:19:53 ----A---- C:\Windows\SYSWOW64\winmm.dll
2012-01-08 15:19:53 ----A---- C:\Windows\SYSWOW64\shsvcs.dll
2012-01-08 15:19:53 ----A---- C:\Windows\system32\themecpl.dll
2012-01-08 15:19:53 ----A---- C:\Windows\system32\nci.dll
2012-01-08 15:19:53 ----A---- C:\Windows\system32\eudcedit.exe
2012-01-08 15:19:52 ----A---- C:\Windows\SYSWOW64\netiohlp.dll
2012-01-08 15:19:52 ----A---- C:\Windows\SYSWOW64\hbaapi.dll
2012-01-08 15:19:52 ----A---- C:\Windows\SYSWOW64\autochk.exe
2012-01-08 15:19:52 ----A---- C:\Windows\SYSWOW64\autofmt.exe
2012-01-08 15:19:52 ----A---- C:\Windows\system32\wkssvc.dll
2012-01-08 15:19:52 ----A---- C:\Windows\system32\vpnikeapi.dll
2012-01-08 15:19:52 ----A---- C:\Windows\system32\SensorsCpl.dll
2012-01-08 15:19:52 ----A---- C:\Windows\system32\netjoin.dll
2012-01-08 15:19:52 ----A---- C:\Windows\system32\Narrator.exe
2012-01-08 15:19:52 ----A---- C:\Windows\system32\Faultrep.dll
2012-01-08 15:19:51 ----A---- C:\Windows\SYSWOW64\thumbcache.dll
2012-01-08 15:19:51 ----A---- C:\Windows\SYSWOW64\samcli.dll
2012-01-08 15:19:51 ----A---- C:\Windows\SYSWOW64\regapi.dll
2012-01-08 15:19:51 ----A---- C:\Windows\SYSWOW64\proquota.exe
2012-01-08 15:19:51 ----A---- C:\Windows\SYSWOW64\msutb.dll
2012-01-08 15:19:51 ----A---- C:\Windows\SYSWOW64\msinfo32.exe
2012-01-08 15:19:51 ----A---- C:\Windows\SYSWOW64\mimefilt.dll
2012-01-08 15:19:51 ----A---- C:\Windows\SYSWOW64\IPHLPAPI.DLL
2012-01-08 15:19:51 ----A---- C:\Windows\SYSWOW64\autoconv.exe
2012-01-08 15:19:51 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2012-01-08 15:19:51 ----A---- C:\Windows\system32\sppcomapi.dll
2012-01-08 15:19:51 ----A---- C:\Windows\system32\comctl32.dll
2012-01-08 15:19:51 ----A---- C:\Windows\system32\cabview.dll
2012-01-08 15:19:51 ----A---- C:\Windows\system32\autochk.exe
2012-01-08 15:19:51 ----A---- C:\Windows\system32\autofmt.exe
2012-01-08 15:19:50 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2012-01-08 15:19:50 ----A---- C:\Windows\SYSWOW64\tcpipcfg.dll
2012-01-08 15:19:50 ----A---- C:\Windows\SYSWOW64\srchadmin.dll
2012-01-08 15:19:50 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2012-01-08 15:19:50 ----A---- C:\Windows\SYSWOW64\powercpl.dll
2012-01-08 15:19:50 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2012-01-08 15:19:50 ----A---- C:\Windows\SYSWOW64\ipsmsnap.dll
2012-01-08 15:19:50 ----A---- C:\Windows\SYSWOW64\framedyn.dll
2012-01-08 15:19:50 ----A---- C:\Windows\SYSWOW64\eapphost.dll
2012-01-08 15:19:50 ----A---- C:\Windows\system32\wpd_ci.dll
2012-01-08 15:19:50 ----A---- C:\Windows\system32\shsetup.dll
2012-01-08 15:19:50 ----A---- C:\Windows\system32\sdclt.exe
2012-01-08 15:19:50 ----A---- C:\Windows\system32\nshipsec.dll
2012-01-08 15:19:50 ----A---- C:\Windows\system32\fms.dll
2012-01-08 15:19:50 ----A---- C:\Windows\system32\bcdsrv.dll
2012-01-08 15:19:50 ----A---- C:\Windows\system32\autoconv.exe
2012-01-08 15:19:50 ----A---- C:\Windows\system32\audiodg.exe
2012-01-08 15:19:49 ----A---- C:\Windows\SYSWOW64\QAGENT.DLL
2012-01-08 15:19:49 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2012-01-08 15:19:49 ----A---- C:\Windows\SYSWOW64\AuxiliaryDisplayCpl.dll
2012-01-08 15:19:49 ----A---- C:\Windows\system32\wwanconn.dll
2012-01-08 15:19:49 ----A---- C:\Windows\system32\wlanui.dll
2012-01-08 15:19:49 ----A---- C:\Windows\system32\SmiEngine.dll
2012-01-08 15:19:49 ----A---- C:\Windows\system32\prntvpt.dll
2012-01-08 15:19:49 ----A---- C:\Windows\system32\mscorier.dll
2012-01-08 15:19:49 ----A---- C:\Windows\system32\fontext.dll
2012-01-08 15:19:49 ----A---- C:\Windows\system32\drivers\wanarp.sys
2012-01-08 15:19:49 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2012-01-08 15:19:49 ----A---- C:\Windows\system32\drivers\scsiport.sys
2012-01-08 15:19:49 ----A---- C:\Windows\system32\dps.dll
2012-01-08 15:19:48 ----A---- C:\Windows\SYSWOW64\wdc.dll
2012-01-08 15:19:48 ----A---- C:\Windows\SYSWOW64\untfs.dll
2012-01-08 15:19:48 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2012-01-08 15:19:48 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2012-01-08 15:19:48 ----A---- C:\Windows\SYSWOW64\rastls.dll
2012-01-08 15:19:48 ----A---- C:\Windows\SYSWOW64\netid.dll
2012-01-08 15:19:48 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2012-01-08 15:19:48 ----A---- C:\Windows\system32\wmpsrcwp.dll
2012-01-08 15:19:48 ----A---- C:\Windows\system32\qedit.dll
2012-01-08 15:19:48 ----A---- C:\Windows\system32\mprddm.dll
2012-01-08 15:19:48 ----A---- C:\Windows\system32\mblctr.exe
2012-01-08 15:19:48 ----A---- C:\Windows\system32\drivers\hidclass.sys
2012-01-08 15:19:48 ----A---- C:\Windows\system32\Display.dll
2012-01-08 15:19:48 ----A---- C:\Windows\system32\credssp.dll
2012-01-08 15:19:48 ----A---- C:\Windows\system32\batmeter.dll
2012-01-08 15:19:48 ----A---- C:\Windows\system32\AxInstSv.dll
2012-01-08 15:19:47 ----A---- C:\Windows\SYSWOW64\WMNetMgr.dll
2012-01-08 15:19:47 ----A---- C:\Windows\SYSWOW64\wlanpref.dll
2012-01-08 15:19:47 ----A---- C:\Windows\SYSWOW64\Vault.dll
2012-01-08 15:19:47 ----A---- C:\Windows\SYSWOW64\RpcRtRemote.dll
2012-01-08 15:19:47 ----A---- C:\Windows\SYSWOW64\Robocopy.exe
2012-01-08 15:19:47 ----A---- C:\Windows\SYSWOW64\nci.dll
2012-01-08 15:19:47 ----A---- C:\Windows\system32\usercpl.dll
2012-01-08 15:19:47 ----A---- C:\Windows\system32\rtutils.dll
2012-01-08 15:19:47 ----A---- C:\Windows\system32\provsvc.dll
2012-01-08 15:19:47 ----A---- C:\Windows\system32\DiagCpl.dll
2012-01-08 15:19:47 ----A---- C:\Windows\system32\bootres.dll
2012-01-08 15:19:46 ----A---- C:\Windows\SYSWOW64\taskmgr.exe
2012-01-08 15:19:46 ----A---- C:\Windows\SYSWOW64\DxpTaskSync.dll
2012-01-08 15:19:46 ----A---- C:\Windows\SYSWOW64\Display.dll
2012-01-08 15:19:46 ----A---- C:\Windows\system32\wpccpl.dll
2012-01-08 15:19:46 ----A---- C:\Windows\system32\sppsvc.exe
2012-01-08 15:19:46 ----A---- C:\Windows\system32\SndVolSSO.dll
2012-01-08 15:19:46 ----A---- C:\Windows\system32\rasppp.dll
2012-01-08 15:19:46 ----A---- C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2012-01-08 15:19:46 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2012-01-08 15:19:46 ----A---- C:\Windows\system32\dot3cfg.dll
2012-01-08 15:19:45 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2012-01-08 15:19:45 ----A---- C:\Windows\SYSWOW64\userinit.exe
2012-01-08 15:19:45 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2012-01-08 15:19:45 ----A---- C:\Windows\SYSWOW64\mtxclu.dll
2012-01-08 15:19:45 ----A---- C:\Windows\system32\taskmgr.exe
2012-01-08 15:19:45 ----A---- C:\Windows\system32\shdocvw.dll
2012-01-08 15:19:45 ----A---- C:\Windows\system32\prnfldr.dll
2012-01-08 15:19:45 ----A---- C:\Windows\system32\hbaapi.dll
2012-01-08 15:19:45 ----A---- C:\Windows\system32\dxdiagn.dll
2012-01-08 15:19:44 ----A---- C:\Windows\SYSWOW64\wiadefui.dll
2012-01-08 15:19:44 ----A---- C:\Windows\SYSWOW64\termmgr.dll
2012-01-08 15:19:44 ----A---- C:\Windows\SYSWOW64\sppcomapi.dll
2012-01-08 15:19:44 ----A---- C:\Windows\SYSWOW64\shsetup.dll
2012-01-08 15:19:44 ----A---- C:\Windows\SYSWOW64\rasppp.dll
2012-01-08 15:19:44 ----A---- C:\Windows\SYSWOW64\logoncli.dll
2012-01-08 15:19:44 ----A---- C:\Windows\SYSWOW64\eudcedit.exe
2012-01-08 15:19:44 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2012-01-08 15:19:44 ----A---- C:\Windows\system32\untfs.dll
2012-01-08 15:19:44 ----A---- C:\Windows\system32\proquota.exe
2012-01-08 15:19:44 ----A---- C:\Windows\system32\pdh.dll
2012-01-08 15:19:44 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2012-01-08 15:19:44 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2012-01-08 15:19:44 ----A---- C:\Windows\system32\drivers\hwpolicy.sys
2012-01-08 15:19:44 ----A---- C:\Windows\system32\drivers\ataport.sys
2012-01-08 15:19:43 ----A---- C:\Windows\SYSWOW64\SensorsCpl.dll
2012-01-08 15:19:43 ----A---- C:\Windows\SYSWOW64\FirewallControlPanel.dll
2012-01-08 15:19:43 ----A---- C:\Windows\SYSWOW64\cabview.dll
2012-01-08 15:19:43 ----A---- C:\Windows\system32\userinit.exe
2012-01-08 15:19:43 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-01-08 15:19:43 ----A---- C:\Windows\system32\accessibilitycpl.dll
2012-01-08 15:19:42 ----A---- C:\Windows\SYSWOW64\themecpl.dll
2012-01-08 15:19:42 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2012-01-08 15:19:42 ----A---- C:\Windows\SYSWOW64\dnscmmc.dll
2012-01-08 15:19:42 ----A---- C:\Windows\system32\zipfldr.dll
2012-01-08 15:19:42 ----A---- C:\Windows\system32\slui.exe
2012-01-08 15:19:42 ----A---- C:\Windows\system32\msieftp.dll
2012-01-08 15:19:42 ----A---- C:\Windows\system32\defaultlocationcpl.dll
2012-01-08 15:19:41 ----A---- C:\Windows\SYSWOW64\tapisrv.dll
2012-01-08 15:19:41 ----A---- C:\Windows\SYSWOW64\scecli.dll
2012-01-08 15:19:41 ----A---- C:\Windows\SYSWOW64\PhotoScreensaver.scr
2012-01-08 15:19:41 ----A---- C:\Windows\SYSWOW64\mscories.dll
2012-01-08 15:19:41 ----A---- C:\Windows\SYSWOW64\mscms.dll
2012-01-08 15:19:41 ----A---- C:\Windows\SYSWOW64\localsec.dll
2012-01-08 15:19:41 ----A---- C:\Windows\SYSWOW64\hgcpl.dll
2012-01-08 15:19:41 ----A---- C:\Windows\SYSWOW64\fontext.dll
2012-01-08 15:19:41 ----A---- C:\Windows\system32\sud.dll
2012-01-08 15:19:41 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2012-01-08 15:19:41 ----A---- C:\Windows\system32\DeviceCenter.dll
2012-01-08 15:19:40 ----A---- C:\Windows\SYSWOW64\wlanui.dll
2012-01-08 15:19:40 ----A---- C:\Windows\SYSWOW64\VAN.dll
2012-01-08 15:19:40 ----A---- C:\Windows\SYSWOW64\usercpl.dll
2012-01-08 15:19:40 ----A---- C:\Windows\SYSWOW64\SndVolSSO.dll
2012-01-08 15:19:40 ----A---- C:\Windows\SYSWOW64\qedit.dll
2012-01-08 15:19:40 ----A---- C:\Windows\SYSWOW64\prntvpt.dll
2012-01-08 15:19:40 ----A---- C:\Windows\SYSWOW64\PerfCenterCPL.dll
2012-01-08 15:19:40 ----A---- C:\Windows\SYSWOW64\mprddm.dll
2012-01-08 15:19:40 ----A---- C:\Windows\SYSWOW64\iasacct.dll
2012-01-08 15:19:40 ----A---- C:\Windows\SYSWOW64\batmeter.dll
2012-01-08 15:19:40 ----A---- C:\Windows\system32\twext.dll
2012-01-08 15:19:40 ----A---- C:\Windows\system32\taskbarcpl.dll
2012-01-08 15:19:40 ----A---- C:\Windows\system32\srcore.dll
2012-01-08 15:19:40 ----A---- C:\Windows\system32\rdpwsx.dll
2012-01-08 15:19:40 ----A---- C:\Windows\system32\qdvd.dll
2012-01-08 15:19:40 ----A---- C:\Windows\system32\OnLineIDCpl.dll
2012-01-08 15:19:40 ----A---- C:\Windows\system32\networkmap.dll
2012-01-08 15:19:40 ----A---- C:\Windows\system32\dot3svc.dll
2012-01-08 15:19:40 ----A---- C:\Windows\system32\cryptui.dll
2012-01-08 15:19:40 ----A---- C:\Windows\system32\ActionCenter.dll
2012-01-08 15:19:39 ----A---- C:\Windows\SYSWOW64\w32tm.exe
2012-01-08 15:19:39 ----A---- C:\Windows\SYSWOW64\spwizeng.dll
2012-01-08 15:19:39 ----A---- C:\Windows\SYSWOW64\SndVol.exe
2012-01-08 15:19:39 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-01-08 15:19:39 ----A---- C:\Windows\SYSWOW64\netcenter.dll
2012-01-08 15:19:39 ----A---- C:\Windows\SYSWOW64\azroleui.dll
2012-01-08 15:19:39 ----A---- C:\Windows\system32\uxlib.dll
2012-01-08 15:19:39 ----A---- C:\Windows\system32\sisbkup.dll
2012-01-08 15:19:39 ----A---- C:\Windows\system32\recovery.dll
2012-01-08 15:19:39 ----A---- C:\Windows\system32\OobeFldr.dll
2012-01-08 15:19:39 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2012-01-08 15:19:39 ----A---- C:\Windows\system32\isoburn.exe
2012-01-08 15:19:39 ----A---- C:\Windows\system32\dsuiext.dll
2012-01-08 15:19:39 ----A---- C:\Windows\system32\cca.dll
2012-01-08 15:19:39 ----A---- C:\Windows\system32\bcdedit.exe
2012-01-08 15:19:39 ----A---- C:\Windows\system32\azroleui.dll
2012-01-08 15:19:39 ----A---- C:\Windows\system32\asycfilt.dll
2012-01-08 15:19:38 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2012-01-08 15:19:38 ----A---- C:\Windows\SYSWOW64\netjoin.dll
2012-01-08 15:19:38 ----A---- C:\Windows\SYSWOW64\MSAC3ENC.DLL
2012-01-08 15:19:38 ----A---- C:\Windows\SYSWOW64\fdeploy.dll
2012-01-08 15:19:38 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2012-01-08 15:19:38 ----A---- C:\Windows\SYSWOW64\adsldp.dll
2012-01-08 15:19:38 ----A---- C:\Windows\SYSWOW64\accessibilitycpl.dll
2012-01-08 15:19:38 ----A---- C:\Windows\system32\tzutil.exe
2012-01-08 15:19:38 ----A---- C:\Windows\system32\systemcpl.dll
2012-01-08 15:19:38 ----A---- C:\Windows\system32\sysclass.dll
2012-01-08 15:19:38 ----A---- C:\Windows\system32\syncui.dll
2012-01-08 15:19:38 ----A---- C:\Windows\system32\sspisrv.dll
2012-01-08 15:19:38 ----A---- C:\Windows\system32\shwebsvc.dll
2012-01-08 15:19:38 ----A---- C:\Windows\system32\sdcpl.dll
2012-01-08 15:19:38 ----A---- C:\Windows\system32\recdisc.exe
2012-01-08 15:19:38 ----A---- C:\Windows\system32\netplwiz.dll
2012-01-08 15:19:38 ----A---- C:\Windows\system32\ncryptui.dll
2012-01-08 15:19:38 ----A---- C:\Windows\system32\httpapi.dll
2012-01-08 15:19:38 ----A---- C:\Windows\system32\efscore.dll
2012-01-08 15:19:38 ----A---- C:\Windows\system32\drivers\mpio.sys
2012-01-08 15:19:38 ----A---- C:\Windows\system32\certcli.dll
2012-01-08 15:19:38 ----A---- C:\Windows\system32\autoplay.dll
2012-01-08 15:19:38 ----A---- C:\Windows\system32\appinfo.dll
2012-01-08 15:19:37 ----A---- C:\Windows\SYSWOW64\wusa.exe
2012-01-08 15:19:37 ----A---- C:\Windows\SYSWOW64\prnfldr.dll
2012-01-08 15:19:37 ----A---- C:\Windows\SYSWOW64\OnLineIDCpl.dll
2012-01-08 15:19:37 ----A---- C:\Windows\SYSWOW64\networkmap.dll
2012-01-08 15:19:37 ----A---- C:\Windows\SYSWOW64\MCEWMDRMNDBootstrap.dll
2012-01-08 15:19:37 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2012-01-08 15:19:37 ----A---- C:\Windows\system32\wlanmsm.dll
2012-01-08 15:19:37 ----A---- C:\Windows\system32\spwizeng.dll
2012-01-08 15:19:37 ----A---- C:\Windows\system32\sdrsvc.dll
2012-01-08 15:19:37 ----A---- C:\Windows\system32\msvidc32.dll
2012-01-08 15:19:37 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2012-01-08 15:19:37 ----A---- C:\Windows\system32\ActionCenterCPL.dll
2012-01-08 15:19:36 ----A---- C:\Windows\SYSWOW64\sud.dll
2012-01-08 15:19:36 ----A---- C:\Windows\SYSWOW64\photowiz.dll
2012-01-08 15:19:36 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2012-01-08 15:19:36 ----A---- C:\Windows\SYSWOW64\MediaMetadataHandler.dll
2012-01-08 15:19:36 ----A---- C:\Windows\SYSWOW64\iprtrmgr.dll
2012-01-08 15:19:36 ----A---- C:\Windows\SYSWOW64\iasrad.dll
2012-01-08 15:19:36 ----A---- C:\Windows\SYSWOW64\ftp.exe
2012-01-08 15:19:36 ----A---- C:\Windows\SYSWOW64\dot3cfg.dll
2012-01-08 15:19:36 ----A---- C:\Windows\SYSWOW64\defaultlocationcpl.dll
2012-01-08 15:19:36 ----A---- C:\Windows\SYSWOW64\credssp.dll
2012-01-08 15:19:36 ----A---- C:\Windows\SYSWOW64\ActionCenter.dll
2012-01-08 15:19:36 ----A---- C:\Windows\system32\vdsutil.dll
2012-01-08 15:19:36 ----A---- C:\Windows\system32\termmgr.dll
2012-01-08 15:19:36 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2012-01-08 15:19:36 ----A---- C:\Windows\system32\sethc.exe
2012-01-08 15:19:36 ----A---- C:\Windows\system32\rstrui.exe
2012-01-08 15:19:36 ----A---- C:\Windows\system32\ReAgent.dll
2012-01-08 15:19:36 ----A---- C:\Windows\system32\ntlanman.dll
2012-01-08 15:19:36 ----A---- C:\Windows\system32\msscp.dll
2012-01-08 15:19:36 ----A---- C:\Windows\system32\MFPlay.dll
2012-01-08 15:19:35 ----A---- C:\Windows\SYSWOW64\syncui.dll
2012-01-08 15:19:35 ----A---- C:\Windows\SYSWOW64\sisbkup.dll
2012-01-08 15:19:35 ----A---- C:\Windows\SYSWOW64\shwebsvc.dll
2012-01-08 15:19:35 ----A---- C:\Windows\SYSWOW64\ifsutil.dll
2012-01-08 15:19:35 ----A---- C:\Windows\SYSWOW64\efscore.dll
2012-01-08 15:19:35 ----A---- C:\Windows\SYSWOW64\DeviceCenter.dll
2012-01-08 15:19:35 ----A---- C:\Windows\SYSWOW64\autoplay.dll
2012-01-08 15:19:35 ----A---- C:\Windows\SYSWOW64\ActionCenterCPL.dll
2012-01-08 15:19:35 ----A---- C:\Windows\system32\wwanprotdim.dll
2012-01-08 15:19:35 ----A---- C:\Windows\system32\wmdrmsdk.dll
2012-01-08 15:19:35 ----A---- C:\Windows\system32\UserAccountControlSettings.dll
2012-01-08 15:19:35 ----A---- C:\Windows\system32\tsgqec.dll
2012-01-08 15:19:35 ----A---- C:\Windows\system32\ssText3d.scr
2012-01-08 15:19:35 ----A---- C:\Windows\system32\srvcli.dll
2012-01-08 15:19:35 ----A---- C:\Windows\system32\sqlcese30.dll
2012-01-08 15:19:35 ----A---- C:\Windows\system32\slwga.dll
2012-01-08 15:19:35 ----A---- C:\Windows\system32\secur32.dll
2012-01-08 15:19:35 ----A---- C:\Windows\system32\rdpd3d.dll
2012-01-08 15:19:35 ----A---- C:\Windows\system32\iyuv_32.dll
2012-01-08 15:19:35 ----A---- C:\Windows\system32\iTVData.dll
2012-01-08 15:19:35 ----A---- C:\Windows\system32\iprtrmgr.dll
2012-01-08 15:19:35 ----A---- C:\Windows\system32\drmmgrtn.dll
2012-01-08 15:19:35 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2012-01-08 15:19:34 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2012-01-08 15:19:34 ----A---- C:\Windows\SYSWOW64\systemcpl.dll
2012-01-08 15:19:34 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2012-01-08 15:19:34 ----A---- C:\Windows\SYSWOW64\sethc.exe
2012-01-08 15:19:34 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2012-01-08 15:19:34 ----A---- C:\Windows\SYSWOW64\riched20.dll
2012-01-08 15:19:34 ----A---- C:\Windows\SYSWOW64\OobeFldr.dll
2012-01-08 15:19:34 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2012-01-08 15:19:34 ----A---- C:\Windows\SYSWOW64\ntlanman.dll
2012-01-08 15:19:34 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2012-01-08 15:19:34 ----A---- C:\Windows\SYSWOW64\dskquoui.dll
2012-01-08 15:19:34 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2012-01-08 15:19:34 ----A---- C:\Windows\system32\wavemsp.dll

[jaruneczka]

info.txt logfile of random's system information tool 1.09 2012-01-09 18:14:06

======Uninstall list======

@BIOS-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}\Setup.exe" -l0x9 -removeonly
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_Plugin.exe -maintain plugin
Adobe Reader X (10.1.0) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Advanced SystemCare 5-->"C:\Program Files (x86)\IObit\Advanced SystemCare 5\unins000.exe"
Aktualizace NVIDIA 1.3.5-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.Update
AutoGreen B09.1014.2-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C75FAD21-EC08-42F3-92D6-C9C0AB355345}
Browser Configuration Utility-->MsiExec.exe /X{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
DES 2.0-->C:\Program Files (x86)\InstallShield Installation Information\{675F86A8-E093-4002-87D5-915CC2C45571}\Setup.exe /UNINST
Easy Tune 6 B10.0521.1-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{457D7505-D665-4F95-91C3-ECB8C56E9ACA}
eMessenger 310-->"C:\Program Files (x86)\InstallShield Installation Information\{6CE28479-63DF-4EE7-92C4-5FF2069CB358}\setup.exe" -runfromtemp -l0x0005 -removeonly
Gigabyte Raid Configurer-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\SETUP.EXE" -l0x9 -removeonly
Google Talk (remove only)-->"C:\Program Files (x86)\Google\Google Talk\uninstall.exe"
Guard.ICQ-->"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /uninstall
ICQ Toolbar-->C:\Program Files (x86)\ICQ6Toolbar\ICQUnToolbar.exe
ICQ7.7-->"C:\Program Files (x86)\InstallShield Installation Information\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
Intel(R) Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
IrfanView (remove only)-->C:\Program Files (x86)\IrfanView\iv_uninstall.exe
Java(TM) 6 Update 30-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216029FF}
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{790E02A1-145A-3843-8C13-A4F41C9B48B7}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Mozilla Firefox 9.0.1 (x86 cs)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird 9.0.1 (x86 cs)-->C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
NVIDIA Ovladače grafiky 275.33-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.1\NVI2.DLL",UninstallPackage Display.Driver
OLYMPUS Master 2-->MsiExec.exe /X{CB49B376-1136-44B4-83FA-036334B59937}
ON_OFF Charge B10.0427.1-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{3DECD372-76A1-4483-BF10-B547790A3261}\setup.exe" -l0x9 -removeonly
OpenOffice.org 3.3-->MsiExec.exe /I{D5B94160-4A07-4956-9C73-8C5EEFEF180F}
QuickTime-->MsiExec.exe /I{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}
Realtek Ethernet Controller Driver For Windows 7-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.Exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -removeonly
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder ClientLP
Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skype™ 5.5-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A}
Smart 6 B10.0422.1-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{3B35725F-C623-4A1E-B5CC-99C0868679E3}\Setup.exe" -l0x9 -removeonly
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
WinRAR-->C:\Program Files\WinRAR\uninstall.exe

======System event log======

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Cryptographic Services byl změněn na: stopped
Record Number: 5
Source Name: Service Control Manager
Time Written: 20090714051424.262212-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Windows Modules Installer byl změněn na: stopped
Record Number: 4
Source Name: Service Control Manager
Time Written: 20090714051424.168612-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Software Protection byl změněn na: stopped
Record Number: 3
Source Name: Service Control Manager
Time Written: 20090714051424.059412-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Windows Event Log byl změněn na: stopped
Record Number: 2
Source Name: Service Control Manager
Time Written: 20090714051424.012612-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Volume Shadow Copy byl změněn na: stopped
Record Number: 1
Source Name: Service Control Manager
Time Written: 20090714051423.934612-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: 37L4247E29-32
Event Code: 1001
Message: Chybný blok , typ 0
Název události: PnPRequestAdditionalSoftware
Reakce: Není k dispozici
ID souboru CAB: 0

Podpis problému:
P1: x64
P2: USB\VID_046D&PID_C52B&REV_1201&MI_01
P3: 6.1.0.0
P4: 0405
P5: input.inf
P6: *
P7:
P8:
P9:
P10:

Připojené soubory:

Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_28defbb21a955514d22a65d12e5e46a846f31f9_cab_05d18dec

Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: a016478c-39f1-11e1-b05d-c17fbecea72a
Stav hlášení: 6
Record Number: 5
Source Name: Windows Error Reporting
Time Written: 20120108120934.000000-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20120108120921.000000-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20120108120919.000000-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.


Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20120108120913.559340-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: 37L4247E29-32
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20120108120913.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: 37L4247E29-32
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120108120900.190117-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247E29-32$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x1f4
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120108120900.190117-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.

Počet prvků: 0
ID zásady: 0x31db2
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120108120849.270098-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 0

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120108120844.683689-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4608
Message: Spouští se systém Windows.

Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120108120844.652489-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\QuickTime\QTSystem
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=2505
"CLASSPATH"=.;C:\Program Files (x86)\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files (x86)\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------

[vyosek]

Zdravim

Odinstalujte ICQ Toolbar

Odinstalujte Advanced SystemCare 4 a IObit Malware Fighter a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

[jaruneczka]

OTL Extras logfile created on: 10.1.2012 7:49:24 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Jaroslava\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,99 Gb Total Physical Memory | 2,85 Gb Available Physical Memory | 71,45% Memory free
7,98 Gb Paging File | 6,80 Gb Available in Paging File | 85,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 885,75 Gb Free Space | 95,10% Space Free | Partition Type: NTFS

Computer Name: JAROSLAVA-PC | User Name: Jaroslava | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2653022638-3998562978-713219669-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BA0C98EF-FDD6-423D-BFFD-57580DE283F0}" = ESET Smart Security
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 30
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
"{3B35725F-C623-4A1E-B5CC-99C0868679E3}" = Smart 6 B10.0422.1
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B10.0427.1
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B10.0521.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{675F86A8-E093-4002-87D5-915CC2C45571}" = DES 2.0
"{6CE28479-63DF-4EE7-92C4-5FF2069CB358}" = eMessenger 310
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}" = Browser Configuration Utility
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Czech
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B09.1014.2
"{CB49B376-1136-44B4-83FA-036334B59937}" = OLYMPUS Master 2
"{D5B94160-4A07-4956-9C73-8C5EEFEF180F}" = OpenOffice.org 3.3
"{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}" = QuickTime
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Guard.Mail.ru" = Guard.ICQ
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B10.0521.1
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B09.1014.2
"IrfanView" = IrfanView (remove only)
"Mozilla Firefox 9.0.1 (x86 cs)" = Mozilla Firefox 9.0.1 (x86 cs)
"Mozilla Thunderbird 9.0.1 (x86 cs)" = Mozilla Thunderbird 9.0.1 (x86 cs)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10.1.2012 2:32:58 | Computer Name = Jaroslava-PC | Source = ESENT | ID = 455
Description = Windows (3036) Windows: Při otevírání souboru protokolu C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0000B.log
došlo k chybě -1811.

Error - 10.1.2012 2:32:58 | Computer Name = Jaroslava-PC | Source = Windows Search Service | ID = 9000
Description =

Error - 10.1.2012 2:32:58 | Computer Name = Jaroslava-PC | Source = Windows Search Service | ID = 7040
Description =

Error - 10.1.2012 2:32:58 | Computer Name = Jaroslava-PC | Source = Windows Search Service | ID = 7042
Description =

Error - 10.1.2012 2:32:58 | Computer Name = Jaroslava-PC | Source = Windows Search Service | ID = 9002
Description =

Error - 10.1.2012 2:32:58 | Computer Name = Jaroslava-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 10.1.2012 2:32:59 | Computer Name = Jaroslava-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 10.1.2012 2:32:59 | Computer Name = Jaroslava-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 10.1.2012 2:32:59 | Computer Name = Jaroslava-PC | Source = Windows Search Service | ID = 3058
Description =

Error - 10.1.2012 2:32:59 | Computer Name = Jaroslava-PC | Source = Windows Search Service | ID = 7010
Description =

[ System Events ]
Error - 9.1.2012 3:25:30 | Computer Name = Jaroslava-PC | Source = cdrom | ID = 262159
Description = Zařízení \Device\CdRom0 ještě není připraveno pro přístup.

Error - 9.1.2012 3:25:31 | Computer Name = Jaroslava-PC | Source = cdrom | ID = 262159
Description = Zařízení \Device\CdRom0 ještě není připraveno pro přístup.

Error - 9.1.2012 6:26:19 | Computer Name = Jaroslava-PC | Source = iaStor | ID = 262153
Description = Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.

Error - 9.1.2012 7:43:30 | Computer Name = Jaroslava-PC | Source = Service Control Manager | ID = 7034
Description = Služba Advanced SystemCare Service 5 byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 9.1.2012 9:39:57 | Computer Name = Jaroslava-PC | Source = iaStor | ID = 262153
Description = Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.

Error - 9.1.2012 13:10:30 | Computer Name = Jaroslava-PC | Source = Service Control Manager | ID = 7024
Description = Služba Windows Search ukončena s chybou %%-1073473535, specifickou
pro službu.

Error - 9.1.2012 13:10:30 | Computer Name = Jaroslava-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error - 10.1.2012 2:32:59 | Computer Name = Jaroslava-PC | Source = Service Control Manager | ID = 7024
Description = Služba Windows Search ukončena s chybou %%-1073473535, specifickou
pro službu.

Error - 10.1.2012 2:32:59 | Computer Name = Jaroslava-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error - 10.1.2012 2:43:07 | Computer Name = Jaroslava-PC | Source = Service Control Manager | ID = 7034
Description = Služba Advanced SystemCare Service 5 byla neočekávaně ukončena. Tento
stav nastal již 1krát.


< End of report >

[jaruneczka]

OTL logfile created on: 10.1.2012 7:49:24 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Jaroslava\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,99 Gb Total Physical Memory | 2,85 Gb Available Physical Memory | 71,45% Memory free
7,98 Gb Paging File | 6,80 Gb Available in Paging File | 85,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 885,75 Gb Free Space | 95,10% Space Free | Partition Type: NTFS

Computer Name: JAROSLAVA-PC | User Name: Jaroslava | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.01.10 07:38:43 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Jaroslava\Desktop\OTL.exe
PRC - [2012.01.08 16:15:16 | 001,564,368 | ---- | M] () -- C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
PRC - [2011.09.22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.05.21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2010.09.07 10:46:56 | 000,072,280 | R--- | M] () -- C:\Windows\SysWOW64\XSrvSetup.exe
PRC - [2010.04.22 15:05:26 | 001,011,712 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
PRC - [2009.10.15 14:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2009.10.15 14:06:42 | 000,375,000 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
PRC - [2009.10.13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
PRC - [2009.10.02 13:26:12 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009.07.14 02:14:30 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\regsvr32.exe
PRC - [2009.06.17 16:13:06 | 000,068,136 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
PRC - [2007.01.01 22:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Google Talk\googletalk.exe


========== Modules (No Company Name) ==========

MOD - [2009.06.27 10:11:12 | 000,503,202 | ---- | M] () -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.09.22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010.04.06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012.01.08 16:15:16 | 001,564,368 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe -- (Guard.Mail.ru)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.05.21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010.09.07 10:46:56 | 000,072,280 | R--- | M] () [Auto | Running] -- C:\Windows\SysWOW64\XSrvSetup.exe -- (JMB36X)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.10.15 14:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009.10.13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe -- (Smart TimeLock)
SRV - [2009.10.02 13:26:12 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Úložná technologie Intel(R)
SRV - [2009.06.17 16:13:06 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe -- (DES2 Service)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.08.09 14:24:52 | 000,202,576 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2011.08.04 09:20:38 | 000,187,632 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2011.08.04 09:20:38 | 000,146,432 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2011.08.04 09:20:38 | 000,062,496 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2011.08.04 09:20:38 | 000,038,288 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.09.07 03:37:28 | 000,121,432 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2010.04.27 11:56:38 | 000,021,544 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010.03.04 14:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.10.02 12:58:58 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.28 10:07:54 | 000,532,480 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PAC7302.SYS -- (PAC7302)
DRV - [2012.01.10 07:32:45 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2012.01.08 14:52:35 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found


IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2653022638-3998562978-713219669-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Jaroslava\Desktop
IE - HKU\S-1-5-21-2653022638-3998562978-713219669-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
IE - HKU\S-1-5-21-2653022638-3998562978-713219669-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2653022638-3998562978-713219669-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.centrum.cz"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.4.3&q="
FF - prefs.js..network.proxy.type: 4


FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2012.01.08 13:53:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.08 20:04:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.01.08 20:04:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012.01.08 13:53:55 | 000,000,000 | ---D | M]

[2012.01.08 14:20:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jaroslava\AppData\Roaming\Mozilla\Extensions
[2012.01.09 18:11:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\extensions
[2012.01.09 18:11:46 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\searchplugins\icqplugin.xml
[2012.01.09 12:51:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.01.08 16:18:37 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.01.09 12:48:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2012.01.09 12:51:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\JAROSLAVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1MLA55PJ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.12.21 08:39:32 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.12.21 07:21:58 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2011.12.21 07:21:58 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.12.21 07:21:58 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2011.12.21 07:21:58 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.12.21 07:21:58 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2012.01.08 21:34:51 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKU\S-1-5-21-2653022638-3998562978-713219669-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2653022638-3998562978-713219669-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2653022638-3998562978-713219669-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2653022638-3998562978-713219669-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2653022638-3998562978-713219669-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKU\S-1-5-21-2653022638-3998562978-713219669-1000\..Trusted Domains: mojebanka.cz ([www] https in Důvěryhodné servery)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4629D220-B67E-4CAC-9A1E-405FD57ED7A4}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.01.10 07:38:41 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Jaroslava\Desktop\OTL.exe
[2012.01.09 12:51:20 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012.01.09 12:51:20 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012.01.09 12:51:20 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012.01.09 12:48:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012.01.09 12:48:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.01.09 12:48:35 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012.01.09 12:48:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012.01.08 21:38:55 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.01.08 21:17:52 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Roaming\Jewel Match 3
[2012.01.08 21:10:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012.01.08 21:10:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012.01.08 21:04:34 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Local\WindowsUpdate
[2012.01.08 20:30:46 | 000,055,296 | ---- | C] (PixArt Imaging Incorporation) -- C:\Windows\SysWow64\Remove.exe
[2012.01.08 20:30:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KYE SYSTEMS CORP
[2012.01.08 20:30:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMessenger 310
[2012.01.08 20:30:43 | 000,141,824 | ---- | C] (PixArt Imaging Incorporation) -- C:\Windows\SysWow64\SP7302.ax
[2012.01.08 20:30:43 | 000,014,336 | ---- | C] (PixArt Imaging Inc.) -- C:\Windows\SysWow64\P7302USD.dll
[2012.01.08 20:30:43 | 000,000,000 | ---D | C] -- C:\Windows\PixArt
[2012.01.08 20:20:43 | 000,532,480 | ---- | C] (PixArt Imaging Inc.) -- C:\Windows\SysNative\drivers\PAC7302.SYS
[2012.01.08 20:20:43 | 000,008,704 | ---- | C] (PixArt Imaging Inc.) -- C:\Windows\SysNative\CoInst_071029.dll
[2012.01.08 20:20:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PAC7302
[2012.01.08 20:04:35 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Local\OLYMPUS
[2012.01.08 20:03:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.01.08 20:03:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012.01.08 20:03:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012.01.08 20:03:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OLYMPUS Master 2
[2012.01.08 20:03:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OLYMPUS
[2012.01.08 20:02:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012.01.08 19:59:35 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2012.01.08 18:13:49 | 000,023,896 | ---- | C] (IObit) -- C:\Windows\SysNative\RegistryDefragBootTime.exe
[2012.01.08 18:10:03 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2012.01.08 17:47:50 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.01.08 16:18:28 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Roaming\Skype
[2012.01.08 16:18:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.01.08 16:18:24 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.01.08 16:18:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.01.08 16:15:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.7
[2012.01.08 16:15:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar
[2012.01.08 16:15:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guard-ICQ
[2012.01.08 16:15:15 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2012.01.08 16:15:04 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Roaming\ICQ
[2012.01.08 16:14:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.7
[2012.01.08 16:02:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012.01.08 16:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012.01.08 16:01:54 | 006,300,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012.01.08 16:01:54 | 003,040,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012.01.08 16:01:54 | 002,560,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012.01.08 16:01:54 | 000,739,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\easyupdatusapiu64.dll
[2012.01.08 16:01:54 | 000,117,864 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012.01.08 16:01:54 | 000,061,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012.01.08 16:01:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012.01.08 16:01:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012.01.08 16:01:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012.01.08 16:01:14 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012.01.08 16:01:04 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012.01.08 15:52:55 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Roaming\OpenOffice.org
[2012.01.08 15:52:16 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3
[2012.01.08 15:51:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2012.01.08 15:47:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Open Office
[2012.01.08 15:27:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2012.01.08 15:26:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2012.01.08 15:21:20 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2012.01.08 15:21:20 | 000,048,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2012.01.08 15:21:12 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2012.01.08 15:21:09 | 003,715,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2012.01.08 15:21:09 | 001,838,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2012.01.08 15:21:09 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2012.01.08 15:21:09 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2012.01.08 15:21:06 | 003,215,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2012.01.08 15:21:03 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2012.01.08 15:21:03 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2012.01.08 15:21:00 | 014,633,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2012.01.08 15:20:58 | 004,120,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2012.01.08 15:20:58 | 003,205,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmcndmgr.dll
[2012.01.08 15:20:58 | 001,731,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.01.08 15:20:58 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2012.01.08 15:20:57 | 003,008,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xpsservices.dll
[2012.01.08 15:20:57 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2012.01.08 15:20:57 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2012.01.08 15:20:57 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2012.01.08 15:20:57 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2012.01.08 15:20:55 | 001,219,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2012.01.08 15:20:55 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2012.01.08 15:20:55 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2012.01.08 15:20:54 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2012.01.08 15:20:53 | 002,086,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2012.01.08 15:20:52 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizui.dll
[2012.01.08 15:20:50 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2012.01.08 15:20:50 | 001,556,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RacEngn.dll
[2012.01.08 15:20:50 | 001,340,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diagperf.dll
[2012.01.08 15:20:50 | 001,197,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2012.01.08 15:20:49 | 001,866,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2012.01.08 15:20:49 | 001,753,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vssapi.dll
[2012.01.08 15:20:48 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2012.01.08 15:20:48 | 001,326,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NaturalLanguage6.dll
[2012.01.08 15:20:47 | 003,860,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbon.dll
[2012.01.08 15:20:47 | 000,299,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcupdate_GenuineIntel.dll
[2012.01.08 15:20:46 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2012.01.08 15:20:45 | 003,027,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVCORE.DLL
[2012.01.08 15:20:44 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2012.01.08 15:20:44 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2012.01.08 15:20:44 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpdd.dll
[2012.01.08 15:20:44 | 000,109,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2012.01.08 15:20:44 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2012.01.08 15:20:43 | 003,957,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe
[2012.01.08 15:20:43 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2012.01.08 15:20:43 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spinstall.exe
[2012.01.08 15:20:43 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spreview.exe
[2012.01.08 15:20:42 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d9.dll
[2012.01.08 15:20:42 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2012.01.08 15:20:41 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RacEngn.dll
[2012.01.08 15:20:41 | 000,867,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFolder.dll
[2012.01.08 15:20:40 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuthFWSnapin.dll
[2012.01.08 15:20:39 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuthFWSnapin.dll
[2012.01.08 15:20:39 | 003,391,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbgeng.dll
[2012.01.08 15:20:39 | 001,632,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll
[2012.01.08 15:20:36 | 001,456,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.01.08 15:20:35 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2012.01.08 15:20:34 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.01.08 15:20:34 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
[2012.01.08 15:20:34 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2012.01.08 15:20:33 | 001,244,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2fs.dll
[2012.01.08 15:20:33 | 001,116,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2012.01.08 15:20:33 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netlogon.dll
[2012.01.08 15:20:33 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqmapi.dll
[2012.01.08 15:20:32 | 001,212,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
[2012.01.08 15:20:32 | 000,787,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2012.01.08 15:20:31 | 001,900,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupapi.dll
[2012.01.08 15:20:31 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2012.01.08 15:20:30 | 001,927,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2012.01.08 15:20:30 | 001,281,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\werconcpl.dll
[2012.01.08 15:20:30 | 001,008,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2012.01.08 15:20:30 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2012.01.08 15:20:30 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2012.01.08 15:20:30 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
[2012.01.08 15:20:29 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certmgr.dll
[2012.01.08 15:20:29 | 001,049,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2012.01.08 15:20:29 | 000,376,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012.01.08 15:20:28 | 000,955,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.01.08 15:20:28 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceApi.dll
[2012.01.08 15:20:28 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012.01.08 15:20:28 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2012.01.08 15:20:28 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2012.01.08 15:20:28 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsmf.dll
[2012.01.08 15:20:28 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012.01.08 15:20:28 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
[2012.01.08 15:20:28 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Roaming\IrfanView
[2012.01.08 15:20:27 | 002,652,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netshell.dll
[2012.01.08 15:20:27 | 001,509,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtctm.dll
[2012.01.08 15:20:27 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll
[2012.01.08 15:20:27 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2012.01.08 15:20:27 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2012.01.08 15:20:27 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shlwapi.dll
[2012.01.08 15:20:27 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\framedynos.dll
[2012.01.08 15:20:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[2012.01.08 15:20:26 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2012.01.08 15:20:26 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2012.01.08 15:20:26 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcfgx.dll
[2012.01.08 15:20:26 | 000,390,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2012.01.08 15:20:26 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ws2_32.dll
[2012.01.08 15:20:26 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpmonui.dll
[2012.01.08 15:20:25 | 002,055,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Query.dll
[2012.01.08 15:20:25 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.01.08 15:20:25 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012.01.08 15:20:25 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2012.01.08 15:20:25 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2012.01.08 15:20:25 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comdlg32.dll
[2012.01.08 15:20:25 | 000,481,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpps.dll
[2012.01.08 15:20:25 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsm.exe
[2012.01.08 15:20:25 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apphelp.dll
[2012.01.08 15:20:24 | 002,543,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdshext.dll
[2012.01.08 15:20:24 | 000,897,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\azroles.dll
[2012.01.08 15:20:24 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvstore.dll
[2012.01.08 15:20:24 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsmf.dll
[2012.01.08 15:20:24 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QAGENT.DLL
[2012.01.08 15:20:24 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3api.dll
[2012.01.08 15:20:23 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbgeng.dll
[2012.01.08 15:20:23 | 001,098,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Vault.dll
[2012.01.08 15:20:23 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2012.01.08 15:20:23 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.01.08 15:20:23 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpksetup.exe
[2012.01.08 15:20:23 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmd.exe
[2012.01.08 15:20:23 | 000,281,600 | ---- | C] (Microsoft) -- C:\Windows\SysNative\DShowRdpFilter.dll
[2012.01.08 15:20:22 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2012.01.08 15:20:22 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcfgx.dll
[2012.01.08 15:20:21 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2012.01.08 15:20:21 | 001,190,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2012.01.08 15:20:21 | 000,582,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sxs.dll
[2012.01.08 15:20:21 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012.01.08 15:20:20 | 001,808,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnidui.dll
[2012.01.08 15:20:20 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipsmsnap.dll
[2012.01.08 15:20:20 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2012.01.08 15:20:20 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfds.dll
[2012.01.08 15:20:20 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wldap32.dll
[2012.01.08 15:20:20 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcbuilder.exe
[2012.01.08 15:20:20 | 000,252,928 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\DShowRdpFilter.dll
[2012.01.08 15:20:20 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hgprint.dll
[2012.01.08 15:20:20 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2012.01.08 15:20:19 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcndmgr.dll
[2012.01.08 15:20:19 | 001,158,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webservices.dll
[2012.01.08 15:20:19 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2fs.dll
[2012.01.08 15:20:19 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2012.01.08 15:20:18 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2012.01.08 15:20:18 | 000,933,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlsrv32.dll
[2012.01.08 15:20:18 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2012.01.08 15:20:18 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fveapi.dll
[2012.01.08 15:20:18 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsta.dll
[2012.01.08 15:20:18 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mcbuilder.exe
[2012.01.08 15:20:18 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3api.dll
[2012.01.08 15:20:17 | 001,009,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcmde.dll
[2012.01.08 15:20:17 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prncache.dll
[2012.01.08 15:20:16 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certmgr.dll
[2012.01.08 15:20:16 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanpref.dll
[2012.01.08 15:20:16 | 001,243,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMNetMgr.dll
[2012.01.08 15:20:16 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
[2012.01.08 15:20:15 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xpsservices.dll
[2012.01.08 15:20:15 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.01.08 15:20:15 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2012.01.08 15:20:15 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\photowiz.dll
[2012.01.08 15:20:15 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvstore.dll
[2012.01.08 15:20:15 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpnike.dll
[2012.01.08 15:20:15 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.01.08 15:20:15 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userenv.dll
[2012.01.08 15:20:14 | 002,262,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SyncCenter.dll
[2012.01.08 15:20:14 | 002,072,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPEncEn.dll
[2012.01.08 15:20:14 | 001,082,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppobjs.dll
[2012.01.08 15:20:14 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2012.01.08 15:20:14 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpeffects.dll
[2012.01.08 15:20:14 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2012.01.08 15:20:14 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmd.exe
[2012.01.08 15:20:14 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2012.01.08 15:20:14 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\framedyn.dll
[2012.01.08 15:20:13 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2012.01.08 15:20:13 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2012.01.08 15:20:12 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localsec.dll
[2012.01.08 15:20:12 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2.dll
[2012.01.08 15:20:12 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSATAPI.dll
[2012.01.08 15:20:12 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012.01.08 15:20:12 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netdiagfx.dll
[2012.01.08 15:20:12 | 000,298,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcryptprimitives.dll
[2012.01.08 15:20:12 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfds.dll
[2012.01.08 15:20:12 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\stobject.dll
[2012.01.08 15:20:12 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\framedynos.dll
[2012.01.08 15:20:12 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2012.01.08 15:20:12 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fde.dll
[2012.01.08 15:20:12 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2012.01.08 15:20:11 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\azroles.dll
[2012.01.08 15:20:11 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\biocpl.dll
[2012.01.08 15:20:11 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpipcfg.dll
[2012.01.08 15:20:11 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spp.dll
[2012.01.08 15:20:11 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QSHVHOST.DLL
[2012.01.08 15:20:11 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetpp.dll
[2012.01.08 15:20:11 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netid.dll
[2012.01.08 15:20:11 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012.01.08 15:20:11 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2012.01.08 15:20:10 | 002,755,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themeui.dll
[2012.01.08 15:20:10 | 002,746,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2012.01.08 15:20:10 | 001,050,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printui.dll
[2012.01.08 15:20:10 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mspbda.dll
[2012.01.08 15:20:10 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoScreensaver.scr
[2012.01.08 15:20:10 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msinfo32.exe
[2012.01.08 15:20:10 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scansetting.dll
[2012.01.08 15:20:10 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012.01.08 15:20:09 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2012.01.08 15:20:09 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wusa.exe
[2012.01.08 15:20:09 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IPHLPAPI.DLL
[2012.01.08 15:20:09 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aitagent.exe
[2012.01.08 15:20:08 | 003,211,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012.01.08 15:20:08 | 000,934,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FirewallControlPanel.dll
[2012.01.08 15:20:08 | 000,854,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbghelp.dll
[2012.01.08 15:20:08 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscms.dll
[2012.01.08 15:20:08 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv
[2012.01.08 15:20:08 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wisptis.exe
[2012.01.08 15:20:08 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2012.01.08 15:20:08 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PkgMgr.exe
[2012.01.08 15:20:08 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2012.01.08 15:20:08 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2012.01.08 15:20:08 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\basecsp.dll
[2012.01.08 15:20:07 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
[2012.01.08 15:20:07 | 000,418,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppwinob.dll
[2012.01.08 15:20:07 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WinSATAPI.dll
[2012.01.08 15:20:07 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2012.01.08 15:20:07 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ocsetup.exe
[2012.01.08 15:20:07 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ocsetapi.dll
[2012.01.08 15:20:06 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012.01.08 15:20:06 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmsys.cpl
[2012.01.08 15:20:06 | 000,780,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll
[2012.01.08 15:20:06 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqlsrv32.dll
[2012.01.08 15:20:06 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\calc.exe
[2012.01.08 15:20:06 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012.01.08 15:20:06 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DXP.dll
[2012.01.08 15:20:06 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapp3hst.dll
[2012.01.08 15:20:06 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapphost.dll
[2012.01.08 15:20:06 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2012.01.08 15:20:06 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprapi.dll
[2012.01.08 15:20:06 | 000,128,000 | ---- | C] (Microsoft) -- C:\Windows\SysNative\Robocopy.exe
[2012.01.08 15:20:05 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll
[2012.01.08 15:20:05 | 000,263,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll
[2012.01.08 15:20:05 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2012.01.08 15:20:05 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\thumbcache.dll
[2012.01.08 15:20:05 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys
[2012.01.08 15:20:04 | 002,494,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netshell.dll
[2012.01.08 15:20:04 | 001,457,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DxpTaskSync.dll
[2012.01.08 15:20:04 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2ENC.DLL
[2012.01.08 15:20:04 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PerfCenterCPL.dll
[2012.01.08 15:20:04 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scecli.dll
[2012.01.08 15:20:04 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmredir.dll

[jaruneczka]

[2012.01.08 15:20:03 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll
[2012.01.08 15:20:03 | 000,932,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\printui.dll
[2012.01.08 15:20:03 | 000,675,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DXPTaskRingtone.dll
[2012.01.08 15:20:03 | 000,429,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\puiobj.dll
[2012.01.08 15:20:03 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\onex.dll
[2012.01.08 15:20:03 | 000,179,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2012.01.08 15:20:03 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012.01.08 15:20:03 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prncache.dll
[2012.01.08 15:20:03 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2012.01.08 15:20:02 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpeffects.dll
[2012.01.08 15:20:02 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2012.01.08 15:20:02 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\net1.exe
[2012.01.08 15:20:02 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2012.01.08 15:20:01 | 001,363,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdc.dll
[2012.01.08 15:20:01 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll
[2012.01.08 15:20:01 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scansetting.dll
[2012.01.08 15:20:00 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcenter.dll
[2012.01.08 15:20:00 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdengin2.dll
[2012.01.08 15:20:00 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2012.01.08 15:20:00 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VAN.dll
[2012.01.08 15:20:00 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2012.01.08 15:20:00 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlangpui.dll
[2012.01.08 15:20:00 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiadefui.dll
[2012.01.08 15:20:00 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVol.exe
[2012.01.08 15:20:00 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dskquoui.dll
[2012.01.08 15:20:00 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samcli.dll
[2012.01.08 15:20:00 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2012.01.08 15:19:59 | 002,621,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.01.08 15:19:59 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pnidui.dll
[2012.01.08 15:19:59 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlangpui.dll
[2012.01.08 15:19:59 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srchadmin.dll
[2012.01.08 15:19:59 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QSHVHOST.DLL
[2012.01.08 15:19:59 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2012.01.08 15:19:59 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2012.01.08 15:19:59 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2012.01.08 15:19:59 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QUTIL.DLL
[2012.01.08 15:19:59 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\regapi.dll
[2012.01.08 15:19:58 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SyncCenter.dll
[2012.01.08 15:19:58 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webservices.dll
[2012.01.08 15:19:58 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appwiz.cpl
[2012.01.08 15:19:58 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TabletPC.cpl
[2012.01.08 15:19:58 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2012.01.08 15:19:58 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012.01.08 15:19:58 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2012.01.08 15:19:58 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2012.01.08 15:19:58 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netdiagfx.dll
[2012.01.08 15:19:58 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fde.dll
[2012.01.08 15:19:58 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupcl.exe
[2012.01.08 15:19:58 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2012.01.08 15:19:58 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2012.01.08 15:19:57 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netiohlp.dll
[2012.01.08 15:19:57 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mimefilt.dll
[2012.01.08 15:19:56 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2ENC.DLL
[2012.01.08 15:19:56 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012.01.08 15:19:56 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayCpl.dll
[2012.01.08 15:19:56 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hgcpl.dll
[2012.01.08 15:19:56 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clusapi.dll
[2012.01.08 15:19:56 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msconfig.exe
[2012.01.08 15:19:56 | 000,166,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\basecsp.dll
[2012.01.08 15:19:56 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdeploy.dll
[2012.01.08 15:19:56 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsmproxy.dll
[2012.01.08 15:19:55 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2012.01.08 15:19:55 | 000,633,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched20.dll
[2012.01.08 15:19:55 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DXPTaskRingtone.dll
[2012.01.08 15:19:55 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2.dll
[2012.01.08 15:19:55 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mtxclu.dll
[2012.01.08 15:19:55 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscmmc.dll
[2012.01.08 15:19:55 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2012.01.08 15:19:54 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPEncEn.dll
[2012.01.08 15:19:54 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercpl.dll
[2012.01.08 15:19:54 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sharemediacpl.dll
[2012.01.08 15:19:54 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onex.dll
[2012.01.08 15:19:54 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logoncli.dll
[2012.01.08 15:19:54 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RpcRtRemote.dll
[2012.01.08 15:19:53 | 002,193,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themecpl.dll
[2012.01.08 15:19:53 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eudcedit.exe
[2012.01.08 15:19:53 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nci.dll
[2012.01.08 15:19:52 | 002,250,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SensorsCpl.dll
[2012.01.08 15:19:52 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Narrator.exe
[2012.01.08 15:19:52 | 000,668,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autochk.exe
[2012.01.08 15:19:52 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autofmt.exe
[2012.01.08 15:19:52 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Faultrep.dll
[2012.01.08 15:19:52 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netjoin.dll
[2012.01.08 15:19:52 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiohlp.dll
[2012.01.08 15:19:52 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hbaapi.dll
[2012.01.08 15:19:52 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpnikeapi.dll
[2012.01.08 15:19:51 | 000,777,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autochk.exe
[2012.01.08 15:19:51 | 000,763,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autofmt.exe
[2012.01.08 15:19:51 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoconv.exe
[2012.01.08 15:19:51 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2012.01.08 15:19:51 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinfo32.exe
[2012.01.08 15:19:51 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppcomapi.dll
[2012.01.08 15:19:51 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msutb.dll
[2012.01.08 15:19:51 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2012.01.08 15:19:51 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\regapi.dll
[2012.01.08 15:19:51 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mimefilt.dll
[2012.01.08 15:19:51 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\proquota.exe
[2012.01.08 15:19:50 | 001,264,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdclt.exe
[2012.01.08 15:19:50 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoconv.exe
[2012.01.08 15:19:50 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpd_ci.dll
[2012.01.08 15:19:50 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshipsec.dll
[2012.01.08 15:19:50 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercpl.dll
[2012.01.08 15:19:50 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipsmsnap.dll
[2012.01.08 15:19:50 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2012.01.08 15:19:50 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srchadmin.dll
[2012.01.08 15:19:50 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapphost.dll
[2012.01.08 15:19:50 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\framedyn.dll
[2012.01.08 15:19:50 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpipcfg.dll
[2012.01.08 15:19:50 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2012.01.08 15:19:50 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdsrv.dll
[2012.01.08 15:19:50 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shsetup.dll
[2012.01.08 15:19:50 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\audiodg.exe
[2012.01.08 15:19:50 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2012.01.08 15:19:49 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmiEngine.dll
[2012.01.08 15:19:49 | 000,905,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmsys.cpl
[2012.01.08 15:19:49 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontext.dll
[2012.01.08 15:19:49 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuxiliaryDisplayCpl.dll
[2012.01.08 15:19:49 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012.01.08 15:19:49 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanui.dll
[2012.01.08 15:19:49 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanconn.dll
[2012.01.08 15:19:49 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QAGENT.DLL
[2012.01.08 15:19:49 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys
[2012.01.08 15:19:49 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prntvpt.dll
[2012.01.08 15:19:49 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2012.01.08 15:19:49 | 000,154,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll
[2012.01.08 15:19:48 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdc.dll
[2012.01.08 15:19:48 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Display.dll
[2012.01.08 15:19:48 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mblctr.exe
[2012.01.08 15:19:48 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\batmeter.dll
[2012.01.08 15:19:48 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2012.01.08 15:19:48 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2012.01.08 15:19:48 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\untfs.dll
[2012.01.08 15:19:48 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll
[2012.01.08 15:19:48 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpsrcwp.dll
[2012.01.08 15:19:48 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprddm.dll
[2012.01.08 15:19:48 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netid.dll
[2012.01.08 15:19:48 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2012.01.08 15:19:47 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bootres.dll
[2012.01.08 15:19:47 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanpref.dll
[2012.01.08 15:19:47 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DiagCpl.dll
[2012.01.08 15:19:47 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMNetMgr.dll
[2012.01.08 15:19:47 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Vault.dll
[2012.01.08 15:19:47 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usercpl.dll
[2012.01.08 15:19:47 | 000,098,816 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\Robocopy.exe
[2012.01.08 15:19:47 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSTPager.ax
[2012.01.08 15:19:47 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nci.dll
[2012.01.08 15:19:47 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2012.01.08 15:19:46 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DxpTaskSync.dll
[2012.01.08 15:19:46 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Display.dll
[2012.01.08 15:19:46 | 000,812,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpccpl.dll
[2012.01.08 15:19:46 | 000,433,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MCEWMDRMNDBootstrap.dll
[2012.01.08 15:19:46 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksproxy.ax
[2012.01.08 15:19:46 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskmgr.exe
[2012.01.08 15:19:46 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVolSSO.dll
[2012.01.08 15:19:46 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasppp.dll
[2012.01.08 15:19:46 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3cfg.dll
[2012.01.08 15:19:45 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prnfldr.dll
[2012.01.08 15:19:45 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\puiobj.dll
[2012.01.08 15:19:45 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mtxclu.dll
[2012.01.08 15:19:45 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiagn.dll
[2012.01.08 15:19:45 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskmgr.exe
[2012.01.08 15:19:45 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2012.01.08 15:19:45 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2012.01.08 15:19:45 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hbaapi.dll
[2012.01.08 15:19:45 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\userinit.exe
[2012.01.08 15:19:44 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiadefui.dll
[2012.01.08 15:19:44 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\untfs.dll
[2012.01.08 15:19:44 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\termmgr.dll
[2012.01.08 15:19:44 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll
[2012.01.08 15:19:44 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eudcedit.exe
[2012.01.08 15:19:44 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSAC3ENC.DLL
[2012.01.08 15:19:44 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppcomapi.dll
[2012.01.08 15:19:44 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasppp.dll
[2012.01.08 15:19:44 | 000,155,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2012.01.08 15:19:44 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logoncli.dll
[2012.01.08 15:19:44 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShServiceObj.dll
[2012.01.08 15:19:44 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shsetup.dll
[2012.01.08 15:19:44 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\proquota.exe
[2012.01.08 15:19:43 | 003,745,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\accessibilitycpl.dll
[2012.01.08 15:19:43 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SensorsCpl.dll
[2012.01.08 15:19:43 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FirewallControlPanel.dll
[2012.01.08 15:19:43 | 000,649,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appwiz.cpl
[2012.01.08 15:19:43 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.01.08 15:19:43 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2012.01.08 15:19:43 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userinit.exe
[2012.01.08 15:19:42 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themecpl.dll
[2012.01.08 15:19:42 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\zipfldr.dll
[2012.01.08 15:19:42 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slui.exe
[2012.01.08 15:19:42 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2012.01.08 15:19:42 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\defaultlocationcpl.dll
[2012.01.08 15:19:42 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2012.01.08 15:19:42 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscmmc.dll
[2012.01.08 15:19:41 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontext.dll
[2012.01.08 15:19:41 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sud.dll
[2012.01.08 15:19:41 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceCenter.dll
[2012.01.08 15:19:41 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\localsec.dll
[2012.01.08 15:19:41 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoScreensaver.scr
[2012.01.08 15:19:41 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hgcpl.dll
[2012.01.08 15:19:41 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scecli.dll
[2012.01.08 15:19:41 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2012.01.08 15:19:40 | 002,146,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkmap.dll
[2012.01.08 15:19:40 | 001,065,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll
[2012.01.08 15:19:40 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionCenter.dll
[2012.01.08 15:19:40 | 000,740,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\batmeter.dll
[2012.01.08 15:19:40 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VAN.dll
[2012.01.08 15:19:40 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PerfCenterCPL.dll
[2012.01.08 15:19:40 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\usercpl.dll
[2012.01.08 15:19:40 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2012.01.08 15:19:40 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012.01.08 15:19:40 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanui.dll
[2012.01.08 15:19:40 | 000,373,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\intl.cpl
[2012.01.08 15:19:40 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.01.08 15:19:40 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprddm.dll
[2012.01.08 15:19:40 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskbarcpl.dll
[2012.01.08 15:19:40 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OnLineIDCpl.dll
[2012.01.08 15:19:40 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVolSSO.dll
[2012.01.08 15:19:40 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twext.dll
[2012.01.08 15:19:40 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prntvpt.dll
[2012.01.08 15:19:40 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.01.08 15:19:39 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcenter.dll
[2012.01.08 15:19:39 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OobeFldr.dll
[2012.01.08 15:19:39 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsuiext.dll
[2012.01.08 15:19:39 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.01.08 15:19:39 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\azroleui.dll
[2012.01.08 15:19:39 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizeng.dll
[2012.01.08 15:19:39 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdedit.exe
[2012.01.08 15:19:39 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MediaMetadataHandler.dll
[2012.01.08 15:19:39 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVol.exe
[2012.01.08 15:19:39 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\azroleui.dll
[2012.01.08 15:19:39 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxlib.dll
[2012.01.08 15:19:39 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\recovery.dll
[2012.01.08 15:19:39 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cca.dll
[2012.01.08 15:19:39 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\isoburn.exe
[2012.01.08 15:19:39 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\w32tm.exe
[2012.01.08 15:19:39 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sisbkup.dll
[2012.01.08 15:19:38 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\accessibilitycpl.dll
[2012.01.08 15:19:38 | 001,003,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll
[2012.01.08 15:19:38 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdcpl.dll
[2012.01.08 15:19:38 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthprops.cpl
[2012.01.08 15:19:38 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\main.cpl
[2012.01.08 15:19:38 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2012.01.08 15:19:38 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shwebsvc.dll
[2012.01.08 15:19:38 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll
[2012.01.08 15:19:38 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\efscore.dll
[2012.01.08 15:19:38 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\recdisc.exe
[2012.01.08 15:19:38 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSAC3ENC.DLL
[2012.01.08 15:19:38 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysclass.dll
[2012.01.08 15:19:38 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\syncui.dll
[2012.01.08 15:19:38 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VBICodec.ax
[2012.01.08 15:19:38 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netplwiz.dll
[2012.01.08 15:19:38 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsldp.dll
[2012.01.08 15:19:38 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netjoin.dll
[2012.01.08 15:19:38 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoplay.dll
[2012.01.08 15:19:38 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncryptui.dll
[2012.01.08 15:19:38 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdeploy.dll
[2012.01.08 15:19:38 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tzutil.exe
[2012.01.08 15:19:38 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpapi.dll
[2012.01.08 15:19:38 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012.01.08 15:19:37 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\networkmap.dll
[2012.01.08 15:19:37 | 000,549,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionCenterCPL.dll
[2012.01.08 15:19:37 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizeng.dll
[2012.01.08 15:19:37 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll
[2012.01.08 15:19:37 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prnfldr.dll
[2012.01.08 15:19:37 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Faultrep.dll
[2012.01.08 15:19:37 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wusa.exe
[2012.01.08 15:19:37 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MCEWMDRMNDBootstrap.dll
[2012.01.08 15:19:37 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OnLineIDCpl.dll
[2012.01.08 15:19:37 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayServices.dll
[2012.01.08 15:19:37 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksxbar.ax
[2012.01.08 15:19:36 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sud.dll
[2012.01.08 15:19:36 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ActionCenter.dll
[2012.01.08 15:19:36 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll
[2012.01.08 15:19:36 | 000,474,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysmon.ocx
[2012.01.08 15:19:36 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\termmgr.dll
[2012.01.08 15:19:36 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sysmon.ocx
[2012.01.08 15:19:36 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ReAgent.dll
[2012.01.08 15:19:36 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2012.01.08 15:19:36 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2012.01.08 15:19:36 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\photowiz.dll
[2012.01.08 15:19:36 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sethc.exe
[2012.01.08 15:19:36 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iprtrmgr.dll
[2012.01.08 15:19:36 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MediaMetadataHandler.dll
[2012.01.08 15:19:36 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFPlay.dll
[2012.01.08 15:19:36 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\defaultlocationcpl.dll
[2012.01.08 15:19:36 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2012.01.08 15:19:36 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsutil.dll
[2012.01.08 15:19:36 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntlanman.dll
[2012.01.08 15:19:36 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3cfg.dll
[2012.01.08 15:19:36 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftp.exe
[2012.01.08 15:19:35 | 000,781,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll
[2012.01.08 15:19:35 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthprops.cpl
[2012.01.08 15:19:35 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ActionCenterCPL.dll
[2012.01.08 15:19:35 | 000,495,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmmgrtn.dll
[2012.01.08 15:19:35 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DeviceCenter.dll
[2012.01.08 15:19:35 | 000,446,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlcese30.dll
[2012.01.08 15:19:35 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shwebsvc.dll
[2012.01.08 15:19:35 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\intl.cpl
[2012.01.08 15:19:35 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ssText3d.scr
[2012.01.08 15:19:35 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unimdm.tsp
[2012.01.08 15:19:35 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iTVData.dll
[2012.01.08 15:19:35 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iprtrmgr.dll
[2012.01.08 15:19:35 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\efscore.dll
[2012.01.08 15:19:35 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\syncui.dll
[2012.01.08 15:19:35 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ifsutil.dll
[2012.01.08 15:19:35 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoplay.dll
[2012.01.08 15:19:35 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srvcli.dll
[2012.01.08 15:19:35 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UserAccountControlSettings.dll
[2012.01.08 15:19:35 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpd3d.dll
[2012.01.08 15:19:35 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2012.01.08 15:19:35 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2012.01.08 15:19:35 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012.01.08 15:19:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sisbkup.dll
[2012.01.08 15:19:35 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2012.01.08 15:19:34 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OobeFldr.dll
[2012.01.08 15:19:34 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll
[2012.01.08 15:19:34 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2012.01.08 15:19:34 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2012.01.08 15:19:34 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\systemcpl.dll
[2012.01.08 15:19:34 | 000,344,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntprint.dll
[2012.01.08 15:19:34 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntprint.dll
[2012.01.08 15:19:34 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srrstr.dll
[2012.01.08 15:19:34 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sethc.exe
[2012.01.08 15:19:34 | 000,255,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wavemsp.dll
[2012.01.08 15:19:34 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingFolder.dll
[2012.01.08 15:19:34 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dskquoui.dll
[2012.01.08 15:19:34 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdboot.exe
[2012.01.08 15:19:34 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercfg.cpl
[2012.01.08 15:19:34 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2012.01.08 15:19:34 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NAPHLPR.DLL
[2012.01.08 15:19:34 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nslookup.exe
[2012.01.08 15:19:34 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSTPager.ax
[2012.01.08 15:19:34 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acppage.dll
[2012.01.08 15:19:33 | 001,672,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkexplorer.dll
[2012.01.08 15:19:33 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.01.08 15:19:33 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.01.08 15:19:33 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfrgui.exe
[2012.01.08 15:19:33 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshipsec.dll
[2012.01.08 15:19:33 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpx.dll
[2012.01.08 15:19:33 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\activeds.dll
[2012.01.08 15:19:33 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ksproxy.ax
[2012.01.08 15:19:33 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpsrcwp.dll
[2012.01.08 15:19:33 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netplwiz.dll
[2012.01.08 15:19:33 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\remotepg.dll
[2012.01.08 15:19:33 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NAPHLPR.DLL
[2012.01.08 15:19:33 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kstvtune.ax
[2012.01.08 15:19:33 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppnp.dll
[2012.01.08 15:19:33 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\migisol.dll
[2012.01.08 15:19:33 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabinet.dll
[2012.01.08 15:19:33 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2012.01.08 15:19:33 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wkscli.dll
[2012.01.08 15:19:33 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\httpapi.dll
[2012.01.08 15:19:32 | 000,840,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\blackbox.dll
[2012.01.08 15:19:32 | 000,685,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsuiext.dll
[2012.01.08 15:19:32 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmdev.dll
[2012.01.08 15:19:32 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wvc.dll
[2012.01.08 15:19:32 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2012.01.08 15:19:32 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfrgui.exe
[2012.01.08 15:19:32 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wvc.dll
[2012.01.08 15:19:32 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll
[2012.01.08 15:19:32 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wimgapi.dll
[2012.01.08 15:19:32 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpdxm.dll
[2012.01.08 15:19:32 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3ui.dll
[2012.01.08 15:19:32 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsqmcons.exe
[2012.01.08 15:19:32 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgent.dll
[2012.01.08 15:19:32 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wavemsp.dll
[2012.01.08 15:19:32 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll
[2012.01.08 15:19:32 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2012.01.08 15:19:32 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetup.exe
[2012.01.08 15:19:32 | 000,178,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.01.08 15:19:32 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2012.01.08 15:19:32 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\net1.exe
[2012.01.08 15:19:32 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\isoburn.exe
[2012.01.08 15:19:32 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsnmp32.dll
[2012.01.08 15:19:32 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftp.exe
[2012.01.08 15:19:32 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tzutil.exe
[2012.01.08 15:19:32 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFaultSecure.exe
[2012.01.08 15:19:31 | 001,911,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OpcServices.dll
[2012.01.08 15:19:31 | 000,899,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Bubbles.scr
[2012.01.08 15:19:31 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\main.cpl
[2012.01.08 15:19:31 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdm.tsp
[2012.01.08 15:19:31 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2012.01.08 15:19:31 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PkgMgr.exe
[2012.01.08 15:19:31 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstask.dll
[2012.01.08 15:19:31 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qasf.dll
[2012.01.08 15:19:31 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qcap.dll
[2012.01.08 15:19:31 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012.01.08 15:19:31 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twext.dll
[2012.01.08 15:19:31 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setupugc.exe
[2012.01.08 15:19:31 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mapistub.dll
[2012.01.08 15:19:31 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mapi32.dll
[2012.01.08 15:19:31 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unimdmat.dll
[2012.01.08 15:19:31 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll
[2012.01.08 15:19:31 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsium.dll
[2012.01.08 15:19:31 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2012.01.08 15:19:30 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll
[2012.01.08 15:19:30 | 000,573,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012.01.08 15:19:30 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskraid.exe
[2012.01.08 15:19:30 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsAnytimeUpgradeResults.exe
[2012.01.08 15:19:30 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ssText3d.scr
[2012.01.08 15:19:30 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mystify.scr
[2012.01.08 15:19:30 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Ribbons.scr
[2012.01.08 15:19:30 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clusapi.dll
[2012.01.08 15:19:30 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpencom.dll
[2012.01.08 15:19:30 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ifsutil.dll
[2012.01.08 15:19:30 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfmon.exe
[2012.01.08 15:19:30 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpshell.dll
[2012.01.08 15:19:30 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvfw32.dll
[2012.01.08 15:19:30 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\uxlib.dll
[2012.01.08 15:19:30 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nslookup.exe
[2012.01.08 15:19:30 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2012.01.08 15:19:30 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\muifontsetup.dll
[2012.01.08 15:19:30 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2012.01.08 15:19:29 | 001,087,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbghelp.dll
[2012.01.08 15:19:29 | 000,623,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSAPI.dll
[2012.01.08 15:19:29 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll
[2012.01.08 15:19:29 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll
[2012.01.08 15:19:29 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\raschap.dll
[2012.01.08 15:19:29 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wimserv.exe
[2012.01.08 15:19:29 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\raschap.dll
[2012.01.08 15:19:29 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskraid.exe
[2012.01.08 15:19:29 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qasf.dll
[2012.01.08 15:19:29 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionQueue.dll
[2012.01.08 15:19:29 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingFolder.dll
[2012.01.08 15:19:29 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpencom.dll
[2012.01.08 15:19:29 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfmon.exe
[2012.01.08 15:19:29 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\remotepg.dll
[2012.01.08 15:19:29 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiavideo.dll
[2012.01.08 15:19:29 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QUTIL.DLL
[2012.01.08 15:19:29 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tlscsp.dll
[2012.01.08 15:19:29 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2012.01.08 15:19:29 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\umb.dll
[2012.01.08 15:19:29 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\runonce.exe
[2012.01.08 15:19:29 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NAPCRYPT.DLL
[2012.01.08 15:19:29 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\acppage.dll
[2012.01.08 15:19:29 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AzSqlExt.dll
[2012.01.08 15:19:29 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netutils.dll
[2012.01.08 15:19:28 | 001,232,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOD.DLL
[2012.01.08 15:19:28 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onexui.dll
[2012.01.08 15:19:28 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSDECD.DLL
[2012.01.08 15:19:28 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nltest.exe
[2012.01.08 15:19:28 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpdxm.dll
[2012.01.08 15:19:28 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstask.dll
[2012.01.08 15:19:28 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iTVData.dll
[2012.01.08 15:19:28 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdwcn.dll
[2012.01.08 15:19:28 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiagn.dll
[2012.01.08 15:19:28 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
[2012.01.08 15:19:28 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpdwcn.dll
[2012.01.08 15:19:28 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsbas.dll
[2012.01.08 15:19:28 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetapi.dll
[2012.01.08 15:19:28 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdsbas.dll
[2012.01.08 15:19:28 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MdSched.exe
[2012.01.08 15:19:28 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys
[2012.01.08 15:19:28 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Kswdmcap.ax
[2012.01.08 15:19:28 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logagent.exe
[2012.01.08 15:19:28 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UserAccountControlSettings.dll
[2012.01.08 15:19:28 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\runonce.exe
[2012.01.08 15:19:28 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PrintIsolationProxy.dll
[2012.01.08 15:19:28 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NAPCRYPT.DLL
[2012.01.08 15:19:28 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vpnikeapi.dll
[2012.01.08 15:19:28 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\syssetup.dll
[2012.01.08 15:19:27 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL
[2012.01.08 15:19:27 | 000,527,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmnet.dll
[2012.01.08 15:19:27 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmdev.dll
[2012.01.08 15:19:27 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDSp.dll
[2012.01.08 15:19:27 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msnetobj.dll
[2012.01.08 15:19:27 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqlcese30.dll
[2012.01.08 15:19:27 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapp3hst.dll
[2012.01.08 15:19:27 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsadmin.exe
[2012.01.08 15:19:27 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceSyncProvider.dll
[2012.01.08 15:19:27 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bitsadmin.exe
[2012.01.08 15:19:27 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qcap.dll
[2012.01.08 15:19:27 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFPlay.dll
[2012.01.08 15:19:27 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shacct.dll
[2012.01.08 15:19:27 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QSVRMGMT.DLL
[2012.01.08 15:19:27 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2012.01.08 15:19:27 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shacct.dll
[2012.01.08 15:19:27 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpshell.dll
[2012.01.08 15:19:27 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logman.exe
[2012.01.08 15:19:27 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.01.08 15:19:27 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2012.01.08 15:19:27 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tabcal.exe
[2012.01.08 15:19:27 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vss_ps.dll
[2012.01.08 15:19:27 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdmat.dll
[2012.01.08 15:19:27 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpd3d.dll
[2012.01.08 15:19:27 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscapi.dll
[2012.01.08 15:19:27 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iscsium.dll
[2012.01.08 15:19:27 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\lsmproxy.dll
[2012.01.08 15:19:26 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OpcServices.dll
[2012.01.08 15:19:26 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Bubbles.scr
[2012.01.08 15:19:26 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceStatus.dll
[2012.01.08 15:19:26 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceStatus.dll
[2012.01.08 15:19:26 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDSp.dll
[2012.01.08 15:19:26 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3ui.dll
[2012.01.08 15:19:26 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdv.dll
[2012.01.08 15:19:26 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll
[2012.01.08 15:19:26 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mystify.scr
[2012.01.08 15:19:26 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Ribbons.scr
[2012.01.08 15:19:26 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceSyncProvider.dll
[2012.01.08 15:19:26 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprapi.dll
[2012.01.08 15:19:26 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercfg.cpl
[2012.01.08 15:19:26 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\desk.cpl
[2012.01.08 15:19:26 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2012.01.08 15:19:26 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fphc.dll
[2012.01.08 15:19:26 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QSVRMGMT.DLL
[2012.01.08 15:19:26 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kstvtune.ax
[2012.01.08 15:19:26 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logman.exe
[2012.01.08 15:19:26 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spbcd.dll
[2012.01.08 15:19:26 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\olethk32.dll
[2012.01.08 15:19:26 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\takeown.exe
[2012.01.08 15:19:26 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PnPUnattend.exe
[2012.01.08 15:19:26 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncryptui.dll
[2012.01.08 15:19:26 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2012.01.08 15:19:25 | 001,148,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10.IME
[2012.01.08 15:19:25 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOD.DLL
[2012.01.08 15:19:25 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSDECD.DLL
[2012.01.08 15:19:25 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmnet.dll
[2012.01.08 15:19:25 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2012.01.08 15:19:25 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2012.01.08 15:19:25 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdv.dll
[2012.01.08 15:19:25 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll
[2012.01.08 15:19:25 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012.01.08 15:19:25 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqmapi.dll
[2012.01.08 15:19:25 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VBICodec.ax
[2012.01.08 15:19:25 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorAPI.dll
[2012.01.08 15:19:25 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3msm.dll
[2012.01.08 15:19:25 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiavideo.dll
[2012.01.08 15:19:25 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Kswdmcap.ax
[2012.01.08 15:19:25 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppinst.dll
[2012.01.08 15:19:25 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fphc.dll
[2012.01.08 15:19:25 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmstp.exe
[2012.01.08 15:19:25 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2012.01.08 15:19:25 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\amstream.dll
[2012.01.08 15:19:25 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QCLIPROV.DLL
[2012.01.08 15:19:25 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mapistub.dll
[2012.01.08 15:19:25 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.01.08 15:19:25 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertPolEng.dll
[2012.01.08 15:19:25 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\djoin.exe
[2012.01.08 15:19:25 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\takeown.exe
[2012.01.08 15:19:25 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shimgvw.dll
[2012.01.08 15:19:25 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\utildll.dll
[2012.01.08 15:19:25 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\HotStartUserAgent.dll
[2012.01.08 15:19:25 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nrpsrv.dll
[2012.01.08 15:19:24 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL
[2012.01.08 15:19:24 | 000,681,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012.01.08 15:19:24 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msorcl32.dll
[2012.01.08 15:19:24 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskpart.exe
[2012.01.08 15:19:24 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsicli.exe
[2012.01.08 15:19:24 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iscsicli.exe
[2012.01.08 15:19:24 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mydocs.dll
[2012.01.08 15:19:24 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\desk.cpl
[2012.01.08 15:19:24 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setupcln.dll
[2012.01.08 15:19:24 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mobsync.exe
[2012.01.08 15:19:24 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmstp.exe
[2012.01.08 15:19:24 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdProxy.dll
[2012.01.08 15:19:24 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QCLIPROV.DLL
[2012.01.08 15:19:24 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MuiUnattend.exe
[2012.01.08 15:19:24 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cca.dll
[2012.01.08 15:19:24 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WavDest.dll
[2012.01.08 15:19:24 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\g711codc.ax
[2012.01.08 15:19:24 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vfwwdm32.dll
[2012.01.08 15:19:24 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsnmp32.dll
[2012.01.08 15:19:24 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MultiDigiMon.exe
[2012.01.08 15:19:24 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.01.08 15:19:24 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdhui.dll
[2012.01.08 15:19:24 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbisurf.ax
[2012.01.08 15:19:24 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\relog.exe
[2012.01.08 15:19:24 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\relog.exe
[2012.01.08 15:19:24 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AzSqlExt.dll
[2012.01.08 15:19:24 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiougc.exe
[2012.01.08 15:19:24 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BWUnpairElevated.dll
[2012.01.08 15:19:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sscore.dll
[2012.01.08 15:19:23 | 001,080,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\onexui.dll
[2012.01.08 15:19:23 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10.IME
[2012.01.08 15:19:23 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSTIFF.dll
[2012.01.08 15:19:23 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2012.01.08 15:19:23 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2012.01.08 15:19:23 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2012.01.08 15:19:23 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2012.01.08 15:19:23 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\itircl.dll
[2012.01.08 15:19:23 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\itircl.dll
[2012.01.08 15:19:23 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppc.dll
[2012.01.08 15:19:23 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpps.dll
[2012.01.08 15:19:23 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mydocs.dll
[2012.01.08 15:19:23 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskpart.exe
[2012.01.08 15:19:23 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappgnui.dll
[2012.01.08 15:19:23 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3msm.dll
[2012.01.08 15:19:23 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappgnui.dll
[2012.01.08 15:19:23 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2012.01.08 15:19:23 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll

[jaruneczka]

[2012.01.08 15:19:23 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012.01.08 15:19:23 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\resutils.dll
[2012.01.08 15:19:23 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\findstr.exe
[2012.01.08 15:19:23 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\amstream.dll
[2012.01.08 15:19:23 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tlscsp.dll
[2012.01.08 15:19:23 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastapi.dll
[2012.01.08 15:19:23 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertPolEng.dll
[2012.01.08 15:19:23 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\findstr.exe
[2012.01.08 15:19:23 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spbcd.dll
[2012.01.08 15:19:23 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.01.08 15:19:23 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\luainstall.dll
[2012.01.08 15:19:23 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ksxbar.ax
[2012.01.08 15:19:23 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wkscli.dll
[2012.01.08 15:19:23 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciqtz32.dll
[2012.01.08 15:19:23 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.01.08 15:19:23 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\choice.exe
[2012.01.08 15:19:23 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdmo.dll
[2012.01.08 15:19:23 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2012.01.08 15:19:23 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFaultSecure.exe
[2012.01.08 15:19:23 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netbtugc.exe
[2012.01.08 15:19:23 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgentc.exe
[2012.01.08 15:19:23 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\syssetup.dll
[2012.01.08 15:19:22 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RDPENCDD.dll
[2012.01.08 15:19:22 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppc.dll
[2012.01.08 15:19:22 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mobsync.exe
[2012.01.08 15:19:22 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2012.01.08 15:19:22 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\manage-bde.exe
[2012.01.08 15:19:22 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetmib1.dll
[2012.01.08 15:19:22 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbcconf.dll
[2012.01.08 15:19:22 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetmib1.dll
[2012.01.08 15:19:22 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\repair-bde.exe
[2012.01.08 15:19:22 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012.01.08 15:19:22 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\luainstall.dll
[2012.01.08 15:19:22 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdiasqmmodule.dll
[2012.01.08 15:19:22 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciqtz32.dll
[2012.01.08 15:19:22 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shimgvw.dll
[2012.01.08 15:19:22 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unlodctr.exe
[2012.01.08 15:19:22 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbisurf.ax
[2012.01.08 15:19:22 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\profprov.dll
[2012.01.08 15:19:22 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdmo.dll
[2012.01.08 15:19:22 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schedcli.dll
[2012.01.08 15:19:22 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdprefdrvapi.dll
[2012.01.08 15:19:22 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spopk.dll
[2012.01.08 15:19:22 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spopk.dll
[2012.01.08 15:19:22 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fixmapi.exe
[2012.01.08 15:19:22 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\muifontsetup.dll
[2012.01.08 15:19:21 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll
[2012.01.08 15:19:21 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll
[2012.01.08 15:19:21 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\g711codc.ax
[2012.01.08 15:19:21 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSMON.dll
[2012.01.08 15:19:21 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.01.08 15:19:21 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcconf.dll
[2012.01.08 15:19:21 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2012.01.08 15:19:21 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys
[2012.01.08 15:19:21 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elsTrans.dll
[2012.01.08 15:19:21 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TRAPI.dll
[2012.01.08 15:19:20 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\napdsnap.dll
[2012.01.08 15:19:20 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsauth.dll
[2012.01.08 15:19:20 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\LogonUI.exe
[2012.01.08 15:19:20 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdprefdrvapi.dll
[2012.01.08 15:19:20 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elsTrans.dll
[2012.01.08 15:19:20 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSUNATD.exe
[2012.01.08 15:19:20 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfts.dll
[2012.01.08 15:19:19 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imkr80.ime
[2012.01.08 15:19:19 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\napdsnap.dll
[2012.01.08 15:19:19 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.01.08 15:19:19 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys
[2012.01.08 15:19:19 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsauth.dll
[2012.01.08 15:19:19 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscdll.dll
[2012.01.08 15:19:19 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsperf.dll
[2012.01.08 15:19:19 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TRAPI.dll
[2012.01.08 15:19:19 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bitsperf.dll
[2012.01.08 15:19:19 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schedcli.dll
[2012.01.08 15:19:18 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imkr80.ime
[2012.01.08 15:19:18 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.01.08 15:19:18 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shgina.dll
[2012.01.08 15:19:18 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsdchngr.dll
[2012.01.08 15:19:18 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsdchngr.dll
[2012.01.08 15:19:18 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shgina.dll
[2012.01.08 15:19:18 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2012.01.08 15:19:18 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\riched32.dll
[2012.01.08 15:19:17 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys
[2012.01.08 15:19:17 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshirda.dll
[2012.01.08 15:19:15 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshirda.dll
[2012.01.08 15:19:15 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched32.dll
[2012.01.08 15:19:15 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcfgex.dll
[2012.01.08 15:19:14 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\C_ISCII.DLL
[2012.01.08 15:19:14 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shunimpl.dll
[2012.01.08 15:19:14 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\C_ISCII.DLL
[2012.01.08 15:19:14 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll
[2012.01.08 15:19:14 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2012.01.08 15:19:14 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx
[2012.01.08 15:19:14 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll
[2012.01.08 15:19:14 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2012.01.08 15:19:14 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2012.01.08 15:19:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-ums-l1-1-0.dll
[2012.01.08 15:19:13 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2012.01.08 15:19:13 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2012.01.08 15:19:13 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTUQ.DLL
[2012.01.08 15:19:13 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTUF.DLL
[2012.01.08 15:19:13 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDSG.DLL
[2012.01.08 15:19:13 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kbdlk41a.dll
[2012.01.08 15:19:13 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDGKL.DLL
[2012.01.08 15:19:13 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDCZ1.DLL
[2012.01.08 15:19:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTUQ.DLL
[2012.01.08 15:19:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTUF.DLL
[2012.01.08 15:19:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDSG.DLL
[2012.01.08 15:19:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDSF.DLL
[2012.01.08 15:19:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDPO.DLL
[2012.01.08 15:19:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDNEPR.DLL
[2012.01.08 15:19:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kbdlk41a.dll
[2012.01.08 15:19:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTAM.DLL
[2012.01.08 15:19:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBEN.DLL
[2012.01.08 15:19:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDGR1.DLL
[2012.01.08 15:19:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDGR1.DLL
[2012.01.08 15:19:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDGKL.DLL
[2012.01.08 15:19:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDCZ1.DLL
[2012.01.08 15:19:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDUS.DLL
[2012.01.08 15:19:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDUGHR1.DLL
[2012.01.08 15:19:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTURME.DLL
[2012.01.08 15:19:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTAJIK.DLL
[2012.01.08 15:19:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDSF.DLL
[2012.01.08 15:19:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDPO.DLL
[2012.01.08 15:19:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDNEPR.DLL
[2012.01.08 15:19:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDMON.DLL
[2012.01.08 15:19:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDMAORI.DLL
[2012.01.08 15:19:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDLT1.DLL
[2012.01.08 15:19:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTEL.DLL
[2012.01.08 15:19:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTAM.DLL
[2012.01.08 15:19:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINORI.DLL
[2012.01.08 15:19:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINORI.DLL
[2012.01.08 15:19:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAR.DLL
[2012.01.08 15:19:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAR.DLL
[2012.01.08 15:19:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINKAN.DLL
[2012.01.08 15:19:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINKAN.DLL
[2012.01.08 15:19:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINHIN.DLL
[2012.01.08 15:19:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINHIN.DLL
[2012.01.08 15:19:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBEN.DLL
[2012.01.08 15:19:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBULG.DLL
[2012.01.08 15:19:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBLR.DLL
[2012.01.08 15:19:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBASH.DLL
[2012.01.08 15:19:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDUS.DLL
[2012.01.08 15:19:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDUGHR1.DLL
[2012.01.08 15:19:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTURME.DLL
[2012.01.08 15:19:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTAJIK.DLL
[2012.01.08 15:19:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDMON.DLL
[2012.01.08 15:19:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDMAORI.DLL
[2012.01.08 15:19:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDLT1.DLL
[2012.01.08 15:19:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTEL.DLL
[2012.01.08 15:19:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDGEO.DLL
[2012.01.08 15:19:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDGEO.DLL
[2012.01.08 15:19:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBULG.DLL
[2012.01.08 15:19:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBLR.DLL
[2012.01.08 15:19:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBASH.DLL
[2012.01.08 15:19:12 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlsbres.dll
[2012.01.08 15:19:12 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nlsbres.dll
[2012.01.08 15:19:12 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BlbEvents.dll
[2012.01.08 15:19:12 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pifmgr.dll
[2012.01.08 15:19:12 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pifmgr.dll
[2012.01.08 15:19:12 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizres.dll
[2012.01.08 15:19:12 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizres.dll
[2012.01.08 15:19:12 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnaddr.dll
[2012.01.08 15:19:12 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnaddr.dll
[2012.01.08 15:19:06 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpx.dll
[2012.01.08 15:19:06 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdscore.dll
[2012.01.08 15:17:52 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Roaming\WinRAR
[2012.01.08 15:17:43 | 000,529,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wbemcomn.dll
[2012.01.08 15:17:26 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.01.08 15:17:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.01.08 15:17:15 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012.01.08 15:14:44 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\Nová složka
[2012.01.08 15:02:45 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2012.01.08 15:02:44 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2012.01.08 15:02:39 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2012.01.08 15:02:39 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2012.01.08 15:02:38 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2012.01.08 15:02:38 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2012.01.08 15:02:38 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2012.01.08 15:02:38 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2012.01.08 15:02:37 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2012.01.08 15:01:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Talk
[2012.01.08 15:01:54 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Local\Google
[2012.01.08 15:01:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012.01.08 14:59:31 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Roaming\Macromedia
[2012.01.08 14:59:31 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Roaming\Adobe
[2012.01.08 14:59:25 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.01.08 14:59:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012.01.08 14:58:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012.01.08 14:49:37 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012.01.08 14:49:36 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012.01.08 14:47:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012.01.08 14:47:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012.01.08 14:26:00 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2012.01.08 14:25:50 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Roaming\Thunderbird
[2012.01.08 14:25:50 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Local\Thunderbird
[2012.01.08 14:25:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2012.01.08 14:20:26 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Roaming\Mozilla
[2012.01.08 14:20:26 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Local\Mozilla
[2012.01.08 14:20:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.01.08 14:19:09 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012.01.08 14:19:09 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012.01.08 14:19:08 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012.01.08 14:19:08 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2012.01.08 14:18:52 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012.01.08 14:18:51 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012.01.08 14:18:51 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012.01.08 14:18:51 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012.01.08 14:18:50 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012.01.08 14:18:50 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012.01.08 14:18:50 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012.01.08 14:18:50 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012.01.08 14:18:50 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012.01.08 14:18:50 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012.01.08 14:18:49 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012.01.08 14:18:49 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012.01.08 14:18:49 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012.01.08 14:18:13 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012.01.08 14:18:13 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012.01.08 14:18:12 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012.01.08 14:18:12 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012.01.08 14:18:12 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012.01.08 14:18:12 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012.01.08 14:18:00 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012.01.08 14:18:00 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012.01.08 14:18:00 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012.01.08 14:18:00 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012.01.08 14:18:00 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012.01.08 14:18:00 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012.01.08 14:18:00 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012.01.08 14:18:00 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012.01.08 14:17:59 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012.01.08 14:17:53 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012.01.08 14:17:53 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012.01.08 14:17:53 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2012.01.08 14:17:53 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012.01.08 14:17:53 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012.01.08 14:17:53 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012.01.08 14:17:52 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012.01.08 14:17:52 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012.01.08 14:17:52 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2012.01.08 14:17:52 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2012.01.08 14:17:52 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012.01.08 14:17:52 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax
[2012.01.08 14:17:52 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012.01.08 14:17:52 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax
[2012.01.08 14:17:52 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2012.01.08 14:17:51 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
[2012.01.08 14:17:48 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012.01.08 14:17:48 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012.01.08 14:17:47 | 000,288,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012.01.08 14:17:46 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2012.01.08 14:17:46 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012.01.08 14:17:45 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012.01.08 14:17:44 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012.01.08 14:17:42 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012.01.08 14:17:42 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012.01.08 14:17:42 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012.01.08 14:17:40 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012.01.08 14:17:40 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012.01.08 14:17:39 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012.01.08 14:17:39 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012.01.08 14:17:31 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012.01.08 14:17:30 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012.01.08 14:17:30 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012.01.08 14:17:22 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012.01.08 14:17:21 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012.01.08 14:17:17 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.01.08 14:17:17 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.01.08 14:17:17 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.01.08 14:17:17 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.01.08 14:17:17 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.01.08 14:17:17 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.01.08 14:17:16 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.01.08 14:17:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.01.08 14:17:16 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.01.08 14:17:16 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.01.08 14:17:16 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.01.08 14:17:16 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.01.08 14:17:16 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.01.08 14:17:16 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.01.08 14:17:16 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.01.08 14:17:16 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.01.08 14:17:16 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.01.08 14:17:16 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.01.08 14:17:16 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.01.08 14:17:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.01.08 14:17:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.01.08 14:17:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.01.08 14:17:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.01.08 14:17:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.01.08 14:17:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.01.08 14:17:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.01.08 14:17:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.01.08 14:17:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.01.08 14:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.01.08 14:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.01.08 14:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.01.08 14:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.01.08 14:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.01.08 14:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.01.08 14:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.01.08 14:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.01.08 14:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.01.08 14:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.01.08 14:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.01.08 14:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.01.08 14:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.01.08 14:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.01.08 14:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.01.08 14:17:15 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.01.08 14:17:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.01.08 14:17:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.01.08 14:17:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.01.08 14:17:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.01.08 14:17:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.01.08 14:17:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.01.08 14:17:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.01.08 14:17:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.01.08 14:17:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.01.08 14:17:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.01.08 14:17:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.01.08 14:17:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.01.08 14:17:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.01.08 14:17:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.01.08 14:17:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.01.08 14:17:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.01.08 14:17:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.01.08 14:17:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.01.08 14:17:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.01.08 14:17:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.01.08 14:17:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.01.08 14:17:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.01.08 14:17:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.01.08 14:17:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.01.08 14:17:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.01.08 14:17:13 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012.01.08 14:17:13 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012.01.08 14:17:13 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012.01.08 14:17:13 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012.01.08 14:17:12 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2012.01.08 14:17:12 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012.01.08 14:17:12 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012.01.08 14:17:12 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012.01.08 14:14:28 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012.01.08 14:14:28 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cfgmgr32.dll
[2012.01.08 14:14:27 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WFS.exe
[2012.01.08 14:14:27 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012.01.08 14:14:27 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012.01.08 14:14:24 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012.01.08 14:14:24 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012.01.08 14:14:19 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012.01.08 14:14:19 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012.01.08 14:14:09 | 005,561,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.01.08 14:14:08 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.01.08 14:14:06 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.01.08 14:11:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.01.08 14:11:41 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.01.08 14:05:32 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012.01.08 14:05:31 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012.01.08 14:05:31 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.01.08 14:05:31 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.01.08 14:05:31 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012.01.08 14:05:31 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.01.08 14:05:31 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.01.08 14:05:31 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012.01.08 14:05:31 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.01.08 14:05:31 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012.01.08 14:05:31 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012.01.08 14:05:31 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012.01.08 14:05:31 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012.01.08 14:05:31 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.01.08 14:05:31 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012.01.08 14:05:31 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012.01.08 14:05:31 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.01.08 14:05:31 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012.01.08 14:05:31 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012.01.08 14:05:31 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012.01.08 14:05:31 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012.01.08 14:05:31 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012.01.08 14:05:31 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012.01.08 14:05:31 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012.01.08 14:05:31 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.01.08 14:05:31 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012.01.08 14:05:31 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012.01.08 14:05:31 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012.01.08 14:05:31 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012.01.08 14:05:31 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012.01.08 14:05:31 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.01.08 14:05:31 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.01.08 14:05:30 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012.01.08 14:05:30 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.01.08 14:05:30 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.01.08 14:05:30 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.01.08 14:05:30 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.01.08 14:05:30 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.01.08 14:05:30 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012.01.08 14:05:30 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012.01.08 14:05:30 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.01.08 14:05:30 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012.01.08 14:05:30 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012.01.08 14:05:30 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.01.08 14:05:30 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.01.08 14:05:30 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012.01.08 14:05:30 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012.01.08 14:05:30 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.01.08 14:05:30 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012.01.08 14:05:30 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012.01.08 14:05:30 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012.01.08 14:05:30 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012.01.08 14:05:30 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012.01.08 14:05:30 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.01.08 14:05:30 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012.01.08 14:05:30 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012.01.08 14:05:30 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012.01.08 14:05:30 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012.01.08 14:05:30 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.01.08 14:05:30 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012.01.08 14:05:30 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012.01.08 14:05:30 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012.01.08 14:05:30 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012.01.08 14:05:30 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012.01.08 14:05:30 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012.01.08 14:05:30 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012.01.08 14:05:30 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012.01.08 14:05:30 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012.01.08 14:05:30 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012.01.08 14:05:30 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.01.08 14:05:30 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012.01.08 14:05:30 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.01.08 13:59:36 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Roaming\Intel Corporation
[2012.01.08 13:58:55 | 000,025,640 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2012.01.08 13:55:34 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Roaming\ESET
[2012.01.08 13:55:34 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Local\ESET
[2012.01.08 13:53:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2012.01.08 13:53:40 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012.01.08 13:53:40 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.01.08 13:42:36 | 000,214,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vhdmount.dll
[2012.01.08 13:42:36 | 000,069,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vhdmount.dll
[2012.01.08 13:40:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
[2012.01.08 13:40:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2012.01.08 13:39:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gigabyte Technology Corp
[2012.01.08 13:39:09 | 001,981,016 | R--- | C] (Gigabyte Technology Corp.) -- C:\Windows\SysWow64\xRaidSetup.exe
[2012.01.08 13:39:09 | 000,162,392 | R--- | C] (JMicron Technology Corp.) -- C:\Windows\SysWow64\xRaidAPI.dll
[2012.01.08 13:39:09 | 000,000,000 | ---D | C] -- C:\RaidTool
[2012.01.08 13:39:04 | 000,121,432 | ---- | C] (JMicron Technology Corp.) -- C:\Windows\SysNative\drivers\jraid.sys
[2012.01.08 13:39:02 | 000,000,000 | ---D | C] -- C:\Windows\RaidTool
[2012.01.08 13:38:56 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2012.01.08 13:38:54 | 000,073,728 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\SysWow64\ISUSPM.cpl
[2012.01.08 13:38:54 | 000,000,000 | ---D | C] -- C:\Program Files\GIGABYTE
[2012.01.08 13:38:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIGABYTE
[2012.01.08 13:38:48 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012.01.08 13:38:24 | 000,537,112 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys
[2012.01.08 13:38:23 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Roaming\InstallShield
[2012.01.08 13:37:51 | 000,346,144 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2012.01.08 13:37:51 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2012.01.08 13:37:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012.01.08 13:37:47 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012.01.08 13:37:17 | 002,601,816 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012.01.08 13:37:17 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012.01.08 13:37:17 | 000,332,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2012.01.08 13:37:17 | 000,220,496 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFNHK64.dll
[2012.01.08 13:37:17 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012.01.08 13:37:17 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012.01.08 13:37:17 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll

[jaruneczka]

[2012.01.08 13:37:17 | 000,098,704 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
[2012.01.08 13:37:17 | 000,081,232 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFCOM64.dll
[2012.01.08 13:37:17 | 000,078,160 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFAPO64.dll
[2012.01.08 13:37:17 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2012.01.08 13:37:16 | 000,534,632 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2012.01.08 13:37:16 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2012.01.08 13:37:15 | 002,620,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2012.01.08 13:37:15 | 002,045,032 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2012.01.08 13:37:15 | 001,215,592 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2012.01.08 13:37:15 | 001,146,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2012.01.08 13:37:15 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012.01.08 13:37:15 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012.01.08 13:37:15 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012.01.08 13:37:15 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012.01.08 13:37:14 | 000,396,288 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2012.01.08 13:37:14 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012.01.08 13:37:14 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012.01.08 13:37:14 | 000,081,000 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2012.01.08 13:37:13 | 001,756,160 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2012.01.08 13:37:13 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2012.01.08 13:37:12 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2012.01.08 13:37:11 | 000,334,848 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2012.01.08 13:37:11 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012.01.08 13:37:07 | 000,489,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2012.01.08 13:37:07 | 000,474,896 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2012.01.08 13:37:07 | 000,338,336 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012.01.08 13:37:06 | 001,325,328 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2012.01.08 13:37:06 | 001,178,384 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2012.01.08 13:37:06 | 000,315,152 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2012.01.08 13:37:05 | 001,110,800 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2012.01.08 13:37:05 | 000,504,592 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2012.01.08 13:37:05 | 000,268,560 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2012.01.08 13:37:05 | 000,265,488 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2012.01.08 13:37:05 | 000,124,128 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2012.01.08 13:37:05 | 000,124,128 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2012.01.08 13:37:05 | 000,123,104 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2012.01.08 13:37:05 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2012.01.08 13:37:04 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2012.01.08 13:37:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012.01.08 13:37:02 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012.01.08 13:37:01 | 001,251,944 | R--- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2012.01.08 13:37:01 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2012.01.08 13:36:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012.01.08 13:36:19 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012.01.08 13:36:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012.01.08 13:36:05 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\DeviceVM
[2012.01.08 13:36:01 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012.01.08 13:31:38 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Local\ElevatedDiagnostics
[2012.01.08 13:18:12 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Local\Diagnostics
[2012.01.08 13:17:18 | 000,000,000 | R--D | C] -- C:\Users\Jaroslava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.01.08 13:17:18 | 000,000,000 | R--D | C] -- C:\Users\Jaroslava\Searches
[2012.01.08 13:17:18 | 000,000,000 | R--D | C] -- C:\Users\Jaroslava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.01.08 13:17:10 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Roaming\Identities
[2012.01.08 13:17:08 | 000,000,000 | R--D | C] -- C:\Users\Jaroslava\Contacts
[2012.01.08 13:17:07 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Local\VirtualStore
[2012.01.08 13:16:54 | 000,000,000 | --SD | C] -- C:\Users\Jaroslava\AppData\Roaming\Microsoft
[2012.01.08 13:16:54 | 000,000,000 | R--D | C] -- C:\Users\Jaroslava\Videos
[2012.01.08 13:16:54 | 000,000,000 | R--D | C] -- C:\Users\Jaroslava\Saved Games
[2012.01.08 13:16:54 | 000,000,000 | R--D | C] -- C:\Users\Jaroslava\Pictures
[2012.01.08 13:16:54 | 000,000,000 | R--D | C] -- C:\Users\Jaroslava\Music
[2012.01.08 13:16:54 | 000,000,000 | R--D | C] -- C:\Users\Jaroslava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.01.08 13:16:54 | 000,000,000 | R--D | C] -- C:\Users\Jaroslava\Links
[2012.01.08 13:16:54 | 000,000,000 | R--D | C] -- C:\Users\Jaroslava\Favorites
[2012.01.08 13:16:54 | 000,000,000 | R--D | C] -- C:\Users\Jaroslava\Downloads
[2012.01.08 13:16:54 | 000,000,000 | R--D | C] -- C:\Users\Jaroslava\Documents
[2012.01.08 13:16:54 | 000,000,000 | R--D | C] -- C:\Users\Jaroslava\Desktop
[2012.01.08 13:16:54 | 000,000,000 | R--D | C] -- C:\Users\Jaroslava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.01.08 13:16:54 | 000,000,000 | -HSD | C] -- C:\Users\Jaroslava\AppData\Local\Temporary Internet Files
[2012.01.08 13:16:54 | 000,000,000 | -HSD | C] -- C:\Users\Jaroslava\Šablony
[2012.01.08 13:16:54 | 000,000,000 | -HSD | C] -- C:\Users\Jaroslava\Soubory cookie
[2012.01.08 13:16:54 | 000,000,000 | -HSD | C] -- C:\Users\Jaroslava\SendTo
[2012.01.08 13:16:54 | 000,000,000 | -HSD | C] -- C:\Users\Jaroslava\Poslední
[2012.01.08 13:16:54 | 000,000,000 | -HSD | C] -- C:\Users\Jaroslava\Okolní tiskárny
[2012.01.08 13:16:54 | 000,000,000 | -HSD | C] -- C:\Users\Jaroslava\Okolní síť
[2012.01.08 13:16:54 | 000,000,000 | -HSD | C] -- C:\Users\Jaroslava\Documents\Obrázky
[2012.01.08 13:16:54 | 000,000,000 | -HSD | C] -- C:\Users\Jaroslava\Nabídka Start
[2012.01.08 13:16:54 | 000,000,000 | -HSD | C] -- C:\Users\Jaroslava\Local Settings
[2012.01.08 13:16:54 | 000,000,000 | -HSD | C] -- C:\Users\Jaroslava\Documents\Hudba
[2012.01.08 13:16:54 | 000,000,000 | -HSD | C] -- C:\Users\Jaroslava\AppData\Local\History
[2012.01.08 13:16:54 | 000,000,000 | -HSD | C] -- C:\Users\Jaroslava\Documents\Filmy
[2012.01.08 13:16:54 | 000,000,000 | -HSD | C] -- C:\Users\Jaroslava\Dokumenty
[2012.01.08 13:16:54 | 000,000,000 | -HSD | C] -- C:\Users\Jaroslava\Data aplikací
[2012.01.08 13:16:54 | 000,000,000 | -HSD | C] -- C:\Users\Jaroslava\AppData\Local\Data aplikací
[2012.01.08 13:16:54 | 000,000,000 | -H-D | C] -- C:\Users\Jaroslava\AppData
[2012.01.08 13:16:54 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Local\Temp
[2012.01.08 13:16:54 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Local\Microsoft
[2012.01.08 13:16:54 | 000,000,000 | ---D | C] -- C:\Users\Jaroslava\AppData\Roaming\Media Center Programs
[2012.01.08 13:16:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Šablony
[2012.01.08 13:16:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Plocha
[2012.01.08 13:16:46 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Obrázky
[2012.01.08 13:16:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Oblíbené položky
[2012.01.08 13:16:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Nabídka Start
[2012.01.08 13:16:46 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Hudba
[2012.01.08 13:16:46 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Filmy
[2012.01.08 13:16:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2012.01.08 13:16:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Data aplikací
[2012.01.08 13:11:29 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.01.08 13:08:52 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012.01.08 13:07:22 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012.01.08 12:57:00 | 000,000,000 | ---D | C] -- C:\Windows.old.000

========== Files - Modified Within 7 Days ==========

[2012.01.10 07:50:33 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.01.10 07:40:00 | 000,013,728 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.10 07:40:00 | 000,013,728 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.10 07:38:43 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Jaroslava\Desktop\OTL.exe
[2012.01.10 07:38:05 | 001,470,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.10 07:38:05 | 000,631,054 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.01.10 07:38:05 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.10 07:38:05 | 000,121,708 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.01.10 07:38:05 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.01.10 07:34:44 | 002,941,952 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Ideal.pps
[2012.01.10 07:32:45 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2012.01.10 07:32:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.10 07:32:37 | 3214,528,512 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.09 14:03:23 | 000,935,175 | ---- | M] () -- C:\Users\Jaroslava\Desktop\RSITx64.exe
[2012.01.08 21:34:51 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.01.08 16:36:58 | 000,001,045 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Zuma Star wars.lnk
[2012.01.08 16:36:39 | 000,000,958 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Zuma.lnk
[2012.01.08 16:36:18 | 000,000,656 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Puzzle.lnk
[2012.01.08 16:35:49 | 000,001,007 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Turboball.lnk
[2012.01.08 16:35:17 | 000,000,682 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Tumblebugs2.lnk
[2012.01.08 16:34:52 | 000,001,297 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Tropical fish.lnk
[2012.01.08 16:34:33 | 000,000,767 | ---- | M] () -- C:\Users\Jaroslava\Desktop\The Rise of Atlantis.lnk
[2012.01.08 16:34:04 | 000,001,511 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Super colapse.lnk
[2012.01.08 16:33:40 | 000,000,707 | ---- | M] () -- C:\Users\Jaroslava\Desktop\StarDefender.lnk
[2012.01.08 16:33:18 | 000,001,142 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Spril Aqua.lnk
[2012.01.08 16:32:57 | 000,001,083 | ---- | M] () -- C:\Users\Jaroslava\Desktop\RomePuzzle.lnk
[2012.01.08 16:32:33 | 000,000,682 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Ricochet.lnk
[2012.01.08 16:31:44 | 000,001,426 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Peggle.lnk
[2012.01.08 16:31:12 | 000,000,660 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Peggle de luxe.lnk
[2012.01.08 16:30:45 | 000,001,388 | ---- | M] () -- C:\Users\Jaroslava\Desktop\PeggleWoW.lnk
[2012.01.08 16:30:22 | 000,000,672 | ---- | M] () -- C:\Users\Jaroslava\Desktop\OceanQuest.lnk
[2012.01.08 16:29:56 | 000,000,815 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Magic Ball 4.lnk
[2012.01.08 16:29:35 | 000,000,847 | ---- | M] () -- C:\Users\Jaroslava\Desktop\JewelMatch_WinterWon.lnk
[2012.01.08 16:29:12 | 000,000,687 | ---- | M] () -- C:\Users\Jaroslava\Desktop\JewelMatch3.lnk
[2012.01.08 16:28:52 | 000,000,687 | ---- | M] () -- C:\Users\Jaroslava\Desktop\JewelMatch2.lnk
[2012.01.08 16:28:22 | 000,000,662 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Golden Sub.lnk
[2012.01.08 16:28:02 | 000,000,697 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Fun&Bullets.lnk
[2012.01.08 16:27:30 | 000,000,705 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Fishdom Spooky.lnk
[2012.01.08 16:27:09 | 000,000,667 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Fairy Nook.lnk
[2012.01.08 16:26:39 | 000,000,653 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Fairy Jewels.lnk
[2012.01.08 16:26:14 | 000,000,703 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Evoly.lnk
[2012.01.08 16:25:51 | 000,000,667 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Egyptoball.lnk
[2012.01.08 16:25:20 | 000,000,623 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Dragon.lnk
[2012.01.08 16:24:48 | 000,000,643 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Birds.lnk
[2012.01.08 16:24:28 | 000,000,672 | ---- | M] () -- C:\Users\Jaroslava\Desktop\CosmicBall.lnk
[2012.01.08 16:24:08 | 000,000,737 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Big Kahuna Reef 2.lnk
[2012.01.08 16:23:43 | 000,000,998 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Azteca.lnk
[2012.01.08 16:22:59 | 000,000,652 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Apple Pie.lnk
[2012.01.08 16:22:37 | 000,001,173 | ---- | M] () -- C:\Users\Jaroslava\Desktop\AmazonAdventure.lnk
[2012.01.08 16:22:11 | 000,000,778 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Strikeball3.lnk
[2012.01.08 16:21:45 | 000,000,742 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Air Hawk.lnk
[2012.01.08 16:21:09 | 000,000,648 | ---- | M] () -- C:\Users\Jaroslava\Desktop\Action ball.lnk
[2012.01.08 16:04:38 | 000,292,456 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.01.08 15:37:22 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll
[2012.01.08 15:37:22 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll
[2012.01.08 14:59:25 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.01.08 14:52:35 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys
[2012.01.08 14:05:32 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012.01.08 14:05:31 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012.01.08 14:05:31 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.01.08 14:05:31 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.01.08 14:05:31 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012.01.08 14:05:31 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.01.08 14:05:31 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.01.08 14:05:31 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012.01.08 14:05:31 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.01.08 14:05:31 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012.01.08 14:05:31 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012.01.08 14:05:31 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012.01.08 14:05:31 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012.01.08 14:05:31 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.01.08 14:05:31 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012.01.08 14:05:31 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012.01.08 14:05:31 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.01.08 14:05:31 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012.01.08 14:05:31 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012.01.08 14:05:31 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012.01.08 14:05:31 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012.01.08 14:05:31 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012.01.08 14:05:31 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012.01.08 14:05:31 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012.01.08 14:05:31 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.01.08 14:05:31 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.01.08 14:05:31 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012.01.08 14:05:31 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012.01.08 14:05:31 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012.01.08 14:05:31 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012.01.08 14:05:31 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012.01.08 14:05:31 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.01.08 14:05:31 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.01.08 14:05:30 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012.01.08 14:05:30 | 002,309,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.01.08 14:05:30 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.01.08 14:05:30 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.01.08 14:05:30 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.01.08 14:05:30 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.01.08 14:05:30 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012.01.08 14:05:30 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012.01.08 14:05:30 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.01.08 14:05:30 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012.01.08 14:05:30 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012.01.08 14:05:30 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.01.08 14:05:30 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.01.08 14:05:30 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012.01.08 14:05:30 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012.01.08 14:05:30 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.01.08 14:05:30 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012.01.08 14:05:30 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012.01.08 14:05:30 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012.01.08 14:05:30 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012.01.08 14:05:30 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012.01.08 14:05:30 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.01.08 14:05:30 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012.01.08 14:05:30 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012.01.08 14:05:30 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012.01.08 14:05:30 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012.01.08 14:05:30 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.01.08 14:05:30 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012.01.08 14:05:30 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012.01.08 14:05:30 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012.01.08 14:05:30 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012.01.08 14:05:30 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012.01.08 14:05:30 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012.01.08 14:05:30 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012.01.08 14:05:30 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012.01.08 14:05:30 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012.01.08 14:05:30 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012.01.08 14:05:30 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012.01.08 14:05:30 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.01.08 14:05:30 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012.01.08 14:05:30 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.01.08 13:35:28 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini
[2012.01.08 13:12:33 | 000,067,884 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012.01.08 13:12:33 | 000,067,884 | ---- | M] () -- C:\Windows\SysNative\license.rtf

========== Files Created - No Company Name ==========

[2012.01.10 07:50:33 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.01.10 07:34:44 | 002,941,952 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Ideal.pps
[2012.01.09 14:03:19 | 000,935,175 | ---- | C] () -- C:\Users\Jaroslava\Desktop\RSITx64.exe
[2012.01.08 20:30:46 | 000,000,291 | ---- | C] () -- C:\Windows\SysWow64\Remover.ini
[2012.01.08 20:30:43 | 000,000,885 | ---- | C] () -- C:\Windows\SysWow64\SP7302.ini
[2012.01.08 16:36:39 | 000,001,045 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Zuma Star wars.lnk
[2012.01.08 16:36:39 | 000,000,958 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Zuma.lnk
[2012.01.08 16:36:18 | 000,000,656 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Puzzle.lnk
[2012.01.08 16:35:49 | 000,001,007 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Turboball.lnk
[2012.01.08 16:35:17 | 000,000,682 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Tumblebugs2.lnk
[2012.01.08 16:34:52 | 000,001,297 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Tropical fish.lnk
[2012.01.08 16:34:33 | 000,000,767 | ---- | C] () -- C:\Users\Jaroslava\Desktop\The Rise of Atlantis.lnk
[2012.01.08 16:34:04 | 000,001,511 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Super colapse.lnk
[2012.01.08 16:33:40 | 000,000,707 | ---- | C] () -- C:\Users\Jaroslava\Desktop\StarDefender.lnk
[2012.01.08 16:33:18 | 000,001,142 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Spril Aqua.lnk
[2012.01.08 16:32:57 | 000,001,083 | ---- | C] () -- C:\Users\Jaroslava\Desktop\RomePuzzle.lnk
[2012.01.08 16:32:33 | 000,000,682 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Ricochet.lnk
[2012.01.08 16:31:44 | 000,001,426 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Peggle.lnk
[2012.01.08 16:31:12 | 000,000,660 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Peggle de luxe.lnk
[2012.01.08 16:30:45 | 000,001,388 | ---- | C] () -- C:\Users\Jaroslava\Desktop\PeggleWoW.lnk
[2012.01.08 16:30:22 | 000,000,672 | ---- | C] () -- C:\Users\Jaroslava\Desktop\OceanQuest.lnk
[2012.01.08 16:29:56 | 000,000,815 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Magic Ball 4.lnk
[2012.01.08 16:29:35 | 000,000,847 | ---- | C] () -- C:\Users\Jaroslava\Desktop\JewelMatch_WinterWon.lnk
[2012.01.08 16:29:12 | 000,000,687 | ---- | C] () -- C:\Users\Jaroslava\Desktop\JewelMatch3.lnk
[2012.01.08 16:28:52 | 000,000,687 | ---- | C] () -- C:\Users\Jaroslava\Desktop\JewelMatch2.lnk
[2012.01.08 16:28:22 | 000,000,662 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Golden Sub.lnk
[2012.01.08 16:28:02 | 000,000,697 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Fun&Bullets.lnk
[2012.01.08 16:27:30 | 000,000,705 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Fishdom Spooky.lnk
[2012.01.08 16:27:09 | 000,000,667 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Fairy Nook.lnk
[2012.01.08 16:26:39 | 000,000,653 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Fairy Jewels.lnk
[2012.01.08 16:26:14 | 000,000,703 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Evoly.lnk
[2012.01.08 16:25:51 | 000,000,667 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Egyptoball.lnk
[2012.01.08 16:25:20 | 000,000,623 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Dragon.lnk
[2012.01.08 16:24:48 | 000,000,643 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Birds.lnk
[2012.01.08 16:24:28 | 000,000,672 | ---- | C] () -- C:\Users\Jaroslava\Desktop\CosmicBall.lnk
[2012.01.08 16:24:08 | 000,000,737 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Big Kahuna Reef 2.lnk
[2012.01.08 16:23:43 | 000,000,998 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Azteca.lnk
[2012.01.08 16:22:59 | 000,000,652 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Apple Pie.lnk
[2012.01.08 16:22:37 | 000,001,173 | ---- | C] () -- C:\Users\Jaroslava\Desktop\AmazonAdventure.lnk
[2012.01.08 16:22:11 | 000,000,778 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Strikeball3.lnk
[2012.01.08 16:21:45 | 000,000,742 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Air Hawk.lnk
[2012.01.08 16:21:09 | 000,000,648 | ---- | C] () -- C:\Users\Jaroslava\Desktop\Action ball.lnk
[2012.01.08 16:01:58 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.01.08 15:20:45 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2012.01.08 15:19:22 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2012.01.08 15:19:12 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2012.01.08 15:19:12 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2012.01.08 15:18:59 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2012.01.08 14:25:34 | 000,002,098 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2012.01.08 14:20:18 | 000,001,150 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.01.08 14:05:31 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.01.08 14:05:30 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012.01.08 13:59:33 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2012.01.08 13:42:36 | 000,267,264 | ---- | C] () -- C:\Windows\SysNative\CommCmd.dll
[2012.01.08 13:42:36 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\CommCmd.dll
[2012.01.08 13:39:09 | 000,072,280 | R--- | C] () -- C:\Windows\SysWow64\XSrvSetup.exe
[2012.01.08 13:38:54 | 000,031,272 | ---- | C] () -- C:\Windows\SysNative\AppleChargerSrv.exe
[2012.01.08 13:38:54 | 000,021,544 | ---- | C] () -- C:\Windows\SysNative\drivers\AppleCharger.sys
[2012.01.08 13:37:51 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2012.01.08 13:36:11 | 000,001,216 | ---- | C] () -- C:\Users\Jaroslava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Social Games.lnk
[2012.01.08 13:35:28 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2012.01.08 13:17:25 | 000,001,409 | ---- | C] () -- C:\Users\Jaroslava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012.01.08 13:17:20 | 000,001,443 | ---- | C] () -- C:\Users\Jaroslava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.01.08 13:12:12 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012.01.08 13:12:11 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2009.08.27 08:04:14 | 000,207,400 | R--- | C] () -- C:\Windows\GSetup.exe
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2012.01.08 13:55:34 | 000,000,000 | ---D | M] -- C:\Users\Jaroslava\AppData\Roaming\ESET
[2012.01.09 14:19:10 | 000,000,000 | ---D | M] -- C:\Users\Jaroslava\AppData\Roaming\ICQ
[2012.01.08 15:20:28 | 000,000,000 | ---D | M] -- C:\Users\Jaroslava\AppData\Roaming\IrfanView
[2012.01.09 21:18:49 | 000,000,000 | ---D | M] -- C:\Users\Jaroslava\AppData\Roaming\Jewel Match 3
[2012.01.08 15:52:55 | 000,000,000 | ---D | M] -- C:\Users\Jaroslava\AppData\Roaming\OpenOffice.org
[2012.01.08 14:25:50 | 000,000,000 | ---D | M] -- C:\Users\Jaroslava\AppData\Roaming\Thunderbird
[2009.07.14 06:08:49 | 000,007,448 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< >

< >

[jaruneczka]

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows.old.000\Windows\ERDNT\cache64\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows.old.000\Windows\System32\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows.old.000\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows.old.000\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows.old.000\Windows\System32\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows.old.000\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows.old.000\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows.old.000\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows.old.000\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows.old.000\Windows\System32\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows.old.000\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows.old.000\Windows\ERDNT\cache86\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows.old.000\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows.old.000\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows.old.000\Windows\System32\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows.old.000\Windows\ERDNT\cache86\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows.old.000\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows.old.000\Windows\ERDNT\cache64\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows.old.000\Windows\System32\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows.old.000\Windows\ERDNT\cache86\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows.old.000\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows.old.000\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows.old.000\Windows\ERDNT\cache64\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows.old.000\Windows\System32\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011.04.25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011.04.25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2011.04.25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010.06.14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2011.09.29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows.old.000\Windows\ERDNT\cache64\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows.old.000\Windows\System32\drivers\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows.old.000\Windows\ERDNT\cache86\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows.old.000\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows.old.000\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows.old.000\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows.old.000\Windows\ERDNT\cache64\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows.old.000\Windows\System32\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows.old.000\Windows\ERDNT\cache64\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows.old.000\Windows\System32\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.01.08 14:59:31 | 000,000,000 | ---D | M] -- C:\Users\Jaroslava\AppData\Roaming\Adobe
[2012.01.08 13:55:34 | 000,000,000 | ---D | M] -- C:\Users\Jaroslava\AppData\Roaming\ESET
[2012.01.09 14:19:10 | 000,000,000 | ---D | M] -- C:\Users\Jaroslava\AppData\Roaming\ICQ
[2012.01.08 13:17:10 | 000,000,000 | ---D | M] -- C:\Users\Jaroslava\AppData\Roaming\Identities
[2012.01.08 13:38:23 | 000,000,000 | ---D | M] -- C:\Users\Jaroslava\AppData\Roaming\InstallShield
[2012.01.08 13:59:36 | 000,000,000 | ---D | M] -- C:\Users\Jaroslava\AppData\Roaming\Intel Corporation
[2012.01.08 15:20:28 | 000,000,000 | ---D | M] -- C:\Users\Jaroslava\AppData\Roaming\IrfanView
[2012.01.09 21:18:49 | 000,000,000 | ---D | M] -- C:\Users\Jaroslava\AppData\Roaming\Jewel Match 3
[2012.01.08 14:59:31 | 000,000,000 | ---D | M] -- C:\Users\Jaroslava\AppData\Roaming\Macromedia
[2009.07.14 16:36:31 | 000,000,000 | ---D | M] -- C:\Users\Jaroslava\AppData\Roaming\Media Center Programs
[2012.01.08 18:50:51 | 000,000,000 | --SD | M] -- C:\Users\Jaroslava\AppData\Roaming\Microsoft
[2012.01.08 14:20:40 | 000,000,000 | ---D | M] -- C:\Users\Jaroslava\AppData\Roaming\Mozilla
[2012.01.08 15:52:55 | 000,000,000 | ---D | M] -- C:\Users\Jaroslava\AppData\Roaming\OpenOffice.org
[2012.01.09 21:09:48 | 000,000,000 | ---D | M] -- C:\Users\Jaroslava\AppData\Roaming\Skype
[2012.01.08 14:25:50 | 000,000,000 | ---D | M] -- C:\Users\Jaroslava\AppData\Roaming\Thunderbird
[2012.01.08 15:17:52 | 000,000,000 | ---D | M] -- C:\Users\Jaroslava\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.01.08 14:05:31 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\admparse.dll
[2012.01.08 14:05:31 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtmsft.dll
[2012.01.08 14:05:31 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtrans.dll
[2012.01.08 14:59:25 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2012.01.08 14:05:31 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\html.iec
[2012.01.08 14:05:31 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icardie.dll
[2012.01.08 14:05:31 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ie4uinit.exe
[2012.01.08 14:05:31 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IEAdvpack.dll
[2012.01.08 14:05:31 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieakeng.dll
[2012.01.08 14:05:31 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieaksie.dll
[2012.01.08 14:05:31 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieakui.dll
[2012.01.08 14:05:31 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dat
[2012.01.08 14:05:31 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dll
[2012.01.08 14:05:31 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iedkcs32.dll
[2012.01.08 14:05:31 | 009,705,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieframe.dll
[2012.01.08 14:05:31 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iepeers.dll
[2012.01.08 14:05:31 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iernonce.dll
[2012.01.08 14:05:32 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iertutil.dll
[2012.01.08 14:05:31 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesetup.dll
[2012.01.08 14:05:31 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesysprep.dll
[2012.01.08 14:05:31 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieui.dll
[2012.01.08 14:05:31 | 000,072,822 | ---- | M] () -- C:\Windows\system32\ieuinit.inf
[2012.01.08 14:05:31 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieUnatt.exe
[2012.01.08 14:05:31 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iexpress.exe
[2012.01.08 14:05:31 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imgutil.dll
[2012.01.08 14:05:31 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inetcpl.cpl
[2012.01.08 14:05:31 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inseng.dll
[2012.01.08 14:05:31 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript.dll
[2012.01.08 14:05:31 | 001,798,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9.dll
[2012.01.08 14:05:32 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsproxy.dll
[2012.01.09 12:51:08 | 000,004,204 | ---- | M] () -- C:\Windows\system32\jupdate-1.6.0_30-b12.log
[2012.01.08 13:12:33 | 000,067,884 | ---- | M] () -- C:\Windows\system32\license.rtf
[2012.01.08 14:05:31 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\licmgr10.dll
[2012.01.08 15:37:22 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msclmd.dll
[2012.01.08 14:05:31 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeeds.dll
[2012.01.08 14:05:31 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedsbs.dll
[2012.01.08 14:05:31 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedssync.exe
[2012.01.08 14:05:31 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshta.exe
[2012.01.08 14:05:31 | 012,279,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.dll
[2012.01.08 14:05:31 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.tlb
[2012.01.08 14:05:31 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmled.dll
[2012.01.08 14:05:31 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmler.dll
[2012.01.08 14:05:32 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msls31.dll
[2012.01.08 14:05:31 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msrating.dll
[2012.01.08 14:05:31 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\occache.dll
[2012.01.08 14:05:31 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pngfilt.dll
[2012.01.08 14:05:32 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RegisterIEPKEYs.exe
[2012.01.08 14:05:31 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SetIEInstalledDate.exe
[2012.01.08 14:05:31 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tdc.ocx
[2012.01.08 14:05:31 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\url.dll
[2012.01.08 14:05:32 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\urlmon.dll
[2012.01.08 14:05:31 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vbscript.dll
[2012.01.08 14:05:31 | 000,203,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webcheck.dll
[2012.01.08 14:05:31 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wextract.exe
[2012.01.08 14:05:32 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wininet.dll
[2012.01.08 13:39:11 | 000,000,052 | ---- | M] () -- C:\Windows\system32\XSrvSetup.log

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.01.10 07:50:33 | 000,000,512 | ---- | M] () MD5=51C08828B774041193FA8F62945FF485 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2007.04.26 14:10:16 | 000,035,308 | ---- | M] () -- \Luba hry\Ocean Quest\Models\E3\E3KolesnCrack.mdl
[2012.01.08 15:54:57 | 000,000,146 | ---- | M] () -- \Users\Jaroslava\Favorites\ZÁLOŽKY\Hry\serial Play Smash Frenzy 3 Megaupload Rapidshare Download Crack Serial.URL

< *keygen* /s >
[2010.06.25 16:36:02 | 000,104,960 | ---- | M] () -- \Stažené soubory\Winrar Keygen.exe
[2010.06.25 16:36:02 | 000,104,960 | ---- | M] () -- \Users\Jaroslava\Downloads\Winrar Keygen.exe

< *loader* /s >
[2004.05.14 16:03:14 | 000,007,600 | ---- | M] () -- \Luba hry\Air Hawk 3 - Desert Storm\data\models\mapobjects\misc\loader.mdl
[2004.11.16 13:57:54 | 000,033,580 | ---- | M] () -- \Luba hry\Air Hawk 3 - Desert Storm\data\models\mapobjects\misc\loader.tga
[2006.10.31 22:02:20 | 000,053,248 | ---- | M] () -- \Luba hry\Alawar\StrikeBall3\PhysXLoader.dll
[2009.04.28 15:37:46 | 002,210,304 | ---- | M] () -- \Luba hry\Dragon\PreLoader.exe
[2009.05.31 12:12:08 | 000,031,068 | ---- | M] () -- \Luba hry\Fairy Nook\Data\Image\loader_back.png
[2009.05.31 12:12:08 | 000,039,034 | ---- | M] () -- \Luba hry\Fairy Nook\Data\Image\loader_bar.png
[2009.05.31 12:12:08 | 000,019,417 | ---- | M] () -- \Luba hry\Fairy Nook\Data\Image\loader_progress.png
[2005.06.21 04:45:42 | 000,004,960 | ---- | M] () -- \Luba hry\Zuma.StarWars\images\loaderbar.gif
[2003.12.25 02:53:56 | 000,001,064 | ---- | M] () -- \Luba hry\Zuma.StarWars\images\_loaderbar.gif
[2003.10.14 16:05:18 | 000,004,960 | ---- | M] () -- \Luba hry\Zuma\images\LoaderBar.gif
[2003.10.14 16:03:28 | 000,001,064 | ---- | M] () -- \Luba hry\Zuma\images\_LoaderBar.gif
[2012.01.08 16:15:01 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012.01.08 16:15:01 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012.01.08 16:15:01 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.01.08 16:16:23 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\profile_lightboxs\preloader.html
[2011.01.17 16:21:04 | 000,006,263 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.py
[2012.01.08 15:52:38 | 000,021,504 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2011.01.17 17:00:08 | 000,000,171 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2012.01.08 15:52:41 | 000,029,184 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.11.19 12:24:20 | 000,003,689 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\java\unoloader.jar
[2010.02.10 18:09:08 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012.01.08 15:54:55 | 000,000,128 | ---- | M] () -- \Users\Jaroslava\Favorites\ZÁLOŽKY\PC\Uploader pro vyoska.URL
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows.old.000\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows.old.000\Windows\System32\dmloader.dll
[2009.07.14 06:09:01 | 000,003,532 | ---- | M] () -- \Windows.old.000\Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows.old.000\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows.old.000\Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows.old.000\Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows.old.000\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.12 19:16:34 | 000,003,584 | ---- | M] () -- \Windows.old.000\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.12 19:16:23 | 000,003,584 | ---- | M] () -- \Windows.old.000\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | ---- | M] () -- \Windows.old.000\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.12 19:16:23 | 000,003,584 | ---- | M] () -- \Windows.old.000\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows.old.000\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.12 19:16:35 | 000,003,584 | ---- | M] () -- \Windows.old.000\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.12 19:16:23 | 000,003,584 | -H-- | M] () -- \Windows.old.000\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows.old.000\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.12 19:16:34 | 000,003,584 | ---- | M] () -- \Windows.old.000\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.12 19:16:23 | 000,003,584 | ---- | M] () -- \Windows.old.000\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows.old.000\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows.old.000\Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows.old.000\Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows.old.000\Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows.old.000\Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 05:12:44 | 000,005,745 | ---- | M] () -- \Windows.old.000\Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows.old.000\Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows.old.000\Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows.old.000\Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows.old.000\Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows.old.000\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.12 19:16:34 | 000,003,584 | ---- | M] () -- \Windows.old.000\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.12 19:16:23 | 000,003,584 | ---- | M] () -- \Windows.old.000\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows.old.000\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.12 19:16:23 | 000,003,584 | ---- | M] () -- \Windows.old.000\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows.old.000\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.12 19:16:35 | 000,003,584 | ---- | M] () -- \Windows.old.000\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.12 19:16:23 | 000,003,584 | -H-- | M] () -- \Windows.old.000\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows.old.000\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.12 19:16:35 | 000,003,584 | ---- | M] () -- \Windows.old.000\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.12 19:16:23 | 000,003,584 | ---- | M] () -- \Windows.old.000\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows.old.000\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2010.11.20 12:09:38 | 000,004,290 | ---- | M] () -- \Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_fi-fi_73a52105efe44483.manifest
[2010.11.20 14:33:18 | 000,004,338 | ---- | M] () -- \Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_344529e2e1c53ac6.manifest
[2011.02.05 14:09:50 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_9c05f879842e1792.manifest
[2011.02.05 14:05:03 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_9c6455949d6c2720.manifest
[2011.02.05 18:34:40 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_9deb553581556a27.manifest
[2011.02.05 14:10:12 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_9e73f1b69a73f09a.manifest
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 16:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 16:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 16:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 16:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 16:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.01.08 15:38:04 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.01.08 15:38:04 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012.01.08 15:38:05 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012.01.08 15:38:05 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012.01.08 15:38:05 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

[vyosek]

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  IE - HKLM\..\URLSearchHook: - No CLSID value found
  IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
  IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
  IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
  IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
  IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
  IE - HKU\S-1-5-21-2653022638-3998562978-713219669-1000\..\URLSearchHook: - No CLSID value found
  FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
  FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=em&tb_ver=1.4.3&q="
  FF - prefs.js..network.proxy.type: 4
  [2012.01.09 18:11:46 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
  [2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\searchplugins\icqplugin.xml
  O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
  O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
  O15 - HKU\S-1-5-21-2653022638-3998562978-713219669-1000\..Trusted Domains: mojebanka.cz ([www] https in Důvěryhodné servery)
  O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
  O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
  [4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
  [6 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
  [2 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
  
  :reg
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCU]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
  [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
  "BCU"=-
  
  :files
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[jaruneczka]

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-21-2653022638-3998562978-713219669-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.4.3&q=" removed from keyword.URL
Prefs.js: 4 removed from network.proxy.type
C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\1mla55pj.default\searchplugins\icqplugin.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found.
Registry key HKEY_USERS\S-1-5-21-2653022638-3998562978-713219669-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\www\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP38FA.tmp\System.Web.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP38FA.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB6F0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE7EE.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP32F2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP36A9.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3BA8.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8094.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\Temp\CabBA3A.tmp deleted successfully.
C:\Windows\Temp\TarBA4A.tmp deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCU\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\BCU deleted successfully.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Jaroslava
->Temp folder emptied: 8391812 bytes
->Temporary Internet Files folder emptied: 2363189 bytes
->Java cache emptied: 2028887 bytes
->FireFox cache emptied: 43864631 bytes
->Flash cache emptied: 577 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7056 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 54,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Jaroslava
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 01102012_122318

Files\Folders moved on Reboot...
C:\Users\Jaroslava\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

[vyosek]

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A je to vse pokud nejsou problemy

[jaruneczka]

děkuji Vám pěkně,

[vyosek]

Rado se stalo