Nelegálny Windows

Zpráva

janolor · #1 Příspěvek od **janolor** » 20 bře 2012 21:34

Prajem pekný večer,
Trošku sa priúčam,študujem na Vašej stránke (dalo by sa povedať každodenne) logy,návody a riešenia na opravu "pokazených" PC,ale nemôžem prísť na to,podľa čoho poznáte nelegálny Windows napr.konkrétne u tohto prípadu. http://forum.viry.cz//viewtopic.php?f=13&t=120531 Čo do toho Windowsu "nepatrí",že to z toho logu vyčítate?Vopred ďakujem za odpoveď a poučenie.

#2 Příspěvek od **Mc_Murphy** » 20 bře 2012 21:40

Zdravím.

A to si jako opravdu myslíš, že to tu prozradíme a zveřejníme?

Aby si pak kdejaký vykuk s nelegálem upravoval logy? Ale no tak, přemýšlej trošku.

janolor · #3 Příspěvek od **janolor** » 20 bře 2012 21:58

Nehnevajte sa ale zaujíma ma to čiste z odborného hľadiska a trošku aj zo zvedavosti a ešte aj z jedného konkrétneho prípadu.Trošku to rozoberiem,ak Vás tým neokrádam o čas.
citát z mailu na podporu Microsoftu:
Dobrý deň, obraciam sa na Vás so žiadosťou o poskytnutie informácií ohľadne licencie.Známemu "odišiel" stolný PC (je v nepoužiteľnom stave), na ktorom mal nainštalovaný Win7 Home premium s licenciou - citujem s inštalačného CD - "licencované iba pre distribúciu s novým počítačom".Je možné mu legálne nainštalovať túto licenciu na nový PC? Ďakujem za odpoveď a prajem pekný deň. S pozdravom
citát z odpovede:
Nie, nie je to možné. Podľa daného popisu sa jedná o OEM licenciu Windowsu, ktorá sa dodáva len s novým počítačom a je viazaná na dané zariadenie, na ktoré sa nainštaluje. Pri zániku/vyradení počítača, s ním zaniká aj OEM licencia.

No a teraz k problému.Servis túto licenciu nainštaloval,s tvrdením,že bude všetko legálne.Tak som v rozpakoch.Kamarátovi som cez Team Viewer doinštalovával nejaké programy a popritom som si vytvoril logy z Rsitu,že sa Vás na tento problém popýtam.Bude to vidno na tom logu? Môžem ich sem vložiť?

#4 Příspěvek od **Pavuk29** » 20 bře 2012 22:29

Mc_Murphy je na odpoved, domnievam, sa, dostatocna autorita.

podla mna legalne nie, je to zlozite. Pockaj chvilku, precitam si to cele a napisem svoj nazor.

#5 Příspěvek od **Pavuk29** » 20 bře 2012 22:33

podla mna ta licencia nebude OK. mozno ma kolegovia opravia.

#6 Příspěvek od **cernohous13** » 20 bře 2012 22:48

Pokud se nepletu, tak bude potřeba do 30dnů provést aktivaci OS

Tam může nastat problém, OEM verze je vázána na HW - pokud mu tam nedali nějakou multilicenci nebo crack

#7 Příspěvek od **Pavuk29** » 20 bře 2012 22:59

cernohous13 píše:Pokud se nepletu, tak bude potřeba do 30dnů provést aktivaci OS
Tam může nastat problém, OEM verze je vázána na HW - pokud mu tam nedali nějakou multilicenci nebo crack

potom?

#8 Příspěvek od **Pavuk29** » 20 bře 2012 23:04

presiel som vsetky moznosti, podla mna ee.......t.j. nie
Ale neberte ma ako zakonodarcov a tvorcov licencii

janolor · #9 Příspěvek od **janolor** » 21 bře 2012 09:24

Veď práve,ani podľa mňa nie je tá licencia v poriadku a ani podľa Microsoftu,lenže servis tvrdí niečo inšie a aj tú licenciu nainštaloval,že všetko je ok a nechal si za to zaplatiť Preto som sa pýtal na tie logy,či to tam bude vidieť? Aby dotyčný mohol prísť do servisu a povedať im-aha tuto nie je voľačo v poriadku,toto sem nepatrí. Mám oba logy v PC k dispozícii, ale nič som tam z nich nevyčítal,ste ochotný sa na ne pozrieť?

janolor · #10 Příspěvek od **janolor** » 21 bře 2012 10:14

cernohous13 píše:Pokud se nepletu, tak bude potřeba do 30dnů provést aktivaci OS
Tam může nastat problém, OEM verze je vázána na HW - pokud mu tam nedali nějakou multilicenci nebo crack

Či bola urobená aktivácia OS alebo nie,to bohužiaľ neviem ani ja, ani dotyčný,ale predpokladám, že asi áno, lebo Windows 7 sa tvári legálne a automatické aktualizácie sú zapnuté, to bolo prvé, čo som skontroloval.

#11 Příspěvek od **cernohous13** » 21 bře 2012 10:39

janolor píše: ... lebo Windows 7 sa tvári legálne a automatické aktualizácie sú zapnuté, to bolo prvé, čo som skontroloval.

Pokud od instalace uplynulo více než 30 dní a aktualizace fungují, tak to zatím neřeš.
log.txt z RSIT sem klidně k nakouknutí dej.

janolor · #12 Příspěvek od **janolor** » 21 bře 2012 10:51

Inštalácia bola robená 14.3.
log z RSIT 1.časť:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Vlado at 2012-03-19 20:17:13
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 267 GB (88%) free of 305 GB
Total RAM: 2046 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:17:36, on 19. 3. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\TeamViewer\Version7\TeamViewer.exe
C:\Users\Vlado\Downloads\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\Vlado.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: AML Device Install.lnk = C:\Program Files\AMD AVT\bin\kdbsync.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe

--
End of file - 3929 bytes

======Scheduled tasks folder======

C:\Windows\tasks\AWC Startup.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Vlado\AppData\Roaming\Mozilla\Firefox\Profiles\529b2mfd.default

prefs.js - "browser.startup.homepage" - "http://www.google.com/ig?hl=sk"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-02-14 636032]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"=C:\Program Files\Google\Gmail Notifier\gnotify.exe [2005-07-15 479232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-07-27 1983816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-18 767312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2011-10-24 421888]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AML Device Install.lnk - C:\Program Files\AMD AVT\bin\kdbsync.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-03-19 20:17:14 ----D---- C:\Program Files\trend micro
2012-03-19 20:17:13 ----D---- C:\rsit
2012-03-19 20:01:57 ----D---- C:\Users\Vlado\AppData\Roaming\Nero
2012-03-19 19:59:26 ----D---- C:\Program Files\Nero
2012-03-19 19:59:00 ----D---- C:\Program Files\Common Files\Nero
2012-03-19 19:58:51 ----D---- C:\ProgramData\Nero
2012-03-19 19:45:18 ----D---- C:\Users\Vlado\AppData\Roaming\TeamViewer
2012-03-19 19:15:13 ----A---- C:\Windows\system32\d3dcsx_43.dll
2012-03-19 19:15:13 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2012-03-19 19:15:12 ----A---- C:\Windows\system32\D3DX9_43.dll
2012-03-19 19:15:12 ----A---- C:\Windows\system32\d3dx11_43.dll
2012-03-19 19:15:12 ----A---- C:\Windows\system32\d3dx10_43.dll
2012-03-19 19:14:30 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2012-03-19 19:13:41 ----A---- C:\Windows\system32\D3DX9_42.dll
2012-03-19 19:12:53 ----A---- C:\Windows\system32\D3DX9_40.dll
2012-03-19 19:12:09 ----A---- C:\Windows\system32\d3dx9_35.dll
2012-03-19 19:11:27 ----A---- C:\Windows\system32\d3dx9_34.dll
2012-03-19 19:10:42 ----A---- C:\Windows\system32\d3dx9_30.dll
2012-03-19 18:35:38 ----D---- C:\Program Files\Google
2012-03-19 18:26:58 ----D---- C:\Windows\sk
2012-03-19 18:22:51 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2012-03-19 18:19:54 ----D---- C:\Program Files\Windows Live
2012-03-19 18:18:53 ----A---- C:\Windows\system32\XAudio2_5.dll
2012-03-19 18:18:53 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2012-03-19 18:18:52 ----A---- C:\Windows\system32\d3dx10_42.dll
2012-03-19 18:18:39 ----A---- C:\Windows\system32\d3dx9_32.dll
2012-03-19 18:16:52 ----D---- C:\Program Files\Common Files\Windows Live
2012-03-19 17:43:25 ----D---- C:\Program Files\CCleaner
2012-03-19 12:05:50 ----D---- C:\Users\Vlado\AppData\Roaming\Apple Computer
2012-03-18 20:43:22 ----D---- C:\ProgramData\Apple Computer
2012-03-18 20:43:22 ----D---- C:\Program Files\QuickTime
2012-03-18 20:42:53 ----D---- C:\ProgramData\Apple
2012-03-18 20:03:05 ----D---- C:\ProgramData\Aliasworlds
2012-03-18 20:02:50 ----D---- C:\Program Files\Medvěd Míša - Zakletý hrad
2012-03-18 18:02:08 ----D---- C:\Users\Vlado\AppData\Roaming\Nitro PDF
2012-03-18 18:00:12 ----A---- C:\Windows\system32\nitrolocalui2.dll
2012-03-18 18:00:12 ----A---- C:\Windows\system32\nitrolocalmon2.dll
2012-03-18 18:00:05 ----D---- C:\ProgramData\Nitro PDF
2012-03-18 17:57:29 ----D---- C:\Users\Vlado\AppData\Roaming\OpenCandy
2012-03-18 17:57:29 ----D---- C:\Program Files\The KMPlayer
2012-03-18 17:10:33 ----D---- C:\Users\Vlado\AppData\Roaming\ATI
2012-03-18 17:10:33 ----D---- C:\ProgramData\ATI
2012-03-18 17:07:28 ----D---- C:\ProgramData\AMD
2012-03-18 17:07:27 ----D---- C:\Program Files\AMD AVT
2012-03-18 17:07:24 ----D---- C:\Program Files\AMD APP
2012-03-18 17:07:21 ----D---- C:\Program Files\Common Files\ATI Technologies
2012-03-18 17:06:03 ----D---- C:\Program Files\ATI Technologies
2012-03-18 17:06:00 ----D---- C:\Program Files\ATI
2012-03-18 17:04:57 ----D---- C:\AMD
2012-03-17 16:36:45 ----HD---- C:\ProgramData\CanonIJMyPrinter
2012-03-17 10:47:22 ----D---- C:\ProgramData\CanonIJ
2012-03-17 10:46:35 ----D---- C:\Users\Vlado\AppData\Roaming\Canon
2012-03-17 10:45:40 ----HD---- C:\ProgramData\CanonIJEGV
2012-03-17 10:45:28 ----HD---- C:\ProgramData\CanonIJEPPEX
2012-03-17 10:45:03 ----HD---- C:\ProgramData\CanonIJSolutionMenu
2012-03-17 10:44:49 ----D---- C:\ProgramData\CanonIJPLM
2012-03-17 10:17:17 ----D---- C:\Program Files\Canon
2012-03-17 10:05:51 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2012-03-17 10:05:47 ----HD---- C:\ProgramData\CanonBJ
2012-03-17 10:05:34 ----A---- C:\Windows\system32\CNHMCA.dll
2012-03-17 10:05:34 ----A---- C:\Windows\system32\CNC550U.dll
2012-03-17 10:05:34 ----A---- C:\Windows\system32\CNC550L.dll
2012-03-17 10:05:34 ----A---- C:\Windows\system32\CNC550I.dll
2012-03-17 10:05:34 ----A---- C:\Windows\system32\CNC550C.dll
2012-03-17 10:05:25 ----A---- C:\Windows\system32\CNMLM9Z.DLL
2012-03-16 16:23:15 ----D---- C:\Program Files\TeamViewer
2012-03-16 15:23:22 ----D---- C:\Program Files\Montezov polad
2012-03-15 16:55:17 ----D---- C:\Users\Vlado\AppData\Roaming\Skype
2012-03-15 16:55:09 ----RD---- C:\Program Files\Skype
2012-03-15 16:55:09 ----D---- C:\Program Files\Common Files\Skype
2012-03-15 16:55:08 ----D---- C:\ProgramData\Skype
2012-03-15 15:59:38 ----D---- C:\Users\Vlado\AppData\Roaming\IObit
2012-03-15 15:59:38 ----D---- C:\Program Files\IObit
2012-03-15 11:45:32 ----D---- C:\Users\Vlado\AppData\Roaming\Friday's games
2012-03-15 11:45:16 ----D---- C:\Program Files\Montezumova pomsta
2012-03-14 21:41:28 ----D---- C:\Windows\system32\Macromed
2012-03-14 21:04:51 ----A---- C:\Windows\Ascd_tmp.ini
2012-03-14 20:48:30 ----A---- C:\Windows\system32\rdpwsx.dll
2012-03-14 20:48:30 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-03-14 20:46:58 ----D---- C:\Program Files\Microsoft Silverlight
2012-03-14 20:43:18 ----D---- C:\Windows\system32\Wat
2012-03-14 20:38:37 ----A---- C:\Windows\system32\FntCache.dll
2012-03-14 20:38:37 ----A---- C:\Windows\system32\d2d1.dll
2012-03-14 18:18:30 ----D---- C:\Windows\system32\SPReview
2012-03-14 18:18:09 ----D---- C:\Windows\system32\EventProviders
2012-03-14 18:11:46 ----A---- C:\Windows\system32\dfshim.dll
2012-03-14 18:11:43 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-03-14 18:11:43 ----A---- C:\Windows\system32\mstscax.dll
2012-03-14 18:11:43 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2012-03-14 18:11:41 ----A---- C:\Windows\system32\d3d10warp.dll
2012-03-14 18:11:40 ----A---- C:\Windows\system32\mfc40u.dll
2012-03-14 18:11:40 ----A---- C:\Windows\system32\mfc40.dll
2012-03-14 18:11:39 ----A---- C:\Windows\system32\sysmain.dll
2012-03-14 18:11:38 ----A---- C:\Windows\system32\secproc_isv.dll
2012-03-14 18:11:38 ----A---- C:\Windows\system32\RMActivate_isv.exe
2012-03-14 18:11:37 ----A---- C:\Windows\system32\secproc.dll
2012-03-14 18:11:36 ----A---- C:\Windows\system32\RMActivate.exe
2012-03-14 18:11:35 ----A---- C:\Windows\system32\spwizui.dll
2012-03-14 18:11:35 ----A---- C:\Windows\system32\mscoree.dll
2012-03-14 18:11:33 ----A---- C:\Windows\system32\mf.dll
2012-03-14 18:11:33 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2012-03-14 18:11:33 ----A---- C:\Windows\system32\CertEnroll.dll
2012-03-14 18:11:32 ----A---- C:\Windows\system32\wmp.dll
2012-03-14 18:11:31 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2012-03-14 18:11:31 ----A---- C:\Windows\system32\PresentationHost.exe
2012-03-14 18:11:31 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2012-03-14 18:11:31 ----A---- C:\Windows\system32\drivers\hwpolicy.sys
2012-03-14 18:11:30 ----A---- C:\Windows\system32\schedsvc.dll
2012-03-14 18:11:30 ----A---- C:\Windows\system32\RacEngn.dll
2012-03-14 18:11:29 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2012-03-14 18:11:28 ----A---- C:\Windows\system32\rdpdd.dll
2012-03-14 18:11:28 ----A---- C:\Windows\system32\qmgr.dll
2012-03-14 18:11:27 ----A---- C:\Windows\system32\wevtsvc.dll
2012-03-14 18:11:27 ----A---- C:\Windows\system32\ole32.dll
2012-03-14 18:11:27 ----A---- C:\Windows\system32\ExplorerFrame.dll
2012-03-14 18:11:26 ----A---- C:\Windows\system32\vssapi.dll
2012-03-14 18:11:26 ----A---- C:\Windows\system32\taskschd.dll
2012-03-14 18:11:26 ----A---- C:\Windows\system32\SearchFolder.dll
2012-03-14 18:11:26 ----A---- C:\Windows\system32\IKEEXT.DLL
2012-03-14 18:11:26 ----A---- C:\Windows\system32\d3d9.dll
2012-03-14 18:11:25 ----A---- C:\Windows\system32\mstsc.exe
2012-03-14 18:11:25 ----A---- C:\Windows\system32\crypt32.dll
2012-03-14 18:11:24 ----A---- C:\Windows\system32\wer.dll
2012-03-14 18:11:24 ----A---- C:\Windows\system32\termsrv.dll
2012-03-14 18:11:24 ----A---- C:\Windows\system32\spreview.exe
2012-03-14 18:11:24 ----A---- C:\Windows\system32\spinstall.exe
2012-03-14 18:11:24 ----A---- C:\Windows\system32\rpcrt4.dll
2012-03-14 18:11:24 ----A---- C:\Windows\system32\msxml6.dll
2012-03-14 18:11:24 ----A---- C:\Windows\system32\gpsvc.dll
2012-03-14 18:11:24 ----A---- C:\Windows\system32\certcli.dll
2012-03-14 18:11:23 ----A---- C:\Windows\system32\wbengine.exe
2012-03-14 18:11:23 ----A---- C:\Windows\system32\odbc32.dll
2012-03-14 18:11:23 ----A---- C:\Windows\system32\MPSSVC.dll
2012-03-14 18:11:23 ----A---- C:\Windows\system32\dwmcore.dll
2012-03-14 18:11:23 ----A---- C:\Windows\system32\diagperf.dll
2012-03-14 18:11:22 ----A---- C:\Windows\system32\WinSAT.exe
2012-03-14 18:11:22 ----A---- C:\Windows\system32\TSWorkspace.dll
2012-03-14 18:11:22 ----A---- C:\Windows\system32\tsmf.dll
2012-03-14 18:11:22 ----A---- C:\Windows\system32\scavengeui.dll
2012-03-14 18:11:22 ----A---- C:\Windows\system32\localspl.dll
2012-03-14 18:11:22 ----A---- C:\Windows\system32\dot3api.dll
2012-03-14 18:11:21 ----A---- C:\Windows\system32\winhttp.dll
2012-03-14 18:11:21 ----A---- C:\Windows\system32\setupapi.dll
2012-03-14 18:11:21 ----A---- C:\Windows\system32\MSVidCtl.dll
2012-03-14 18:11:21 ----A---- C:\Windows\system32\apphelp.dll
2012-03-14 18:11:20 ----A---- C:\Windows\system32\winlogon.exe
2012-03-14 18:11:20 ----A---- C:\Windows\system32\WindowsCodecs.dll
2012-03-14 18:11:20 ----A---- C:\Windows\system32\VSSVC.exe
2012-03-14 18:11:20 ----A---- C:\Windows\system32\user32.dll
2012-03-14 18:11:20 ----A---- C:\Windows\system32\netlogon.dll
2012-03-14 18:11:20 ----A---- C:\Windows\system32\netcfgx.dll
2012-03-14 18:11:20 ----A---- C:\Windows\system32\dbgeng.dll
2012-03-14 18:11:20 ----A---- C:\Windows\system32\d3d11.dll
2012-03-14 18:11:19 ----A---- C:\Windows\system32\WsmSvc.dll
2012-03-14 18:11:19 ----A---- C:\Windows\system32\WMVDECOD.DLL
2012-03-14 18:11:19 ----A---- C:\Windows\system32\Query.dll
2012-03-14 18:11:19 ----A---- C:\Windows\system32\advapi32.dll
2012-03-14 18:11:18 ----A---- C:\Windows\system32\upnp.dll
2012-03-14 18:11:18 ----A---- C:\Windows\system32\sppobjs.dll
2012-03-14 18:11:18 ----A---- C:\Windows\system32\netfxperf.dll
2012-03-14 18:11:18 ----A---- C:\Windows\system32\msv1_0.dll
2012-03-14 18:11:18 ----A---- C:\Windows\system32\msdrm.dll
2012-03-14 18:11:18 ----A---- C:\Windows\system32\mmcndmgr.dll
2012-03-14 18:11:18 ----A---- C:\Windows\system32\lsm.exe
2012-03-14 18:11:18 ----A---- C:\Windows\system32\imapi2fs.dll
2012-03-14 18:11:18 ----A---- C:\Windows\system32\DShowRdpFilter.dll
2012-03-14 18:11:18 ----A---- C:\Windows\system32\authui.dll
2012-03-14 18:11:17 ----A---- C:\Windows\system32\usp10.dll
2012-03-14 18:11:17 ----A---- C:\Windows\system32\shlwapi.dll
2012-03-14 18:11:17 ----A---- C:\Windows\system32\SessEnv.dll
2012-03-14 18:11:17 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2012-03-14 18:11:17 ----A---- C:\Windows\system32\mcbuilder.exe
2012-03-14 18:11:16 ----A---- C:\Windows\system32\xpsservices.dll
2012-03-14 18:11:16 ----A---- C:\Windows\system32\winload.exe
2012-03-14 18:11:16 ----A---- C:\Windows\system32\WebClnt.dll
2012-03-14 18:11:16 ----A---- C:\Windows\system32\userenv.dll
2012-03-14 18:11:16 ----A---- C:\Windows\system32\sppwinob.dll
2012-03-14 18:11:16 ----A---- C:\Windows\system32\iphlpsvc.dll
2012-03-14 18:11:16 ----A---- C:\Windows\system32\drvstore.dll
2012-03-14 18:11:16 ----A---- C:\Windows\system32\comdlg32.dll
2012-03-14 18:11:16 ----A---- C:\Windows\system32\certmgr.dll
2012-03-14 18:11:16 ----A---- C:\Windows\system32\audiosrv.dll
2012-03-14 18:11:15 ----A---- C:\Windows\system32\Wldap32.dll
2012-03-14 18:11:15 ----A---- C:\Windows\system32\win32spl.dll
2012-03-14 18:11:15 ----A---- C:\Windows\system32\rpcss.dll
2012-03-14 18:11:15 ----A---- C:\Windows\system32\propsys.dll
2012-03-14 18:11:15 ----A---- C:\Windows\system32\nlasvc.dll
2012-03-14 18:11:15 ----A---- C:\Windows\system32\mfds.dll
2012-03-14 18:11:15 ----A---- C:\Windows\system32\framedynos.dll
2012-03-14 18:11:15 ----A---- C:\Windows\system32\cmd.exe
2012-03-14 18:11:15 ----A---- C:\Windows\system32\BFE.DLL
2012-03-14 18:11:14 ----A---- C:\Windows\system32\wucltux.dll
2012-03-14 18:11:14 ----A---- C:\Windows\system32\wuaueng.dll
2012-03-14 18:11:14 ----A---- C:\Windows\system32\wmicmiplugin.dll
2012-03-14 18:11:14 ----A---- C:\Windows\system32\winresume.exe
2012-03-14 18:11:14 ----A---- C:\Windows\system32\werconcpl.dll
2012-03-14 18:11:14 ----A---- C:\Windows\system32\samsrv.dll
2012-03-14 18:11:14 ----A---- C:\Windows\system32\profsvc.dll
2012-03-14 18:11:14 ----A---- C:\Windows\system32\ncsi.dll
2012-03-14 18:11:14 ----A---- C:\Windows\system32\drivers\volsnap.sys
2012-03-14 18:11:14 ----A---- C:\Windows\system32\drivers\netio.sys
2012-03-14 18:11:14 ----A---- C:\Windows\system32\drivers\ndis.sys
2012-03-14 18:11:14 ----A---- C:\Windows\system32\azroles.dll
2012-03-14 18:11:13 ----A---- C:\Windows\system32\themeui.dll
2012-03-14 18:11:13 ----A---- C:\Windows\system32\taskeng.exe
2012-03-14 18:11:13 ----A---- C:\Windows\system32\spp.dll
2012-03-14 18:11:13 ----A---- C:\Windows\system32\mswsock.dll
2012-03-14 18:11:13 ----A---- C:\Windows\system32\dhcpcore.dll
2012-03-14 18:11:13 ----A---- C:\Windows\system32\credui.dll
2012-03-14 18:11:12 ----A---- C:\Windows\system32\wintrust.dll
2012-03-14 18:11:12 ----A---- C:\Windows\system32\taskcomp.dll
2012-03-14 18:11:12 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2012-03-14 18:11:12 ----A---- C:\Windows\system32\msxml3.dll
2012-03-14 18:11:12 ----A---- C:\Windows\system32\mfreadwrite.dll
2012-03-14 18:11:12 ----A---- C:\Windows\system32\gdi32.dll
2012-03-14 18:11:12 ----A---- C:\Windows\system32\evr.dll
2012-03-14 18:11:12 ----A---- C:\Windows\system32\dxgi.dll
2012-03-14 18:11:12 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2012-03-14 18:11:12 ----A---- C:\Windows\system32\drivers\http.sys
2012-03-14 18:11:12 ----A---- C:\Windows\system32\dbghelp.dll
2012-03-14 18:11:12 ----A---- C:\Windows\system32\basecsp.dll
2012-03-14 18:11:11 ----A---- C:\Windows\system32\WinSATAPI.dll
2012-03-14 18:11:11 ----A---- C:\Windows\system32\vpnike.dll
2012-03-14 18:11:11 ----A---- C:\Windows\system32\srvsvc.dll
2012-03-14 18:11:11 ----A---- C:\Windows\system32\sqlsrv32.dll
2012-03-14 18:11:11 ----A---- C:\Windows\system32\spoolsv.exe
2012-03-14 18:11:11 ----A---- C:\Windows\system32\QAGENTRT.DLL
2012-03-14 18:11:11 ----A---- C:\Windows\system32\drivers\1394ohci.sys
2012-03-14 18:11:11 ----A---- C:\Windows\system32\calc.exe
2012-03-14 18:11:10 ----A---- C:\Windows\system32\ws2_32.dll
2012-03-14 18:11:10 ----A---- C:\Windows\system32\UIRibbon.dll
2012-03-14 18:11:10 ----A---- C:\Windows\system32\sxs.dll
2012-03-14 18:11:10 ----A---- C:\Windows\system32\netshell.dll
2012-03-14 18:11:10 ----A---- C:\Windows\system32\lpksetup.exe
2012-03-14 18:11:10 ----A---- C:\Windows\system32\fveapi.dll
2012-03-14 18:11:10 ----A---- C:\Windows\system32\drivers\fvevol.sys
2012-03-14 18:11:10 ----A---- C:\Windows\system32\cryptsvc.dll
2012-03-14 18:11:09 ----A---- C:\Windows\system32\stobject.dll
2012-03-14 18:11:09 ----A---- C:\Windows\system32\prncache.dll
2012-03-14 18:11:09 ----A---- C:\Windows\system32\printui.dll
2012-03-14 18:11:09 ----A---- C:\Windows\system32\msi.dll
2012-03-14 18:11:09 ----A---- C:\Windows\system32\inetpp.dll
2012-03-14 18:11:09 ----A---- C:\Windows\system32\hgprint.dll
2012-03-14 18:11:09 ----A---- C:\Windows\system32\drivers\rdbss.sys
2012-03-14 18:11:09 ----A---- C:\Windows\system32\drivers\msdsm.sys
2012-03-14 18:11:09 ----A---- C:\Windows\system32\comctl32.dll
2012-03-14 18:11:08 ----A---- C:\Windows\system32\WSDApi.dll
2012-03-14 18:11:08 ----A---- C:\Windows\system32\wmpeffects.dll
2012-03-14 18:11:08 ----A---- C:\Windows\system32\rpchttp.dll
2012-03-14 18:11:08 ----A---- C:\Windows\system32\net1.exe
2012-03-14 18:11:08 ----A---- C:\Windows\system32\dps.dll
2012-03-14 18:11:08 ----A---- C:\Windows\system32\ci.dll
2012-03-14 18:11:08 ----A---- C:\Windows\system32\aitagent.exe
2012-03-14 18:11:08 ----A---- C:\Windows\system32\aepdu.dll
2012-03-14 18:11:07 ----A---- C:\Windows\system32\vds.exe
2012-03-14 18:11:07 ----A---- C:\Windows\system32\scansetting.dll
2012-03-14 18:11:07 ----A---- C:\Windows\system32\FXSSVC.exe
2012-03-14 18:11:07 ----A---- C:\Windows\system32\drivers\pci.sys
2012-03-14 18:11:06 ----A---- C:\Windows\system32\wpdshext.dll
2012-03-14 18:11:06 ----A---- C:\Windows\system32\WMVCORE.DLL
2012-03-14 18:11:06 ----A---- C:\Windows\system32\wlangpui.dll
2012-03-14 18:11:06 ----A---- C:\Windows\system32\t2embed.dll
2012-03-14 18:11:06 ----A---- C:\Windows\system32\QSHVHOST.DLL
2012-03-14 18:11:06 ----A---- C:\Windows\system32\pnidui.dll
2012-03-14 18:11:06 ----A---- C:\Windows\system32\MMDevAPI.dll
2012-03-14 18:11:06 ----A---- C:\Windows\system32\IPSECSVC.DLL
2012-03-14 18:11:06 ----A---- C:\Windows\system32\davclnt.dll
2012-03-14 18:11:06 ----A---- C:\Windows\system32\consent.exe
2012-03-14 18:11:06 ----A---- C:\Windows\system32\aaclient.dll
2012-03-14 18:11:05 ----A---- C:\Windows\system32\webservices.dll
2012-03-14 18:11:05 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2012-03-14 18:11:05 ----A---- C:\Windows\system32\SyncCenter.dll
2012-03-14 18:11:05 ----A---- C:\Windows\system32\netdiagfx.dll
2012-03-14 18:11:05 ----A---- C:\Windows\system32\fde.dll
2012-03-14 18:11:05 ----A---- C:\Windows\system32\drivers\termdd.sys
2012-03-14 18:11:05 ----A---- C:\Windows\system32\drivers\sbp2port.sys
2012-03-14 18:11:04 ----A---- C:\Windows\system32\wuapi.dll
2012-03-14 18:11:04 ----A---- C:\Windows\system32\wscapi.dll
2012-03-14 18:11:04 ----A---- C:\Windows\system32\wisptis.exe
2012-03-14 18:11:04 ----A---- C:\Windows\system32\WinSCard.dll
2012-03-14 18:11:04 ----A---- C:\Windows\system32\sdengin2.dll
2012-03-14 18:11:04 ----A---- C:\Windows\system32\pla.dll
2012-03-14 18:11:04 ----A---- C:\Windows\system32\msasn1.dll
2012-03-14 18:11:04 ----A---- C:\Windows\system32\mcmde.dll
2012-03-14 18:11:03 ----A---- C:\Windows\system32\WUDFSvc.dll
2012-03-14 18:11:03 ----A---- C:\Windows\system32\winsta.dll
2012-03-14 18:11:03 ----A---- C:\Windows\system32\wiaservc.dll
2012-03-14 18:11:03 ----A---- C:\Windows\system32\setupcl.exe
2012-03-14 18:11:03 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2012-03-14 18:11:03 ----A---- C:\Windows\system32\imapi2.dll
2012-03-14 18:11:03 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2012-03-14 18:11:03 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2012-03-14 18:11:03 ----A---- C:\Windows\system32\drivers\msahci.sys
2012-03-14 18:11:02 ----A---- C:\Windows\system32\WMPEncEn.dll
2012-03-14 18:11:02 ----A---- C:\Windows\system32\winmm.dll
2012-03-14 18:11:02 ----A---- C:\Windows\system32\shsvcs.dll
2012-03-14 18:11:02 ----A---- C:\Windows\system32\rasmans.dll
2012-03-14 18:11:02 ----A---- C:\Windows\system32\onex.dll
2012-03-14 18:11:02 ----A---- C:\Windows\system32\gameux.dll
2012-03-14 18:11:02 ----A---- C:\Windows\system32\dwmredir.dll
2012-03-14 18:11:02 ----A---- C:\Windows\system32\drivers\acpi.sys
2012-03-14 18:11:02 ----A---- C:\Windows\system32\aeinv.dll
2012-03-14 18:11:01 ----A---- C:\Windows\system32\vaultsvc.dll
2012-03-14 18:11:01 ----A---- C:\Windows\system32\TabSvc.dll
2012-03-14 18:11:01 ----A---- C:\Windows\system32\samcli.dll
2012-03-14 18:11:01 ----A---- C:\Windows\system32\netiohlp.dll
2012-03-14 18:11:01 ----A---- C:\Windows\system32\Narrator.exe
2012-03-14 18:11:01 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2012-03-14 18:11:01 ----A---- C:\Windows\system32\hbaapi.dll
2012-03-14 18:11:01 ----A---- C:\Windows\system32\drivers\udfs.sys
2012-03-14 18:11:01 ----A---- C:\Windows\system32\bootres.dll
2012-03-14 18:11:01 ----A---- C:\Windows\system32\autochk.exe
2012-03-14 18:11:01 ----A---- C:\Windows\system32\autofmt.exe
2012-03-14 18:11:01 ----A---- C:\Windows\system32\audiodg.exe
2012-03-14 18:11:00 ----A---- C:\Windows\system32\thumbcache.dll
2012-03-14 18:11:00 ----A---- C:\Windows\system32\tcpipcfg.dll
2012-03-14 18:11:00 ----A---- C:\Windows\system32\srchadmin.dll
2012-03-14 18:11:00 ----A---- C:\Windows\system32\schtasks.exe
2012-03-14 18:11:00 ----A---- C:\Windows\system32\regapi.dll
2012-03-14 18:11:00 ----A---- C:\Windows\system32\proquota.exe
2012-03-14 18:11:00 ----A---- C:\Windows\system32\powercpl.dll
2012-03-14 18:11:00 ----A---- C:\Windows\system32\msutb.dll
2012-03-14 18:11:00 ----A---- C:\Windows\system32\msinfo32.exe
2012-03-14 18:11:00 ----A---- C:\Windows\system32\mimefilt.dll
2012-03-14 18:11:00 ----A---- C:\Windows\system32\ipsmsnap.dll
2012-03-14 18:11:00 ----A---- C:\Windows\system32\halmacpi.dll
2012-03-14 18:11:00 ----A---- C:\Windows\system32\hal.dll
2012-03-14 18:11:00 ----A---- C:\Windows\system32\autoconv.exe
2012-03-14 18:11:00 ----A---- C:\Windows\system32\AudioSes.dll
2012-03-14 18:10:59 ----A---- C:\Windows\system32\wcncsvc.dll
2012-03-14 18:10:59 ----A---- C:\Windows\system32\msihnd.dll
2012-03-14 18:10:59 ----A---- C:\Windows\system32\mscorier.dll
2012-03-14 18:10:59 ----A---- C:\Windows\system32\framedyn.dll
2012-03-14 18:10:59 ----A---- C:\Windows\system32\eapphost.dll
2012-03-14 18:10:59 ----A---- C:\Windows\system32\drivers\volmgr.sys
2012-03-14 18:10:59 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-03-14 18:10:59 ----A---- C:\Windows\system32\drivers\netbt.sys
2012-03-14 18:10:59 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2012-03-14 18:10:58 ----A---- C:\Windows\system32\wdc.dll
2012-03-14 18:10:58 ----A---- C:\Windows\system32\untfs.dll
2012-03-14 18:10:58 ----A---- C:\Windows\system32\umpo.dll
2012-03-14 18:10:58 ----A---- C:\Windows\system32\StructuredQuery.dll
2012-03-14 18:10:58 ----A---- C:\Windows\system32\scesrv.dll
2012-03-14 18:10:58 ----A---- C:\Windows\system32\rastls.dll
2012-03-14 18:10:58 ----A---- C:\Windows\system32\QAGENT.DLL
2012-03-14 18:10:58 ----A---- C:\Windows\system32\netid.dll
2012-03-14 18:10:58 ----A---- C:\Windows\system32\DXP.dll
2012-03-14 18:10:58 ----A---- C:\Windows\system32\actxprxy.dll
2012-03-14 18:10:57 ----A---- C:\Windows\system32\WMNetMgr.dll
2012-03-14 18:10:57 ----A---- C:\Windows\system32\wlanpref.dll
2012-03-14 18:10:57 ----A---- C:\Windows\system32\Vault.dll
2012-03-14 18:10:57 ----A---- C:\Windows\system32\sppsvc.exe
2012-03-14 18:10:57 ----A---- C:\Windows\system32\sdclt.exe
2012-03-14 18:10:57 ----A---- C:\Windows\system32\RpcRtRemote.dll
2012-03-14 18:10:57 ----A---- C:\Windows\system32\nci.dll
2012-03-14 18:10:57 ----A---- C:\Windows\system32\ListSvc.dll
2012-03-14 18:10:57 ----A---- C:\Windows\system32\drivers\ataport.sys
2012-03-14 18:10:56 ----A---- C:\Windows\system32\taskmgr.exe
2012-03-14 18:10:56 ----A---- C:\Windows\system32\Robocopy.exe
2012-03-14 18:10:56 ----A---- C:\Windows\system32\mtxclu.dll
2012-03-14 18:10:56 ----A---- C:\Windows\system32\DxpTaskSync.dll
2012-03-14 18:10:56 ----A---- C:\Windows\system32\Display.dll
2012-03-14 18:10:55 ----A---- C:\Windows\system32\XpsRasterService.dll
2012-03-14 18:10:55 ----A---- C:\Windows\system32\userinit.exe
2012-03-14 18:10:55 ----A---- C:\Windows\system32\termmgr.dll
2012-03-14 18:10:55 ----A---- C:\Windows\system32\sharemediacpl.dll
2012-03-14 18:10:55 ----A---- C:\Windows\system32\puiobj.dll
2012-03-14 18:10:55 ----A---- C:\Windows\system32\msdri.dll
2012-03-14 18:10:55 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2012-03-14 18:10:55 ----A---- C:\Windows\system32\drivers\mpio.sys
2012-03-14 18:10:55 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2012-03-14 18:10:54 ----A---- C:\Windows\system32\wiadefui.dll
2012-03-14 18:10:54 ----A---- C:\Windows\system32\sppcomapi.dll
2012-03-14 18:10:54 ----A---- C:\Windows\system32\shsetup.dll
2012-03-14 18:10:54 ----A---- C:\Windows\system32\rasppp.dll
2012-03-14 18:10:54 ----A---- C:\Windows\system32\msdtctm.dll
2012-03-14 18:10:54 ----A---- C:\Windows\system32\logoncli.dll
2012-03-14 18:10:54 ----A---- C:\Windows\system32\eudcedit.exe
2012-03-14 18:10:54 ----A---- C:\Windows\system32\drivers\scsiport.sys
2012-03-14 18:10:54 ----A---- C:\Windows\system32\DiagCpl.dll
2012-03-14 18:10:54 ----A---- C:\Windows\system32\biocpl.dll
2012-03-14 18:10:53 ----A---- C:\Windows\system32\themecpl.dll
2012-03-14 18:10:53 ----A---- C:\Windows\system32\SensorsCpl.dll
2012-03-14 18:10:53 ----A---- C:\Windows\system32\msconfig.exe
2012-03-14 18:10:53 ----A---- C:\Windows\system32\FirewallControlPanel.dll
2012-03-14 18:10:53 ----A---- C:\Windows\system32\cabview.dll
2012-03-14 18:10:52 ----A---- C:\Windows\system32\wpccpl.dll
2012-03-14 18:10:52 ----A---- C:\Windows\system32\tapisrv.dll
2012-03-14 18:10:52 ----A---- C:\Windows\system32\scecli.dll
2012-03-14 18:10:52 ----A---- C:\Windows\system32\PhotoScreensaver.scr
2012-03-14 18:10:52 ----A---- C:\Windows\system32\hgcpl.dll
2012-03-14 18:10:52 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2012-03-14 18:10:52 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2012-03-14 18:10:52 ----A---- C:\Windows\system32\dnscmmc.dll
2012-03-14 18:10:51 ----A---- C:\Windows\system32\wkssvc.dll
2012-03-14 18:10:51 ----A---- C:\Windows\system32\usercpl.dll
2012-03-14 18:10:51 ----A---- C:\Windows\system32\srcore.dll
2012-03-14 18:10:51 ----A---- C:\Windows\system32\SndVolSSO.dll
2012-03-14 18:10:51 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2012-03-14 18:10:51 ----A---- C:\Windows\system32\mscories.dll
2012-03-14 18:10:51 ----A---- C:\Windows\system32\mscms.dll
2012-03-14 18:10:51 ----A---- C:\Windows\system32\mprddm.dll
2012-03-14 18:10:51 ----A---- C:\Windows\system32\localsec.dll
2012-03-14 18:10:51 ----A---- C:\Windows\system32\KMSVC.DLL
2012-03-14 18:10:51 ----A---- C:\Windows\system32\iasacct.dll
2012-03-14 18:10:51 ----A---- C:\Windows\system32\fontext.dll
2012-03-14 18:10:51 ----A---- C:\Windows\system32\bcdsrv.dll
2012-03-14 18:10:50 ----A---- C:\Windows\system32\wpdbusenum.dll
2012-03-14 18:10:50 ----A---- C:\Windows\system32\wlanui.dll
2012-03-14 18:10:50 ----A---- C:\Windows\system32\wksprt.exe
2012-03-14 18:10:50 ----A---- C:\Windows\system32\w32tm.exe
2012-03-14 18:10:50 ----A---- C:\Windows\system32\VAN.dll
2012-03-14 18:10:50 ----A---- C:\Windows\system32\spwizeng.dll
2012-03-14 18:10:50 ----A---- C:\Windows\system32\SndVol.exe
2012-03-14 18:10:50 ----A---- C:\Windows\system32\qedit.dll
2012-03-14 18:10:50 ----A---- C:\Windows\system32\prntvpt.dll
2012-03-14 18:10:50 ----A---- C:\Windows\system32\netcenter.dll
2012-03-14 18:10:50 ----A---- C:\Windows\system32\mblctr.exe
2012-03-14 18:10:50 ----A---- C:\Windows\system32\batmeter.dll
2012-03-14 18:10:50 ----A---- C:\Windows\system32\azroleui.dll
2012-03-14 18:10:50 ----A---- C:\Windows\system32\accessibilitycpl.dll
2012-03-14 18:10:49 ----A---- C:\Windows\system32\zipfldr.dll
2012-03-14 18:10:49 ----A---- C:\Windows\system32\networkmap.dll
2012-03-14 18:10:49 ----A---- C:\Windows\system32\netjoin.dll
2012-03-14 18:10:49 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2012-03-14 18:10:49 ----A---- C:\Windows\system32\fdeploy.dll
2012-03-14 18:10:49 ----A---- C:\Windows\system32\drivers\ks.sys
2012-03-14 18:10:49 ----A---- C:\Windows\system32\cryptui.dll
2012-03-14 18:10:49 ----A---- C:\Windows\system32\adsldp.dll
2012-03-14 18:10:48 ----A---- C:\Windows\system32\wusa.exe
2012-03-14 18:10:48 ----A---- C:\Windows\system32\taskbarcpl.dll
2012-03-14 18:10:48 ----A---- C:\Windows\system32\sud.dll
2012-03-14 18:10:48 ----A---- C:\Windows\system32\prnfldr.dll
2012-03-14 18:10:48 ----A---- C:\Windows\system32\photowiz.dll
2012-03-14 18:10:48 ----A---- C:\Windows\system32\OnLineIDCpl.dll
2012-03-14 18:10:48 ----A---- C:\Windows\system32\mspbda.dll
2012-03-14 18:10:48 ----A---- C:\Windows\system32\msieftp.dll
2012-03-14 18:10:48 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2012-03-14 18:10:48 ----A---- C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2012-03-14 18:10:48 ----A---- C:\Windows\system32\Faultrep.dll
2012-03-14 18:10:48 ----A---- C:\Windows\system32\credssp.dll
2012-03-14 18:10:48 ----A---- C:\Windows\system32\ActionCenter.dll
2012-03-14 18:10:47 ----A---- C:\Windows\system32\taskhost.exe
2012-03-14 18:10:47 ----A---- C:\Windows\system32\slui.exe
2012-03-14 18:10:47 ----A---- C:\Windows\system32\iprtrmgr.dll
2012-03-14 18:10:47 ----A---- C:\Windows\system32\iasrad.dll
2012-03-14 18:10:47 ----A---- C:\Windows\system32\halacpi.dll
2012-03-14 18:10:47 ----A---- C:\Windows\system32\ftp.exe
2012-03-14 18:10:47 ----A---- C:\Windows\system32\drivers\hidclass.sys
2012-03-14 18:10:47 ----A---- C:\Windows\system32\dot3cfg.dll
2012-03-14 18:10:47 ----A---- C:\Windows\system32\defaultlocationcpl.dll
2012-03-14 18:10:46 ----A---- C:\Windows\system32\wpd_ci.dll
2012-03-14 18:10:46 ----A---- C:\Windows\system32\syncui.dll
2012-03-14 18:10:46 ----A---- C:\Windows\system32\sisbkup.dll
2012-03-14 18:10:46 ----A---- C:\Windows\system32\shwebsvc.dll
2012-03-14 18:10:46 ----A---- C:\Windows\system32\sdcpl.dll
2012-03-14 18:10:46 ----A---- C:\Windows\system32\recovery.dll
2012-03-14 18:10:46 ----A---- C:\Windows\system32\ifsutil.dll
2012-03-14 18:10:46 ----A---- C:\Windows\system32\efscore.dll
2012-03-14 18:10:46 ----A---- C:\Windows\system32\bcdedit.exe
2012-03-14 18:10:46 ----A---- C:\Windows\system32\autoplay.dll
2012-03-14 18:10:46 ----A---- C:\Windows\system32\ActionCenterCPL.dll
2012-03-14 18:10:45 ----A---- C:\Windows\system32\wmpmde.dll
2012-03-14 18:10:45 ----A---- C:\Windows\system32\vdsutil.dll
2012-03-14 18:10:45 ----A---- C:\Windows\system32\systemcpl.dll
2012-03-14 18:10:45 ----A---- C:\Windows\system32\sppnp.dll
2012-03-14 18:10:45 ----A---- C:\Windows\system32\rtutils.dll
2012-03-14 18:10:45 ----A---- C:\Windows\system32\recdisc.exe
2012-03-14 18:10:45 ----A---- C:\Windows\system32\OobeFldr.dll
2012-03-14 18:10:45 ----A---- C:\Windows\system32\ntprint.dll
2012-03-14 18:10:45 ----A---- C:\Windows\system32\ntlanman.dll
2012-03-14 18:10:45 ----A---- C:\Windows\system32\dskquoui.dll
2012-03-14 18:10:45 ----A---- C:\Windows\system32\DeviceCenter.dll
2012-03-14 18:10:44 ----A---- C:\Windows\system32\wmpsrcwp.dll
2012-03-14 18:10:44 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2012-03-14 18:10:44 ----A---- C:\Windows\system32\sethc.exe
2012-03-14 18:10:44 ----A---- C:\Windows\system32\rstrui.exe
2012-03-14 18:10:44 ----A---- C:\Windows\system32\riched20.dll
2012-03-14 18:10:44 ----A---- C:\Windows\system32\nshwfp.dll
2012-03-14 18:10:44 ----A---- C:\Windows\system32\netplwiz.dll
2012-03-14 18:10:44 ----A---- C:\Windows\system32\NAPHLPR.DLL
2012-03-14 18:10:44 ----A---- C:\Windows\system32\migisol.dll
2012-03-14 18:10:44 ----A---- C:\Windows\system32\fms.dll
2012-03-14 18:10:44 ----A---- C:\Windows\system32\drivers\tdx.sys
2012-03-14 18:10:44 ----A---- C:\Windows\system32\blackbox.dll
2012-03-14 18:10:44 ----A---- C:\Windows\system32\bcdboot.exe
2012-03-14 18:10:44 ----A---- C:\Windows\system32\AxInstSv.dll
2012-03-14 18:10:44 ----A---- C:\Windows\system32\activeds.dll
2012-03-14 18:10:43 ----A---- C:\Windows\system32\wsqmcons.exe
2012-03-14 18:10:43 ----A---- C:\Windows\system32\nshipsec.dll
2012-03-14 18:10:43 ----A---- C:\Windows\system32\nlaapi.dll
2012-03-14 18:10:43 ----A---- C:\Windows\system32\msftedit.dll
2012-03-14 18:10:43 ----A---- C:\Windows\system32\isoburn.exe
2012-03-14 18:10:43 ----A---- C:\Windows\system32\httpapi.dll
2012-03-14 18:10:43 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2012-03-14 18:10:43 ----A---- C:\Windows\system32\dpx.dll
2012-03-14 18:10:43 ----A---- C:\Windows\system32\dot3svc.dll
2012-03-14 18:10:43 ----A---- C:\Windows\system32\cdosys.dll
2012-03-14 18:10:43 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2012-03-14 18:10:43 ----A---- C:\Windows\system32\asycfilt.dll
2012-03-14 18:10:42 ----A---- C:\Windows\system32\wvc.dll
2012-03-14 18:10:42 ----A---- C:\Windows\system32\wuwebv.dll
2012-03-14 18:10:42 ----A---- C:\Windows\system32\wtsapi32.dll
2012-03-14 18:10:42 ----A---- C:\Windows\system32\wlanmsm.dll
2012-03-14 18:10:42 ----A---- C:\Windows\system32\wimgapi.dll
2012-03-14 18:10:42 ----A---- C:\Windows\system32\wavemsp.dll
2012-03-14 18:10:42 ----A---- C:\Windows\system32\tzutil.exe
2012-03-14 18:10:42 ----A---- C:\Windows\system32\sysclass.dll
2012-03-14 18:10:42 ----A---- C:\Windows\system32\ReAgent.dll
2012-03-14 18:10:42 ----A---- C:\Windows\system32\provsvc.dll
2012-03-14 18:10:42 ----A---- C:\Windows\system32\PkgMgr.exe
2012-03-14 18:10:42 ----A---- C:\Windows\system32\ocsetup.exe
2012-03-14 18:10:42 ----A---- C:\Windows\system32\mstask.dll
2012-03-14 18:10:42 ----A---- C:\Windows\system32\dsuiext.dll
2012-03-14 18:10:42 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2012-03-14 18:10:42 ----A---- C:\Windows\system32\dot3ui.dll
2012-03-14 18:10:42 ----A---- C:\Windows\system32\dfrgui.exe
2012-03-14 18:10:42 ----A---- C:\Windows\system32\certprop.dll
2012-03-14 18:10:42 ----A---- C:\Windows\system32\appinfo.dll
2012-03-14 18:10:41 ----A---- C:\Windows\twain_32.dll
2012-03-14 18:10:41 ----A---- C:\Windows\system32\twext.dll
2012-03-14 18:10:41 ----A---- C:\Windows\system32\SmiEngine.dll
2012-03-14 18:10:41 ----A---- C:\Windows\system32\shdocvw.dll
2012-03-14 18:10:41 ----A---- C:\Windows\system32\setupugc.exe
2012-03-14 18:10:41 ----A---- C:\Windows\system32\qcap.dll
2012-03-14 18:10:41 ----A---- C:\Windows\system32\qasf.dll
2012-03-14 18:10:40 ----A---- C:\Windows\system32\wwanconn.dll
2012-03-14 18:10:40 ----A---- C:\Windows\system32\wmdrmsdk.dll
2012-03-14 18:10:40 ----A---- C:\Windows\system32\uxlib.dll
2012-03-14 18:10:40 ----A---- C:\Windows\system32\ssText3d.scr
2012-03-14 18:10:40 ----A---- C:\Windows\system32\srrstr.dll
2012-03-14 18:10:40 ----A---- C:\Windows\system32\slwga.dll
2012-03-14 18:10:40 ----A---- C:\Windows\system32\nslookup.exe
2012-03-14 18:10:40 ----A---- C:\Windows\system32\msvfw32.dll
2012-03-14 18:10:40 ----A---- C:\Windows\system32\mciavi32.dll
2012-03-14 18:10:40 ----A---- C:\Windows\system32\imm32.dll
2012-03-14 18:10:40 ----A---- C:\Windows\system32\clusapi.dll
2012-03-14 18:10:40 ----A---- C:\Windows\system32\audiodev.dll
2012-03-14 18:10:39 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2012-03-14 18:10:39 ----A---- C:\Windows\system32\wimserv.exe
2012-03-14 18:10:39 ----A---- C:\Windows\system32\TSpkg.dll
2012-03-14 18:10:39 ----A---- C:\Windows\system32\remotepg.dll
2012-03-14 18:10:39 ----A---- C:\Windows\system32\rdpencom.dll
2012-03-14 18:10:39 ----A---- C:\Windows\system32\raschap.dll
2012-03-14 18:10:39 ----A---- C:\Windows\system32\perfmon.exe
2012-03-14 18:10:39 ----A---- C:\Windows\system32\msscp.dll
2012-03-14 18:10:39 ----A---- C:\Windows\system32\diskraid.exe
2012-03-14 18:10:39 ----A---- C:\Windows\system32\DevicePairingFolder.dll
2012-03-14 18:10:39 ----A---- C:\Windows\system32\acppage.dll
2012-03-14 18:10:38 ----A---- C:\Windows\system32\wmpdxm.dll
2012-03-14 18:10:38 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2012-03-14 18:10:38 ----A---- C:\Windows\system32\vpnikeapi.dll
2012-03-14 18:10:38 ----A---- C:\Windows\system32\UserAccountControlSettings.dll
2012-03-14 18:10:38 ----A---- C:\Windows\system32\sdrsvc.dll
2012-03-14 18:10:38 ----A---- C:\Windows\system32\QUTIL.DLL
2012-03-14 18:10:38 ----A---- C:\Windows\system32\onexui.dll
2012-03-14 18:10:38 ----A---- C:\Windows\system32\olepro32.dll
2012-03-14 18:10:38 ----A---- C:\Windows\system32\ocsetapi.dll
2012-03-14 18:10:38 ----A---- C:\Windows\system32\nltest.exe
2012-03-14 18:10:38 ----A---- C:\Windows\system32\networkexplorer.dll
2012-03-14 18:10:38 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2012-03-14 18:10:38 ----A---- C:\Windows\system32\iTVData.dll
2012-03-14 18:10:38 ----A---- C:\Windows\system32\input.dll
2012-03-14 18:10:38 ----A---- C:\Windows\system32\drmmgrtn.dll
2012-03-14 18:10:38 ----A---- C:\Windows\system32\browser.dll
2012-03-14 18:10:37 ----A---- C:\Windows\system32\wpdwcn.dll
2012-03-14 18:10:37 ----A---- C:\Windows\system32\vdsbas.dll
2012-03-14 18:10:37 ----A---- C:\Windows\system32\runonce.exe
2012-03-14 18:10:37 ----A---- C:\Windows\system32\Mcx2Svc.dll
2012-03-14 18:10:37 ----A---- C:\Windows\system32\logagent.exe
2012-03-14 18:10:37 ----A---- C:\Windows\system32\dxdiagn.dll
2012-03-14 18:10:37 ----A---- C:\Windows\bfsvc.exe
2012-03-14 18:10:36 ----A---- C:\Windows\system32\wudriver.dll
2012-03-14 18:10:36 ----A---- C:\Windows\system32\wmpshell.dll
2012-03-14 18:10:36 ----A---- C:\Windows\system32\wmdrmdev.dll
2012-03-14 18:10:36 ----A---- C:\Windows\system32\unimdmat.dll
2012-03-14 18:10:36 ----A---- C:\Windows\system32\shacct.dll
2012-03-14 18:10:36 ----A---- C:\Windows\system32\PnPUnattend.exe
2012-03-14 18:10:36 ----A---- C:\Windows\system32\msvidc32.dll
2012-03-14 18:10:36 ----A---- C:\Windows\system32\msiexec.exe
2012-03-14 18:10:36 ----A---- C:\Windows\system32\MFPlay.dll
2012-03-14 18:10:36 ----A---- C:\Windows\system32\lsmproxy.dll
2012-03-14 18:10:36 ----A---- C:\Windows\system32\eapp3hst.dll
2012-03-14 18:10:36 ----A---- C:\Windows\system32\drivers\rmcast.sys
2012-03-14 18:10:36 ----A---- C:\Windows\system32\d3d10level9.dll
2012-03-14 18:10:36 ----A---- C:\Windows\system32\bitsadmin.exe
2012-03-14 18:10:35 ----A---- C:\Windows\system32\WUDFPlatform.dll
2012-03-14 18:10:35 ----A---- C:\Windows\system32\WPDSp.dll
2012-03-14 18:10:35 ----A---- C:\Windows\system32\tabcal.exe
2012-03-14 18:10:35 ----A---- C:\Windows\system32\srvcli.dll
2012-03-14 18:10:35 ----A---- C:\Windows\system32\sqlcese30.dll
2012-03-14 18:10:35 ----A---- C:\Windows\system32\rdpd3d.dll
2012-03-14 18:10:35 ----A---- C:\Windows\system32\PortableDeviceSyncProvider.dll
2012-03-14 18:10:35 ----A---- C:\Windows\system32\PortableDeviceStatus.dll
2012-03-14 18:10:35 ----A---- C:\Windows\system32\pdh.dll
2012-03-14 18:10:35 ----A---- C:\Windows\system32\OpcServices.dll
2012-03-14 18:10:35 ----A---- C:\Windows\system32\olethk32.dll
2012-03-14 18:10:35 ----A---- C:\Windows\system32\ncryptui.dll
2012-03-14 18:10:35 ----A---- C:\Windows\system32\mprapi.dll
2012-03-14 18:10:35 ----A---- C:\Windows\system32\MdSched.exe
2012-03-14 18:10:35 ----A---- C:\Windows\system32\logman.exe
2012-03-14 18:10:35 ----A---- C:\Windows\system32\iscsium.dll
2012-03-14 18:10:35 ----A---- C:\Windows\system32\djoin.exe
2012-03-14 18:10:35 ----A---- C:\Windows\system32\cscapi.dll
2012-03-14 18:10:35 ----A---- C:\Windows\system32\Bubbles.scr
2012-03-14 18:10:34 ----A---- C:\Windows\system32\wwanprotdim.dll
2012-03-14 18:10:34 ----A---- C:\Windows\system32\WMPhoto.dll
2012-03-14 18:10:34 ----A---- C:\Windows\system32\WMADMOD.DLL
2012-03-14 18:10:34 ----A---- C:\Windows\system32\wiavideo.dll
2012-03-14 18:10:34 ----A---- C:\Windows\system32\utildll.dll
2012-03-14 18:10:34 ----A---- C:\Windows\system32\tsgqec.dll
2012-03-14 18:10:34 ----A---- C:\Windows\system32\takeown.exe
2012-03-14 18:10:34 ----A---- C:\Windows\system32\Ribbons.scr
2012-03-14 18:10:34 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2012-03-14 18:10:34 ----A---- C:\Windows\system32\Mystify.scr
2012-03-14 18:10:34 ----A---- C:\Windows\system32\mapistub.dll
2012-03-14 18:10:34 ----A---- C:\Windows\system32\mapi32.dll
2012-03-14 18:10:34 ----A---- C:\Windows\system32\lpremove.exe
2012-03-14 18:10:34 ----A---- C:\Windows\system32\fphc.dll
2012-03-14 18:10:34 ----A---- C:\Windows\system32\dot3msm.dll
2012-03-14 18:10:34 ----A---- C:\Windows\system32\avifil32.dll
2012-03-14 18:10:34 ----A---- C:\Windows\system32\ActionQueue.dll
2012-03-14 18:10:33 ----A---- C:\Windows\system32\WMVSDECD.DLL
2012-03-14 18:10:33 ----A---- C:\Windows\system32\wmdrmnet.dll
2012-03-14 18:10:33 ----A---- C:\Windows\system32\WindowsAnytimeUpgrade.exe
2012-03-14 18:10:33 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-03-14 18:10:33 ----A---- C:\Windows\system32\sppinst.dll
2012-03-14 18:10:33 ----A---- C:\Windows\system32\qdv.dll
2012-03-14 18:10:33 ----A---- C:\Windows\system32\QCLIPROV.DLL
2012-03-14 18:10:33 ----A---- C:\Windows\system32\msyuv.dll
2012-03-14 18:10:33 ----A---- C:\Windows\system32\msnetobj.dll
2012-03-14 18:10:33 ----A---- C:\Windows\system32\iyuv_32.dll
2012-03-14 18:10:33 ----A---- C:\Windows\system32\imagehlp.dll
2012-03-14 18:10:33 ----A---- C:\Windows\system32\EhStorAPI.dll
2012-03-14 18:10:32 ----A---- C:\Windows\system32\WUDFx.dll
2012-03-14 18:10:32 ----A---- C:\Windows\system32\WUDFHost.exe
2012-03-14 18:10:32 ----A---- C:\Windows\system32\wuauclt.exe
2012-03-14 18:10:32 ----A---- C:\Windows\system32\wsnmp32.dll
2012-03-14 18:10:32 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2012-03-14 18:10:32 ----A---- C:\Windows\system32\vfwwdm32.dll
2012-03-14 18:10:32 ----A---- C:\Windows\system32\unattend.dll
2012-03-14 18:10:32 ----A---- C:\Windows\system32\umb.dll
2012-03-14 18:10:32 ----A---- C:\Windows\system32\tsbyuv.dll
2012-03-14 18:10:32 ----A---- C:\Windows\system32\setupcln.dll
2012-03-14 18:10:32 ----A---- C:\Windows\system32\RelPost.exe
2012-03-14 18:10:32 ----A---- C:\Windows\system32\pdhui.dll
2012-03-14 18:10:32 ----A---- C:\Windows\system32\MuiUnattend.exe
2012-03-14 18:10:32 ----A---- C:\Windows\system32\msrle32.dll
2012-03-14 18:10:32 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2012-03-14 18:10:32 ----A---- C:\Windows\system32\cmstp.exe
2012-03-14 18:10:32 ----A---- C:\Windows\system32\cca.dll
2012-03-14 18:10:32 ----A---- C:\Windows\system32\basesrv.dll
2012-03-14 18:10:32 ----A---- C:\Windows\system32\AzSqlExt.dll
2012-03-14 18:10:31 ----A---- C:\Windows\system32\wkscli.dll
2012-03-14 18:10:31 ----A---- C:\Windows\system32\WavDest.dll
2012-03-14 18:10:31 ----A---- C:\Windows\system32\sppuinotify.dll
2012-03-14 18:10:31 ----A---- C:\Windows\system32\spbcd.dll
2012-03-14 18:10:31 ----A---- C:\Windows\system32\relog.exe
2012-03-14 18:10:31 ----A---- C:\Windows\system32\PrintIsolationProxy.dll
2012-03-14 18:10:31 ----A---- C:\Windows\system32\netiougc.exe
2012-03-14 18:10:31 ----A---- C:\Windows\system32\mydocs.dll
2012-03-14 18:10:31 ----A---- C:\Windows\system32\msorcl32.dll
2012-03-14 18:10:31 ----A---- C:\Windows\system32\iscsicli.exe
2012-03-14 18:10:31 ----A---- C:\Windows\system32\iasrecst.dll
2012-03-14 18:10:31 ----A---- C:\Windows\system32\drivers\ndisuio.sys
2012-03-14 18:10:31 ----A---- C:\Windows\system32\amstream.dll
2012-03-14 18:10:30 ----A---- C:\Windows\system32\wmpps.dll
2012-03-14 18:10:30 ----A---- C:\Windows\system32\syssetup.dll
2012-03-14 18:10:30 ----A---- C:\Windows\system32\setbcdlocale.dll
2012-03-14 18:10:30 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2012-03-14 18:10:30 ----A---- C:\Windows\system32\secproc_ssp.dll
2012-03-14 18:10:30 ----A---- C:\Windows\system32\resutils.dll
2012-03-14 18:10:30 ----A---- C:\Windows\system32\rastapi.dll
2012-03-14 18:10:30 ----A---- C:\Windows\system32\nrpsrv.dll
2012-03-14 18:10:30 ----A---- C:\Windows\system32\netbtugc.exe
2012-03-14 18:10:30 ----A---- C:\Windows\system32\MultiDigiMon.exe
2012-03-14 18:10:30 ----A---- C:\Windows\system32\itircl.dll
2012-03-14 18:10:30 ----A---- C:\Windows\system32\FXSTIFF.dll
2012-03-14 18:10:30 ----A---- C:\Windows\system32\diskpart.exe
2012-03-14 18:10:30 ----A---- C:\Windows\system32\CertPolEng.dll
2012-03-14 18:10:29 ----A---- C:\Windows\system32\wuapp.exe
2012-03-14 18:10:29 ----A---- C:\Windows\system32\WerFaultSecure.exe
2012-03-14 18:10:29 ----A---- C:\Windows\system32\tlscsp.dll
2012-03-14 18:10:29 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2012-03-14 18:10:29 ----A---- C:\Windows\system32\ReAgentc.exe
2012-03-14 18:10:29 ----A---- C:\Windows\system32\findstr.exe
2012-03-14 18:10:29 ----A---- C:\Windows\system32\eappgnui.dll
2012-03-14 18:10:28 ----A---- C:\Windows\system32\wiarpc.dll
2012-03-14 18:10:28 ----A---- C:\Windows\system32\sppc.dll
2012-03-14 18:10:28 ----A---- C:\Windows\system32\spopk.dll
2012-03-14 18:10:28 ----A---- C:\Windows\system32\shimgvw.dll
2012-03-14 18:10:28 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2012-03-14 18:10:28 ----A---- C:\Windows\system32\netutils.dll
2012-03-14 18:10:28 ----A---- C:\Windows\system32\netapi32.dll
2012-03-14 18:10:28 ----A---- C:\Windows\system32\muifontsetup.dll
2012-03-14 18:10:28 ----A---- C:\Windows\system32\mobsync.exe
2012-03-14 18:10:28 ----A---- C:\Windows\system32\mciqtz32.dll
2012-03-14 18:10:28 ----A---- C:\Windows\system32\iccvid.dll
2012-03-14 18:10:28 ----A---- C:\Windows\system32\drivers\tdi.sys
2012-03-14 18:10:28 ----A---- C:\Windows\system32\dosx.exe
2012-03-14 18:10:28 ----A---- C:\Windows\system32\cabinet.dll
2012-03-14 18:10:27 ----A---- C:\Windows\system32\wdiasqmmodule.dll
2012-03-14 18:10:27 ----A---- C:\Windows\system32\unlodctr.exe
2012-03-14 18:10:27 ----A---- C:\Windows\system32\repair-bde.exe
2012-03-14 18:10:27 ----A---- C:\Windows\system32\rdprefdrvapi.dll
2012-03-14 18:10:27 ----A---- C:\Windows\system32\netcfg.exe
2012-03-14 18:10:27 ----A---- C:\Windows\system32\msdmo.dll
2012-03-14 18:10:27 ----A---- C:\Windows\system32\manage-bde.exe
2012-03-14 18:10:27 ----A---- C:\Windows\system32\luainstall.dll
2012-03-14 18:10:27 ----A---- C:\Windows\system32\inetmib1.dll
2012-03-14 18:10:27 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2012-03-14 18:10:27 ----A---- C:\Windows\system32\drivers\usbrpm.sys
2012-03-14 18:10:27 ----A---- C:\Windows\system32\drivers\CompositeBus.sys
2012-03-14 18:10:26 ----A---- C:\Windows\system32\wups.dll
2012-03-14 18:10:26 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2012-03-14 18:10:26 ----A---- C:\Windows\system32\UIRibbonRes.dll
2012-03-14 18:10:26 ----A---- C:\Windows\system32\profprov.dll
2012-03-14 18:10:26 ----A---- C:\Windows\system32\perfts.dll
2012-03-14 18:10:26 ----A---- C:\Windows\system32\odbcconf.dll
2012-03-14 18:10:26 ----A---- C:\Windows\system32\drivers\cdrom.sys
2012-03-14 18:10:26 ----A---- C:\Windows\system32\browcli.dll
2012-03-14 18:10:25 ----A---- C:\Windows\system32\TRAPI.dll
2012-03-14 18:10:25 ----A---- C:\Windows\system32\RDPENCDD.dll
2012-03-14 18:10:25 ----A---- C:\Windows\system32\icaapi.dll
2012-03-14 18:10:25 ----A---- C:\Windows\system32\FXSMON.dll
2012-03-14 18:10:25 ----A---- C:\Windows\system32\elsTrans.dll
2012-03-14 18:10:25 ----A---- C:\Windows\system32\drivers\tunnel.sys
2012-03-14 18:10:25 ----A---- C:\Windows\system32\drivers\dfsc.sys
2012-03-14 18:10:24 ----A---- C:\Windows\system32\wshbth.dll
2012-03-14 18:10:24 ----A---- C:\Windows\system32\sscore.dll
2012-03-14 18:10:24 ----A---- C:\Windows\system32\schedcli.dll
2012-03-14 18:10:24 ----A---- C:\Windows\system32\napdsnap.dll
2012-03-14 18:10:24 ----A---- C:\Windows\system32\LogonUI.exe
2012-03-14 18:10:24 ----A---- C:\Windows\system32\dsauth.dll
2012-03-14 18:10:24 ----A---- C:\Windows\system32\drivers\acpipmi.sys
2012-03-14 18:10:24 ----A---- C:\Windows\system32\cscdll.dll
2012-03-14 18:10:24 ----A---- C:\Windows\system32\bitsperf.dll
2012-03-14 18:10:23 ----A---- C:\Windows\system32\wups2.dll
2012-03-14 18:10:23 ----A---- C:\Windows\system32\wsdchngr.dll
2012-03-14 18:10:23 ----A---- C:\Windows\system32\shgina.dll
2012-03-14 18:10:23 ----A---- C:\Windows\system32\riched32.dll
2012-03-14 18:10:23 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2012-03-14 18:10:22 ----A---- C:\Windows\system32\wshirda.dll
2012-03-14 18:10:22 ----A---- C:\Windows\system32\rdpcfgex.dll
2012-03-14 18:10:22 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2012-03-14 18:10:22 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2012-03-14 18:10:22 ----A---- C:\Windows\system32\drivers\hidusb.sys
2012-03-14 18:10:22 ----A---- C:\Windows\system32\drivers\appid.sys
2012-03-14 18:10:21 ----A---- C:\Windows\system32\spwmp.dll
2012-03-14 18:10:21 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2012-03-14 18:10:21 ----A---- C:\Windows\system32\drivers\USBCAMD.sys
2012-03-14 18:10:21 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2012-03-14 18:10:21 ----A---- C:\Windows\system32\browseui.dll
2012-03-14 18:10:20 ----A---- C:\Windows\system32\shunimpl.dll
2012-03-14 18:10:20 ----A---- C:\Windows\system32\RDPREFDD.dll
2012-03-14 18:10:20 ----A---- C:\Windows\system32\dxmasf.dll
2012-03-14 18:10:20 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2012-03-14 18:10:20 ----A---- C:\Windows\system32\drivers\wanarp.sys
2012-03-14 18:10:20 ----A---- C:\Windows\system32\drivers\umbus.sys
2012-03-14 18:10:20 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2012-03-14 18:10:20 ----A---- C:\Windows\system32\drivers\scfilter.sys
2012-03-14 18:10:20 ----A---- C:\Windows\system32\drivers\RDPCDD.sys
2012-03-14 18:10:20 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2012-03-14 18:10:20 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2012-03-14 18:10:20 ----A---- C:\Windows\system32\C_ISCII.DLL
2012-03-14 18:10:19 ----A---- C:\Windows\system32\wmploc.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\spwizres.dll
2012-03-14 18:10:18 ----A---- C:\Windows\system32\pifmgr.dll
2012-03-14 18:10:18 ----A---- C:\Windows\system32\nlsbres.dll
2012-03-14 18:10:18 ----A---- C:\Windows\system32\KBDUS.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\KBDUGHR1.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\KBDTURME.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\KBDTUQ.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\KBDTUF.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\KBDTAJIK.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\KBDSG.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\KBDSF.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\KBDPO.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\KBDNEPR.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\KBDMON.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\KBDMAORI.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\KBDLT1.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\kbdlk41a.dll
2012-03-14 18:10:18 ----A---- C:\Windows\system32\KBDINTEL.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\KBDINTAM.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\KBDINORI.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\KBDINMAR.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\KBDINKAN.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\KBDINHIN.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\KBDINBEN.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\KBDGR1.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\KBDGKL.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\KBDGEO.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\KBDCZ1.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\KBDBULG.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\KBDBLR.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\KBDBASH.DLL
2012-03-14 18:10:18 ----A---- C:\Windows\system32\dpnaddr.dll
2012-03-14 18:10:18 ----A---- C:\Windows\system32\BlbEvents.dll
2012-03-14 18:10:15 ----A---- C:\Windows\system32\wdscore.dll
2012-03-14 18:10:07 ----A---- C:\Windows\system32\wbemcomn.dll
2012-03-14 18:10:01 ----A---- C:\Windows\system32\sqmapi.dll
2012-03-14 17:54:04 ----A---- C:\Windows\system32\drivers\usbport.sys
2012-03-14 17:54:03 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2012-03-14 17:54:03 ----A---- C:\Windows\system32\drivers\usbohci.sys
2012-03-14 17:54:03 ----A---- C:\Windows\system32\drivers\usbhub.sys
2012-03-14 17:54:03 ----A---- C:\Windows\system32\drivers\usbehci.sys
2012-03-14 17:54:03 ----A---- C:\Windows\system32\drivers\usbd.sys
2012-03-14 17:54:03 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2012-03-14 17:54:01 ----A---- C:\Windows\system32\esent.dll
2012-03-14 17:54:01 ----A---- C:\Windows\system32\drivers\nvstor.sys
2012-03-14 17:54:01 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-03-14 17:54:00 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2012-03-14 17:54:00 ----A---- C:\Windows\system32\drivers\storport.sys
2012-03-14 17:54:00 ----A---- C:\Windows\system32\drivers\nvraid.sys
2012-03-14 17:54:00 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2012-03-14 17:54:00 ----A---- C:\Windows\system32\drivers\amdxata.sys
2012-03-14 17:54:00 ----A---- C:\Windows\system32\drivers\amdsata.sys
2012-03-14 17:53:59 ----A---- C:\Windows\system32\fsutil.exe
2012-03-14 16:35:02 ----D---- C:\Users\Vlado\AppData\Roaming\Macromedia
2012-03-14 16:35:02 ----D---- C:\Users\Vlado\AppData\Roaming\Adobe
2012-03-14 16:34:43 ----D---- C:\ProgramData\McAfee
2012-03-14 16:33:26 ----D---- C:\ProgramData\Adobe
2012-03-14 16:33:23 ----D---- C:\Program Files\Common Files\Adobe
2012-03-14 16:33:23 ----D---- C:\Program Files\Adobe
2012-03-14 16:31:44 ----D---- C:\Users\Vlado\AppData\Roaming\WinRAR
2012-03-14 16:31:41 ----D---- C:\Program Files\WinRAR
2012-03-14 16:30:39 ----D---- C:\Users\Vlado\AppData\Roaming\Mozilla
2012-03-14 16:30:31 ----D---- C:\Program Files\Mozilla Firefox
2012-03-14 16:23:31 ----D---- C:\Program Files\Microsoft Security Client
2012-03-14 16:20:11 ----A---- C:\Windows\system32\wininet.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\wextract.exe
2012-03-14 16:20:11 ----A---- C:\Windows\system32\webcheck.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\vbscript.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\urlmon.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\url.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2012-03-14 16:20:11 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2012-03-14 16:20:11 ----A---- C:\Windows\system32\pngfilt.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\occache.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\msrating.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\msls31.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\mshtmler.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\mshtmled.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\mshtml.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\mshta.exe
2012-03-14 16:20:11 ----A---- C:\Windows\system32\msfeedssync.exe
2012-03-14 16:20:11 ----A---- C:\Windows\system32\msfeedsbs.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\msfeeds.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\licmgr10.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\jsproxy.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\jscript9.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\jscript.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\inseng.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\imgutil.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\iexpress.exe
2012-03-14 16:20:11 ----A---- C:\Windows\system32\ieUnatt.exe
2012-03-14 16:20:11 ----A---- C:\Windows\system32\ieui.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\iesysprep.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\iesetup.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\iertutil.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\iernonce.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\iepeers.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\ieframe.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\iedkcs32.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\ieapfltr.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\ieapfltr.dat
2012-03-14 16:20:11 ----A---- C:\Windows\system32\ieakui.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\ieaksie.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\ieakeng.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\IEAdvpack.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\ie4uinit.exe
2012-03-14 16:20:11 ----A---- C:\Windows\system32\icardie.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\dxtrans.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\dxtmsft.dll
2012-03-14 16:20:11 ----A---- C:\Windows\system32\admparse.dll
2012-03-14 16:08:33 ----A---- C:\Windows\system32\MRT.exe
2012-03-14 16:02:19 ----A---- C:\Windows\system32\browserchoice.exe
2012-03-14 15:59:56 ----A---- C:\Windows\system32\ntkrnlpa.exe
2012-03-14 15:59:55 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-03-14 15:59:23 ----A---- C:\Windows\system32\ntdll.dll
2012-03-14 15:59:13 ----A---- C:\Windows\system32\xmllite.dll
2012-03-14 15:59:10 ----A---- C:\Windows\system32\DWrite.dll
2012-03-14 15:59:09 ----A---- C:\Windows\system32\drivers\afd.sys
2012-03-14 15:59:08 ----A---- C:\Windows\system32\drivers\srvnet.sys
2012-03-14 15:59:08 ----A---- C:\Windows\system32\drivers\srv2.sys
2012-03-14 15:59:08 ----A---- C:\Windows\system32\drivers\srv.sys
2012-03-14 15:59:07 ----A---- C:\Windows\system32\win32k.sys
2012-03-14 15:59:05 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-03-14 15:59:05 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2012-03-14 15:59:04 ----A---- C:\Windows\system32\dnsrslvr.dll
2012-03-14 15:59:04 ----A---- C:\Windows\system32\dnscacheugc.exe
2012-03-14 15:59:04 ----A---- C:\Windows\system32\dnsapi.dll
2012-03-14 15:59:03 ----A---- C:\Windows\system32\fontsub.dll
2012-03-14 15:59:03 ----A---- C:\Windows\system32\atmlib.dll
2012-03-14 15:59:03 ----A---- C:\Windows\system32\atmfd.dll
2012-03-14 15:59:02 ----A---- C:\Windows\system32\prevhost.exe
2012-03-14 15:58:54 ----A---- C:\Windows\system32\quartz.dll
2012-03-14 15:58:54 ----A---- C:\Windows\system32\qdvd.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-03-14 15:58:53 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-03-14 15:58:53 ----A---- C:\Windows\system32\winsrv.dll
2012-03-14 15:58:53 ----A---- C:\Windows\system32\KernelBase.dll
2012-03-14 15:58:53 ----A---- C:\Windows\system32\kernel32.dll
2012-03-14 15:58:53 ----A---- C:\Windows\system32\conhost.exe
2012-03-14 15:58:52 ----A---- C:\Windows\system32\psisdecd.dll
2012-03-14 15:57:20 ----A---- C:\Windows\system32\kerberos.dll
2012-03-14 15:57:09 ----A---- C:\Windows\system32\tquery.dll
2012-03-14 15:57:09 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2012-03-14 15:57:09 ----A---- C:\Windows\system32\SearchIndexer.exe
2012-03-14 15:57:09 ----A---- C:\Windows\system32\mssvp.dll
2012-03-14 15:57:09 ----A---- C:\Windows\system32\mssrch.dll
2012-03-14 15:57:09 ----A---- C:\Windows\system32\mssphtb.dll
2012-03-14 15:57:09 ----A---- C:\Windows\system32\mssph.dll
2012-03-14 15:57:08 ----A---- C:\Windows\system32\SearchFilterHost.exe
2012-03-14 15:57:08 ----A---- C:\Windows\system32\msscntrs.dll
2012-03-14 15:57:08 ----A---- C:\Windows\system32\lsasrv.dll
2012-03-14 15:57:07 ----A---- C:\Windows\system32\webio.dll
2012-03-14 15:57:07 ----A---- C:\Windows\system32\sspisrv.dll
2012-03-14 15:57:07 ----A---- C:\Windows\system32\sspicli.dll
2012-03-14 15:57:07 ----A---- C:\Windows\system32\schannel.dll
2012-03-14 15:57:07 ----A---- C:\Windows\system32\secur32.dll
2012-03-14 15:57:07 ----A---- C:\Windows\system32\lsass.exe
2012-03-14 15:57:07 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2012-03-14 15:57:07 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2012-03-14 15:57:07 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2012-03-14 15:57:07 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-03-14 15:57:07 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-03-14 15:57:07 ----A---- C:\Windows\system32\drivers\cng.sys
2012-03-14 15:57:06 ----A---- C:\Windows\system32\oleaut32.dll
2012-03-14 15:57:06 ----A---- C:\Windows\system32\oleacc.dll
2012-03-14 15:57:05 ----A---- C:\Windows\system32\inetcomm.dll
2012-03-14 15:57:03 ----A---- C:\Windows\system32\tzres.dll
2012-03-14 15:56:58 ----A---- C:\Windows\system32\umpnpmgr.dll
2012-03-14 15:56:58 ----A---- C:\Windows\system32\cfgmgr32.dll
2012-03-14 15:56:57 ----A---- C:\Windows\system32\sbe.dll
2012-03-14 15:56:57 ----A---- C:\Windows\system32\packager.dll
2012-03-14 15:56:57 ----A---- C:\Windows\system32\CPFilters.dll
2012-03-14 15:56:56 ----A---- C:\Windows\system32\XpsPrint.dll
2012-03-14 15:56:52 ----A---- C:\Windows\system32\WFS.exe
2012-03-14 15:56:52 ----A---- C:\Windows\system32\FXSCOVER.exe
2012-03-14 15:56:47 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2012-03-14 15:56:47 ----A---- C:\Windows\system32\EncDec.dll
2012-03-14 15:56:46 ----A---- C:\Windows\system32\drivers\bowser.sys
2012-03-14 15:56:41 ----A---- C:\Windows\system32\mfc42u.dll
2012-03-14 15:56:41 ----A---- C:\Windows\system32\mfc42.dll
2012-03-14 15:56:40 ----A---- C:\Windows\system32\csrsrv.dll
2012-03-14 15:56:37 ----A---- C:\Windows\explorer.exe
2012-03-14 15:56:36 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2012-03-14 15:56:35 ----A---- C:\Windows\system32\odbctrac.dll
2012-03-14 15:56:35 ----A---- C:\Windows\system32\odbcjt32.dll
2012-03-14 15:56:35 ----A---- C:\Windows\system32\odbccu32.dll
2012-03-14 15:56:35 ----A---- C:\Windows\system32\odbccr32.dll
2012-03-14 15:56:35 ----A---- C:\Windows\system32\odbccp32.dll
2012-03-14 15:56:34 ----A---- C:\Windows\system32\poqexec.exe
2012-03-14 15:56:33 ----A---- C:\Windows\system32\msvcrt.dll
2012-03-14 15:56:33 ----A---- C:\Windows\system32\d3d10_1core.dll
2012-03-14 15:56:33 ----A---- C:\Windows\system32\d3d10_1.dll
2012-03-14 15:56:00 ----A---- C:\Windows\system32\shell32.dll
2012-03-14 15:55:59 ----A---- C:\Windows\system32\ntshrui.dll
2012-03-14 15:50:53 ----D---- C:\Program Files\Microsoft Works
2012-03-14 15:50:30 ----D---- C:\Program Files\Microsoft Visual Studio
2012-03-14 15:50:29 ----D---- C:\Program Files\Common Files\DESIGNER
2012-03-14 15:50:10 ----D---- C:\Windows\PCHEALTH
2012-03-14 15:50:10 ----D---- C:\Program Files\Microsoft.NET
2012-03-14 15:49:01 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2012-03-14 15:49:01 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2012-03-14 15:49:01 ----A---- C:\Windows\system32\cdd.dll
2012-03-14 15:48:26 ----D---- C:\Program Files\Microsoft Visual Studio 8
2012-03-14 15:48:01 ----D---- C:\ProgramData\Microsoft Help
2012-03-14 15:48:01 ----D---- C:\Program Files\Microsoft Office
2012-03-14 15:47:59 ----SHD---- C:\Windows\Installer
2012-03-14 15:46:32 ----N---- C:\Windows\system32\MpSigStub.exe
2012-03-14 15:33:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-03-14 15:27:22 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-03-14 15:27:18 ----A---- C:\Windows\system32\rdpcore.dll
2012-03-14 15:27:18 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-03-14 15:27:18 ----A---- C:\Windows\system32\drivers\tdpipe.sys
2012-03-14 15:27:18 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-03-14 15:25:58 ----D---- C:\Users\Vlado\AppData\Roaming\Identities
2012-03-14 15:25:47 ----SD---- C:\Users\Vlado\AppData\Roaming\Microsoft
2012-03-14 15:25:47 ----D---- C:\Users\Vlado\AppData\Roaming\Media Center Programs
2012-03-14 15:18:48 ----D---- C:\Windows\SoftwareDistribution
2012-03-14 15:16:18 ----D---- C:\Windows\Prefetch
2012-03-14 15:14:45 ----D---- C:\Windows\Panther
2012-03-14 15:10:00 ----D---- C:\Windows.old
2012-03-14 11:50:47 ----SHD---- C:\System Volume Information
2012-03-14 11:17:25 ----RHD---- C:\MSOCache
2012-03-14 11:09:57 ----SHD---- C:\Recovery
2012-03-14 11:01:33 ----ASH---- C:\pagefile.sys
2012-03-14 11:01:33 ----ASH---- C:\hiberfil.sys
2012-03-14 11:00:36 ----RASH---- C:\BOOTSECT.BAK
2012-03-14 11:00:35 ----SHD---- C:\Boot

janolor · #13 Příspěvek od **janolor** » 21 bře 2012 10:53

2.časť:

2012-03-19 20:17:14 ----RD---- C:\Program Files
2012-03-19 20:15:12 ----D---- C:\Windows\Temp
2012-03-19 20:00:31 ----D---- C:\Windows\Cursors
2012-03-19 19:59:00 ----D---- C:\Program Files\Common Files
2012-03-19 19:58:51 ----HD---- C:\ProgramData
2012-03-19 19:51:57 ----D---- C:\Windows\system32\config
2012-03-19 19:43:01 ----D---- C:\Windows\System32
2012-03-19 19:43:01 ----D---- C:\Windows\inf
2012-03-19 19:38:46 ----D---- C:\Windows
2012-03-19 19:22:58 ----SD---- C:\ProgramData\Microsoft
2012-03-19 19:09:52 ----D---- C:\Windows\winsxs
2012-03-19 18:27:21 ----RSD---- C:\Windows\assembly
2012-03-19 18:18:58 ----D---- C:\Program Files\Common Files\microsoft shared
2012-03-19 18:18:08 ----D---- C:\Windows\Logs
2012-03-19 18:13:02 ----D---- C:\Windows\debug
2012-03-19 18:06:48 ----D---- C:\Windows\system32\Tasks
2012-03-18 20:43:45 ----D---- C:\Program Files\Internet Explorer
2012-03-18 18:48:01 ----D---- C:\Windows\system32\wdi
2012-03-18 17:06:40 ----D---- C:\Windows\system32\catroot
2012-03-18 17:06:38 ----D---- C:\Windows\system32\drivers
2012-03-18 17:06:37 ----D---- C:\Windows\system32\DriverStore
2012-03-18 17:06:35 ----D---- C:\Windows\system32\catroot2
2012-03-17 18:46:01 ----D---- C:\Windows\Downloaded Program Files
2012-03-17 10:46:51 ----D---- C:\Windows\system32\FxsTmp
2012-03-17 10:05:57 ----RSD---- C:\Windows\Media
2012-03-17 10:05:53 ----D---- C:\Windows\twain_32
2012-03-15 15:59:47 ----D---- C:\Windows\Tasks
2012-03-15 14:03:26 ----D---- C:\Windows\Microsoft.NET
2012-03-14 20:58:46 ----D---- C:\Windows\system32\en-US
2012-03-14 20:44:50 ----D---- C:\Program Files\Common Files\System
2012-03-14 20:44:50 ----A---- C:\Windows\win.ini
2012-03-14 19:20:21 ----D---- C:\Windows\rescache
2012-03-14 18:38:31 ----D---- C:\Program Files\Windows Sidebar
2012-03-14 18:38:31 ----D---- C:\Program Files\Windows Portable Devices
2012-03-14 18:38:31 ----D---- C:\Program Files\Windows Photo Viewer
2012-03-14 18:38:31 ----D---- C:\Program Files\Windows Media Player
2012-03-14 18:38:31 ----D---- C:\Program Files\Windows Mail
2012-03-14 18:38:31 ----D---- C:\Program Files\Windows Journal
2012-03-14 18:38:31 ----D---- C:\Program Files\DVD Maker
2012-03-14 18:38:28 ----D---- C:\Windows\servicing
2012-03-14 18:38:28 ----D---- C:\Windows\ehome
2012-03-14 18:38:28 ----D---- C:\Program Files\Windows Defender
2012-03-14 18:38:26 ----D---- C:\Windows\system32\sk-SK
2012-03-14 18:38:26 ----D---- C:\Windows\system32\da-DK
2012-03-14 18:38:25 ----D---- C:\Windows\system32\sysprep
2012-03-14 18:38:25 ----D---- C:\Windows\system32\sppui
2012-03-14 18:38:25 ----D---- C:\Windows\system32\Setup
2012-03-14 18:38:25 ----D---- C:\Windows\system32\oobe
2012-03-14 18:38:25 ----D---- C:\Windows\system32\migration
2012-03-14 18:38:25 ----D---- C:\Windows\system32\manifeststore
2012-03-14 18:38:25 ----D---- C:\Windows\system32\es-ES
2012-03-14 18:38:25 ----D---- C:\Windows\system32\en
2012-03-14 18:38:25 ----D---- C:\Windows\system32\cs-CZ
2012-03-14 18:38:25 ----D---- C:\Windows\system32\AdvancedInstallers
2012-03-14 18:38:24 ----D---- C:\Windows\system32\wbem
2012-03-14 18:38:24 ----D---- C:\Windows\system32\migwiz
2012-03-14 18:38:24 ----D---- C:\Windows\system32\drivers\en-US
2012-03-14 18:38:24 ----D---- C:\Windows\system32\Dism
2012-03-14 18:38:10 ----RSD---- C:\Windows\Fonts
2012-03-14 18:38:10 ----D---- C:\Windows\AppPatch
2012-03-14 18:38:03 ----D---- C:\Windows\system32\Boot
2012-03-14 18:34:06 ----A---- C:\Windows\system32\msclmd.dll
2012-03-14 17:53:35 ----D---- C:\Windows\system32\LogFiles
2012-03-14 17:47:54 ----D---- C:\Windows\system32\wfp
2012-03-14 17:47:50 ----D---- C:\Windows\system32\CodeIntegrity
2012-03-14 17:47:47 ----D---- C:\Windows\registration
2012-03-14 16:20:23 ----D---- C:\Windows\PolicyDefinitions
2012-03-14 16:17:38 ----D---- C:\Windows\system32\drivers\UMDF
2012-03-14 15:50:41 ----D---- C:\Program Files\MSBuild
2012-03-14 15:50:28 ----D---- C:\Windows\ShellNew
2012-03-14 15:27:24 ----D---- C:\Windows\system32\restore
2012-03-14 15:25:55 ----SHD---- C:\$Recycle.Bin
2012-03-14 15:25:44 ----RD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-02-15 9182208]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-02-15 264704]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2011-12-05 86032]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service; C:\Windows\system32\DRIVERS\InputFilter_FlexDef2b.sys [2010-06-19 14848]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-02-15 163328]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-03-14 1343400]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S4 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2009-02-10 116104]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-15 158856]
S4 TeamViewer7;TeamViewer 7; C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]

-----------------EOF-----------------

janolor · #14 Příspěvek od **janolor** » 21 bře 2012 10:53

Infi.log:

info.txt logfile of random's system information tool 1.09 2012-03-19 20:17:39

======Uninstall list======

Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
Adobe Flash Player 11 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil11c_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil11g_Plugin.exe -maintain plugin
Adobe Reader X (10.1.2) - Slovak-->MsiExec.exe /I{AC76BA86-7AD7-1051-7B44-AA1000000001}
Advanced SystemCare 3-->"C:\Program Files\IObit\Advanced SystemCare 3\unins000.exe"
Aktualizácia Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-041B-0000-0000000FF1CE} /uninstall {9A8C39B0-D27F-4F81-BE74-2FECF164707E}
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-041B-0000-0000000FF1CE} /uninstall {CE23B3DC-18CC-46FC-A309-81D6670F8D3D}
Aktualizácia Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-041B-0000-0000000FF1CE} /uninstall {D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}
AMD Accelerated Video Transcoding-->MsiExec.exe /X{A994E9F7-A748-FFB1-01C2-9D64ADE870B4}
AMD APP SDK Runtime-->MsiExec.exe /I{A25FF1C0-80B6-4B8B-A551-DC525697A408}
AMD Catalyst Install Manager-->msiexec /q/x{C4100721-2D71-CC80-8877-0A7855B6EEFB} REBOOT=ReallySuppress
AMD Drag and Drop Transcoding-->MsiExec.exe /X{F46AB543-90D1-86D7-99EE-4F94C1D206C8}
AMD Media Foundation Decoders-->MsiExec.exe /X{943B2619-0E00-E9F1-73E3-03090965484E}
Canon Inkjet Printer/Scanner/Fax Extended Survey Program-->C:\Program Files\Canon\IJPLM\SETUP.EXE -R
Canon MP Navigator EX 3.0-->"C:\Program Files\Canon\MP Navigator EX 3.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator EX 3.0\uninst.ini
Canon MP550 series MP Drivers-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series
Canon MP550 series User Registration-->C:\Program Files\Canon\IJEREG\MP550 series\UNINST.EXE
Canon Utilities Easy-PhotoPrint EX-->C:\Program Files\Canon\Easy-PhotoPrint EX\uninst.exe Uninst.ini uinstrsc.dll
Canon Utilities My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini uinstrsc.dll
Canon Utilities Solution Menu-->C:\Program Files\Canon\SolutionMenu\uninst.exe uninst.ini uinstrsc.dll
Catalyst Control Center - Branding-->MsiExec.exe /I{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Google Gmail Notifier-->"C:\Program Files\Google\Gmail Notifier\UninstallGmail.exe"
High-Definition Video Playback-->MsiExec.exe /X{9193490D-5229-4FC4-9BB9-A6D63C09574A}
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
Medvěd Míša - Zakletý hrad-->C:\Program Files\Medvěd Míša - Zakletý hrad\Uninstall.exe
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Antimalware Service SK-SK Language Pack-->MsiExec.exe /X{0FB871A9-C617-4415-BB5D-619A8D946115}
Microsoft Antimalware-->MsiExec.exe /X{05BFB060-4F22-4710-B0A2-2801A1B606C5}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-041B-0000-0000000FF1CE} /uninstall {4754EB3B-ED3D-4095-A2FD-684A3058A4FF}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-041B-0000-0000000FF1CE} /uninstall {4754EB3B-ED3D-4095-A2FD-684A3058A4FF}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-041B-0000-0000000FF1CE} /uninstall {4754EB3B-ED3D-4095-A2FD-684A3058A4FF}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-041B-0000-0000000FF1CE} /uninstall {4754EB3B-ED3D-4095-A2FD-684A3058A4FF}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-041B-0000-0000000FF1CE} /uninstall {4754EB3B-ED3D-4095-A2FD-684A3058A4FF}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-041B-0000-0000000FF1CE} /uninstall {4754EB3B-ED3D-4095-A2FD-684A3058A4FF}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-041B-0000-0000000FF1CE} /uninstall {4754EB3B-ED3D-4095-A2FD-684A3058A4FF}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-041B-0000-0000000FF1CE} /uninstall {8382BA92-20E3-47B6-971B-F673F0492D4E}
Microsoft Office Access MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0015-041B-0000-0000000FF1CE}
Microsoft Office Excel MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0016-041B-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0044-041B-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Slovak) 2007-->MsiExec.exe /X{90120000-001A-041B-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0018-041B-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Hungarian) 2007-->MsiExec.exe /X{90120000-001F-040E-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Slovak) 2007-->MsiExec.exe /X{90120000-002C-041B-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {0B7A4B67-2A38-42B1-9857-662FAB361E08}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040E-0000-0000000FF1CE} /uninstall {0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {FDF9A959-241A-4662-A8DE-7DED9C22D160}
Microsoft Office Publisher MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0019-041B-0000-0000000FF1CE}
Microsoft Office Shared MUI (Slovak) 2007-->MsiExec.exe /X{90120000-006E-041B-0000-0000000FF1CE}
Microsoft Office Word MUI (Slovak) 2007-->MsiExec.exe /X{90120000-001B-041B-0000-0000000FF1CE}
Microsoft Security Client SK-SK Language Pack-->MsiExec.exe /I{50779A29-834E-4E36-BBEB-B7CABC67A825}
Microsoft Security Client-->MsiExec.exe /I{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}
Microsoft Security Essentials-->C:\Program Files\Microsoft Security Client\Setup.exe /x
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Montezumova pomsta-->C:\Program Files\Montezumova pomsta\Uninstall.exe
Mozilla Firefox 11.0 (x86 sk)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
Nero 11 Kwik Themes Basic-->MsiExec.exe /X{5A212B2D-140D-46F4-B625-2D1CA5A00594}
Nero Audio Pack 1-->MsiExec.exe /X{A7A0BF2E-31CC-49E3-9913-52C503EB969D}
Nero Core Components 11-->MsiExec.exe /X{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}
Nero Kwik Media Help (CHM)-->MsiExec.exe /X{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}
Nero Kwik Media-->MsiExec.exe /I{24A500E4-0B12-4D62-9973-2C7E23CCA750}
Nero Kwik Media-->MsiExec.exe /X{BE814218-3919-4EA3-868A-2F60BC135CB4}
Nero Update-->MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
QuickTime-->MsiExec.exe /I{7BE15435-2D3E-4B58-867F-9C75BED0208C}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8DDEFC7E-0C61-3D11-AFC6-5414F2DAFD01} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5A8732F0-C20F-4A9B-A2A9-66FE7A586C35}
Skype™ 5.8-->MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
TeamViewer 7-->C:\Program Files\TeamViewer\Version7\uninstall.exe
The KMPlayer (remove only)-->"C:\Program Files\The KMPlayer\uninstall.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B7873DF5-9E1C-45EE-8895-D29C6AE01202}
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C20964A7-5181-45E5-9E82-72F5D400DEBF}
Update for Microsoft Office 2007 suites (KB2597970) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {91E130AA-C37F-42D8-9D5D-397B3416A7F2}
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {567103D1-96CD-4B76-93B9-2681A187DEFF}
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}
Windows Live Fotogaléria-->MsiExec.exe /X{97F77D62-5110-4FA3-A2D3-410B92D31199}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{FA6CF94F-DACF-4FE7-959D-55C421B91B17}
Windows Live MIME IFilter-->MsiExec.exe /I{AF844339-2F8A-4593-81B3-9F4C54038C4E}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Movie Maker-->MsiExec.exe /X{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}
Windows Live Photo Common-->MsiExec.exe /X{6F37D92B-41AA-44B7-80D2-457ABDE11896}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{5E627606-53B9-42D1-97E1-D03F6229E248}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
WinRAR 4.11 (32-bit)-->C:\Program Files\WinRAR\uninstall.exe

======System event log======

Computer Name: Vlado-PC
Event Code: 3002
Message: Vo funkcii Ochrana v reálnom čase programu Microsoft Antimalware sa vyskytla chyba a funkcia zlyhala.
Funkcia: Monitorovanie správania
Kód chyby: 0x80004005
Popis chyby: Neznáma chyba
Dôvod: Správne fungovanie ovládača filtra vyžaduje aktuálny nástroj. Ak chcete povoliť ochranu v reálnom čase, musíte nainštalovať najnovšie aktualizácie definícií.
Record Number: 1773
Source Name: Microsoft Antimalware
Time Written: 20120314160933.000000-000
Event Type: Error
User:

Computer Name: Vlado-PC
Event Code: 3002
Message: Vo funkcii Ochrana v reálnom čase programu Microsoft Antimalware sa vyskytla chyba a funkcia zlyhala.
Funkcia: Monitorovanie správania
Kód chyby: 0x80004005
Popis chyby: Neznáma chyba
Dôvod: Správne fungovanie ovládača filtra vyžaduje aktuálny nástroj. Ak chcete povoliť ochranu v reálnom čase, musíte nainštalovať najnovšie aktualizácie definícií.
Record Number: 1639
Source Name: Microsoft Antimalware
Time Written: 20120314155129.000000-000
Event Type: Error
User:

Computer Name: Vlado-PC
Event Code: 4321
Message: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.2.26. The computer with the IP address 192.168.2.1 did not allow the name to be claimed by this computer.
Record Number: 1370
Source Name: NetBT
Time Written: 20120314152555.837692-000
Event Type: Error
User:

Computer Name: Vlado-PC
Event Code: 7023
Message:
Record Number: 1065
Source Name: Service Control Manager
Time Written: 20120314151724.465740-000
Event Type: Error
User:

Computer Name: Vlado-PC
Event Code: 1014
Message: Name resolution for the name teredo.ipv6.microsoft.com timed out after none of the configured DNS servers responded.
Record Number: 953
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20120314150021.268717-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

=====Application event log=====

Computer Name: Vlado-PC
Event Code: 63
Message: A provider, OffProv12, has been registered in the Windows Management Instrumentation namespace Root\MSAPPS12 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Record Number: 278
Source Name: Microsoft-Windows-WMI
Time Written: 20120314145103.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Vlado-PC
Event Code: 3006
Message: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Record Number: 200
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20120314143314.225672-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

Computer Name: Vlado-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-2250167482-1573766133-1057480249-1001:
Process 440 (\Device\HarddiskVolume3\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-2250167482-1573766133-1057480249-1001

Record Number: 179
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20120314142755.832883-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Vlado-PC
Event Code: 1008
Message: Služba Windows Search sa spúšťa a pokúša sa odstrániť starý index hľadania. {Dôvod: Full Index Reset}.

Record Number: 154
Source Name: Microsoft-Windows-Search
Time Written: 20120314142534.000000-000
Event Type: Warning
User:

Computer Name: Vlado-PC
Event Code: 11
Message: Possible Memory Leak. Application (C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted) (PID: 984) has passed a non-NULL pointer to RPC for an [out] parameter marked [allocate(all_nodes)]. [allocate(all_nodes)] parameters are always reallocated; if the original pointer contained the address of valid memory, that memory will be leaked. The call originated on the interface with UUID ({3F31C91E-2545-4B7B-9311-9529E8BFFEF6}), Method number (10). User Action: Contact your application vendor for an updated version of the application.
Record Number: 151
Source Name: Microsoft-Windows-RPC-Events
Time Written: 20120314142528.256039-000
Event Type: Warning
User: NT AUTHORITY\LOCAL SERVICE

=====Security event log=====

Computer Name: 37L4247D28-05
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120314141625.661314-000
Event Type: Audit Success
User:

Computer Name: 37L4247D28-05
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: 37L4247D28-05$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x1e8
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120314141625.661314-000
Event Type: Audit Success
User:

Computer Name: 37L4247D28-05
Event Code: 4902
Message: The Per-user audit policy table was created.

Number of Elements: 0
Policy ID: 0x256ad
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120314141620.154504-000
Event Type: Audit Success
User:

Computer Name: 37L4247D28-05
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0

Logon Type: 0

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x4
Process Name:

Network Information:
Workstation Name: -
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: -
Authentication Package: -
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120314141618.516501-000
Event Type: Audit Success
User:

Computer Name: 37L4247D28-05
Event Code: 4608
Message: Windows is starting up.

This event is logged when LSASS.EXE starts and the auditing subsystem is initialized.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120314141618.469701-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Windows Live\Shared
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"AMDAPPSDKROOT"=C:\Program Files\AMD APP\
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------

mnm9 · #15 Příspěvek od **mnm9** » 21 bře 2012 11:22

pokud ja vim tak MS to resi tak ze se zanikem pocitace zanika i oem licence win
jedina vyjimka je reklamace a vymena hardware po reklamaci a pak to uznaji a aktivuji win prez telefon
ale nemam to z vlastni zkusenosti, jen z internetu, kdyz sem podobny tema hledal a nasel sem v tohmle pripade jen kladny ohlasy

VIRY.CZ

Nelegálny Windows

Nelegálny Windows

Re: Nelegálny Windows

Re: Nelegálny Windows

Re: Nelegálny Windows

Re: Nelegálny Windows

Re: Nelegálny Windows

Re: Nelegálny Windows

Re: Nelegálny Windows

Re: Nelegálny Windows

Re: Nelegálny Windows

Re: Nelegálny Windows

Re: Nelegálny Windows

Re: Nelegálny Windows

Re: Nelegálny Windows

Re: Nelegálny Windows