Zdravím, prosím o kontrolu logu. Procesor občas výlítne skoro na 100%, ale vždy když se snažím spustit správce úloh, abych zjistil o co jde, tak se hned vráti do nečinosti. předem díky. Log má víc jak 80000 znaků, tak jsem ho rozdělil.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jara at 2012-11-29 04:01:34
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 33 GB (46%) free of 72 GB
Total RAM: 4095 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:01:39, on 29.11.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files\trend micro\Jara.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PXCIEaddin5 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~3\BROWER~1\ASCPLU~1.DLL
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: PDFXChange 2012 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] c:\program files (x86)\adobe\acrobat 9.0\acrobat\acrotray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Prevést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Prevést cíl vazby do existujícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Prevést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Pridat do stávajícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Služba zařazování tisku (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 8815 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=4e0d1842-5c59-4f63-b772-b1518de3c259 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\6c963013-71dd-4a79-b4e8-980183bbea4c-158-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files\Wireless Console 2\wcourier.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
ATKOSD.exe
"C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgemca.exe"
WDC.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=2efef07a-2a2d-4829-af08-89666319ec07 /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\68cca467-0c95-4f42-91f5-5b0fc2417c01-bbc-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
taskeng.exe {D71F6A20-E00A-4971-A1E2-4028BA4B0F86}
"C:\Users\Jara\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, silvermelxt@pardal.de:1.3.6, firegestures@xuldev.org:1.6.1, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15, silvermel@pardal.de:1.3.6, {080955ad-b8bb-4500-806f-d2b9ad73d72e}:1.8.71"
prefs.js - "keyword.URL" - "https://isearch.avg.com/search?cid=%7B0 ... &sap=ku&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.110 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@IObit.com/np_Asc_Plugin]
"Description"=Advanced SystemCare Surfing Protection
"Path"=C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.110 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\extensions\
ascsurfingprotection@iobit.com
plugin@yontoo.com
staged
{1018e4d6-728f-4b20-ad56-37578a4de76b}
C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\searchplugins\
aukro.xml
cojeco.xml
google-maps.xml
hellspy.xml
search-defender.xml
sfd.xml
youtube.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-11-02 537576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-11-02 193512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42DFA04F-0F16-418e-B80C-AB97A5AFAD3A}]
PDFXChange 2012 - C:\Program Files\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll [2012-08-14 423040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\ADVANC~3\BROWER~1\ASCPLU~1.DLL [2012-10-11 662400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
{42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - PDFXChange 2012 - C:\Program Files\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll [2012-08-14 423040]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Acrobat Assistant 8.0"=c:\program files (x86)\adobe\acrobat 9.0\acrobat\acrotray.exe [2008-06-11 640376]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
c:\program files (x86)\adobe\acrobat 9.0\acrobat\acrobat_sl.exe [2008-06-12 37232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
c:\program files (x86)\microsoft office\office12\groovemonitor.exe [2009-02-26 30040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ITSecMng]
[]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2012-11-06 3143800]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-19 170624]
"Acrobat Assistant 8.0"=c:\program files (x86)\adobe\acrobat 9.0\acrobat\acrotray.exe [2008-06-11 640376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-11-29 03:39:54 ----D---- C:\Program Files\trend micro
2012-11-29 03:39:53 ----D---- C:\rsit
2012-11-28 14:48:38 ----D---- C:\ProgramData\vsosdk
2012-11-28 13:56:34 ----D---- C:\Users\Jara\AppData\Roaming\Vso
2012-11-28 13:56:24 ----D---- C:\ProgramData\VSO
2012-11-28 13:56:24 ----D---- C:\Program Files (x86)\VSO
2012-11-25 10:38:49 ----A---- C:\Windows\SYSWOW64\vp7vfw.dll
2012-11-25 10:38:48 ----A---- C:\Windows\SYSWOW64\wvc1dmod.dll
2012-11-25 04:16:16 ----D---- C:\Users\Jara\AppData\Roaming\Malwarebytes
2012-11-25 04:15:57 ----D---- C:\ProgramData\Malwarebytes
2012-11-25 04:15:56 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-11-25 04:15:56 ----A---- C:\Windows\system32\drivers\mbam.sys
2012-11-24 14:43:16 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-11-21 08:34:16 ----D---- C:\Program Files\Recuva
2012-11-20 10:53:14 ----D---- C:\Program Files (x86)\Kroll Ontrack
2012-11-19 11:09:45 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2012-11-19 10:59:09 ----RA---- C:\Windows\system32\AdobePDFUI.dll
2012-11-19 10:59:09 ----RA---- C:\Windows\system32\AdobePDF.dll
2012-11-17 21:07:43 ----SHD---- C:\Config.Msi
2012-11-14 04:12:14 ----A---- C:\Windows\system32\Wdfres.dll
2012-11-14 04:12:14 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2012-11-14 04:12:14 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2012-11-14 04:06:41 ----A---- C:\Windows\system32\mshtmled.dll
2012-11-14 04:06:40 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-11-14 04:06:40 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-11-14 04:06:39 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-11-14 04:06:39 ----A---- C:\Windows\SYSWOW64\url.dll
2012-11-14 04:06:39 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-11-14 04:06:39 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-11-14 04:06:39 ----A---- C:\Windows\system32\url.dll
2012-11-14 04:06:39 ----A---- C:\Windows\system32\ieUnatt.exe
2012-11-14 04:06:39 ----A---- C:\Windows\system32\ieui.dll
2012-11-14 04:06:38 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-11-14 04:06:38 ----A---- C:\Windows\system32\urlmon.dll
2012-11-14 04:06:38 ----A---- C:\Windows\system32\msfeeds.dll
2012-11-14 04:06:38 ----A---- C:\Windows\system32\jscript9.dll
2012-11-14 04:06:37 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-11-14 04:06:37 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-11-14 04:06:37 ----A---- C:\Windows\system32\wininet.dll
2012-11-14 04:06:37 ----A---- C:\Windows\system32\jsproxy.dll
2012-11-14 04:06:36 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-11-14 04:06:36 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-11-14 04:06:36 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-11-14 04:06:36 ----A---- C:\Windows\system32\vbscript.dll
2012-11-14 04:06:36 ----A---- C:\Windows\system32\jscript.dll
2012-11-14 04:06:36 ----A---- C:\Windows\system32\iertutil.dll
2012-11-14 04:06:34 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-11-14 04:06:33 ----A---- C:\Windows\system32\mshtml.dll
2012-11-14 04:06:32 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-11-14 04:06:32 ----A---- C:\Windows\system32\ieframe.dll
2012-11-14 04:04:52 ----A---- C:\Windows\system32\WUDFSvc.dll
2012-11-14 04:04:52 ----A---- C:\Windows\system32\WUDFPlatform.dll
2012-11-14 04:04:52 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2012-11-14 04:04:52 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2012-11-14 04:04:51 ----A---- C:\Windows\system32\WUDFx.dll
2012-11-14 04:04:51 ----A---- C:\Windows\system32\WUDFHost.exe
2012-11-14 04:04:51 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2012-11-14 04:04:23 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2012-11-14 04:04:23 ----A---- C:\Windows\system32\ncsi.dll
2012-11-14 04:04:23 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-11-14 04:04:22 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2012-11-14 04:04:22 ----A---- C:\Windows\SYSWOW64\netevent.dll
2012-11-14 04:04:22 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2012-11-14 04:04:22 ----A---- C:\Windows\system32\nlasvc.dll
2012-11-14 04:04:22 ----A---- C:\Windows\system32\nlaapi.dll
2012-11-14 04:04:22 ----A---- C:\Windows\system32\netevent.dll
2012-11-14 04:04:22 ----A---- C:\Windows\system32\netcorehc.dll
2012-11-14 04:04:22 ----A---- C:\Windows\system32\iphlpsvc.dll
2012-11-14 04:04:22 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2012-11-14 04:04:10 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2012-11-14 04:04:10 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2012-11-14 04:04:10 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2012-11-14 04:04:10 ----A---- C:\Windows\system32\dhcpcore6.dll
2012-11-14 04:04:07 ----A---- C:\Windows\system32\win32k.sys
2012-11-14 04:04:04 ----A---- C:\Windows\SYSWOW64\synceng.dll
2012-11-14 04:04:04 ----A---- C:\Windows\system32\synceng.dll
2012-11-12 07:51:40 ----D---- C:\ProgramData\Tarma Installer
2012-11-10 04:56:11 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2012-11-10 04:56:11 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2012-11-10 04:55:40 ----D---- C:\Program Files (x86)\Winamp
2012-11-09 09:44:51 ----D---- C:\ProgramData\TEMP
2012-11-07 04:17:22 ----D---- C:\Users\Jara\AppData\Roaming\GHISLER
2012-11-07 04:17:22 ----D---- C:\totalcmd
2012-11-05 20:54:28 ----A---- C:\Users\Jara\AppData\Roaming\pcouffin.sys
2012-11-05 20:54:28 ----A---- C:\Users\Jara\AppData\Roaming\inst.exe
2012-11-04 20:08:14 ----A---- C:\Windows\system32\drivers\sptd.sys
2012-11-04 15:59:40 ----D---- C:\ProgramData\ChessBase
2012-11-04 15:52:35 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2012-11-04 15:52:35 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2012-11-04 15:52:35 ----A---- C:\Windows\system32\d3dx10_41.dll
2012-11-04 15:52:35 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2012-11-04 15:52:33 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2012-11-04 15:52:33 ----A---- C:\Windows\system32\D3DX9_41.dll
2012-11-04 15:52:31 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2012-11-04 15:52:31 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2012-11-04 15:52:31 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2012-11-04 15:52:31 ----A---- C:\Windows\system32\XAudio2_4.dll
2012-11-04 15:52:31 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2012-11-04 15:52:31 ----A---- C:\Windows\system32\xactengine3_4.dll
2012-11-04 15:52:29 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2012-11-04 15:52:29 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2012-11-04 15:52:28 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2012-11-04 15:52:28 ----A---- C:\Windows\system32\d3dx9_27.dll
2012-11-04 15:28:50 ----D---- C:\Users\Jara\AppData\Roaming\Skype
2012-11-04 15:02:52 ----D---- C:\Users\Jara\AppData\Roaming\Apple Computer
2012-11-04 14:48:10 ----D---- C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2012-11-04 14:48:10 ----D---- C:\ProgramData\{6F2F3866-38AD-4f48-852C-2FF5DE7A7588}
2012-11-04 04:20:11 ----A---- C:\Windows\system32\pxc50pm.dll
2012-11-04 04:08:18 ----D---- C:\Program Files (x86)\uTorrent
2012-11-03 04:27:13 ----D---- C:\Users\Jara\AppData\Roaming\Hard Disk Sentinel
2012-11-03 04:25:43 ----D---- C:\Program Files (x86)\Hard Disk Sentinel
2012-11-02 20:13:42 ----D---- C:\ProgramData\Mozilla
2012-11-02 20:13:42 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-11-02 20:08:38 ----A---- C:\Windows\system32\javaws.exe
2012-11-02 20:08:31 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2012-11-02 20:08:31 ----A---- C:\Windows\system32\javaw.exe
2012-11-02 20:08:31 ----A---- C:\Windows\system32\java.exe
2012-11-02 20:08:23 ----D---- C:\Program Files\Java
2012-11-02 20:04:21 ----D---- C:\Program Files (x86)\Real
2012-11-02 20:04:18 ----D---- C:\Users\Jara\AppData\Roaming\Real
2012-11-02 20:03:25 ----D---- C:\ProgramData\Real
2012-11-02 20:01:48 ----A---- C:\Windows\system32\npDeployJava1.dll
2012-11-02 20:01:48 ----A---- C:\Windows\system32\deployJava1.dll
2012-11-02 18:01:25 ----D---- C:\Users\Jara\AppData\Roaming\AIMP3
2012-11-02 18:00:43 ----D---- C:\Program Files (x86)\AIMP3
2012-11-02 15:02:09 ----D---- C:\Program Files\Zoner
2012-11-02 14:13:44 ----D---- C:\Users\Jara\AppData\Roaming\dvdcss
2012-11-02 12:52:12 ----D---- C:\Program Files\CCleaner
2012-11-02 04:25:54 ----D---- C:\Program Files\Wireless Console 2
2012-11-02 04:25:54 ----D---- C:\Program Files (x86)\Wireless Console 2
2012-11-01 22:59:40 ----A---- C:\Windows\system32\athihvs.dll
2012-11-01 22:56:46 ----D---- C:\Windows\system32\nn-NO
2012-11-01 22:56:45 ----A---- C:\Windows\system32\athihvui.dll
2012-11-01 22:56:38 ----D---- C:\Program Files (x86)\Cisco
2012-11-01 22:56:37 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-11-01 22:56:37 ----D---- C:\Program Files (x86)\Atheros
2012-11-01 22:55:47 ----D---- C:\ProgramData\Atheros
2012-11-01 22:55:46 ----D---- C:\Users\Jara\AppData\Roaming\InstallShield
2012-11-01 22:55:37 ----D---- C:\SWSetup
2012-11-01 21:30:31 ----D---- C:\Windows\system32\appmgmt
2012-11-01 04:20:57 ----D---- C:\Users\Jara\AppData\Roaming\Ashampoo
2012-11-01 04:20:41 ----D---- C:\ProgramData\ashampoo
2012-11-01 04:19:47 ----D---- C:\Program Files (x86)\Ashampoo
2012-11-01 04:07:39 ----D---- C:\Users\Jara\AppData\Roaming\Zoner
2012-11-01 04:07:19 ----D---- C:\ProgramData\Zoner
2012-10-31 21:13:35 ----D---- C:\Program Files\Tracker Software
2012-10-31 20:20:21 ----D---- C:\Users\Jara\AppData\Roaming\Mozilla
2012-10-31 20:10:30 ----D---- C:\Users\Jara\AppData\Roaming\uTorrent
2012-10-31 20:03:56 ----RD---- C:\Program Files (x86)\Skype
2012-10-31 20:03:53 ----D---- C:\ProgramData\Skype
2012-10-31 18:17:26 ----D---- C:\ProgramData\Windows Genuine Advantage
2012-10-31 17:38:02 ----D---- C:\Windows\CheckSur
2012-10-31 06:47:42 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-10-31 06:47:42 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-10-31 06:47:42 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2012-10-31 06:47:40 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2012-10-31 06:47:40 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2012-10-31 06:47:40 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2012-10-31 06:47:40 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2012-10-31 06:47:40 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2012-10-31 06:47:40 ----A---- C:\Windows\system32\wksprtPS.dll
2012-10-31 06:47:40 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2012-10-31 06:47:40 ----A---- C:\Windows\system32\tsgqec.dll
2012-10-31 06:47:40 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2012-10-31 06:47:40 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2012-10-31 06:47:39 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2012-10-31 06:47:39 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2012-10-31 06:47:39 ----A---- C:\Windows\system32\wksprt.exe
2012-10-31 06:47:39 ----A---- C:\Windows\system32\TSWbPrxy.exe
2012-10-31 06:47:39 ----A---- C:\Windows\system32\rdpudd.dll
2012-10-31 06:47:39 ----A---- C:\Windows\system32\rdpendp_winip.dll
2012-10-31 06:47:39 ----A---- C:\Windows\system32\rdpcorets.dll
2012-10-31 06:47:39 ----A---- C:\Windows\system32\mstsc.exe
2012-10-31 06:47:39 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2012-10-31 06:47:39 ----A---- C:\Windows\system32\aaclient.dll
2012-10-31 06:47:38 ----A---- C:\Windows\system32\mstscax.dll
2012-10-31 06:45:53 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-10-31 06:45:53 ----A---- C:\Windows\system32\qdvd.dll
2012-10-31 06:45:50 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-10-31 06:45:50 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2012-10-31 06:45:50 ----A---- C:\Windows\system32\schannel.dll
2012-10-31 06:45:50 ----A---- C:\Windows\system32\ncrypt.dll
2012-10-31 06:45:50 ----A---- C:\Windows\system32\lsasrv.dll
2012-10-31 06:45:50 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-10-31 06:45:50 ----A---- C:\Windows\system32\drivers\cng.sys
2012-10-31 06:45:49 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-10-31 06:45:49 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-10-31 06:45:44 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2012-10-31 06:45:44 ----A---- C:\Windows\system32\drivers\ndis.sys
2012-10-31 06:45:30 ----A---- C:\Windows\system32\drivers\netio.sys
2012-10-31 06:45:30 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2012-10-31 06:45:20 ----A---- C:\Windows\system32\OxpsConverter.exe
2012-10-31 06:06:28 ----A---- C:\Windows\system32\RegistryDefragBootTime.exe
2012-10-31 05:38:25 ----D---- C:\Users\Jara\AppData\Roaming\ChessBase
2012-10-31 05:37:32 ----D---- C:\Program Files (x86)\ChessBase
2012-10-31 05:08:48 ----D---- C:\Users\Jara\AppData\Roaming\WinRAR
2012-10-31 04:29:18 ----D---- C:\Users\Jara\AppData\Roaming\AVG2013
2012-10-31 04:28:38 ----D---- C:\Users\Jara\AppData\Roaming\TuneUp Software
2012-10-31 04:28:03 ----HD---- C:\$AVG
2012-10-31 04:28:03 ----D---- C:\ProgramData\AVG2013
2012-10-31 04:26:58 ----D---- C:\Program Files (x86)\AVG
2012-10-31 04:19:55 ----HD---- C:\ProgramData\Common Files
2012-10-31 04:19:55 ----D---- C:\ProgramData\MFAData
2012-10-31 03:58:25 ----D---- C:\Windows\system32\SPReview
2012-10-31 03:57:57 ----D---- C:\Windows\system32\EventProviders
2012-10-31 03:56:24 ----A---- C:\Windows\system32\netfxperf.dll
2012-10-31 03:56:24 ----A---- C:\Windows\system32\dfshim.dll
2012-10-31 03:56:16 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2012-10-31 03:56:12 ----A---- C:\Windows\system32\d3d10warp.dll
2012-10-31 03:56:06 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2012-10-31 03:56:06 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2012-10-31 03:56:06 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2012-10-31 03:56:06 ----A---- C:\Windows\system32\sysmain.dll
2012-10-31 03:56:05 ----A---- C:\Windows\system32\tssrvlic.dll
2012-10-31 03:56:05 ----A---- C:\Windows\system32\RDVGHelper.exe
2012-10-31 03:56:04 ----A---- C:\Windows\SYSWOW64\pmcsnap.dll
2012-10-31 03:56:04 ----A---- C:\Windows\system32\MSVidCtl.dll
2012-10-31 03:56:03 ----A---- C:\Windows\system32\wmp.dll
2012-10-31 03:56:02 ----A---- C:\Windows\system32\mscoree.dll
2012-10-31 03:56:01 ----A---- C:\Windows\system32\secproc_isv.dll
2012-10-31 03:56:01 ----A---- C:\Windows\system32\RMActivate_isv.exe
2012-10-31 03:56:01 ----A---- C:\Windows\system32\mmcndmgr.dll
2012-10-31 03:56:01 ----A---- C:\Windows\system32\mf.dll
2012-10-31 03:56:00 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2012-10-31 03:56:00 ----A---- C:\Windows\system32\xpsservices.dll
2012-10-31 03:56:00 ----A---- C:\Windows\system32\secproc.dll
2012-10-31 03:56:00 ----A---- C:\Windows\system32\RMActivate.exe
2012-10-31 03:55:59 ----A---- C:\Windows\SYSWOW64\secproc.dll
2012-10-31 03:55:59 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2012-10-31 03:55:59 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2012-10-31 03:55:59 ----A---- C:\Windows\system32\rpcrt4.dll
2012-10-31 03:55:58 ----A---- C:\Windows\SYSWOW64\PushPrinterConnections.exe
2012-10-31 03:55:58 ----A---- C:\Windows\SYSWOW64\ppcsnap.dll
2012-10-31 03:55:58 ----A---- C:\Windows\system32\schedsvc.dll
2012-10-31 03:55:58 ----A---- C:\Windows\system32\ole32.dll
2012-10-31 03:55:57 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2012-10-31 03:55:57 ----A---- C:\Windows\system32\taskschd.dll
2012-10-31 03:55:57 ----A---- C:\Windows\system32\spwizui.dll
2012-10-31 03:55:57 ----A---- C:\Windows\system32\RacEngn.dll
2012-10-31 03:55:56 ----A---- C:\Windows\SYSWOW64\mf.dll
2012-10-31 03:55:56 ----A---- C:\Windows\system32\wevtsvc.dll
2012-10-31 03:55:56 ----A---- C:\Windows\system32\ExplorerFrame.dll
2012-10-31 03:55:56 ----A---- C:\Windows\system32\diagperf.dll
2012-10-31 03:55:55 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2012-10-31 03:55:55 ----A---- C:\Windows\system32\vssapi.dll
2012-10-31 03:55:55 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2012-10-31 03:55:55 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2012-10-31 03:55:55 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2012-10-31 03:55:54 ----A---- C:\Windows\system32\UIRibbon.dll
2012-10-31 03:55:53 ----A---- C:\Windows\SYSWOW64\wmp.dll
2012-10-31 03:55:53 ----A---- C:\Windows\system32\WsmSvc.dll
2012-10-31 03:55:52 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2012-10-31 03:55:52 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2012-10-31 03:55:52 ----A---- C:\Windows\system32\WMVCORE.DLL
2012-10-31 03:55:52 ----A---- C:\Windows\system32\rdpdd.dll
2012-10-31 03:55:52 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2012-10-31 03:55:52 ----A---- C:\Windows\system32\PresentationHost.exe
2012-10-31 03:55:51 ----A---- C:\Windows\system32\WMVDECOD.DLL
2012-10-31 03:55:51 ----A---- C:\Windows\system32\WinSAT.exe
2012-10-31 03:55:51 ----A---- C:\Windows\system32\spreview.exe
2012-10-31 03:55:51 ----A---- C:\Windows\system32\spinstall.exe
2012-10-31 03:55:51 ----A---- C:\Windows\system32\MPSSVC.dll
2012-10-31 03:55:51 ----A---- C:\Windows\system32\CertEnroll.dll
2012-10-31 03:55:50 ----A---- C:\Windows\system32\IKEEXT.DLL
2012-10-31 03:55:50 ----A---- C:\Windows\system32\d3d9.dll
2012-10-31 03:55:49 ----A---- C:\Windows\SYSWOW64\RacEngn.dll
2012-10-31 03:55:49 ----A---- C:\Windows\SYSWOW64\AuthFWSnapin.dll
2012-10-31 03:55:49 ----A---- C:\Windows\system32\SearchFolder.dll
2012-10-31 03:55:49 ----A---- C:\Windows\system32\gpsvc.dll
2012-10-31 03:55:49 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2012-10-31 03:55:48 ----A---- C:\Windows\system32\VSSVC.exe
2012-10-31 03:55:48 ----A---- C:\Windows\system32\dwmcore.dll
2012-10-31 03:55:48 ----A---- C:\Windows\system32\dbgeng.dll
2012-10-31 03:55:47 ----A---- C:\Windows\SYSWOW64\rdvgumd32.dll
2012-10-31 03:55:47 ----A---- C:\Windows\system32\drivers\http.sys
2012-10-31 03:55:46 ----A---- C:\Windows\SYSWOW64\ole32.dll
2012-10-31 03:55:46 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2012-10-31 03:55:46 ----A---- C:\Windows\system32\TSWorkspace.dll
2012-10-31 03:55:46 ----A---- C:\Windows\system32\qmgr.dll
2012-10-31 03:55:46 ----A---- C:\Windows\system32\audiosrv.dll
2012-10-31 03:55:46 ----A---- C:\Windows\system32\actxprxy.dll
2012-10-31 03:55:45 ----A---- C:\Windows\system32\termsrv.dll
2012-10-31 03:55:45 ----A---- C:\Windows\system32\imapi2fs.dll
2012-10-31 03:55:45 ----A---- C:\Windows\system32\gpprefcl.dll
2012-10-31 03:55:44 ----A---- C:\Windows\SYSWOW64\vssapi.dll
2012-10-31 03:55:44 ----A---- C:\Windows\SYSWOW64\SearchFolder.dll
2012-10-31 03:55:44 ----A---- C:\Windows\SYSWOW64\d3d9.dll
2012-10-31 03:55:44 ----A---- C:\Windows\system32\winhttp.dll
2012-10-31 03:55:44 ----A---- C:\Windows\system32\QAGENTRT.DLL
2012-10-31 03:55:44 ----A---- C:\Windows\system32\propsys.dll
2012-10-31 03:55:44 ----A---- C:\Windows\system32\netlogon.dll
2012-10-31 03:55:44 ----A---- C:\Windows\system32\msv1_0.dll
2012-10-31 03:55:44 ----A---- C:\Windows\system32\d3d11.dll
2012-10-31 03:55:43 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2012-10-31 03:55:43 ----A---- C:\Windows\system32\werconcpl.dll
2012-10-31 03:55:43 ----A---- C:\Windows\system32\wbengine.exe
2012-10-31 03:55:43 ----A---- C:\Windows\system32\taskeng.exe
2012-10-31 03:55:43 ----A---- C:\Windows\system32\setupapi.dll
2012-10-31 03:55:43 ----A---- C:\Windows\system32\rpcss.dll
2012-10-31 03:55:43 ----A---- C:\Windows\system32\PushPrinterConnections.exe
2012-10-31 03:55:43 ----A---- C:\Windows\system32\odbc32.dll
2012-10-31 03:55:43 ----A---- C:\Windows\system32\authui.dll
2012-10-31 03:55:42 ----A---- C:\Windows\system32\WSDApi.dll
2012-10-31 03:55:42 ----A---- C:\Windows\system32\user32.dll
2012-10-31 03:55:41 ----A---- C:\Windows\SYSWOW64\wer.dll
2012-10-31 03:55:41 ----A---- C:\Windows\system32\umrdp.dll
2012-10-31 03:55:41 ----A---- C:\Windows\system32\scavengeui.dll
2012-10-31 03:55:41 ----A---- C:\Windows\system32\LSCSHostPolicy.dll
2012-10-31 03:55:41 ----A---- C:\Windows\system32\drivers\tdx.sys
2012-10-31 03:55:41 ----A---- C:\Windows\system32\drivers\netbt.sys
2012-10-31 03:55:41 ----A---- C:\Windows\system32\dhcpcore.dll
2012-10-31 03:55:41 ----A---- C:\Windows\system32\certmgr.dll
2012-10-31 03:55:40 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2012-10-31 03:55:40 ----A---- C:\Windows\SYSWOW64\certcli.dll
2012-10-31 03:55:40 ----A---- C:\Windows\system32\tsmf.dll
2012-10-31 03:55:40 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2012-10-31 03:55:40 ----A---- C:\Windows\system32\msdrm.dll
2012-10-31 03:55:39 ----A---- C:\Windows\SYSWOW64\tcpmonui.dll
2012-10-31 03:55:39 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2012-10-31 03:55:39 ----A---- C:\Windows\system32\ws2_32.dll
2012-10-31 03:55:39 ----A---- C:\Windows\system32\wmicmiplugin.dll
2012-10-31 03:55:39 ----A---- C:\Windows\system32\winlogon.exe
2012-10-31 03:55:39 ----A---- C:\Windows\system32\shlwapi.dll
2012-10-31 03:55:39 ----A---- C:\Windows\system32\rdpshell.exe
2012-10-31 03:55:39 ----A---- C:\Windows\system32\netshell.dll
2012-10-31 03:55:39 ----A---- C:\Windows\system32\netcfgx.dll
2012-10-31 03:55:39 ----A---- C:\Windows\system32\msdtctm.dll
2012-10-31 03:55:39 ----A---- C:\Windows\system32\framedynos.dll
2012-10-31 03:55:39 ----A---- C:\Windows\system32\appmgr.dll
2012-10-31 03:55:38 ----A---- C:\Windows\system32\wmpps.dll
2012-10-31 03:55:38 ----A---- C:\Windows\system32\usp10.dll
2012-10-31 03:55:38 ----A---- C:\Windows\system32\lsm.exe
2012-10-31 03:55:38 ----A---- C:\Windows\system32\dxgi.dll
2012-10-31 03:55:38 ----A---- C:\Windows\system32\drivers\csc.sys
2012-10-31 03:55:38 ----A---- C:\Windows\system32\comdlg32.dll
2012-10-31 03:55:38 ----A---- C:\Windows\system32\apphelp.dll
2012-10-31 03:55:37 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2012-10-31 03:55:37 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2012-10-31 03:55:37 ----A---- C:\Windows\SYSWOW64\tsmf.dll
2012-10-31 03:55:37 ----A---- C:\Windows\SYSWOW64\setupapi.dll
2012-10-31 03:55:37 ----A---- C:\Windows\SYSWOW64\dot3api.dll
2012-10-31 03:55:37 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2012-10-31 03:55:37 ----A---- C:\Windows\system32\wpdshext.dll
2012-10-31 03:55:37 ----A---- C:\Windows\system32\Vault.dll
2012-10-31 03:55:37 ----A---- C:\Windows\system32\Query.dll
2012-10-31 03:55:37 ----A---- C:\Windows\system32\QAGENT.DLL
2012-10-31 03:55:37 ----A---- C:\Windows\system32\mswsock.dll
2012-10-31 03:55:37 ----A---- C:\Windows\system32\drvstore.dll
2012-10-31 03:55:37 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2012-10-31 03:55:37 ----A---- C:\Windows\system32\BFE.DLL
2012-10-31 03:55:37 ----A---- C:\Windows\system32\azroles.dll
2012-10-31 03:55:36 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2012-10-31 03:55:36 ----A---- C:\Windows\SYSWOW64\dbgeng.dll
2012-10-31 03:55:36 ----A---- C:\Windows\system32\samsrv.dll
2012-10-31 03:55:36 ----A---- C:\Windows\system32\lpksetup.exe
2012-10-31 03:55:36 ----A---- C:\Windows\system32\DShowRdpFilter.dll
2012-10-31 03:55:36 ----A---- C:\Windows\system32\cmd.exe
2012-10-31 03:55:35 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2012-10-31 03:55:35 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2012-10-31 03:55:35 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2012-10-31 03:55:35 ----A---- C:\Windows\SYSWOW64\netcfgx.dll
2012-10-31 03:55:35 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2012-10-31 03:55:35 ----A---- C:\Windows\system32\WindowsCodecs.dll
2012-10-31 03:55:35 ----A---- C:\Windows\system32\WebClnt.dll
2012-10-31 03:55:35 ----A---- C:\Windows\system32\sxs.dll
2012-10-31 03:55:35 ----A---- C:\Windows\system32\rdpclip.exe
2012-10-31 03:55:35 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2012-10-31 03:55:35 ----A---- C:\Windows\system32\cscsvc.dll
2012-10-31 03:55:34 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2012-10-31 03:55:34 ----A---- C:\Windows\SYSWOW64\upnp.dll
2012-10-31 03:55:34 ----A---- C:\Windows\SYSWOW64\Query.dll
2012-10-31 03:55:34 ----A---- C:\Windows\SYSWOW64\mmcndmgr.dll
2012-10-31 03:55:34 ----A---- C:\Windows\SYSWOW64\gpprefcl.dll
2012-10-31 03:55:34 ----A---- C:\Windows\SYSWOW64\DShowRdpFilter.dll
2012-10-31 03:55:34 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2012-10-31 03:55:34 ----A---- C:\Windows\system32\Wldap32.dll
2012-10-31 03:55:34 ----A---- C:\Windows\system32\taskcomp.dll
2012-10-31 03:55:34 ----A---- C:\Windows\system32\pnidui.dll
2012-10-31 03:55:34 ----A---- C:\Windows\system32\mfds.dll
2012-10-31 03:55:34 ----A---- C:\Windows\system32\mcbuilder.exe
2012-10-31 03:55:34 ----A---- C:\Windows\system32\ipsmsnap.dll
2012-10-31 03:55:34 ----A---- C:\Windows\system32\hgprint.dll
2012-10-31 03:55:34 ----A---- C:\Windows\system32\cscobj.dll
2012-10-31 03:55:33 ----A---- C:\Windows\SYSWOW64\SessEnv.dll
2012-10-31 03:55:33 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2012-10-31 03:55:33 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2012-10-31 03:55:33 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2012-10-31 03:55:33 ----A---- C:\Windows\SYSWOW64\imapi2fs.dll
2012-10-31 03:55:33 ----A---- C:\Windows\SYSWOW64\authui.dll
2012-10-31 03:55:33 ----A---- C:\Windows\system32\winsta.dll
2012-10-31 03:55:33 ----A---- C:\Windows\system32\webservices.dll
2012-10-31 03:55:33 ----A---- C:\Windows\system32\sqlsrv32.dll
2012-10-31 03:55:33 ----A---- C:\Windows\system32\SessEnv.dll
2012-10-31 03:55:33 ----A---- C:\Windows\system32\rdpendp.dll
2012-10-31 03:55:33 ----A---- C:\Windows\system32\fveapi.dll
2012-10-31 03:55:33 ----A---- C:\Windows\system32\dot3api.dll
2012-10-31 03:55:32 ----A---- C:\Windows\SYSWOW64\usp10.dll
2012-10-31 03:55:32 ----A---- C:\Windows\SYSWOW64\shlwapi.dll
2012-10-31 03:55:32 ----A---- C:\Windows\SYSWOW64\PortableDeviceApi.dll
2012-10-31 03:55:32 ----A---- C:\Windows\SYSWOW64\mcbuilder.exe
2012-10-31 03:55:32 ----A---- C:\Windows\system32\WMNetMgr.dll
2012-10-31 03:55:32 ----A---- C:\Windows\system32\schtasks.exe
2012-10-31 03:55:32 ----A---- C:\Windows\system32\prncache.dll
2012-10-31 03:55:32 ----A---- C:\Windows\system32\mcmde.dll
2012-10-31 03:55:32 ----A---- C:\Windows\system32\gdi32.dll
2012-10-31 03:55:32 ----A---- C:\Windows\system32\drivers\volsnap.sys
2012-10-31 03:55:32 ----A---- C:\Windows\system32\drivers\msrpc.sys
2012-10-31 03:55:31 ----A---- C:\Windows\SYSWOW64\xpsservices.dll
2012-10-31 03:55:31 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2012-10-31 03:55:31 ----A---- C:\Windows\SYSWOW64\userenv.dll
2012-10-31 03:55:31 ----A---- C:\Windows\SYSWOW64\drvstore.dll
2012-10-31 03:55:31 ----A---- C:\Windows\SYSWOW64\comdlg32.dll
2012-10-31 03:55:31 ----A---- C:\Windows\SYSWOW64\certmgr.dll
2012-10-31 03:55:31 ----A---- C:\Windows\system32\wlanpref.dll
2012-10-31 03:55:31 ----A---- C:\Windows\system32\vpnike.dll
2012-10-31 03:55:31 ----A---- C:\Windows\system32\userenv.dll
2012-10-31 03:55:31 ----A---- C:\Windows\system32\tspubwmi.dll
2012-10-31 03:55:31 ----A---- C:\Windows\system32\photowiz.dll
2012-10-31 03:55:31 ----A---- C:\Windows\system32\evr.dll
2012-10-31 03:55:31 ----A---- C:\Windows\system32\drivers\rdbss.sys
2012-10-31 03:55:31 ----A---- C:\Windows\system32\drivers\1394ohci.sys
2012-10-31 03:55:30 ----A---- C:\Windows\SYSWOW64\cmd.exe
2012-10-31 03:55:30 ----A---- C:\Windows\system32\wmpmde.dll
2012-10-31 03:55:30 ----A---- C:\Windows\system32\WMPEncEn.dll
2012-10-31 03:55:30 ----A---- C:\Windows\system32\wmpeffects.dll
2012-10-31 03:55:30 ----A---- C:\Windows\system32\SyncCenter.dll
2012-10-31 03:55:30 ----A---- C:\Windows\system32\sppobjs.dll
2012-10-31 03:55:30 ----A---- C:\Windows\system32\IPSECSVC.DLL
2012-10-31 03:55:30 ----A---- C:\Windows\system32\FXSSVC.exe
2012-10-31 03:55:30 ----A---- C:\Windows\system32\framedyn.dll
2012-10-31 03:55:30 ----A---- C:\Windows\system32\AudioSes.dll
2012-10-31 03:55:30 ----A---- C:\Windows\system32\aepdu.dll
2012-10-31 03:55:29 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2012-10-31 03:55:29 ----A---- C:\Windows\SYSWOW64\propsys.dll
2012-10-31 03:55:29 ----A---- C:\Windows\SYSWOW64\mfds.dll
2012-10-31 03:55:29 ----A---- C:\Windows\SYSWOW64\framedynos.dll
2012-10-31 03:55:29 ----A---- C:\Windows\system32\WinSATAPI.dll
2012-10-31 03:55:29 ----A---- C:\Windows\system32\vmicsvc.exe
2012-10-31 03:55:29 ----A---- C:\Windows\system32\tscfgwmi.dll
2012-10-31 03:55:29 ----A---- C:\Windows\system32\stobject.dll
2012-10-31 03:55:29 ----A---- C:\Windows\system32\srvsvc.dll
2012-10-31 03:55:29 ----A---- C:\Windows\system32\shsvcs.dll
2012-10-31 03:55:29 ----A---- C:\Windows\system32\rdpinit.exe
2012-10-31 03:55:29 ----A---- C:\Windows\system32\mfreadwrite.dll
2012-10-31 03:55:29 ----A---- C:\Windows\system32\imapi2.dll
2012-10-31 03:55:29 ----A---- C:\Windows\system32\fde.dll
2012-10-31 03:55:29 ----A---- C:\Windows\system32\aeinv.dll
2012-10-31 03:55:28 ----A---- C:\Windows\SYSWOW64\user32.dll
2012-10-31 03:55:28 ----A---- C:\Windows\SYSWOW64\rdpendp.dll
2012-10-31 03:55:28 ----A---- C:\Windows\system32\tcpipcfg.dll
2012-10-31 03:55:28 ----A---- C:\Windows\system32\QSHVHOST.DLL
2012-10-31 03:55:28 ----A---- C:\Windows\system32\netid.dll
2012-10-31 03:55:28 ----A---- C:\Windows\system32\netdiagfx.dll
2012-10-31 03:55:28 ----A---- C:\Windows\system32\localsec.dll
2012-10-31 03:55:28 ----A---- C:\Windows\system32\inetpp.dll
2012-10-31 03:55:28 ----A---- C:\Windows\system32\drivers\vmbus.sys
2012-10-31 03:55:28 ----A---- C:\Windows\system32\drivers\udfs.sys
2012-10-31 03:55:28 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2012-10-31 03:55:28 ----A---- C:\Windows\system32\davclnt.dll
2012-10-31 03:55:28 ----A---- C:\Windows\system32\credui.dll
2012-10-31 03:55:28 ----A---- C:\Windows\system32\cdd.dll
2012-10-31 03:55:28 ----A---- C:\Windows\system32\bcryptprimitives.dll
2012-10-31 03:55:27 ----A---- C:\Windows\SYSWOW64\themeui.dll
2012-10-31 03:55:27 ----A---- C:\Windows\SYSWOW64\azroles.dll
2012-10-31 03:55:27 ----A---- C:\Windows\SYSWOW64\appmgr.dll
2012-10-31 03:55:27 ----A---- C:\Windows\system32\spp.dll
2012-10-31 03:55:27 ----A---- C:\Windows\system32\scansetting.dll
2012-10-31 03:55:27 ----A---- C:\Windows\system32\printui.dll
2012-10-31 03:55:27 ----A---- C:\Windows\system32\mspbda.dll
2012-10-31 03:55:27 ----A---- C:\Windows\system32\msinfo32.exe
2012-10-31 03:55:27 ----A---- C:\Windows\system32\gameux.dll
2012-10-31 03:55:27 ----A---- C:\Windows\system32\cscui.dll
2012-10-31 03:55:27 ----A---- C:\Windows\system32\biocpl.dll
2012-10-31 03:55:26 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2012-10-31 03:55:26 ----A---- C:\Windows\SYSWOW64\spp.dll
2012-10-31 03:55:26 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2012-10-31 03:55:26 ----A---- C:\Windows\SYSWOW64\dhcpcore.dll
2012-10-31 03:55:26 ----A---- C:\Windows\SYSWOW64\credui.dll
2012-10-31 03:55:26 ----A---- C:\Windows\SYSWOW64\basecsp.dll
2012-10-31 03:55:26 ----A---- C:\Windows\system32\wusa.exe
2012-10-31 03:55:26 ----A---- C:\Windows\system32\wiaservc.dll
2012-10-31 03:55:26 ----A---- C:\Windows\system32\vds.exe
2012-10-31 03:55:26 ----A---- C:\Windows\system32\rpchttp.dll
2012-10-31 03:55:26 ----A---- C:\Windows\system32\pla.dll
2012-10-31 03:55:26 ----A---- C:\Windows\system32\PhotoScreensaver.scr
2012-10-31 03:55:26 ----A---- C:\Windows\system32\msdri.dll
2012-10-31 03:55:26 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2012-10-31 03:55:26 ----A---- C:\Windows\system32\drivers\pci.sys
2012-10-31 03:55:26 ----A---- C:\Windows\system32\aitagent.exe
2012-10-31 03:55:26 ----A---- C:\Windows\system32\AdmTmpl.dll
2012-10-31 03:55:25 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2012-10-31 03:55:25 ----A---- C:\Windows\SYSWOW64\NaturalLanguage6.dll
2012-10-31 03:55:25 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2012-10-31 03:55:25 ----A---- C:\Windows\SYSWOW64\evr.dll
2012-10-31 03:55:25 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2012-10-31 03:55:25 ----A---- C:\Windows\SYSWOW64\dbghelp.dll
2012-10-31 03:55:25 ----A---- C:\Windows\system32\XpsRasterService.dll
2012-10-31 03:55:25 ----A---- C:\Windows\system32\wisptis.exe
2012-10-31 03:55:25 ----A---- C:\Windows\system32\PkgMgr.exe
2012-10-31 03:55:25 ----A---- C:\Windows\system32\ocsetup.exe
2012-10-31 03:55:25 ----A---- C:\Windows\system32\mscms.dll
2012-10-31 03:55:25 ----A---- C:\Windows\system32\FirewallControlPanel.dll
2012-10-31 03:55:25 ----A---- C:\Windows\system32\drivers\rasl2tp.sys
2012-10-31 03:55:25 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2012-10-31 03:55:24 ----A---- C:\Windows\SYSWOW64\WinSATAPI.dll
2012-10-31 03:55:24 ----A---- C:\Windows\SYSWOW64\sqlsrv32.dll
2012-10-31 03:55:24 ----A---- C:\Windows\SYSWOW64\calc.exe
2012-10-31 03:55:24 ----A---- C:\Windows\system32\wpdbusenum.dll
2012-10-31 03:55:24 ----A---- C:\Windows\system32\sppwinob.dll
2012-10-31 03:55:24 ----A---- C:\Windows\system32\ocsetapi.dll
2012-10-31 03:55:24 ----A---- C:\Windows\system32\eapp3hst.dll
2012-10-31 03:55:24 ----A---- C:\Windows\system32\DXP.dll
2012-10-31 03:55:24 ----A---- C:\Windows\system32\drivers\volmgr.sys
2012-10-31 03:55:24 ----A---- C:\Windows\system32\ci.dll
2012-10-31 03:55:23 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2012-10-31 03:55:23 ----A---- C:\Windows\SYSWOW64\UIRibbon.dll
2012-10-31 03:55:23 ----A---- C:\Windows\SYSWOW64\sxs.dll
2012-10-31 03:55:23 ----A---- C:\Windows\SYSWOW64\stobject.dll
2012-10-31 03:55:23 ----A---- C:\Windows\SYSWOW64\netshell.dll
2012-10-31 03:55:23 ----A---- C:\Windows\system32\wcncsvc.dll
2012-10-31 03:55:23 ----A---- C:\Windows\system32\upnp.dll
2012-10-31 03:55:23 ----A---- C:\Windows\system32\thumbcache.dll
2012-10-31 03:55:23 ----A---- C:\Windows\system32\t2embed.dll
2012-10-31 03:55:23 ----A---- C:\Windows\system32\Robocopy.exe
2012-10-31 03:55:23 ----A---- C:\Windows\system32\mprapi.dll
2012-10-31 03:55:23 ----A---- C:\Windows\system32\hal.dll
2012-10-31 03:55:23 ----A---- C:\Windows\system32\eapphost.dll
2012-10-31 03:55:23 ----A---- C:\Windows\system32\drivers\msdsm.sys
2012-10-31 03:55:23 ----A---- C:\Windows\system32\drivers\HpSAMD.sys
2012-10-31 03:55:22 ----A---- C:\Windows\SYSWOW64\prncache.dll
2012-10-31 03:55:22 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2012-10-31 03:55:22 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2012-10-31 03:55:22 ----A---- C:\Windows\system32\themeui.dll
2012-10-31 03:55:22 ----A---- C:\Windows\system32\scecli.dll
2012-10-31 03:55:22 ----A---- C:\Windows\system32\puiobj.dll
2012-10-31 03:55:22 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2012-10-31 03:55:22 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2012-10-31 03:55:22 ----A---- C:\Windows\system32\msasn1.dll
2012-10-31 03:55:22 ----A---- C:\Windows\system32\iasrad.dll
2012-10-31 03:55:22 ----A---- C:\Windows\system32\DxpTaskSync.dll
2012-10-31 03:55:22 ----A---- C:\Windows\system32\dwmredir.dll
2012-10-31 03:55:22 ----A---- C:\Windows\system32\drivers\ipfltdrv.sys
2012-10-31 03:55:22 ----A---- C:\Windows\system32\drivers\fvevol.sys
2012-10-31 03:55:22 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2012-10-31 03:55:21 ----A---- C:\Windows\SYSWOW64\WSDApi.dll
2012-10-31 03:55:21 ----A---- C:\Windows\SYSWOW64\wmpeffects.dll
2012-10-31 03:55:21 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2012-10-31 03:55:21 ----A---- C:\Windows\SYSWOW64\printui.dll
2012-10-31 03:55:21 ----A---- C:\Windows\SYSWOW64\net1.exe
2012-10-31 03:55:21 ----A---- C:\Windows\system32\scrptadm.dll
2012-10-31 03:55:21 ----A---- C:\Windows\system32\onex.dll
2012-10-31 03:55:21 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2012-10-31 03:55:20 ----A---- C:\Windows\SYSWOW64\scansetting.dll
2012-10-31 03:55:20 ----A---- C:\Windows\system32\wlangpui.dll
2012-10-31 03:55:20 ----A---- C:\Windows\system32\wdc.dll
2012-10-31 03:55:20 ----A---- C:\Windows\system32\scesrv.dll
2012-10-31 03:55:20 ----A---- C:\Windows\system32\rasmans.dll
2012-10-31 03:55:20 ----A---- C:\Windows\system32\msftedit.dll
2012-10-31 03:55:19 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2012-10-31 03:55:19 ----A---- C:\Windows\SYSWOW64\WMVCORE.DLL
2012-10-31 03:55:19 ----A---- C:\Windows\SYSWOW64\wlangpui.dll
2012-10-31 03:55:19 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2012-10-31 03:55:19 ----A---- C:\Windows\SYSWOW64\QSHVHOST.DLL
2012-10-31 03:55:19 ----A---- C:\Windows\SYSWOW64\pnidui.dll
2012-10-31 03:55:19 ----A---- C:\Windows\SYSWOW64\MMDevAPI.dll
2012-10-31 03:55:19 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2012-10-31 03:55:19 ----A---- C:\Windows\system32\wscapi.dll
2012-10-31 03:55:19 ----A---- C:\Windows\system32\wiadefui.dll
2012-10-31 03:55:19 ----A---- C:\Windows\system32\VAN.dll
2012-10-31 03:55:19 ----A---- C:\Windows\system32\TabSvc.dll
2012-10-31 03:55:19 ----A---- C:\Windows\system32\StructuredQuery.dll
2012-10-31 03:55:19 ----A---- C:\Windows\system32\srchadmin.dll
2012-10-31 03:55:19 ----A---- C:\Windows\system32\SndVol.exe
2012-10-31 03:55:19 ----A---- C:\Windows\system32\sdengin2.dll
2012-10-31 03:55:19 ----A---- C:\Windows\system32\samcli.dll
2012-10-31 03:55:19 ----A---- C:\Windows\system32\regapi.dll
2012-10-31 03:55:19 ----A---- C:\Windows\system32\QUTIL.DLL
2012-10-31 03:55:19 ----A---- C:\Windows\system32\netcenter.dll
2012-10-31 03:55:19 ----A---- C:\Windows\system32\iasacct.dll
2012-10-31 03:55:19 ----A---- C:\Windows\system32\dskquoui.dll
2012-10-31 03:55:19 ----A---- C:\Windows\system32\drivers\termdd.sys
2012-10-31 03:55:19 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2012-10-31 03:55:19 ----A---- C:\Windows\system32\consent.exe
2012-10-31 03:55:18 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2012-10-31 03:55:18 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2012-10-31 03:55:18 ----A---- C:\Windows\SYSWOW64\webservices.dll
2012-10-31 03:55:18 ----A---- C:\Windows\SYSWOW64\SyncCenter.dll
2012-10-31 03:55:18 ----A---- C:\Windows\SYSWOW64\scrptadm.dll
2012-10-31 03:55:18 ----A---- C:\Windows\SYSWOW64\netdiagfx.dll
2012-10-31 03:55:18 ----A---- C:\Windows\SYSWOW64\fde.dll
2012-10-31 03:55:18 ----A---- C:\Windows\system32\taskhost.exe
2012-10-31 03:55:18 ----A---- C:\Windows\system32\setupcl.exe
2012-10-31 03:55:18 ----A---- C:\Windows\system32\rastls.dll
2012-10-31 03:55:18 ----A---- C:\Windows\system32\drivers\msahci.sys
2012-10-31 03:55:18 ----A---- C:\Windows\system32\drivers\acpi.sys
2012-10-31 03:55:17 ----A---- C:\Windows\SYSWOW64\WinSCard.dll
2012-10-31 03:55:17 ----A---- C:\Windows\SYSWOW64\pla.dll
2012-10-31 03:55:17 ----A---- C:\Windows\SYSWOW64\msasn1.dll
2012-10-31 03:55:17 ----A---- C:\Windows\SYSWOW64\cscobj.dll
2012-10-31 03:55:17 ----A---- C:\Windows\system32\tapisrv.dll
2012-10-31 03:55:17 ----A---- C:\Windows\system32\netiohlp.dll
2012-10-31 03:55:17 ----A---- C:\Windows\system32\msconfig.exe
2012-10-31 03:55:17 ----A---- C:\Windows\system32\mimefilt.dll
2012-10-31 03:55:17 ----A---- C:\Windows\system32\ListSvc.dll
2012-10-31 03:55:17 ----A---- C:\Windows\system32\hgcpl.dll
2012-10-31 03:55:17 ----A---- C:\Windows\system32\drivers\raspptp.sys
2012-10-31 03:55:16 ----A---- C:\Windows\SYSWOW64\winsta.dll
2012-10-31 03:55:16 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2012-10-31 03:55:16 ----A---- C:\Windows\SYSWOW64\imapi2.dll
2012-10-31 03:55:16 ----A---- C:\Windows\system32\mtxclu.dll
2012-10-31 03:55:16 ----A---- C:\Windows\system32\lsmproxy.dll
2012-10-31 03:55:16 ----A---- C:\Windows\system32\fdeploy.dll
2012-10-31 03:55:16 ----A---- C:\Windows\system32\drivers\sbp2port.sys
2012-10-31 03:55:16 ----A---- C:\Windows\system32\drivers\ks.sys
2012-10-31 03:55:16 ----A---- C:\Windows\system32\clusapi.dll
2012-10-31 03:55:16 ----A---- C:\Windows\system32\basecsp.dll
2012-10-31 03:55:16 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2012-10-31 03:55:15 ----A---- C:\Windows\SYSWOW64\WMPEncEn.dll
2012-10-31 03:55:15 ----A---- C:\Windows\SYSWOW64\winmm.dll
2012-10-31 03:55:15 ----A---- C:\Windows\SYSWOW64\shsvcs.dll
2012-10-31 03:55:15 ----A---- C:\Windows\SYSWOW64\onex.dll
2012-10-31 03:55:15 ----A---- C:\Windows\SYSWOW64\gameux.dll
2012-10-31 03:55:15 ----A---- C:\Windows\SYSWOW64\DXPTaskRingtone.dll
2012-10-31 03:55:15 ----A---- C:\Windows\system32\themecpl.dll
2012-10-31 03:55:15 ----A---- C:\Windows\system32\sharemediacpl.dll
2012-10-31 03:55:15 ----A---- C:\Windows\system32\RpcRtRemote.dll
2012-10-31 03:55:15 ----A---- C:\Windows\system32\riched20.dll
2012-10-31 03:55:15 ----A---- C:\Windows\system32\powercpl.dll
2012-10-31 03:55:15 ----A---- C:\Windows\system32\nci.dll
2012-10-31 03:55:15 ----A---- C:\Windows\system32\logoncli.dll
2012-10-31 03:55:15 ----A---- C:\Windows\system32\dnscmmc.dll
2012-10-31 03:55:14 ----A---- C:\Windows\SYSWOW64\samcli.dll
2012-10-31 03:55:14 ----A---- C:\Windows\SYSWOW64\netiohlp.dll
2012-10-31 03:55:14 ----A---- C:\Windows\SYSWOW64\IPHLPAPI.DLL
2012-10-31 03:55:14 ----A---- C:\Windows\SYSWOW64\hbaapi.dll
2012-10-31 03:55:14 ----A---- C:\Windows\SYSWOW64\autochk.exe
2012-10-31 03:55:14 ----A---- C:\Windows\SYSWOW64\autofmt.exe
2012-10-31 03:55:14 ----A---- C:\Windows\system32\wkssvc.dll
2012-10-31 03:55:14 ----A---- C:\Windows\system32\vpnikeapi.dll
2012-10-31 03:55:14 ----A---- C:\Windows\system32\SensorsCpl.dll
2012-10-31 03:55:14 ----A---- C:\Windows\system32\netjoin.dll
2012-10-31 03:55:14 ----A---- C:\Windows\system32\Narrator.exe
2012-10-31 03:55:14 ----A---- C:\Windows\system32\Faultrep.dll
2012-10-31 03:55:14 ----A---- C:\Windows\system32\eudcedit.exe
2012-10-31 03:55:13 ----A---- C:\Windows\SYSWOW64\thumbcache.dll
2012-10-31 03:55:13 ----A---- C:\Windows\SYSWOW64\tcpipcfg.dll
2012-10-31 03:55:13 ----A---- C:\Windows\SYSWOW64\srchadmin.dll
2012-10-31 03:55:13 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2012-10-31 03:55:13 ----A---- C:\Windows\SYSWOW64\regapi.dll
2012-10-31 03:55:13 ----A---- C:\Windows\SYSWOW64\proquota.exe
2012-10-31 03:55:13 ----A---- C:\Windows\SYSWOW64\powercpl.dll
2012-10-31 03:55:13 ----A---- C:\Windows\SYSWOW64\msutb.dll
2012-10-31 03:55:13 ----A---- C:\Windows\SYSWOW64\msinfo32.exe
2012-10-31 03:55:13 ----A---- C:\Windows\SYSWOW64\mimefilt.dll
2012-10-31 03:55:13 ----A---- C:\Windows\SYSWOW64\ipsmsnap.dll
2012-10-31 03:55:13 ----A---- C:\Windows\SYSWOW64\framedyn.dll
2012-10-31 03:55:13 ----A---- C:\Windows\SYSWOW64\eapphost.dll
2012-10-31 03:55:13 ----A---- C:\Windows\SYSWOW64\autoconv.exe
2012-10-31 03:55:13 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2012-10-31 03:55:13 ----A---- C:\Windows\system32\wpd_ci.dll
2012-10-31 03:55:13 ----A---- C:\Windows\system32\sppcomapi.dll
2012-10-31 03:55:13 ----A---- C:\Windows\system32\shsetup.dll
2012-10-31 03:55:13 ----A---- C:\Windows\system32\sdclt.exe
2012-10-31 03:55:13 ----A---- C:\Windows\system32\nshipsec.dll
2012-10-31 03:55:13 ----A---- C:\Windows\system32\fms.dll
2012-10-31 03:55:13 ----A---- C:\Windows\system32\comctl32.dll
2012-10-31 03:55:13 ----A---- C:\Windows\system32\cabview.dll
2012-10-31 03:55:13 ----A---- C:\Windows\system32\bcdsrv.dll
2012-10-31 03:55:13 ----A---- C:\Windows\system32\autochk.exe
2012-10-31 03:55:13 ----A---- C:\Windows\system32\autofmt.exe
2012-10-31 03:55:13 ----A---- C:\Windows\system32\autoconv.exe
2012-10-31 03:55:13 ----A---- C:\Windows\system32\audiodg.exe
2012-10-31 03:55:12 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2012-10-31 03:55:12 ----A---- C:\Windows\SYSWOW64\QAGENT.DLL
2012-10-31 03:55:12 ----A---- C:\Windows\SYSWOW64\netid.dll
2012-10-31 03:55:12 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2012-10-31 03:55:12 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2012-10-31 03:55:12 ----A---- C:\Windows\SYSWOW64\AuxiliaryDisplayCpl.dll
2012-10-31 03:55:12 ----A---- C:\Windows\system32\wwanconn.dll
2012-10-31 03:55:12 ----A---- C:\Windows\system32\wlanui.dll
2012-10-31 03:55:12 ----A---- C:\Windows\system32\SmiEngine.dll
2012-10-31 03:55:12 ----A---- C:\Windows\system32\rdpsign.exe
2012-10-31 03:55:12 ----A---- C:\Windows\system32\prntvpt.dll
2012-10-31 03:55:12 ----A---- C:\Windows\system32\mscorier.dll
2012-10-31 03:55:12 ----A---- C:\Windows\system32\mprddm.dll
2012-10-31 03:55:12 ----A---- C:\Windows\system32\fontext.dll
2012-10-31 03:55:12 ----A---- C:\Windows\system32\drivers\wanarp.sys
2012-10-31 03:55:12 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2012-10-31 03:55:12 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2012-10-31 03:55:12 ----A---- C:\Windows\system32\drivers\scsiport.sys
2012-10-31 03:55:12 ----A---- C:\Windows\system32\dps.dll
2012-10-31 03:55:12 ----A---- C:\Windows\system32\Display.dll
2012-10-31 03:55:12 ----A---- C:\Windows\system32\AxInstSv.dll
2012-10-31 03:55:11 ----A---- C:\Windows\SYSWOW64\WMNetMgr.dll
2012-10-31 03:55:11 ----A---- C:\Windows\SYSWOW64\wlanpref.dll
2012-10-31 03:55:11 ----A---- C:\Windows\SYSWOW64\wdc.dll
2012-10-31 03:55:11 ----A---- C:\Windows\SYSWOW64\Vault.dll
2012-10-31 03:55:11 ----A---- C:\Windows\SYSWOW64\untfs.dll
2012-10-31 03:55:11 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2012-10-31 03:55:11 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2012-10-31 03:55:11 ----A---- C:\Windows\SYSWOW64\RpcRtRemote.dll
2012-10-31 03:55:11 ----A---- C:\Windows\SYSWOW64\Robocopy.exe
2012-10-31 03:55:11 ----A---- C:\Windows\SYSWOW64\rastls.dll
2012-10-31 03:55:11 ----A---- C:\Windows\SYSWOW64\nci.dll
2012-10-31 03:55:11 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2012-10-31 03:55:11 ----A---- C:\Windows\system32\wmpsrcwp.dll
2012-10-31 03:55:11 ----A---- C:\Windows\system32\usercpl.dll
2012-10-31 03:55:11 ----A---- C:\Windows\system32\rtutils.dll
2012-10-31 03:55:11 ----A---- C:\Windows\system32\qedit.dll
2012-10-31 03:55:11 ----A---- C:\Windows\system32\mblctr.exe
2012-10-31 03:55:11 ----A---- C:\Windows\system32\drivers\hidclass.sys
2012-10-31 03:55:11 ----A---- C:\Windows\system32\DiagCpl.dll
2012-10-31 03:55:11 ----A---- C:\Windows\system32\credssp.dll
2012-10-31 03:55:11 ----A---- C:\Windows\system32\batmeter.dll
2012-10-31 03:55:10 ----A---- C:\Windows\SYSWOW64\DxpTaskSync.dll
2012-10-31 03:55:10 ----A---- C:\Windows\system32\wpccpl.dll
2012-10-31 03:55:10 ----A---- C:\Windows\system32\sppsvc.exe
2012-10-31 03:55:10 ----A---- C:\Windows\system32\rasppp.dll
2012-10-31 03:55:10 ----A---- C:\Windows\system32\provsvc.dll
2012-10-31 03:55:10 ----A---- C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2012-10-31 03:55:10 ----A---- C:\Windows\system32\drivers\winhv.sys
2012-10-31 03:55:10 ----A---- C:\Windows\system32\bootres.dll
2012-10-31 03:55:09 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2012-10-31 03:55:09 ----A---- C:\Windows\SYSWOW64\userinit.exe
2012-10-31 03:55:09 ----A---- C:\Windows\SYSWOW64\termmgr.dll
2012-10-31 03:55:09 ----A---- C:\Windows\SYSWOW64\taskmgr.exe
2012-10-31 03:55:09 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2012-10-31 03:55:09 ----A---- C:\Windows\SYSWOW64\mtxclu.dll
2012-10-31 03:55:09 ----A---- C:\Windows\SYSWOW64\eudcedit.exe
2012-10-31 03:55:09 ----A---- C:\Windows\SYSWOW64\Display.dll
2012-10-31 03:55:09 ----A---- C:\Windows\system32\taskmgr.exe
2012-10-31 03:55:09 ----A---- C:\Windows\system32\SndVolSSO.dll
2012-10-31 03:55:09 ----A---- C:\Windows\system32\shdocvw.dll
2012-10-31 03:55:09 ----A---- C:\Windows\system32\proquota.exe
2012-10-31 03:55:09 ----A---- C:\Windows\system32\prnfldr.dll
2012-10-31 03:55:09 ----A---- C:\Windows\system32\pdh.dll
2012-10-31 03:55:09 ----A---- C:\Windows\system32\hbaapi.dll
2012-10-31 03:55:09 ----A---- C:\Windows\system32\dxdiagn.dll
2012-10-31 03:55:09 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2012-10-31 03:55:09 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2012-10-31 03:55:09 ----A---- C:\Windows\system32\drivers\hwpolicy.sys
2012-10-31 03:55:09 ----A---- C:\Windows\system32\dot3cfg.dll
2012-10-31 03:55:08 ----A---- C:\Windows\SYSWOW64\wiadefui.dll
2012-10-31 03:55:08 ----A---- C:\Windows\SYSWOW64\sppcomapi.dll
2012-10-31 03:55:08 ----A---- C:\Windows\SYSWOW64\shsetup.dll
2012-10-31 03:55:08 ----A---- C:\Windows\SYSWOW64\SensorsCpl.dll
2012-10-31 03:55:08 ----A---- C:\Windows\SYSWOW64\rasppp.dll
2012-10-31 03:55:08 ----A---- C:\Windows\SYSWOW64\logoncli.dll
2012-10-31 03:55:08 ----A---- C:\Windows\SYSWOW64\FirewallControlPanel.dll
2012-10-31 03:55:08 ----A---- C:\Windows\SYSWOW64\cabview.dll
2012-10-31 03:55:08 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2012-10-31 03:55:08 ----A---- C:\Windows\system32\userinit.exe
2012-10-31 03:55:08 ----A---- C:\Windows\system32\untfs.dll
2012-10-31 03:55:08 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2012-10-31 03:55:08 ----A---- C:\Windows\system32\drivers\ataport.sys
2012-10-31 03:55:08 ----A---- C:\Windows\system32\accessibilitycpl.dll
2012-10-31 03:55:07 ----A---- C:\Windows\SYSWOW64\themecpl.dll
2012-10-31 03:55:07 ----A---- C:\Windows\SYSWOW64\tapisrv.dll
2012-10-31 03:55:07 ----A---- C:\Windows\SYSWOW64\scecli.dll
2012-10-31 03:55:07 ----A---- C:\Windows\SYSWOW64\PhotoScreensaver.scr
2012-10-31 03:55:07 ----A---- C:\Windows\SYSWOW64\mscories.dll
2012-10-31 03:55:07 ----A---- C:\Windows\SYSWOW64\mscms.dll
2012-10-31 03:55:07 ----A---- C:\Windows\SYSWOW64\hgcpl.dll
2012-10-31 03:55:07 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2012-10-31 03:55:07 ----A---- C:\Windows\SYSWOW64\fontext.dll
2012-10-31 03:55:07 ----A---- C:\Windows\SYSWOW64\dnscmmc.dll
2012-10-31 03:55:07 ----A---- C:\Windows\system32\zipfldr.dll
2012-10-31 03:55:07 ----A---- C:\Windows\system32\sud.dll
2012-10-31 03:55:07 ----A---- C:\Windows\system32\slui.exe
2012-10-31 03:55:07 ----A---- C:\Windows\system32\msieftp.dll
2012-10-31 03:55:07 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2012-10-31 03:55:07 ----A---- C:\Windows\system32\drivers\storvsc.sys
2012-10-31 03:55:07 ----A---- C:\Windows\system32\DeviceCenter.dll
2012-10-31 03:55:07 ----A---- C:\Windows\system32\defaultlocationcpl.dll
2012-10-31 03:55:06 ----A---- C:\Windows\SYSWOW64\wlanui.dll
2012-10-31 03:55:06 ----A---- C:\Windows\SYSWOW64\VAN.dll
2012-10-31 03:55:06 ----A---- C:\Windows\SYSWOW64\usercpl.dll
2012-10-31 03:55:06 ----A---- C:\Windows\SYSWOW64\SndVolSSO.dll
2012-10-31 03:55:06 ----A---- C:\Windows\SYSWOW64\qedit.dll
2012-10-31 03:55:06 ----A---- C:\Windows\SYSWOW64\PerfCenterCPL.dll
2012-10-31 03:55:06 ----A---- C:\Windows\SYSWOW64\mprddm.dll
2012-10-31 03:55:06 ----A---- C:\Windows\SYSWOW64\localsec.dll
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu
zde je druhá část logu
2012-10-31 03:55:06 ----A---- C:\Windows\SYSWOW64\iasacct.dll
2012-10-31 03:55:06 ----A---- C:\Windows\SYSWOW64\batmeter.dll
2012-10-31 03:55:06 ----A---- C:\Windows\system32\twext.dll
2012-10-31 03:55:06 ----A---- C:\Windows\system32\taskbarcpl.dll
2012-10-31 03:55:06 ----A---- C:\Windows\system32\OnLineIDCpl.dll
2012-10-31 03:55:06 ----A---- C:\Windows\system32\networkmap.dll
2012-10-31 03:55:06 ----A---- C:\Windows\system32\dot3svc.dll
2012-10-31 03:55:06 ----A---- C:\Windows\system32\cryptui.dll
2012-10-31 03:55:06 ----A---- C:\Windows\system32\ActionCenter.dll
2012-10-31 03:55:05 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2012-10-31 03:55:05 ----A---- C:\Windows\SYSWOW64\w32tm.exe
2012-10-31 03:55:05 ----A---- C:\Windows\SYSWOW64\spwizeng.dll
2012-10-31 03:55:05 ----A---- C:\Windows\SYSWOW64\SndVol.exe
2012-10-31 03:55:05 ----A---- C:\Windows\SYSWOW64\prntvpt.dll
2012-10-31 03:55:05 ----A---- C:\Windows\SYSWOW64\netcenter.dll
2012-10-31 03:55:05 ----A---- C:\Windows\SYSWOW64\MSAC3ENC.DLL
2012-10-31 03:55:05 ----A---- C:\Windows\SYSWOW64\fdeploy.dll
2012-10-31 03:55:05 ----A---- C:\Windows\SYSWOW64\azroleui.dll
2012-10-31 03:55:05 ----A---- C:\Windows\SYSWOW64\accessibilitycpl.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\uxlib.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\tzutil.exe
2012-10-31 03:55:05 ----A---- C:\Windows\system32\systemcpl.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\syncui.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\sisbkup.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\shwebsvc.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\sdcpl.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\recovery.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\recdisc.exe
2012-10-31 03:55:05 ----A---- C:\Windows\system32\OobeFldr.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\netplwiz.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\isoburn.exe
2012-10-31 03:55:05 ----A---- C:\Windows\system32\httpapi.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\efscore.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\dsuiext.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\drivers\mpio.sys
2012-10-31 03:55:05 ----A---- C:\Windows\system32\cca.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\bcdedit.exe
2012-10-31 03:55:05 ----A---- C:\Windows\system32\azroleui.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\autoplay.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\asycfilt.dll
2012-10-31 03:55:04 ----A---- C:\Windows\SYSWOW64\wusa.exe
2012-10-31 03:55:04 ----A---- C:\Windows\SYSWOW64\prnfldr.dll
2012-10-31 03:55:04 ----A---- C:\Windows\SYSWOW64\OnLineIDCpl.dll
2012-10-31 03:55:04 ----A---- C:\Windows\SYSWOW64\networkmap.dll
2012-10-31 03:55:04 ----A---- C:\Windows\SYSWOW64\netjoin.dll
2012-10-31 03:55:04 ----A---- C:\Windows\SYSWOW64\MCEWMDRMNDBootstrap.dll
2012-10-31 03:55:04 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2012-10-31 03:55:04 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2012-10-31 03:55:04 ----A---- C:\Windows\SYSWOW64\adsldp.dll
2012-10-31 03:55:04 ----A---- C:\Windows\SYSWOW64\ActionCenter.dll
2012-10-31 03:55:04 ----A---- C:\Windows\system32\wlanmsm.dll
2012-10-31 03:55:04 ----A---- C:\Windows\system32\sysclass.dll
2012-10-31 03:55:04 ----A---- C:\Windows\system32\spwizeng.dll
2012-10-31 03:55:04 ----A---- C:\Windows\system32\sdrsvc.dll
2012-10-31 03:55:04 ----A---- C:\Windows\system32\ncryptui.dll
2012-10-31 03:55:04 ----A---- C:\Windows\system32\msvidc32.dll
2012-10-31 03:55:04 ----A---- C:\Windows\system32\MFPlay.dll
2012-10-31 03:55:04 ----A---- C:\Windows\system32\fvecpl.dll
2012-10-31 03:55:04 ----A---- C:\Windows\system32\drivers\rdpdr.sys
2012-10-31 03:55:04 ----A---- C:\Windows\system32\certcli.dll
2012-10-31 03:55:04 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2012-10-31 03:55:04 ----A---- C:\Windows\system32\appinfo.dll
2012-10-31 03:55:04 ----A---- C:\Windows\system32\ActionCenterCPL.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\syncui.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\sud.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\sisbkup.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\shwebsvc.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\photowiz.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\MediaMetadataHandler.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\iprtrmgr.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\ifsutil.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\iasrad.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\ftp.exe
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\efscore.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\dot3cfg.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\defaultlocationcpl.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\credssp.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\autoplay.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\ActionCenterCPL.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\wwanprotdim.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\vdsutil.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\UserAccountControlSettings.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\termmgr.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\ssText3d.scr
2012-10-31 03:55:03 ----A---- C:\Windows\system32\sqlcese30.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\sethc.exe
2012-10-31 03:55:03 ----A---- C:\Windows\system32\ReAgent.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\rdpd3d.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\ntlanman.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\msscp.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\iyuv_32.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\iTVData.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\iprtrmgr.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\drivers\vmstorfl.sys
2012-10-31 03:55:03 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2012-10-31 03:55:02 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2012-10-31 03:55:02 ----A---- C:\Windows\SYSWOW64\systemcpl.dll
2012-10-31 03:55:02 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2012-10-31 03:55:02 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2012-10-31 03:55:02 ----A---- C:\Windows\SYSWOW64\OobeFldr.dll
2012-10-31 03:55:02 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2012-10-31 03:55:02 ----A---- C:\Windows\SYSWOW64\ntlanman.dll
2012-10-31 03:55:02 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2012-10-31 03:55:02 ----A---- C:\Windows\SYSWOW64\dskquoui.dll
2012-10-31 03:55:02 ----A---- C:\Windows\SYSWOW64\DeviceCenter.dll
2012-10-31 03:55:02 ----A---- C:\Windows\system32\wmdrmsdk.dll
2012-10-31 03:55:02 ----A---- C:\Windows\system32\wavemsp.dll
2012-10-31 03:55:02 ----A---- C:\Windows\system32\srvcli.dll
2012-10-31 03:55:02 ----A---- C:\Windows\system32\slwga.dll
2012-10-31 03:55:02 ----A---- C:\Windows\system32\ntprint.dll
2012-10-31 03:55:02 ----A---- C:\Windows\system32\nslookup.exe
2012-10-31 03:55:02 ----A---- C:\Windows\system32\NAPHLPR.DLL
2012-10-31 03:55:02 ----A---- C:\Windows\system32\msiexec.exe
2012-10-31 03:55:02 ----A---- C:\Windows\system32\drmmgrtn.dll
2012-10-31 03:55:02 ----A---- C:\Windows\system32\DevicePairingFolder.dll
2012-10-31 03:55:02 ----A---- C:\Windows\system32\acppage.dll
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\wmpsrcwp.dll
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\wavemsp.dll
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\sethc.exe
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\riched20.dll
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\nshipsec.dll
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\netplwiz.dll
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\NAPHLPR.DLL
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\migisol.dll
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\isoburn.exe
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\httpapi.dll
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\fms.dll
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\dpx.dll
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\activeds.dll
2012-10-31 03:55:01 ----A---- C:\Windows\system32\wkscli.dll
2012-10-31 03:55:01 ----A---- C:\Windows\system32\TSpkg.dll
2012-10-31 03:55:01 ----A---- C:\Windows\system32\srrstr.dll
2012-10-31 03:55:01 ----A---- C:\Windows\system32\sppnp.dll
2012-10-31 03:55:01 ----A---- C:\Windows\system32\remotepg.dll
2012-10-31 03:55:01 ----A---- C:\Windows\system32\PresentationSettings.exe
2012-10-31 03:55:01 ----A---- C:\Windows\system32\networkexplorer.dll
2012-10-31 03:55:01 ----A---- C:\Windows\system32\dfrgui.exe
2012-10-31 03:55:01 ----A---- C:\Windows\system32\certprop.dll
2012-10-31 03:55:01 ----A---- C:\Windows\system32\cabinet.dll
2012-10-31 03:55:01 ----A---- C:\Windows\system32\bcdboot.exe
2012-10-31 03:55:00 ----A---- C:\Windows\SYSWOW64\wvc.dll
2012-10-31 03:55:00 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2012-10-31 03:55:00 ----A---- C:\Windows\SYSWOW64\wtsapi32.dll
2012-10-31 03:55:00 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2012-10-31 03:55:00 ----A---- C:\Windows\SYSWOW64\tzutil.exe
2012-10-31 03:55:00 ----A---- C:\Windows\SYSWOW64\ReAgent.dll
2012-10-31 03:55:00 ----A---- C:\Windows\SYSWOW64\provsvc.dll
2012-10-31 03:55:00 ----A---- C:\Windows\SYSWOW64\ocsetup.exe
2012-10-31 03:55:00 ----A---- C:\Windows\SYSWOW64\dsuiext.dll
2012-10-31 03:55:00 ----A---- C:\Windows\SYSWOW64\dot3ui.dll
2012-10-31 03:55:00 ----A---- C:\Windows\SYSWOW64\dfrgui.exe
2012-10-31 03:55:00 ----A---- C:\Windows\system32\wvc.dll
2012-10-31 03:55:00 ----A---- C:\Windows\system32\wsqmcons.exe
2012-10-31 03:55:00 ----A---- C:\Windows\system32\wsnmp32.dll
2012-10-31 03:55:00 ----A---- C:\Windows\system32\wmpdxm.dll
2012-10-31 03:55:00 ----A---- C:\Windows\system32\wmdrmdev.dll
2012-10-31 03:55:00 ----A---- C:\Windows\system32\WinSCard.dll
2012-10-31 03:55:00 ----A---- C:\Windows\system32\WerFaultSecure.exe
2012-10-31 03:55:00 ----A---- C:\Windows\system32\net1.exe
2012-10-31 03:55:00 ----A---- C:\Windows\system32\ftp.exe
2012-10-31 03:55:00 ----A---- C:\Windows\system32\blackbox.dll
2012-10-31 03:54:59 ----A---- C:\Windows\SYSWOW64\wimgapi.dll
2012-10-31 03:54:59 ----A---- C:\Windows\SYSWOW64\twext.dll
2012-10-31 03:54:59 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2012-10-31 03:54:59 ----A---- C:\Windows\SYSWOW64\PkgMgr.exe
2012-10-31 03:54:59 ----A---- C:\Windows\SYSWOW64\mstask.dll
2012-10-31 03:54:59 ----A---- C:\Windows\SYSWOW64\AdmTmpl.dll
2012-10-31 03:54:59 ----A---- C:\Windows\system32\OpcServices.dll
2012-10-31 03:54:59 ----A---- C:\Windows\system32\msyuv.dll
2012-10-31 03:54:59 ----A---- C:\Windows\system32\mfps.dll
2012-10-31 03:54:59 ----A---- C:\Windows\system32\mapistub.dll
2012-10-31 03:54:59 ----A---- C:\Windows\system32\mapi32.dll
2012-10-31 03:54:59 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2012-10-31 03:54:59 ----A---- C:\Windows\system32\Bubbles.scr
2012-10-31 03:54:58 ----A---- C:\Windows\twain_32.dll
2012-10-31 03:54:58 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2012-10-31 03:54:58 ----A---- C:\Windows\SYSWOW64\uxlib.dll
2012-10-31 03:54:58 ----A---- C:\Windows\SYSWOW64\ssText3d.scr
2012-10-31 03:54:58 ----A---- C:\Windows\SYSWOW64\slwga.dll
2012-10-31 03:54:58 ----A---- C:\Windows\SYSWOW64\setupugc.exe
2012-10-31 03:54:58 ----A---- C:\Windows\SYSWOW64\qcap.dll
2012-10-31 03:54:58 ----A---- C:\Windows\SYSWOW64\qasf.dll
2012-10-31 03:54:58 ----A---- C:\Windows\SYSWOW64\nslookup.exe
2012-10-31 03:54:58 ----A---- C:\Windows\SYSWOW64\msvfw32.dll
2012-10-31 03:54:58 ----A---- C:\Windows\SYSWOW64\mciavi32.dll
2012-10-31 03:54:58 ----A---- C:\Windows\SYSWOW64\audiodev.dll
2012-10-31 03:54:58 ----A---- C:\Windows\system32\unimdmat.dll
2012-10-31 03:54:58 ----A---- C:\Windows\system32\tsbyuv.dll
2012-10-31 03:54:58 ----A---- C:\Windows\system32\seclogon.dll
2012-10-31 03:54:58 ----A---- C:\Windows\system32\Ribbons.scr
2012-10-31 03:54:58 ----A---- C:\Windows\system32\Mystify.scr
2012-10-31 03:54:58 ----A---- C:\Windows\system32\muifontsetup.dll
2012-10-31 03:54:58 ----A---- C:\Windows\system32\msrle32.dll
2012-10-31 03:54:58 ----A---- C:\Windows\system32\iscsium.dll
2012-10-31 03:54:58 ----A---- C:\Windows\system32\ifsutil.dll
2012-10-31 03:54:58 ----A---- C:\Windows\system32\drivers\umbus.sys
2012-10-31 03:54:58 ----A---- C:\Windows\system32\diskraid.exe
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\WPDShServiceObj.dll
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\wimserv.exe
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\remotepg.dll
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\rdpencom.dll
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\raschap.dll
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\QUTIL.DLL
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\perfmon.exe
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\NAPCRYPT.DLL
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\msscp.dll
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\input.dll
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\diskraid.exe
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\DevicePairingFolder.dll
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\clusapi.dll
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\acppage.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\wpdwcn.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\wmpshell.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\WMADMOD.DLL
2012-10-31 03:54:57 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2012-10-31 03:54:57 ----A---- C:\Windows\system32\wiavideo.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\umb.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\tlscsp.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\syssetup.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\runonce.exe
2012-10-31 03:54:57 ----A---- C:\Windows\system32\rdpencom.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\raschap.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\qasf.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\perfmon.exe
2012-10-31 03:54:57 ----A---- C:\Windows\system32\netutils.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2012-10-31 03:54:57 ----A---- C:\Windows\system32\FXSAPI.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\dbghelp.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\AzSqlExt.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\ActionQueue.dll
2012-10-31 03:54:57 ----A---- C:\Windows\bfsvc.exe
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\wpdwcn.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\wmpdxm.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\wmdrmdev.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\vpnikeapi.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\vdsbas.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\UserAccountControlSettings.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\shacct.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\runonce.exe
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\onexui.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\ocsetapi.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\networkexplorer.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\msvidc32.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\MFPlay.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\logagent.exe
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\iTVData.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\eapp3hst.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\dxdiagn.dll
2012-10-31 03:54:56 ----A---- C:\Windows\system32\WMVSDECD.DLL
2012-10-31 03:54:56 ----A---- C:\Windows\system32\wmdrmnet.dll
2012-10-31 03:54:56 ----A---- C:\Windows\system32\vss_ps.dll
2012-10-31 03:54:56 ----A---- C:\Windows\system32\vdsbas.dll
2012-10-31 03:54:56 ----A---- C:\Windows\system32\tabcal.exe
2012-10-31 03:54:56 ----A---- C:\Windows\system32\shacct.dll
2012-10-31 03:54:56 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2012-10-31 03:54:56 ----A---- C:\Windows\system32\PrintIsolationProxy.dll
2012-10-31 03:54:56 ----A---- C:\Windows\system32\nltest.exe
2012-10-31 03:54:56 ----A---- C:\Windows\system32\mstask.dll
2012-10-31 03:54:56 ----A---- C:\Windows\system32\MdSched.exe
2012-10-31 03:54:56 ----A---- C:\Windows\system32\Mcx2Svc.dll
2012-10-31 03:54:56 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys
2012-10-31 03:54:56 ----A---- C:\Windows\system32\drivers\rmcast.sys
2012-10-31 03:54:56 ----A---- C:\Windows\system32\cscapi.dll
2012-10-31 03:54:56 ----A---- C:\Windows\system32\bitsadmin.exe
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\WPDSp.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\wmpshell.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\utildll.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\unimdmat.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\srvcli.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\sqlcese30.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\Ribbons.scr
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\rdpd3d.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\QSVRMGMT.DLL
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\PortableDeviceSyncProvider.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\PortableDeviceStatus.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\pdh.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\OpcServices.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\olethk32.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\ncryptui.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\Mystify.scr
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\mprapi.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\lsmproxy.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\logman.exe
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\iscsium.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\cscapi.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\Bubbles.scr
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\bitsadmin.exe
2012-10-31 03:54:55 ----A---- C:\Windows\system32\WPDSp.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2012-10-31 03:54:55 ----A---- C:\Windows\system32\WMPhoto.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\vmictimeprovider.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\takeown.exe
2012-10-31 03:54:55 ----A---- C:\Windows\system32\spbcd.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\secproc_ssp.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\qdv.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\qcap.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\PortableDeviceSyncProvider.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\PortableDeviceStatus.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\PnPUnattend.exe
2012-10-31 03:54:55 ----A---- C:\Windows\system32\msnetobj.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\logman.exe
2012-10-31 03:54:55 ----A---- C:\Windows\system32\fphc.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\drivers\ndisuio.sys
2012-10-31 03:54:55 ----A---- C:\Windows\system32\dot3ui.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\CscMig.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\amstream.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\wsnmp32.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\wmdrmnet.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\wiavideo.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\vfwwdm32.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\takeown.exe
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\sppinst.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\setupcln.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\qdv.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\QCLIPROV.DLL
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\pdhui.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\MuiUnattend.exe
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\msyuv.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\msrle32.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\iyuv_32.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\fphc.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\EhStorAPI.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\dot3msm.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\cmstp.exe
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\cca.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\avifil32.dll
2012-10-31 03:54:54 ----A---- C:\Windows\system32\WavDest.dll
2012-10-31 03:54:54 ----A---- C:\Windows\system32\vfwwdm32.dll
2012-10-31 03:54:54 ----A---- C:\Windows\system32\shimgvw.dll
2012-10-31 03:54:54 ----A---- C:\Windows\system32\QCLIPROV.DLL
2012-10-31 03:54:54 ----A---- C:\Windows\system32\nrpsrv.dll
2012-10-31 03:54:54 ----A---- C:\Windows\system32\MultiDigiMon.exe
2012-10-31 03:54:54 ----A---- C:\Windows\system32\KMSVC.DLL
2012-10-31 03:54:54 ----A---- C:\Windows\system32\iasrecst.dll
2012-10-31 03:54:54 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2012-10-31 03:54:54 ----A---- C:\Windows\system32\fdProxy.dll
2012-10-31 03:54:54 ----A---- C:\Windows\system32\EhStorAPI.dll
2012-10-31 03:54:54 ----A---- C:\Windows\system32\drivers\pacer.sys
2012-10-31 03:54:54 ----A---- C:\Windows\system32\djoin.exe
2012-10-31 03:54:54 ----A---- C:\Windows\system32\cmstp.exe
2012-10-31 03:54:54 ----A---- C:\Windows\system32\CertPolEng.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\wmpps.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\wkscli.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\WerFaultSecure.exe
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\tsbyuv.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\tlscsp.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\syssetup.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\spbcd.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\resutils.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\relog.exe
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\ReAgentc.exe
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\rastapi.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\netutils.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\netiougc.exe
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\mydocs.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\muifontsetup.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\mobsync.exe
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\mciqtz32.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\itircl.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\iscsicli.exe
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\iasrecst.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\findstr.exe
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\eappgnui.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\diskpart.exe
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\CertPolEng.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\cabinet.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\AzSqlExt.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\amstream.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\wdiasqmmodule.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\sscore.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\sppc.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\schedcli.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2012-10-31 03:54:53 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2012-10-31 03:54:53 ----A---- C:\Windows\system32\repair-bde.exe
2012-10-31 03:54:53 ----A---- C:\Windows\system32\relog.exe
2012-10-31 03:54:53 ----A---- C:\Windows\system32\qprocess.exe
2012-10-31 03:54:53 ----A---- C:\Windows\system32\onexui.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\mydocs.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\msdmo.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\mobsync.exe
2012-10-31 03:54:53 ----A---- C:\Windows\system32\mciqtz32.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\manage-bde.exe
2012-10-31 03:54:53 ----A---- C:\Windows\system32\luainstall.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\itircl.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\iscsicli.exe
2012-10-31 03:54:53 ----A---- C:\Windows\system32\inetmib1.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\choice.exe
2012-10-31 03:54:53 ----A---- C:\Windows\system32\chglogon.exe
2012-10-31 03:54:53 ----A---- C:\Windows\system32\FXSTIFF.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\findstr.exe
2012-10-31 03:54:53 ----A---- C:\Windows\system32\eappgnui.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\drivers\tunnel.sys
2012-10-31 03:54:53 ----A---- C:\Windows\system32\drivers\dfsc.sys
2012-10-31 03:54:53 ----A---- C:\Windows\system32\dot3msm.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\diskpart.exe
2012-10-31 03:54:53 ----A---- C:\Windows\system32\BWUnpairElevated.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\BdeHdCfg.exe
2012-10-31 03:54:52 ----A---- C:\Windows\SYSWOW64\unlodctr.exe
2012-10-31 03:54:52 ----A---- C:\Windows\SYSWOW64\sppc.dll
2012-10-31 03:54:52 ----A---- C:\Windows\SYSWOW64\spopk.dll
2012-10-31 03:54:52 ----A---- C:\Windows\SYSWOW64\shimgvw.dll
2012-10-31 03:54:52 ----A---- C:\Windows\SYSWOW64\rdprefdrvapi.dll
2012-10-31 03:54:52 ----A---- C:\Windows\SYSWOW64\odbcconf.dll
2012-10-31 03:54:52 ----A---- C:\Windows\SYSWOW64\msdmo.dll
2012-10-31 03:54:52 ----A---- C:\Windows\SYSWOW64\luainstall.dll
2012-10-31 03:54:52 ----A---- C:\Windows\SYSWOW64\inetmib1.dll
2012-10-31 03:54:52 ----A---- C:\Windows\system32\vmstorfltres.dll
2012-10-31 03:54:52 ----A---- C:\Windows\system32\vmicres.dll
2012-10-31 03:54:52 ----A---- C:\Windows\system32\vmbusres.dll
2012-10-31 03:54:52 ----A---- C:\Windows\system32\UIRibbonRes.dll
2012-10-31 03:54:52 ----A---- C:\Windows\system32\tskill.exe
2012-10-31 03:54:52 ----A---- C:\Windows\system32\tsdiscon.exe
2012-10-31 03:54:52 ----A---- C:\Windows\system32\tscon.exe
2012-10-31 03:54:52 ----A---- C:\Windows\system32\spopk.dll
2012-10-31 03:54:52 ----A---- C:\Windows\system32\shadow.exe
2012-10-31 03:54:52 ----A---- C:\Windows\system32\rwinsta.exe
2012-10-31 03:54:52 ----A---- C:\Windows\system32\RDPENCDD.dll
2012-10-31 03:54:52 ----A---- C:\Windows\system32\qappsrv.exe
2012-10-31 03:54:52 ----A---- C:\Windows\system32\odbcconf.dll
2012-10-31 03:54:52 ----A---- C:\Windows\system32\logoff.exe
2012-10-31 03:54:52 ----A---- C:\Windows\system32\chgusr.exe
2012-10-31 03:54:52 ----A---- C:\Windows\system32\chgport.exe
2012-10-31 03:54:52 ----A---- C:\Windows\system32\FXSMON.dll
2012-10-31 03:54:52 ----A---- C:\Windows\system32\fixmapi.exe
2012-10-31 03:54:52 ----A---- C:\Windows\system32\elsTrans.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\wups.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\wshbth.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\wsdchngr.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\UIRibbonRes.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\TRAPI.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\sscore.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\schedcli.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\shgina.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\riched32.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\perfts.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\napdsnap.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\imm32.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\elsTrans.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\dsauth.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\cscdll.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\bitsperf.dll
2012-10-31 03:54:51 ----A---- C:\Windows\system32\wshbth.dll
2012-10-31 03:54:51 ----A---- C:\Windows\system32\wsdchngr.dll
2012-10-31 03:54:51 ----A---- C:\Windows\system32\TRAPI.dll
2012-10-31 03:54:51 ----A---- C:\Windows\system32\shgina.dll
2012-10-31 03:54:51 ----A---- C:\Windows\system32\reset.exe
2012-10-31 03:54:51 ----A---- C:\Windows\system32\rdprefdrvapi.dll
2012-10-31 03:54:51 ----A---- C:\Windows\system32\query.exe
2012-10-31 03:54:51 ----A---- C:\Windows\system32\napdsnap.dll
2012-10-31 03:54:51 ----A---- C:\Windows\system32\LogonUI.exe
2012-10-31 03:54:51 ----A---- C:\Windows\system32\change.exe
2012-10-31 03:54:51 ----A---- C:\Windows\system32\FXSUNATD.exe
2012-10-31 03:54:51 ----A---- C:\Windows\system32\dsauth.dll
2012-10-31 03:54:51 ----A---- C:\Windows\system32\drivers\usbrpm.sys
2012-10-31 03:54:51 ----A---- C:\Windows\system32\drivers\tdi.sys
2012-10-31 03:54:51 ----A---- C:\Windows\system32\drivers\acpipmi.sys
2012-10-31 03:54:51 ----A---- C:\Windows\system32\cscdll.dll
2012-10-31 03:54:51 ----A---- C:\Windows\system32\bitsperf.dll
2012-10-31 03:54:50 ----A---- C:\Windows\SYSWOW64\wshirda.dll
2012-10-31 03:54:50 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2012-10-31 03:54:50 ----A---- C:\Windows\SYSWOW64\browseui.dll
2012-10-31 03:54:50 ----A---- C:\Windows\system32\wshirda.dll
2012-10-31 03:54:50 ----A---- C:\Windows\system32\VmdCoinstall.dll
2012-10-31 03:54:50 ----A---- C:\Windows\system32\vmbuspipe.dll
2012-10-31 03:54:50 ----A---- C:\Windows\system32\VmbusCoinstaller.dll
2012-10-31 03:54:50 ----A---- C:\Windows\system32\spwmp.dll
2012-10-31 03:54:50 ----A---- C:\Windows\system32\riched32.dll
2012-10-31 03:54:50 ----A---- C:\Windows\system32\rdpcfgex.dll
2012-10-31 03:54:50 ----A---- C:\Windows\system32\IcCoinstall.dll
2012-10-31 03:54:50 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2012-10-31 03:54:50 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2012-10-31 03:54:50 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2012-10-31 03:54:50 ----A---- C:\Windows\system32\drivers\hidusb.sys
2012-10-31 03:54:50 ----A---- C:\Windows\system32\drivers\CompositeBus.sys
2012-10-31 03:54:50 ----A---- C:\Windows\system32\drivers\appid.sys
2012-10-31 03:54:50 ----A---- C:\Windows\system32\C_ISCII.DLL
2012-10-31 03:54:50 ----A---- C:\Windows\system32\browseui.dll
2012-10-31 03:54:49 ----AH---- C:\Windows\system32\api-ms-win-core-ums-l1-1-0.dll
2012-10-31 03:54:49 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\SYSWOW64\shunimpl.dll
2012-10-31 03:54:49 ----A---- C:\Windows\SYSWOW64\KBDTUQ.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\SYSWOW64\KBDTUF.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\SYSWOW64\KBDSG.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\SYSWOW64\kbdlk41a.dll
2012-10-31 03:54:49 ----A---- C:\Windows\SYSWOW64\KBDGR1.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\SYSWOW64\KBDGKL.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2012-10-31 03:54:49 ----A---- C:\Windows\SYSWOW64\C_ISCII.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\system32\wmploc.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\system32\shunimpl.dll
2012-10-31 03:54:49 ----A---- C:\Windows\system32\KBDTUQ.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\system32\KBDTUF.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\system32\KBDSG.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\system32\KBDSF.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\system32\KBDPO.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\system32\KBDNEPR.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\system32\kbdlk41a.dll
2012-10-31 03:54:49 ----A---- C:\Windows\system32\KBDINTAM.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\system32\KBDINBEN.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\system32\KBDGR1.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\system32\KBDGKL.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\system32\dxmasf.dll
2012-10-31 03:54:49 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2012-10-31 03:54:49 ----A---- C:\Windows\system32\drivers\scfilter.sys
2012-10-31 03:54:49 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2012-10-31 03:54:49 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2012-10-31 03:54:49 ----A---- C:\Windows\system32\drivers\cdrom.sys
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\spwizres.dll
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\pifmgr.dll
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDUS.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDUGHR1.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDTURME.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDTAJIK.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDSF.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDPO.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDNEPR.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDMON.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDMAORI.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDLT1.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDINTEL.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDINTAM.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDINORI.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDINMAR.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDINKAN.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDINHIN.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDINBEN.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDGEO.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDCZ1.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDBULG.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDBLR.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\dpnaddr.dll
2012-10-31 03:54:48 ----A---- C:\Windows\system32\spwizres.dll
2012-10-31 03:54:48 ----A---- C:\Windows\system32\pifmgr.dll
2012-10-31 03:54:48 ----A---- C:\Windows\system32\nlsbres.dll
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDUS.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDUGHR1.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDTURME.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDTAJIK.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDMON.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDMAORI.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDLT1.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDINTEL.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDINORI.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDINMAR.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDINKAN.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDINHIN.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDGEO.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDCZ1.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDBULG.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDBLR.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDBASH.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\drivers\vms3cap.sys
2012-10-31 03:54:48 ----A---- C:\Windows\system32\drivers\VMBusHID.sys
2012-10-31 03:54:48 ----A---- C:\Windows\system32\dpnaddr.dll
2012-10-31 03:54:48 ----A---- C:\Windows\system32\BlbEvents.dll
2012-10-31 03:54:44 ----A---- C:\Windows\SYSWOW64\wdscore.dll
2012-10-31 03:54:44 ----A---- C:\Windows\system32\dpx.dll
2012-10-31 03:54:40 ----A---- C:\Windows\SYSWOW64\sqmapi.dll
2012-10-31 03:54:40 ----A---- C:\Windows\SYSWOW64\printmanagement.msc
2012-10-31 03:54:37 ----A---- C:\Windows\SYSWOW64\wbemcomn.dll
2012-10-31 03:54:05 ----A---- C:\Windows\system32\wbemcomn.dll
2012-10-31 03:54:00 ----A---- C:\Windows\system32\sqmapi.dll
2012-10-31 03:52:44 ----A---- C:\Windows\system32\esent.dll
2012-10-31 03:52:43 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2012-10-31 03:52:43 ----A---- C:\Windows\SYSWOW64\esent.dll
2012-10-31 03:52:43 ----A---- C:\Windows\system32\fsutil.exe
2012-10-31 03:52:43 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2012-10-31 03:52:43 ----A---- C:\Windows\system32\drivers\storport.sys
2012-10-31 03:52:43 ----A---- C:\Windows\system32\drivers\nvstor.sys
2012-10-31 03:52:43 ----A---- C:\Windows\system32\drivers\nvraid.sys
2012-10-31 03:52:43 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2012-10-31 03:52:43 ----A---- C:\Windows\system32\drivers\amdxata.sys
2012-10-31 03:52:43 ----A---- C:\Windows\system32\drivers\amdsata.sys
2012-10-31 03:52:40 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2012-10-31 03:52:40 ----A---- C:\Windows\system32\drivers\usbport.sys
2012-10-31 03:52:40 ----A---- C:\Windows\system32\drivers\usbohci.sys
2012-10-31 03:52:40 ----A---- C:\Windows\system32\drivers\usbhub.sys
2012-10-31 03:52:40 ----A---- C:\Windows\system32\drivers\usbehci.sys
2012-10-31 03:52:40 ----A---- C:\Windows\system32\drivers\usbd.sys
2012-10-31 03:52:40 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2012-10-31 03:52:39 ----A---- C:\Windows\system32\drivers\bthport.sys
2012-10-31 03:52:38 ----A---- C:\Windows\system32\fsquirt.exe
2012-10-31 03:52:38 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2012-10-31 01:22:02 ----D---- C:\Windows\SYSWOW64\Wat
2012-10-31 01:22:02 ----D---- C:\Windows\system32\Wat
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\wextract.exe
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\occache.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\msrating.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\msls31.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\mshta.exe
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\inseng.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\ieakui.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\ieaksie.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\ieakeng.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\icardie.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\admparse.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\wextract.exe
2012-10-31 01:02:16 ----A---- C:\Windows\system32\webcheck.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2012-10-31 01:02:16 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2012-10-31 01:02:16 ----A---- C:\Windows\system32\pngfilt.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\occache.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\msrating.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\msls31.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\mshtmler.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\mshta.exe
2012-10-31 01:02:16 ----A---- C:\Windows\system32\msfeedssync.exe
2012-10-31 01:02:16 ----A---- C:\Windows\system32\msfeedsbs.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\licmgr10.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\inseng.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\imgutil.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\iexpress.exe
2012-10-31 01:02:16 ----A---- C:\Windows\system32\iesysprep.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\iesetup.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\iernonce.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\iepeers.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\iedkcs32.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\ieapfltr.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\ieapfltr.dat
2012-10-31 01:02:16 ----A---- C:\Windows\system32\ieakui.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\ieaksie.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\ieakeng.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\IEAdvpack.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\ie4uinit.exe
2012-10-31 01:02:16 ----A---- C:\Windows\system32\icardie.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\dxtrans.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\dxtmsft.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\admparse.dll
2012-10-30 23:59:21 ----A---- C:\Windows\system32\MRT.exe
2012-10-30 23:31:52 ----A---- C:\Windows\system32\browserchoice.exe
2012-10-30 23:19:35 ----A---- C:\Windows\SYSWOW64\wmi.dll
2012-10-30 23:19:35 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2012-10-30 23:19:35 ----A---- C:\Windows\system32\wmi.dll
2012-10-30 23:19:35 ----A---- C:\Windows\system32\imagehlp.dll
2012-10-30 23:19:35 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2012-10-30 23:16:45 ----A---- C:\Windows\system32\sspicli.dll
2012-10-30 23:16:44 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-10-30 23:16:43 ----A---- C:\Windows\system32\sspisrv.dll
2012-10-30 23:16:43 ----A---- C:\Windows\system32\secur32.dll
2012-10-30 23:16:43 ----A---- C:\Windows\system32\lsass.exe
2012-10-30 23:16:41 ----A---- C:\Windows\SYSWOW64\sbe.dll
2012-10-30 23:16:41 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2012-10-30 23:16:41 ----A---- C:\Windows\system32\sbe.dll
2012-10-30 23:16:41 ----A---- C:\Windows\system32\CPFilters.dll
2012-10-30 23:16:40 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2012-10-30 23:16:40 ----A---- C:\Windows\system32\XpsPrint.dll
2012-10-30 23:15:47 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-10-30 23:15:47 ----A---- C:\Windows\system32\DWrite.dll
2012-10-30 23:15:26 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-10-30 23:15:25 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-10-30 23:15:24 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-10-30 23:15:17 ----A---- C:\Windows\system32\tquery.dll
2012-10-30 23:15:16 ----A---- C:\Windows\SYSWOW64\tquery.dll
2012-10-30 23:15:16 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2012-10-30 23:15:16 ----A---- C:\Windows\system32\SearchIndexer.exe
2012-10-30 23:15:16 ----A---- C:\Windows\system32\mssrch.dll
2012-10-30 23:15:15 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2012-10-30 23:15:15 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2012-10-30 23:15:15 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2012-10-30 23:15:15 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2012-10-30 23:15:15 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2012-10-30 23:15:15 ----A---- C:\Windows\SYSWOW64\mssph.dll
2012-10-30 23:15:15 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2012-10-30 23:15:15 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2012-10-30 23:15:15 ----A---- C:\Windows\system32\SearchFilterHost.exe
2012-10-30 23:15:15 ----A---- C:\Windows\system32\mssvp.dll
2012-10-30 23:15:15 ----A---- C:\Windows\system32\mssphtb.dll
2012-10-30 23:15:15 ----A---- C:\Windows\system32\mssph.dll
2012-10-30 23:15:15 ----A---- C:\Windows\system32\msscntrs.dll
2012-10-30 23:14:38 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2012-10-30 23:14:38 ----A---- C:\Windows\system32\ntshrui.dll
2012-10-30 23:14:37 ----A---- C:\Windows\system32\shell32.dll
2012-10-30 23:14:36 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-10-30 23:14:31 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2012-10-30 23:14:31 ----A---- C:\Windows\system32\wow64win.dll
2012-10-30 23:14:31 ----A---- C:\Windows\system32\winsrv.dll
2012-10-30 23:14:31 ----A---- C:\Windows\system32\KernelBase.dll
2012-10-30 23:14:31 ----A---- C:\Windows\system32\kernel32.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-10-30 23:14:30 ----A---- C:\Windows\SYSWOW64\wow32.dll
2012-10-30 23:14:30 ----A---- C:\Windows\SYSWOW64\user.exe
2012-10-30 23:14:30 ----A---- C:\Windows\SYSWOW64\setup16.exe
2012-10-30 23:14:30 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2012-10-30 23:14:30 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2012-10-30 23:14:30 ----A---- C:\Windows\SYSWOW64\instnm.exe
2012-10-30 23:14:30 ----A---- C:\Windows\system32\wow64cpu.dll
2012-10-30 23:14:30 ----A---- C:\Windows\system32\wow64.dll
2012-10-30 23:14:30 ----A---- C:\Windows\system32\ntvdm64.dll
2012-10-30 23:14:30 ----A---- C:\Windows\system32\conhost.exe
2012-10-30 23:14:12 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2012-10-30 23:14:12 ----A---- C:\Windows\system32\poqexec.exe
2012-10-30 23:14:08 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-10-30 23:14:07 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2012-10-30 23:14:07 ----A---- C:\Windows\system32\FntCache.dll
2012-10-30 23:14:07 ----A---- C:\Windows\system32\d2d1.dll
2012-10-30 23:13:45 ----A---- C:\Windows\system32\msxml6.dll
2012-10-30 23:13:45 ----A---- C:\Windows\system32\msxml3.dll
2012-10-30 23:13:44 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2012-10-30 23:13:44 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2012-10-30 23:13:43 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2012-10-30 23:13:43 ----A---- C:\Windows\system32\msxml3r.dll
2012-10-30 23:13:33 ----A---- C:\Windows\system32\ntdll.dll
2012-10-30 23:13:32 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2012-10-30 23:13:28 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2012-10-30 23:13:28 ----A---- C:\Windows\system32\rdpcore.dll
2012-10-30 23:13:28 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-10-30 23:13:27 ----A---- C:\Windows\system32\webio.dll
2012-10-30 23:13:26 ----A---- C:\Windows\SYSWOW64\webio.dll
2012-10-30 23:13:25 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2012-10-30 23:13:24 ----A---- C:\Windows\system32\cdosys.dll
2012-10-30 23:13:20 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-10-30 23:13:20 ----A---- C:\Windows\system32\tzres.dll
2012-10-30 23:13:12 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2012-10-30 23:13:12 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2012-10-30 23:13:12 ----A---- C:\Windows\system32\EncDec.dll
2012-10-30 23:13:12 ----A---- C:\Windows\system32\d3d10level9.dll
2012-10-30 23:13:11 ----A---- C:\Windows\system32\mfc42u.dll
2012-10-30 23:13:11 ----A---- C:\Windows\system32\mfc42.dll
2012-10-30 23:13:10 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2012-10-30 23:13:10 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2012-10-30 23:13:02 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-10-30 23:12:57 ----A---- C:\Windows\system32\drivers\srvnet.sys
2012-10-30 23:12:57 ----A---- C:\Windows\system32\drivers\srv2.sys
2012-10-30 23:12:57 ----A---- C:\Windows\system32\drivers\srv.sys
2012-10-30 23:12:44 ----A---- C:\Windows\SYSWOW64\explorer.exe
2012-10-30 23:12:44 ----A---- C:\Windows\explorer.exe
2012-10-30 23:12:34 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2012-10-30 23:12:34 ----A---- C:\Windows\system32\psisdecd.dll
2012-10-30 23:12:33 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2012-10-30 23:12:33 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2012-10-30 23:12:33 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2012-10-30 23:12:33 ----A---- C:\Windows\system32\drivers\bowser.sys
2012-10-30 23:12:30 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2012-10-30 23:12:30 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2012-10-30 23:12:30 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2012-10-30 23:12:30 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2012-10-30 23:12:30 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2012-10-30 23:12:30 ----A---- C:\Windows\system32\odbctrac.dll
2012-10-30 23:12:30 ----A---- C:\Windows\system32\odbccu32.dll
2012-10-30 23:12:30 ----A---- C:\Windows\system32\odbccr32.dll
2012-10-30 23:12:30 ----A---- C:\Windows\system32\odbccp32.dll
2012-10-30 23:12:29 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2012-10-30 23:12:29 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2012-10-30 23:12:29 ----A---- C:\Windows\system32\oleaut32.dll
2012-10-30 23:12:29 ----A---- C:\Windows\system32\oleacc.dll
2012-10-30 23:12:26 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2012-10-30 23:12:26 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2012-10-30 23:12:25 ----A---- C:\Windows\SYSWOW64\msi.dll
2012-10-30 23:12:25 ----A---- C:\Windows\system32\msi.dll
2012-10-30 23:12:24 ----A---- C:\Windows\system32\srcore.dll
2012-10-30 23:12:23 ----A---- C:\Windows\SYSWOW64\srclient.dll
2012-10-30 23:12:23 ----A---- C:\Windows\system32\rstrui.exe
2012-10-30 23:12:22 ----A---- C:\Windows\SYSWOW64\quartz.dll
2012-10-30 23:12:22 ----A---- C:\Windows\system32\quartz.dll
2012-10-30 23:12:09 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2012-10-30 23:12:09 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2012-10-30 23:12:09 ----A---- C:\Windows\system32\dnsrslvr.dll
2012-10-30 23:12:09 ----A---- C:\Windows\system32\dnscacheugc.exe
2012-10-30 23:12:09 ----A---- C:\Windows\system32\dnsapi.dll
2012-10-30 23:12:08 ----A---- C:\Windows\system32\msvcrt.dll
2012-10-30 23:12:07 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2012-10-30 23:12:06 ----A---- C:\Windows\system32\winresume.exe
2012-10-30 23:12:06 ----A---- C:\Windows\system32\winload.exe
2012-10-30 23:12:04 ----A---- C:\Windows\system32\setbcdlocale.dll
2012-10-30 23:12:04 ----A---- C:\Windows\system32\kdusb.dll
2012-10-30 23:12:04 ----A---- C:\Windows\system32\kdcom.dll
2012-10-30 23:12:04 ----A---- C:\Windows\system32\kd1394.dll
2012-10-30 23:11:59 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2012-10-30 23:11:59 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2012-10-30 23:11:59 ----A---- C:\Windows\system32\d3d10_1core.dll
2012-10-30 23:11:59 ----A---- C:\Windows\system32\d3d10_1.dll
2012-10-30 23:11:58 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2012-10-30 23:11:58 ----A---- C:\Windows\system32\kerberos.dll
2012-10-30 23:11:56 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2012-10-30 23:11:56 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2012-10-30 23:11:56 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2012-10-30 23:11:56 ----A---- C:\Windows\system32\fontsub.dll
2012-10-30 23:11:56 ----A---- C:\Windows\system32\atmlib.dll
2012-10-30 23:11:56 ----A---- C:\Windows\system32\atmfd.dll
2012-10-30 23:11:52 ----A---- C:\Windows\system32\drivers\afd.sys
2012-10-30 23:11:45 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2012-10-30 23:11:45 ----A---- C:\Windows\system32\xmllite.dll
2012-10-30 23:11:35 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2012-10-30 23:11:35 ----A---- C:\Windows\system32\win32spl.dll
2012-10-30 23:11:35 ----A---- C:\Windows\system32\spoolsv.exe
2012-10-30 23:11:35 ----A---- C:\Windows\splwow64.exe
2012-10-30 23:11:34 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-10-30 23:11:34 ----A---- C:\Windows\system32\rdpwsx.dll
2012-10-30 23:11:34 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-10-30 23:11:33 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2012-10-30 23:11:33 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2012-10-30 23:11:33 ----A---- C:\Windows\SYSWOW64\devobj.dll
2012-10-30 23:11:33 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2012-10-30 23:11:33 ----A---- C:\Windows\system32\umpnpmgr.dll
2012-10-30 23:11:33 ----A---- C:\Windows\system32\profsvc.dll
2012-10-30 23:11:33 ----A---- C:\Windows\system32\profprov.dll
2012-10-30 23:11:33 ----A---- C:\Windows\system32\cfgmgr32.dll
2012-10-30 23:11:31 ----A---- C:\Windows\system32\WFS.exe
2012-10-30 23:11:31 ----A---- C:\Windows\system32\FXSCOVER.exe
2012-10-30 23:11:31 ----A---- C:\Windows\system32\csrsrv.dll
2012-10-30 23:11:24 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2012-10-30 23:11:24 ----A---- C:\Windows\system32\wintrust.dll
2012-10-30 23:11:23 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2012-10-30 23:11:23 ----A---- C:\Windows\system32\prevhost.exe
2012-10-30 23:11:22 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2012-10-30 23:11:22 ----A---- C:\Windows\SYSWOW64\browcli.dll
2012-10-30 23:11:22 ----A---- C:\Windows\system32\netapi32.dll
2012-10-30 23:11:22 ----A---- C:\Windows\system32\browser.dll
2012-10-30 23:11:22 ----A---- C:\Windows\system32\browcli.dll
2012-10-30 23:11:21 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2012-10-30 23:11:21 ----A---- C:\Windows\system32\inetcomm.dll
2012-10-30 23:11:20 ----A---- C:\Windows\system32\localspl.dll
2012-10-30 23:11:18 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-10-30 23:11:15 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2012-10-30 23:10:43 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-10-30 23:10:43 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-10-30 23:10:43 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-10-30 23:10:43 ----A---- C:\Windows\system32\cryptsvc.dll
2012-10-30 23:10:43 ----A---- C:\Windows\system32\cryptnet.dll
2012-10-30 23:10:43 ----A---- C:\Windows\system32\crypt32.dll
2012-10-30 22:55:30 ----A---- C:\Windows\SYSWOW64\packager.dll
2012-10-30 22:55:30 ----A---- C:\Windows\system32\packager.dll
2012-10-30 22:46:08 ----A---- C:\Windows\system32\wups2.dll
2012-10-30 22:46:08 ----A---- C:\Windows\system32\wucltux.dll
2012-10-30 22:46:08 ----A---- C:\Windows\system32\wuauclt.exe
2012-10-30 22:46:07 ----A---- C:\Windows\system32\wuaueng.dll
2012-10-30 22:46:02 ----A---- C:\Windows\system32\wups.dll
2012-10-30 22:46:02 ----A---- C:\Windows\system32\wudriver.dll
2012-10-30 22:46:02 ----A---- C:\Windows\system32\wuapi.dll
2012-10-30 22:45:58 ----A---- C:\Windows\system32\wuwebv.dll
2012-10-30 22:45:58 ----A---- C:\Windows\system32\wuapp.exe
2012-10-30 22:42:47 ----D---- C:\Users\Jara\AppData\Roaming\vlc
2012-10-30 22:42:32 ----D---- C:\Program Files (x86)\VideoLAN
2012-10-30 22:33:56 ----D---- C:\ProgramData\FLEXnet
2012-10-30 22:28:05 ----D---- C:\ProgramData\Adobe
2012-10-30 22:28:05 ----D---- C:\Program Files (x86)\Adobe
2012-10-30 20:49:12 ----D---- C:\Program Files (x86)\Microsoft Works
2012-10-30 20:48:22 ----D---- C:\Windows\PCHEALTH
2012-10-30 20:48:22 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-10-30 20:44:51 ----D---- C:\Program Files\Microsoft Office
2012-10-30 20:44:45 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2012-10-30 20:44:15 ----D---- C:\ProgramData\Microsoft Help
2012-10-30 20:44:15 ----D---- C:\Program Files (x86)\Microsoft Office
2012-10-30 20:43:56 ----RHD---- C:\MSOCache
2012-10-30 20:35:56 ----D---- C:\Program Files\WinRAR
2012-10-30 20:31:04 ----D---- C:\ProgramData\IObit
2012-10-30 20:30:51 ----D---- C:\Users\Jara\AppData\Roaming\IObit
2012-10-30 20:30:46 ----D---- C:\Program Files (x86)\IObit
2012-10-30 20:18:11 ----D---- C:\Users\Jara\AppData\Roaming\Macromedia
2012-10-30 20:18:11 ----D---- C:\Users\Jara\AppData\Roaming\Adobe
2012-10-30 20:17:45 ----D---- C:\Windows\SYSWOW64\Macromed
2012-10-30 20:17:45 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-10-30 20:17:43 ----D---- C:\Windows\system32\Macromed
2012-10-30 20:12:14 ----D---- C:\Program Files (x86)\ASUS
2012-10-30 20:11:45 ----SHD---- C:\Windows\Installer
2012-10-30 19:52:51 ----N---- C:\Windows\system32\MpSigStub.exe
2012-10-30 19:49:19 ----D---- C:\Users\Jara\AppData\Roaming\Opera
2012-10-30 19:49:16 ----D---- C:\Program Files (x86)\Opera
2012-10-30 19:37:23 ----D---- C:\Users\Jara\AppData\Roaming\Identities
2012-10-30 19:37:09 ----SD---- C:\Users\Jara\AppData\Roaming\Microsoft
2012-10-30 19:37:09 ----D---- C:\Users\Jara\AppData\Roaming\Media Center Programs
2012-10-30 19:36:56 ----SHD---- C:\Recovery
2012-10-30 19:36:56 ----SHD---- C:\ProgramData\Šablony
2012-10-30 19:36:56 ----SHD---- C:\ProgramData\Plocha
2012-10-30 19:36:56 ----SHD---- C:\ProgramData\Oblíbené položky
2012-10-30 19:36:56 ----SHD---- C:\ProgramData\Nabídka Start
2012-10-30 19:36:56 ----SHD---- C:\ProgramData\Dokumenty
2012-10-30 19:36:56 ----SHD---- C:\ProgramData\Data aplikací
2012-10-30 19:31:29 ----D---- C:\Windows\SoftwareDistribution
2012-10-30 19:29:02 ----D---- C:\Windows\Prefetch
2012-10-30 19:28:47 ----ASH---- C:\pagefile.sys
2012-10-30 19:28:47 ----ASH---- C:\hiberfil.sys
2012-10-30 19:28:46 ----SHD---- C:\System Volume Information
2012-10-30 19:27:57 ----D---- C:\Windows\Panther
2012-10-30 19:27:44 ----RASH---- C:\BOOTSECT.BAK
2012-10-30 19:27:43 ----SHD---- C:\Boot
2012-10-30 19:25:42 ----D---- C:\Windows\system32\oem
======List of files/folders modified in the last 1 month======
2012-11-29 04:01:35 ----D---- C:\Windows\Temp
2012-11-29 04:00:37 ----D---- C:\Windows\winsxs
2012-11-29 04:00:33 ----D---- C:\Windows\AppPatch
2012-11-29 04:00:30 ----D---- C:\Windows\system32\catroot
2012-11-29 04:00:29 ----D---- C:\Windows\system32\catroot2
2012-11-29 03:58:27 ----D---- C:\Windows\system32\config
2012-11-29 03:39:54 ----RD---- C:\Program Files
2012-11-29 02:24:49 ----D---- C:\Windows\System32
2012-11-29 02:24:49 ----D---- C:\Windows\inf
2012-11-29 02:24:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-28 14:48:38 ----HD---- C:\ProgramData
2012-11-28 13:56:24 ----RD---- C:\Program Files (x86)
2012-11-25 14:21:49 ----D---- C:\Windows
2012-11-25 10:38:53 ----D---- C:\Windows\SysWOW64
2012-11-25 04:17:30 ----D---- C:\Windows\SYSWOW64\drivers
2012-11-25 04:16:01 ----D---- C:\Windows\system32\drivers
2012-11-20 13:23:50 ----D---- C:\Windows\Tasks
2012-11-19 11:10:24 ----RSD---- C:\Windows\Fonts
2012-11-19 11:10:11 ----D---- C:\Program Files (x86)\Common Files
2012-11-19 11:09:59 ----D---- C:\Program Files (x86)\MSBuild
2012-11-19 11:09:41 ----D---- C:\Windows\ShellNew
2012-11-19 11:06:33 ----A---- C:\Windows\win.ini
2012-11-17 21:37:20 ----D---- C:\Windows\system32\wbem
2012-11-17 21:36:30 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-11-17 21:36:26 ----D---- C:\Windows\system32\DriverStore
2012-11-17 21:36:26 ----D---- C:\Windows\system32\drivers\etc
2012-11-17 21:36:25 ----D---- C:\Windows\registration
2012-11-17 21:26:23 ----D---- C:\Windows\debug
2012-11-17 20:34:14 ----D---- C:\Windows\system32\Tasks
2012-11-17 20:33:57 ----D---- C:\Program Files\Common Files
2012-11-14 07:36:52 ----D---- C:\Windows\rescache
2012-11-14 07:14:28 ----D---- C:\Windows\Microsoft.NET
2012-11-14 07:14:27 ----RSD---- C:\Windows\assembly
2012-11-14 04:16:45 ----D---- C:\Windows\SYSWOW64\migration
2012-11-14 04:16:45 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-11-14 04:16:45 ----D---- C:\Windows\system32\migration
2012-11-14 04:16:45 ----D---- C:\Windows\system32\drivers\cs-CZ
2012-11-14 04:16:45 ----D---- C:\Windows\system32\cs-CZ
2012-11-14 04:16:45 ----D---- C:\Windows\PolicyDefinitions
2012-11-14 04:16:45 ----D---- C:\Program Files (x86)\Internet Explorer
2012-11-14 04:16:44 ----D---- C:\Program Files\Internet Explorer
2012-11-12 08:12:46 ----D---- C:\Windows\Logs
2012-11-06 03:48:55 ----D---- C:\Windows\system32\wdi
2012-11-02 14:57:27 ----D---- C:\Windows\system32\drivers\UMDF
2012-11-02 04:45:14 ----D---- C:\Windows\system32\NDF
2012-11-01 22:59:44 ----D---- C:\Windows\system32\zh-TW
2012-11-01 22:59:44 ----D---- C:\Windows\system32\zh-CN
2012-11-01 22:59:44 ----D---- C:\Windows\system32\tr-TR
2012-11-01 22:59:44 ----D---- C:\Windows\system32\sv-SE
2012-11-01 22:59:44 ----D---- C:\Windows\system32\ru-RU
2012-11-01 22:59:44 ----D---- C:\Windows\system32\pt-PT
2012-11-01 22:59:44 ----D---- C:\Windows\system32\pl-PL
2012-11-01 22:59:44 ----D---- C:\Windows\system32\nl-NL
2012-11-01 22:59:44 ----D---- C:\Windows\system32\ko-KR
2012-11-01 22:59:44 ----D---- C:\Windows\system32\ja-JP
2012-11-01 22:59:44 ----D---- C:\Windows\system32\it-IT
2012-11-01 22:59:44 ----D---- C:\Windows\system32\hu-HU
2012-11-01 22:59:44 ----D---- C:\Windows\system32\fr-FR
2012-11-01 22:59:44 ----D---- C:\Windows\system32\fi-FI
2012-11-01 22:59:44 ----D---- C:\Windows\system32\es-ES
2012-11-01 22:59:44 ----D---- C:\Windows\system32\en-US
2012-11-01 22:59:44 ----D---- C:\Windows\system32\el-GR
2012-11-01 22:59:44 ----D---- C:\Windows\system32\de-DE
2012-11-01 22:59:44 ----D---- C:\Windows\system32\da-DK
2012-11-01 21:17:22 ----D---- C:\Windows\system32\wfp
2012-11-01 21:17:21 ----D---- C:\Windows\system32\CodeIntegrity
2012-11-01 21:15:39 ----SD---- C:\ProgramData\Microsoft
2012-10-31 18:35:06 ----D---- C:\Windows\SYSWOW64\en-US
2012-10-31 06:49:33 ----D---- C:\Windows\SYSWOW64\wbem
2012-10-31 06:49:32 ----D---- C:\Windows\system32\drivers\en-US
2012-10-31 04:13:27 ----D---- C:\Program Files\Windows Sidebar
2012-10-31 04:13:27 ----D---- C:\Program Files\Windows Mail
2012-10-31 04:13:27 ----D---- C:\Program Files (x86)\Windows Sidebar
2012-10-31 04:13:27 ----D---- C:\Program Files (x86)\Windows Portable Devices
2012-10-31 04:13:27 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2012-10-31 04:13:27 ----D---- C:\Program Files (x86)\Windows Media Player
2012-10-31 04:13:27 ----D---- C:\Program Files (x86)\Windows Mail
2012-10-31 04:13:26 ----D---- C:\Windows\servicing
2012-10-31 04:13:26 ----D---- C:\Windows\ehome
2012-10-31 04:13:26 ----D---- C:\Program Files\Windows Portable Devices
2012-10-31 04:13:26 ----D---- C:\Program Files\Windows Photo Viewer
2012-10-31 04:13:26 ----D---- C:\Program Files\Windows Media Player
2012-10-31 04:13:26 ----D---- C:\Program Files\Windows Journal
2012-10-31 04:13:26 ----D---- C:\Program Files\Windows Defender
2012-10-31 04:13:26 ----D---- C:\Program Files\DVD Maker
2012-10-31 04:13:26 ----D---- C:\Program Files\Common Files\System
2012-10-31 04:13:24 ----SHD---- C:\Windows\BitLockerDiscoveryVolumeContents
2012-10-31 04:13:24 ----D---- C:\Windows\SYSWOW64\Setup
2012-10-31 04:13:24 ----D---- C:\Windows\SYSWOW64\oobe
2012-10-31 04:13:24 ----D---- C:\Windows\SYSWOW64\da-DK
2012-10-31 04:13:24 ----D---- C:\Windows\SYSWOW64\cs
2012-10-31 04:13:24 ----D---- C:\Windows\SYSWOW64\AdvancedInstallers
2012-10-31 04:13:22 ----D---- C:\Windows\SYSWOW64\sppui
2012-10-31 04:13:22 ----D---- C:\Windows\SYSWOW64\migwiz
2012-10-31 04:13:22 ----D---- C:\Windows\SYSWOW64\manifeststore
2012-10-31 04:13:22 ----D---- C:\Windows\SYSWOW64\es-ES
2012-10-31 04:13:22 ----D---- C:\Windows\SYSWOW64\Dism
2012-10-31 04:13:16 ----D---- C:\Windows\system32\Setup
2012-10-31 04:13:16 ----D---- C:\Windows\system32\oobe
2012-10-31 04:13:16 ----D---- C:\Windows\system32\cs
2012-10-31 04:13:16 ----D---- C:\Windows\system32\AdvancedInstallers
2012-10-31 04:13:15 ----D---- C:\Windows\system32\sppui
2012-10-31 04:13:15 ----D---- C:\Windows\system32\manifeststore
2012-10-31 04:13:14 ----D---- C:\Windows\system32\migwiz
2012-10-31 04:13:14 ----D---- C:\Windows\system32\Dism
2012-10-31 04:13:00 ----D---- C:\Windows\system32\Boot
2012-10-31 04:10:54 ----A---- C:\Windows\SYSWOW64\msclmd.dll
2012-10-31 04:10:54 ----A---- C:\Windows\system32\msclmd.dll
2012-10-30 20:27:11 ----D---- C:\Windows\system32\LogFiles
2012-10-30 19:52:37 ----D---- C:\Windows\system32\restore
2012-10-30 19:37:20 ----SHD---- C:\$Recycle.Bin
2012-10-30 19:37:07 ----RD---- C:\Users
2012-10-30 19:36:56 ----D---- C:\Windows\system32\Recovery
2012-10-30 19:36:56 ----D---- C:\Program Files\Windows NT
2012-10-30 19:31:54 ----D---- C:\Windows\system32\sysprep
2012-10-30 19:29:18 ----D---- C:\Windows\CSC
2012-10-30 19:25:42 ----D---- C:\Windows\Setup
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2012-10-05 111456]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-11-04 868848]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2012-09-04 50296]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
R3 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-01-05 21384]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-09-29 25928]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2007-08-09 13680]
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2012-07-05 33224]
R3 SiSGbeLH;SiS191/SiS190 – ovladač NDIS 6.0 zařízení sítě Ethernet; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2012-07-05 21904]
S3 ar4u4ul9;ar4u4ul9; C:\Windows\system32\drivers\ar4u4ul9.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 tsusbhub;tsusbhub; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2012-11-02 1340976]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-06 5814392]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
R3 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-09 821592]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
S3 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-31 464256]
S3 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-10-30 651720]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-11-24 115168]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-10-30 1255736]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
-----------------EOF-----------------
2012-10-31 03:55:06 ----A---- C:\Windows\SYSWOW64\iasacct.dll
2012-10-31 03:55:06 ----A---- C:\Windows\SYSWOW64\batmeter.dll
2012-10-31 03:55:06 ----A---- C:\Windows\system32\twext.dll
2012-10-31 03:55:06 ----A---- C:\Windows\system32\taskbarcpl.dll
2012-10-31 03:55:06 ----A---- C:\Windows\system32\OnLineIDCpl.dll
2012-10-31 03:55:06 ----A---- C:\Windows\system32\networkmap.dll
2012-10-31 03:55:06 ----A---- C:\Windows\system32\dot3svc.dll
2012-10-31 03:55:06 ----A---- C:\Windows\system32\cryptui.dll
2012-10-31 03:55:06 ----A---- C:\Windows\system32\ActionCenter.dll
2012-10-31 03:55:05 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2012-10-31 03:55:05 ----A---- C:\Windows\SYSWOW64\w32tm.exe
2012-10-31 03:55:05 ----A---- C:\Windows\SYSWOW64\spwizeng.dll
2012-10-31 03:55:05 ----A---- C:\Windows\SYSWOW64\SndVol.exe
2012-10-31 03:55:05 ----A---- C:\Windows\SYSWOW64\prntvpt.dll
2012-10-31 03:55:05 ----A---- C:\Windows\SYSWOW64\netcenter.dll
2012-10-31 03:55:05 ----A---- C:\Windows\SYSWOW64\MSAC3ENC.DLL
2012-10-31 03:55:05 ----A---- C:\Windows\SYSWOW64\fdeploy.dll
2012-10-31 03:55:05 ----A---- C:\Windows\SYSWOW64\azroleui.dll
2012-10-31 03:55:05 ----A---- C:\Windows\SYSWOW64\accessibilitycpl.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\uxlib.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\tzutil.exe
2012-10-31 03:55:05 ----A---- C:\Windows\system32\systemcpl.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\syncui.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\sisbkup.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\shwebsvc.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\sdcpl.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\recovery.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\recdisc.exe
2012-10-31 03:55:05 ----A---- C:\Windows\system32\OobeFldr.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\netplwiz.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\isoburn.exe
2012-10-31 03:55:05 ----A---- C:\Windows\system32\httpapi.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\efscore.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\dsuiext.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\drivers\mpio.sys
2012-10-31 03:55:05 ----A---- C:\Windows\system32\cca.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\bcdedit.exe
2012-10-31 03:55:05 ----A---- C:\Windows\system32\azroleui.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\autoplay.dll
2012-10-31 03:55:05 ----A---- C:\Windows\system32\asycfilt.dll
2012-10-31 03:55:04 ----A---- C:\Windows\SYSWOW64\wusa.exe
2012-10-31 03:55:04 ----A---- C:\Windows\SYSWOW64\prnfldr.dll
2012-10-31 03:55:04 ----A---- C:\Windows\SYSWOW64\OnLineIDCpl.dll
2012-10-31 03:55:04 ----A---- C:\Windows\SYSWOW64\networkmap.dll
2012-10-31 03:55:04 ----A---- C:\Windows\SYSWOW64\netjoin.dll
2012-10-31 03:55:04 ----A---- C:\Windows\SYSWOW64\MCEWMDRMNDBootstrap.dll
2012-10-31 03:55:04 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2012-10-31 03:55:04 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2012-10-31 03:55:04 ----A---- C:\Windows\SYSWOW64\adsldp.dll
2012-10-31 03:55:04 ----A---- C:\Windows\SYSWOW64\ActionCenter.dll
2012-10-31 03:55:04 ----A---- C:\Windows\system32\wlanmsm.dll
2012-10-31 03:55:04 ----A---- C:\Windows\system32\sysclass.dll
2012-10-31 03:55:04 ----A---- C:\Windows\system32\spwizeng.dll
2012-10-31 03:55:04 ----A---- C:\Windows\system32\sdrsvc.dll
2012-10-31 03:55:04 ----A---- C:\Windows\system32\ncryptui.dll
2012-10-31 03:55:04 ----A---- C:\Windows\system32\msvidc32.dll
2012-10-31 03:55:04 ----A---- C:\Windows\system32\MFPlay.dll
2012-10-31 03:55:04 ----A---- C:\Windows\system32\fvecpl.dll
2012-10-31 03:55:04 ----A---- C:\Windows\system32\drivers\rdpdr.sys
2012-10-31 03:55:04 ----A---- C:\Windows\system32\certcli.dll
2012-10-31 03:55:04 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2012-10-31 03:55:04 ----A---- C:\Windows\system32\appinfo.dll
2012-10-31 03:55:04 ----A---- C:\Windows\system32\ActionCenterCPL.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\syncui.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\sud.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\sisbkup.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\shwebsvc.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\photowiz.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\MediaMetadataHandler.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\iprtrmgr.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\ifsutil.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\iasrad.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\ftp.exe
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\efscore.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\dot3cfg.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\defaultlocationcpl.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\credssp.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\autoplay.dll
2012-10-31 03:55:03 ----A---- C:\Windows\SYSWOW64\ActionCenterCPL.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\wwanprotdim.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\vdsutil.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\UserAccountControlSettings.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\termmgr.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\ssText3d.scr
2012-10-31 03:55:03 ----A---- C:\Windows\system32\sqlcese30.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\sethc.exe
2012-10-31 03:55:03 ----A---- C:\Windows\system32\ReAgent.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\rdpd3d.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\ntlanman.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\msscp.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\iyuv_32.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\iTVData.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\iprtrmgr.dll
2012-10-31 03:55:03 ----A---- C:\Windows\system32\drivers\vmstorfl.sys
2012-10-31 03:55:03 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2012-10-31 03:55:02 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2012-10-31 03:55:02 ----A---- C:\Windows\SYSWOW64\systemcpl.dll
2012-10-31 03:55:02 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2012-10-31 03:55:02 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2012-10-31 03:55:02 ----A---- C:\Windows\SYSWOW64\OobeFldr.dll
2012-10-31 03:55:02 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2012-10-31 03:55:02 ----A---- C:\Windows\SYSWOW64\ntlanman.dll
2012-10-31 03:55:02 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2012-10-31 03:55:02 ----A---- C:\Windows\SYSWOW64\dskquoui.dll
2012-10-31 03:55:02 ----A---- C:\Windows\SYSWOW64\DeviceCenter.dll
2012-10-31 03:55:02 ----A---- C:\Windows\system32\wmdrmsdk.dll
2012-10-31 03:55:02 ----A---- C:\Windows\system32\wavemsp.dll
2012-10-31 03:55:02 ----A---- C:\Windows\system32\srvcli.dll
2012-10-31 03:55:02 ----A---- C:\Windows\system32\slwga.dll
2012-10-31 03:55:02 ----A---- C:\Windows\system32\ntprint.dll
2012-10-31 03:55:02 ----A---- C:\Windows\system32\nslookup.exe
2012-10-31 03:55:02 ----A---- C:\Windows\system32\NAPHLPR.DLL
2012-10-31 03:55:02 ----A---- C:\Windows\system32\msiexec.exe
2012-10-31 03:55:02 ----A---- C:\Windows\system32\drmmgrtn.dll
2012-10-31 03:55:02 ----A---- C:\Windows\system32\DevicePairingFolder.dll
2012-10-31 03:55:02 ----A---- C:\Windows\system32\acppage.dll
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\wmpsrcwp.dll
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\wavemsp.dll
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\sethc.exe
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\riched20.dll
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\nshipsec.dll
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\netplwiz.dll
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\NAPHLPR.DLL
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\migisol.dll
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\isoburn.exe
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\httpapi.dll
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\fms.dll
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\dpx.dll
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2012-10-31 03:55:01 ----A---- C:\Windows\SYSWOW64\activeds.dll
2012-10-31 03:55:01 ----A---- C:\Windows\system32\wkscli.dll
2012-10-31 03:55:01 ----A---- C:\Windows\system32\TSpkg.dll
2012-10-31 03:55:01 ----A---- C:\Windows\system32\srrstr.dll
2012-10-31 03:55:01 ----A---- C:\Windows\system32\sppnp.dll
2012-10-31 03:55:01 ----A---- C:\Windows\system32\remotepg.dll
2012-10-31 03:55:01 ----A---- C:\Windows\system32\PresentationSettings.exe
2012-10-31 03:55:01 ----A---- C:\Windows\system32\networkexplorer.dll
2012-10-31 03:55:01 ----A---- C:\Windows\system32\dfrgui.exe
2012-10-31 03:55:01 ----A---- C:\Windows\system32\certprop.dll
2012-10-31 03:55:01 ----A---- C:\Windows\system32\cabinet.dll
2012-10-31 03:55:01 ----A---- C:\Windows\system32\bcdboot.exe
2012-10-31 03:55:00 ----A---- C:\Windows\SYSWOW64\wvc.dll
2012-10-31 03:55:00 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2012-10-31 03:55:00 ----A---- C:\Windows\SYSWOW64\wtsapi32.dll
2012-10-31 03:55:00 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2012-10-31 03:55:00 ----A---- C:\Windows\SYSWOW64\tzutil.exe
2012-10-31 03:55:00 ----A---- C:\Windows\SYSWOW64\ReAgent.dll
2012-10-31 03:55:00 ----A---- C:\Windows\SYSWOW64\provsvc.dll
2012-10-31 03:55:00 ----A---- C:\Windows\SYSWOW64\ocsetup.exe
2012-10-31 03:55:00 ----A---- C:\Windows\SYSWOW64\dsuiext.dll
2012-10-31 03:55:00 ----A---- C:\Windows\SYSWOW64\dot3ui.dll
2012-10-31 03:55:00 ----A---- C:\Windows\SYSWOW64\dfrgui.exe
2012-10-31 03:55:00 ----A---- C:\Windows\system32\wvc.dll
2012-10-31 03:55:00 ----A---- C:\Windows\system32\wsqmcons.exe
2012-10-31 03:55:00 ----A---- C:\Windows\system32\wsnmp32.dll
2012-10-31 03:55:00 ----A---- C:\Windows\system32\wmpdxm.dll
2012-10-31 03:55:00 ----A---- C:\Windows\system32\wmdrmdev.dll
2012-10-31 03:55:00 ----A---- C:\Windows\system32\WinSCard.dll
2012-10-31 03:55:00 ----A---- C:\Windows\system32\WerFaultSecure.exe
2012-10-31 03:55:00 ----A---- C:\Windows\system32\net1.exe
2012-10-31 03:55:00 ----A---- C:\Windows\system32\ftp.exe
2012-10-31 03:55:00 ----A---- C:\Windows\system32\blackbox.dll
2012-10-31 03:54:59 ----A---- C:\Windows\SYSWOW64\wimgapi.dll
2012-10-31 03:54:59 ----A---- C:\Windows\SYSWOW64\twext.dll
2012-10-31 03:54:59 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2012-10-31 03:54:59 ----A---- C:\Windows\SYSWOW64\PkgMgr.exe
2012-10-31 03:54:59 ----A---- C:\Windows\SYSWOW64\mstask.dll
2012-10-31 03:54:59 ----A---- C:\Windows\SYSWOW64\AdmTmpl.dll
2012-10-31 03:54:59 ----A---- C:\Windows\system32\OpcServices.dll
2012-10-31 03:54:59 ----A---- C:\Windows\system32\msyuv.dll
2012-10-31 03:54:59 ----A---- C:\Windows\system32\mfps.dll
2012-10-31 03:54:59 ----A---- C:\Windows\system32\mapistub.dll
2012-10-31 03:54:59 ----A---- C:\Windows\system32\mapi32.dll
2012-10-31 03:54:59 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2012-10-31 03:54:59 ----A---- C:\Windows\system32\Bubbles.scr
2012-10-31 03:54:58 ----A---- C:\Windows\twain_32.dll
2012-10-31 03:54:58 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2012-10-31 03:54:58 ----A---- C:\Windows\SYSWOW64\uxlib.dll
2012-10-31 03:54:58 ----A---- C:\Windows\SYSWOW64\ssText3d.scr
2012-10-31 03:54:58 ----A---- C:\Windows\SYSWOW64\slwga.dll
2012-10-31 03:54:58 ----A---- C:\Windows\SYSWOW64\setupugc.exe
2012-10-31 03:54:58 ----A---- C:\Windows\SYSWOW64\qcap.dll
2012-10-31 03:54:58 ----A---- C:\Windows\SYSWOW64\qasf.dll
2012-10-31 03:54:58 ----A---- C:\Windows\SYSWOW64\nslookup.exe
2012-10-31 03:54:58 ----A---- C:\Windows\SYSWOW64\msvfw32.dll
2012-10-31 03:54:58 ----A---- C:\Windows\SYSWOW64\mciavi32.dll
2012-10-31 03:54:58 ----A---- C:\Windows\SYSWOW64\audiodev.dll
2012-10-31 03:54:58 ----A---- C:\Windows\system32\unimdmat.dll
2012-10-31 03:54:58 ----A---- C:\Windows\system32\tsbyuv.dll
2012-10-31 03:54:58 ----A---- C:\Windows\system32\seclogon.dll
2012-10-31 03:54:58 ----A---- C:\Windows\system32\Ribbons.scr
2012-10-31 03:54:58 ----A---- C:\Windows\system32\Mystify.scr
2012-10-31 03:54:58 ----A---- C:\Windows\system32\muifontsetup.dll
2012-10-31 03:54:58 ----A---- C:\Windows\system32\msrle32.dll
2012-10-31 03:54:58 ----A---- C:\Windows\system32\iscsium.dll
2012-10-31 03:54:58 ----A---- C:\Windows\system32\ifsutil.dll
2012-10-31 03:54:58 ----A---- C:\Windows\system32\drivers\umbus.sys
2012-10-31 03:54:58 ----A---- C:\Windows\system32\diskraid.exe
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\WPDShServiceObj.dll
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\wimserv.exe
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\remotepg.dll
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\rdpencom.dll
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\raschap.dll
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\QUTIL.DLL
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\perfmon.exe
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\NAPCRYPT.DLL
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\msscp.dll
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\input.dll
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\diskraid.exe
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\DevicePairingFolder.dll
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\clusapi.dll
2012-10-31 03:54:57 ----A---- C:\Windows\SYSWOW64\acppage.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\wpdwcn.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\wmpshell.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\WMADMOD.DLL
2012-10-31 03:54:57 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2012-10-31 03:54:57 ----A---- C:\Windows\system32\wiavideo.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\umb.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\tlscsp.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\syssetup.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\runonce.exe
2012-10-31 03:54:57 ----A---- C:\Windows\system32\rdpencom.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\raschap.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\qasf.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\perfmon.exe
2012-10-31 03:54:57 ----A---- C:\Windows\system32\netutils.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2012-10-31 03:54:57 ----A---- C:\Windows\system32\FXSAPI.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\dbghelp.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\AzSqlExt.dll
2012-10-31 03:54:57 ----A---- C:\Windows\system32\ActionQueue.dll
2012-10-31 03:54:57 ----A---- C:\Windows\bfsvc.exe
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\wpdwcn.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\wmpdxm.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\wmdrmdev.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\vpnikeapi.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\vdsbas.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\UserAccountControlSettings.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\shacct.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\runonce.exe
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\onexui.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\ocsetapi.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\networkexplorer.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\msvidc32.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\MFPlay.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\logagent.exe
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\iTVData.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\eapp3hst.dll
2012-10-31 03:54:56 ----A---- C:\Windows\SYSWOW64\dxdiagn.dll
2012-10-31 03:54:56 ----A---- C:\Windows\system32\WMVSDECD.DLL
2012-10-31 03:54:56 ----A---- C:\Windows\system32\wmdrmnet.dll
2012-10-31 03:54:56 ----A---- C:\Windows\system32\vss_ps.dll
2012-10-31 03:54:56 ----A---- C:\Windows\system32\vdsbas.dll
2012-10-31 03:54:56 ----A---- C:\Windows\system32\tabcal.exe
2012-10-31 03:54:56 ----A---- C:\Windows\system32\shacct.dll
2012-10-31 03:54:56 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2012-10-31 03:54:56 ----A---- C:\Windows\system32\PrintIsolationProxy.dll
2012-10-31 03:54:56 ----A---- C:\Windows\system32\nltest.exe
2012-10-31 03:54:56 ----A---- C:\Windows\system32\mstask.dll
2012-10-31 03:54:56 ----A---- C:\Windows\system32\MdSched.exe
2012-10-31 03:54:56 ----A---- C:\Windows\system32\Mcx2Svc.dll
2012-10-31 03:54:56 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys
2012-10-31 03:54:56 ----A---- C:\Windows\system32\drivers\rmcast.sys
2012-10-31 03:54:56 ----A---- C:\Windows\system32\cscapi.dll
2012-10-31 03:54:56 ----A---- C:\Windows\system32\bitsadmin.exe
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\WPDSp.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\wmpshell.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\utildll.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\unimdmat.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\srvcli.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\sqlcese30.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\Ribbons.scr
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\rdpd3d.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\QSVRMGMT.DLL
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\PortableDeviceSyncProvider.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\PortableDeviceStatus.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\pdh.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\OpcServices.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\olethk32.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\ncryptui.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\Mystify.scr
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\mprapi.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\lsmproxy.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\logman.exe
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\iscsium.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\cscapi.dll
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\Bubbles.scr
2012-10-31 03:54:55 ----A---- C:\Windows\SYSWOW64\bitsadmin.exe
2012-10-31 03:54:55 ----A---- C:\Windows\system32\WPDSp.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2012-10-31 03:54:55 ----A---- C:\Windows\system32\WMPhoto.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\vmictimeprovider.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\takeown.exe
2012-10-31 03:54:55 ----A---- C:\Windows\system32\spbcd.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\secproc_ssp.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\qdv.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\qcap.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\PortableDeviceSyncProvider.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\PortableDeviceStatus.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\PnPUnattend.exe
2012-10-31 03:54:55 ----A---- C:\Windows\system32\msnetobj.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\logman.exe
2012-10-31 03:54:55 ----A---- C:\Windows\system32\fphc.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\drivers\ndisuio.sys
2012-10-31 03:54:55 ----A---- C:\Windows\system32\dot3ui.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\CscMig.dll
2012-10-31 03:54:55 ----A---- C:\Windows\system32\amstream.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\wsnmp32.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\wmdrmnet.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\wiavideo.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\vfwwdm32.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\takeown.exe
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\sppinst.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\setupcln.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\qdv.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\QCLIPROV.DLL
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\pdhui.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\MuiUnattend.exe
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\msyuv.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\msrle32.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\iyuv_32.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\fphc.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\EhStorAPI.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\dot3msm.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\cmstp.exe
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\cca.dll
2012-10-31 03:54:54 ----A---- C:\Windows\SYSWOW64\avifil32.dll
2012-10-31 03:54:54 ----A---- C:\Windows\system32\WavDest.dll
2012-10-31 03:54:54 ----A---- C:\Windows\system32\vfwwdm32.dll
2012-10-31 03:54:54 ----A---- C:\Windows\system32\shimgvw.dll
2012-10-31 03:54:54 ----A---- C:\Windows\system32\QCLIPROV.DLL
2012-10-31 03:54:54 ----A---- C:\Windows\system32\nrpsrv.dll
2012-10-31 03:54:54 ----A---- C:\Windows\system32\MultiDigiMon.exe
2012-10-31 03:54:54 ----A---- C:\Windows\system32\KMSVC.DLL
2012-10-31 03:54:54 ----A---- C:\Windows\system32\iasrecst.dll
2012-10-31 03:54:54 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2012-10-31 03:54:54 ----A---- C:\Windows\system32\fdProxy.dll
2012-10-31 03:54:54 ----A---- C:\Windows\system32\EhStorAPI.dll
2012-10-31 03:54:54 ----A---- C:\Windows\system32\drivers\pacer.sys
2012-10-31 03:54:54 ----A---- C:\Windows\system32\djoin.exe
2012-10-31 03:54:54 ----A---- C:\Windows\system32\cmstp.exe
2012-10-31 03:54:54 ----A---- C:\Windows\system32\CertPolEng.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\wmpps.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\wkscli.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\WerFaultSecure.exe
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\tsbyuv.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\tlscsp.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\syssetup.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\spbcd.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\resutils.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\relog.exe
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\ReAgentc.exe
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\rastapi.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\netutils.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\netiougc.exe
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\mydocs.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\muifontsetup.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\mobsync.exe
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\mciqtz32.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\itircl.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\iscsicli.exe
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\iasrecst.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\findstr.exe
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\eappgnui.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\diskpart.exe
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\CertPolEng.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\cabinet.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\AzSqlExt.dll
2012-10-31 03:54:53 ----A---- C:\Windows\SYSWOW64\amstream.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\wdiasqmmodule.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\sscore.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\sppc.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\schedcli.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2012-10-31 03:54:53 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2012-10-31 03:54:53 ----A---- C:\Windows\system32\repair-bde.exe
2012-10-31 03:54:53 ----A---- C:\Windows\system32\relog.exe
2012-10-31 03:54:53 ----A---- C:\Windows\system32\qprocess.exe
2012-10-31 03:54:53 ----A---- C:\Windows\system32\onexui.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\mydocs.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\msdmo.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\mobsync.exe
2012-10-31 03:54:53 ----A---- C:\Windows\system32\mciqtz32.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\manage-bde.exe
2012-10-31 03:54:53 ----A---- C:\Windows\system32\luainstall.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\itircl.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\iscsicli.exe
2012-10-31 03:54:53 ----A---- C:\Windows\system32\inetmib1.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\choice.exe
2012-10-31 03:54:53 ----A---- C:\Windows\system32\chglogon.exe
2012-10-31 03:54:53 ----A---- C:\Windows\system32\FXSTIFF.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\findstr.exe
2012-10-31 03:54:53 ----A---- C:\Windows\system32\eappgnui.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\drivers\tunnel.sys
2012-10-31 03:54:53 ----A---- C:\Windows\system32\drivers\dfsc.sys
2012-10-31 03:54:53 ----A---- C:\Windows\system32\dot3msm.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\diskpart.exe
2012-10-31 03:54:53 ----A---- C:\Windows\system32\BWUnpairElevated.dll
2012-10-31 03:54:53 ----A---- C:\Windows\system32\BdeHdCfg.exe
2012-10-31 03:54:52 ----A---- C:\Windows\SYSWOW64\unlodctr.exe
2012-10-31 03:54:52 ----A---- C:\Windows\SYSWOW64\sppc.dll
2012-10-31 03:54:52 ----A---- C:\Windows\SYSWOW64\spopk.dll
2012-10-31 03:54:52 ----A---- C:\Windows\SYSWOW64\shimgvw.dll
2012-10-31 03:54:52 ----A---- C:\Windows\SYSWOW64\rdprefdrvapi.dll
2012-10-31 03:54:52 ----A---- C:\Windows\SYSWOW64\odbcconf.dll
2012-10-31 03:54:52 ----A---- C:\Windows\SYSWOW64\msdmo.dll
2012-10-31 03:54:52 ----A---- C:\Windows\SYSWOW64\luainstall.dll
2012-10-31 03:54:52 ----A---- C:\Windows\SYSWOW64\inetmib1.dll
2012-10-31 03:54:52 ----A---- C:\Windows\system32\vmstorfltres.dll
2012-10-31 03:54:52 ----A---- C:\Windows\system32\vmicres.dll
2012-10-31 03:54:52 ----A---- C:\Windows\system32\vmbusres.dll
2012-10-31 03:54:52 ----A---- C:\Windows\system32\UIRibbonRes.dll
2012-10-31 03:54:52 ----A---- C:\Windows\system32\tskill.exe
2012-10-31 03:54:52 ----A---- C:\Windows\system32\tsdiscon.exe
2012-10-31 03:54:52 ----A---- C:\Windows\system32\tscon.exe
2012-10-31 03:54:52 ----A---- C:\Windows\system32\spopk.dll
2012-10-31 03:54:52 ----A---- C:\Windows\system32\shadow.exe
2012-10-31 03:54:52 ----A---- C:\Windows\system32\rwinsta.exe
2012-10-31 03:54:52 ----A---- C:\Windows\system32\RDPENCDD.dll
2012-10-31 03:54:52 ----A---- C:\Windows\system32\qappsrv.exe
2012-10-31 03:54:52 ----A---- C:\Windows\system32\odbcconf.dll
2012-10-31 03:54:52 ----A---- C:\Windows\system32\logoff.exe
2012-10-31 03:54:52 ----A---- C:\Windows\system32\chgusr.exe
2012-10-31 03:54:52 ----A---- C:\Windows\system32\chgport.exe
2012-10-31 03:54:52 ----A---- C:\Windows\system32\FXSMON.dll
2012-10-31 03:54:52 ----A---- C:\Windows\system32\fixmapi.exe
2012-10-31 03:54:52 ----A---- C:\Windows\system32\elsTrans.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\wups.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\wshbth.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\wsdchngr.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\UIRibbonRes.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\TRAPI.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\sscore.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\schedcli.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\shgina.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\riched32.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\perfts.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\napdsnap.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\imm32.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\elsTrans.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\dsauth.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\cscdll.dll
2012-10-31 03:54:51 ----A---- C:\Windows\SYSWOW64\bitsperf.dll
2012-10-31 03:54:51 ----A---- C:\Windows\system32\wshbth.dll
2012-10-31 03:54:51 ----A---- C:\Windows\system32\wsdchngr.dll
2012-10-31 03:54:51 ----A---- C:\Windows\system32\TRAPI.dll
2012-10-31 03:54:51 ----A---- C:\Windows\system32\shgina.dll
2012-10-31 03:54:51 ----A---- C:\Windows\system32\reset.exe
2012-10-31 03:54:51 ----A---- C:\Windows\system32\rdprefdrvapi.dll
2012-10-31 03:54:51 ----A---- C:\Windows\system32\query.exe
2012-10-31 03:54:51 ----A---- C:\Windows\system32\napdsnap.dll
2012-10-31 03:54:51 ----A---- C:\Windows\system32\LogonUI.exe
2012-10-31 03:54:51 ----A---- C:\Windows\system32\change.exe
2012-10-31 03:54:51 ----A---- C:\Windows\system32\FXSUNATD.exe
2012-10-31 03:54:51 ----A---- C:\Windows\system32\dsauth.dll
2012-10-31 03:54:51 ----A---- C:\Windows\system32\drivers\usbrpm.sys
2012-10-31 03:54:51 ----A---- C:\Windows\system32\drivers\tdi.sys
2012-10-31 03:54:51 ----A---- C:\Windows\system32\drivers\acpipmi.sys
2012-10-31 03:54:51 ----A---- C:\Windows\system32\cscdll.dll
2012-10-31 03:54:51 ----A---- C:\Windows\system32\bitsperf.dll
2012-10-31 03:54:50 ----A---- C:\Windows\SYSWOW64\wshirda.dll
2012-10-31 03:54:50 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2012-10-31 03:54:50 ----A---- C:\Windows\SYSWOW64\browseui.dll
2012-10-31 03:54:50 ----A---- C:\Windows\system32\wshirda.dll
2012-10-31 03:54:50 ----A---- C:\Windows\system32\VmdCoinstall.dll
2012-10-31 03:54:50 ----A---- C:\Windows\system32\vmbuspipe.dll
2012-10-31 03:54:50 ----A---- C:\Windows\system32\VmbusCoinstaller.dll
2012-10-31 03:54:50 ----A---- C:\Windows\system32\spwmp.dll
2012-10-31 03:54:50 ----A---- C:\Windows\system32\riched32.dll
2012-10-31 03:54:50 ----A---- C:\Windows\system32\rdpcfgex.dll
2012-10-31 03:54:50 ----A---- C:\Windows\system32\IcCoinstall.dll
2012-10-31 03:54:50 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2012-10-31 03:54:50 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2012-10-31 03:54:50 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2012-10-31 03:54:50 ----A---- C:\Windows\system32\drivers\hidusb.sys
2012-10-31 03:54:50 ----A---- C:\Windows\system32\drivers\CompositeBus.sys
2012-10-31 03:54:50 ----A---- C:\Windows\system32\drivers\appid.sys
2012-10-31 03:54:50 ----A---- C:\Windows\system32\C_ISCII.DLL
2012-10-31 03:54:50 ----A---- C:\Windows\system32\browseui.dll
2012-10-31 03:54:49 ----AH---- C:\Windows\system32\api-ms-win-core-ums-l1-1-0.dll
2012-10-31 03:54:49 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\SYSWOW64\shunimpl.dll
2012-10-31 03:54:49 ----A---- C:\Windows\SYSWOW64\KBDTUQ.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\SYSWOW64\KBDTUF.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\SYSWOW64\KBDSG.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\SYSWOW64\kbdlk41a.dll
2012-10-31 03:54:49 ----A---- C:\Windows\SYSWOW64\KBDGR1.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\SYSWOW64\KBDGKL.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2012-10-31 03:54:49 ----A---- C:\Windows\SYSWOW64\C_ISCII.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\system32\wmploc.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\system32\shunimpl.dll
2012-10-31 03:54:49 ----A---- C:\Windows\system32\KBDTUQ.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\system32\KBDTUF.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\system32\KBDSG.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\system32\KBDSF.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\system32\KBDPO.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\system32\KBDNEPR.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\system32\kbdlk41a.dll
2012-10-31 03:54:49 ----A---- C:\Windows\system32\KBDINTAM.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\system32\KBDINBEN.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\system32\KBDGR1.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\system32\KBDGKL.DLL
2012-10-31 03:54:49 ----A---- C:\Windows\system32\dxmasf.dll
2012-10-31 03:54:49 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2012-10-31 03:54:49 ----A---- C:\Windows\system32\drivers\scfilter.sys
2012-10-31 03:54:49 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2012-10-31 03:54:49 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2012-10-31 03:54:49 ----A---- C:\Windows\system32\drivers\cdrom.sys
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\spwizres.dll
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\pifmgr.dll
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDUS.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDUGHR1.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDTURME.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDTAJIK.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDSF.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDPO.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDNEPR.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDMON.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDMAORI.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDLT1.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDINTEL.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDINTAM.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDINORI.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDINMAR.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDINKAN.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDINHIN.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDINBEN.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDGEO.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDCZ1.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDBULG.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDBLR.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\SYSWOW64\dpnaddr.dll
2012-10-31 03:54:48 ----A---- C:\Windows\system32\spwizres.dll
2012-10-31 03:54:48 ----A---- C:\Windows\system32\pifmgr.dll
2012-10-31 03:54:48 ----A---- C:\Windows\system32\nlsbres.dll
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDUS.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDUGHR1.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDTURME.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDTAJIK.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDMON.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDMAORI.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDLT1.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDINTEL.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDINORI.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDINMAR.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDINKAN.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDINHIN.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDGEO.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDCZ1.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDBULG.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDBLR.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\KBDBASH.DLL
2012-10-31 03:54:48 ----A---- C:\Windows\system32\drivers\vms3cap.sys
2012-10-31 03:54:48 ----A---- C:\Windows\system32\drivers\VMBusHID.sys
2012-10-31 03:54:48 ----A---- C:\Windows\system32\dpnaddr.dll
2012-10-31 03:54:48 ----A---- C:\Windows\system32\BlbEvents.dll
2012-10-31 03:54:44 ----A---- C:\Windows\SYSWOW64\wdscore.dll
2012-10-31 03:54:44 ----A---- C:\Windows\system32\dpx.dll
2012-10-31 03:54:40 ----A---- C:\Windows\SYSWOW64\sqmapi.dll
2012-10-31 03:54:40 ----A---- C:\Windows\SYSWOW64\printmanagement.msc
2012-10-31 03:54:37 ----A---- C:\Windows\SYSWOW64\wbemcomn.dll
2012-10-31 03:54:05 ----A---- C:\Windows\system32\wbemcomn.dll
2012-10-31 03:54:00 ----A---- C:\Windows\system32\sqmapi.dll
2012-10-31 03:52:44 ----A---- C:\Windows\system32\esent.dll
2012-10-31 03:52:43 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2012-10-31 03:52:43 ----A---- C:\Windows\SYSWOW64\esent.dll
2012-10-31 03:52:43 ----A---- C:\Windows\system32\fsutil.exe
2012-10-31 03:52:43 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2012-10-31 03:52:43 ----A---- C:\Windows\system32\drivers\storport.sys
2012-10-31 03:52:43 ----A---- C:\Windows\system32\drivers\nvstor.sys
2012-10-31 03:52:43 ----A---- C:\Windows\system32\drivers\nvraid.sys
2012-10-31 03:52:43 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2012-10-31 03:52:43 ----A---- C:\Windows\system32\drivers\amdxata.sys
2012-10-31 03:52:43 ----A---- C:\Windows\system32\drivers\amdsata.sys
2012-10-31 03:52:40 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2012-10-31 03:52:40 ----A---- C:\Windows\system32\drivers\usbport.sys
2012-10-31 03:52:40 ----A---- C:\Windows\system32\drivers\usbohci.sys
2012-10-31 03:52:40 ----A---- C:\Windows\system32\drivers\usbhub.sys
2012-10-31 03:52:40 ----A---- C:\Windows\system32\drivers\usbehci.sys
2012-10-31 03:52:40 ----A---- C:\Windows\system32\drivers\usbd.sys
2012-10-31 03:52:40 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2012-10-31 03:52:39 ----A---- C:\Windows\system32\drivers\bthport.sys
2012-10-31 03:52:38 ----A---- C:\Windows\system32\fsquirt.exe
2012-10-31 03:52:38 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2012-10-31 01:22:02 ----D---- C:\Windows\SYSWOW64\Wat
2012-10-31 01:22:02 ----D---- C:\Windows\system32\Wat
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\wextract.exe
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\occache.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\msrating.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\msls31.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\mshta.exe
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\inseng.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\ieakui.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\ieaksie.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\ieakeng.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\icardie.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2012-10-31 01:02:16 ----A---- C:\Windows\SYSWOW64\admparse.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\wextract.exe
2012-10-31 01:02:16 ----A---- C:\Windows\system32\webcheck.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2012-10-31 01:02:16 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2012-10-31 01:02:16 ----A---- C:\Windows\system32\pngfilt.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\occache.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\msrating.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\msls31.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\mshtmler.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\mshta.exe
2012-10-31 01:02:16 ----A---- C:\Windows\system32\msfeedssync.exe
2012-10-31 01:02:16 ----A---- C:\Windows\system32\msfeedsbs.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\licmgr10.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\inseng.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\imgutil.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\iexpress.exe
2012-10-31 01:02:16 ----A---- C:\Windows\system32\iesysprep.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\iesetup.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\iernonce.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\iepeers.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\iedkcs32.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\ieapfltr.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\ieapfltr.dat
2012-10-31 01:02:16 ----A---- C:\Windows\system32\ieakui.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\ieaksie.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\ieakeng.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\IEAdvpack.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\ie4uinit.exe
2012-10-31 01:02:16 ----A---- C:\Windows\system32\icardie.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\dxtrans.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\dxtmsft.dll
2012-10-31 01:02:16 ----A---- C:\Windows\system32\admparse.dll
2012-10-30 23:59:21 ----A---- C:\Windows\system32\MRT.exe
2012-10-30 23:31:52 ----A---- C:\Windows\system32\browserchoice.exe
2012-10-30 23:19:35 ----A---- C:\Windows\SYSWOW64\wmi.dll
2012-10-30 23:19:35 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2012-10-30 23:19:35 ----A---- C:\Windows\system32\wmi.dll
2012-10-30 23:19:35 ----A---- C:\Windows\system32\imagehlp.dll
2012-10-30 23:19:35 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2012-10-30 23:16:45 ----A---- C:\Windows\system32\sspicli.dll
2012-10-30 23:16:44 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-10-30 23:16:43 ----A---- C:\Windows\system32\sspisrv.dll
2012-10-30 23:16:43 ----A---- C:\Windows\system32\secur32.dll
2012-10-30 23:16:43 ----A---- C:\Windows\system32\lsass.exe
2012-10-30 23:16:41 ----A---- C:\Windows\SYSWOW64\sbe.dll
2012-10-30 23:16:41 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2012-10-30 23:16:41 ----A---- C:\Windows\system32\sbe.dll
2012-10-30 23:16:41 ----A---- C:\Windows\system32\CPFilters.dll
2012-10-30 23:16:40 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2012-10-30 23:16:40 ----A---- C:\Windows\system32\XpsPrint.dll
2012-10-30 23:15:47 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-10-30 23:15:47 ----A---- C:\Windows\system32\DWrite.dll
2012-10-30 23:15:26 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-10-30 23:15:25 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-10-30 23:15:24 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-10-30 23:15:17 ----A---- C:\Windows\system32\tquery.dll
2012-10-30 23:15:16 ----A---- C:\Windows\SYSWOW64\tquery.dll
2012-10-30 23:15:16 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2012-10-30 23:15:16 ----A---- C:\Windows\system32\SearchIndexer.exe
2012-10-30 23:15:16 ----A---- C:\Windows\system32\mssrch.dll
2012-10-30 23:15:15 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2012-10-30 23:15:15 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2012-10-30 23:15:15 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2012-10-30 23:15:15 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2012-10-30 23:15:15 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2012-10-30 23:15:15 ----A---- C:\Windows\SYSWOW64\mssph.dll
2012-10-30 23:15:15 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2012-10-30 23:15:15 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2012-10-30 23:15:15 ----A---- C:\Windows\system32\SearchFilterHost.exe
2012-10-30 23:15:15 ----A---- C:\Windows\system32\mssvp.dll
2012-10-30 23:15:15 ----A---- C:\Windows\system32\mssphtb.dll
2012-10-30 23:15:15 ----A---- C:\Windows\system32\mssph.dll
2012-10-30 23:15:15 ----A---- C:\Windows\system32\msscntrs.dll
2012-10-30 23:14:38 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2012-10-30 23:14:38 ----A---- C:\Windows\system32\ntshrui.dll
2012-10-30 23:14:37 ----A---- C:\Windows\system32\shell32.dll
2012-10-30 23:14:36 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-10-30 23:14:31 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2012-10-30 23:14:31 ----A---- C:\Windows\system32\wow64win.dll
2012-10-30 23:14:31 ----A---- C:\Windows\system32\winsrv.dll
2012-10-30 23:14:31 ----A---- C:\Windows\system32\KernelBase.dll
2012-10-30 23:14:31 ----A---- C:\Windows\system32\kernel32.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-30 23:14:30 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-10-30 23:14:30 ----A---- C:\Windows\SYSWOW64\wow32.dll
2012-10-30 23:14:30 ----A---- C:\Windows\SYSWOW64\user.exe
2012-10-30 23:14:30 ----A---- C:\Windows\SYSWOW64\setup16.exe
2012-10-30 23:14:30 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2012-10-30 23:14:30 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2012-10-30 23:14:30 ----A---- C:\Windows\SYSWOW64\instnm.exe
2012-10-30 23:14:30 ----A---- C:\Windows\system32\wow64cpu.dll
2012-10-30 23:14:30 ----A---- C:\Windows\system32\wow64.dll
2012-10-30 23:14:30 ----A---- C:\Windows\system32\ntvdm64.dll
2012-10-30 23:14:30 ----A---- C:\Windows\system32\conhost.exe
2012-10-30 23:14:12 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2012-10-30 23:14:12 ----A---- C:\Windows\system32\poqexec.exe
2012-10-30 23:14:08 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-10-30 23:14:07 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2012-10-30 23:14:07 ----A---- C:\Windows\system32\FntCache.dll
2012-10-30 23:14:07 ----A---- C:\Windows\system32\d2d1.dll
2012-10-30 23:13:45 ----A---- C:\Windows\system32\msxml6.dll
2012-10-30 23:13:45 ----A---- C:\Windows\system32\msxml3.dll
2012-10-30 23:13:44 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2012-10-30 23:13:44 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2012-10-30 23:13:43 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2012-10-30 23:13:43 ----A---- C:\Windows\system32\msxml3r.dll
2012-10-30 23:13:33 ----A---- C:\Windows\system32\ntdll.dll
2012-10-30 23:13:32 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2012-10-30 23:13:28 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2012-10-30 23:13:28 ----A---- C:\Windows\system32\rdpcore.dll
2012-10-30 23:13:28 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-10-30 23:13:27 ----A---- C:\Windows\system32\webio.dll
2012-10-30 23:13:26 ----A---- C:\Windows\SYSWOW64\webio.dll
2012-10-30 23:13:25 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2012-10-30 23:13:24 ----A---- C:\Windows\system32\cdosys.dll
2012-10-30 23:13:20 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-10-30 23:13:20 ----A---- C:\Windows\system32\tzres.dll
2012-10-30 23:13:12 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2012-10-30 23:13:12 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2012-10-30 23:13:12 ----A---- C:\Windows\system32\EncDec.dll
2012-10-30 23:13:12 ----A---- C:\Windows\system32\d3d10level9.dll
2012-10-30 23:13:11 ----A---- C:\Windows\system32\mfc42u.dll
2012-10-30 23:13:11 ----A---- C:\Windows\system32\mfc42.dll
2012-10-30 23:13:10 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2012-10-30 23:13:10 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2012-10-30 23:13:02 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-10-30 23:12:57 ----A---- C:\Windows\system32\drivers\srvnet.sys
2012-10-30 23:12:57 ----A---- C:\Windows\system32\drivers\srv2.sys
2012-10-30 23:12:57 ----A---- C:\Windows\system32\drivers\srv.sys
2012-10-30 23:12:44 ----A---- C:\Windows\SYSWOW64\explorer.exe
2012-10-30 23:12:44 ----A---- C:\Windows\explorer.exe
2012-10-30 23:12:34 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2012-10-30 23:12:34 ----A---- C:\Windows\system32\psisdecd.dll
2012-10-30 23:12:33 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2012-10-30 23:12:33 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2012-10-30 23:12:33 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2012-10-30 23:12:33 ----A---- C:\Windows\system32\drivers\bowser.sys
2012-10-30 23:12:30 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2012-10-30 23:12:30 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2012-10-30 23:12:30 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2012-10-30 23:12:30 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2012-10-30 23:12:30 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2012-10-30 23:12:30 ----A---- C:\Windows\system32\odbctrac.dll
2012-10-30 23:12:30 ----A---- C:\Windows\system32\odbccu32.dll
2012-10-30 23:12:30 ----A---- C:\Windows\system32\odbccr32.dll
2012-10-30 23:12:30 ----A---- C:\Windows\system32\odbccp32.dll
2012-10-30 23:12:29 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2012-10-30 23:12:29 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2012-10-30 23:12:29 ----A---- C:\Windows\system32\oleaut32.dll
2012-10-30 23:12:29 ----A---- C:\Windows\system32\oleacc.dll
2012-10-30 23:12:26 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2012-10-30 23:12:26 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2012-10-30 23:12:25 ----A---- C:\Windows\SYSWOW64\msi.dll
2012-10-30 23:12:25 ----A---- C:\Windows\system32\msi.dll
2012-10-30 23:12:24 ----A---- C:\Windows\system32\srcore.dll
2012-10-30 23:12:23 ----A---- C:\Windows\SYSWOW64\srclient.dll
2012-10-30 23:12:23 ----A---- C:\Windows\system32\rstrui.exe
2012-10-30 23:12:22 ----A---- C:\Windows\SYSWOW64\quartz.dll
2012-10-30 23:12:22 ----A---- C:\Windows\system32\quartz.dll
2012-10-30 23:12:09 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2012-10-30 23:12:09 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2012-10-30 23:12:09 ----A---- C:\Windows\system32\dnsrslvr.dll
2012-10-30 23:12:09 ----A---- C:\Windows\system32\dnscacheugc.exe
2012-10-30 23:12:09 ----A---- C:\Windows\system32\dnsapi.dll
2012-10-30 23:12:08 ----A---- C:\Windows\system32\msvcrt.dll
2012-10-30 23:12:07 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2012-10-30 23:12:06 ----A---- C:\Windows\system32\winresume.exe
2012-10-30 23:12:06 ----A---- C:\Windows\system32\winload.exe
2012-10-30 23:12:04 ----A---- C:\Windows\system32\setbcdlocale.dll
2012-10-30 23:12:04 ----A---- C:\Windows\system32\kdusb.dll
2012-10-30 23:12:04 ----A---- C:\Windows\system32\kdcom.dll
2012-10-30 23:12:04 ----A---- C:\Windows\system32\kd1394.dll
2012-10-30 23:11:59 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2012-10-30 23:11:59 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2012-10-30 23:11:59 ----A---- C:\Windows\system32\d3d10_1core.dll
2012-10-30 23:11:59 ----A---- C:\Windows\system32\d3d10_1.dll
2012-10-30 23:11:58 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2012-10-30 23:11:58 ----A---- C:\Windows\system32\kerberos.dll
2012-10-30 23:11:56 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2012-10-30 23:11:56 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2012-10-30 23:11:56 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2012-10-30 23:11:56 ----A---- C:\Windows\system32\fontsub.dll
2012-10-30 23:11:56 ----A---- C:\Windows\system32\atmlib.dll
2012-10-30 23:11:56 ----A---- C:\Windows\system32\atmfd.dll
2012-10-30 23:11:52 ----A---- C:\Windows\system32\drivers\afd.sys
2012-10-30 23:11:45 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2012-10-30 23:11:45 ----A---- C:\Windows\system32\xmllite.dll
2012-10-30 23:11:35 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2012-10-30 23:11:35 ----A---- C:\Windows\system32\win32spl.dll
2012-10-30 23:11:35 ----A---- C:\Windows\system32\spoolsv.exe
2012-10-30 23:11:35 ----A---- C:\Windows\splwow64.exe
2012-10-30 23:11:34 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-10-30 23:11:34 ----A---- C:\Windows\system32\rdpwsx.dll
2012-10-30 23:11:34 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-10-30 23:11:33 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2012-10-30 23:11:33 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2012-10-30 23:11:33 ----A---- C:\Windows\SYSWOW64\devobj.dll
2012-10-30 23:11:33 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2012-10-30 23:11:33 ----A---- C:\Windows\system32\umpnpmgr.dll
2012-10-30 23:11:33 ----A---- C:\Windows\system32\profsvc.dll
2012-10-30 23:11:33 ----A---- C:\Windows\system32\profprov.dll
2012-10-30 23:11:33 ----A---- C:\Windows\system32\cfgmgr32.dll
2012-10-30 23:11:31 ----A---- C:\Windows\system32\WFS.exe
2012-10-30 23:11:31 ----A---- C:\Windows\system32\FXSCOVER.exe
2012-10-30 23:11:31 ----A---- C:\Windows\system32\csrsrv.dll
2012-10-30 23:11:24 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2012-10-30 23:11:24 ----A---- C:\Windows\system32\wintrust.dll
2012-10-30 23:11:23 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2012-10-30 23:11:23 ----A---- C:\Windows\system32\prevhost.exe
2012-10-30 23:11:22 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2012-10-30 23:11:22 ----A---- C:\Windows\SYSWOW64\browcli.dll
2012-10-30 23:11:22 ----A---- C:\Windows\system32\netapi32.dll
2012-10-30 23:11:22 ----A---- C:\Windows\system32\browser.dll
2012-10-30 23:11:22 ----A---- C:\Windows\system32\browcli.dll
2012-10-30 23:11:21 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2012-10-30 23:11:21 ----A---- C:\Windows\system32\inetcomm.dll
2012-10-30 23:11:20 ----A---- C:\Windows\system32\localspl.dll
2012-10-30 23:11:18 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-10-30 23:11:15 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2012-10-30 23:10:43 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-10-30 23:10:43 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-10-30 23:10:43 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-10-30 23:10:43 ----A---- C:\Windows\system32\cryptsvc.dll
2012-10-30 23:10:43 ----A---- C:\Windows\system32\cryptnet.dll
2012-10-30 23:10:43 ----A---- C:\Windows\system32\crypt32.dll
2012-10-30 22:55:30 ----A---- C:\Windows\SYSWOW64\packager.dll
2012-10-30 22:55:30 ----A---- C:\Windows\system32\packager.dll
2012-10-30 22:46:08 ----A---- C:\Windows\system32\wups2.dll
2012-10-30 22:46:08 ----A---- C:\Windows\system32\wucltux.dll
2012-10-30 22:46:08 ----A---- C:\Windows\system32\wuauclt.exe
2012-10-30 22:46:07 ----A---- C:\Windows\system32\wuaueng.dll
2012-10-30 22:46:02 ----A---- C:\Windows\system32\wups.dll
2012-10-30 22:46:02 ----A---- C:\Windows\system32\wudriver.dll
2012-10-30 22:46:02 ----A---- C:\Windows\system32\wuapi.dll
2012-10-30 22:45:58 ----A---- C:\Windows\system32\wuwebv.dll
2012-10-30 22:45:58 ----A---- C:\Windows\system32\wuapp.exe
2012-10-30 22:42:47 ----D---- C:\Users\Jara\AppData\Roaming\vlc
2012-10-30 22:42:32 ----D---- C:\Program Files (x86)\VideoLAN
2012-10-30 22:33:56 ----D---- C:\ProgramData\FLEXnet
2012-10-30 22:28:05 ----D---- C:\ProgramData\Adobe
2012-10-30 22:28:05 ----D---- C:\Program Files (x86)\Adobe
2012-10-30 20:49:12 ----D---- C:\Program Files (x86)\Microsoft Works
2012-10-30 20:48:22 ----D---- C:\Windows\PCHEALTH
2012-10-30 20:48:22 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-10-30 20:44:51 ----D---- C:\Program Files\Microsoft Office
2012-10-30 20:44:45 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2012-10-30 20:44:15 ----D---- C:\ProgramData\Microsoft Help
2012-10-30 20:44:15 ----D---- C:\Program Files (x86)\Microsoft Office
2012-10-30 20:43:56 ----RHD---- C:\MSOCache
2012-10-30 20:35:56 ----D---- C:\Program Files\WinRAR
2012-10-30 20:31:04 ----D---- C:\ProgramData\IObit
2012-10-30 20:30:51 ----D---- C:\Users\Jara\AppData\Roaming\IObit
2012-10-30 20:30:46 ----D---- C:\Program Files (x86)\IObit
2012-10-30 20:18:11 ----D---- C:\Users\Jara\AppData\Roaming\Macromedia
2012-10-30 20:18:11 ----D---- C:\Users\Jara\AppData\Roaming\Adobe
2012-10-30 20:17:45 ----D---- C:\Windows\SYSWOW64\Macromed
2012-10-30 20:17:45 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-10-30 20:17:43 ----D---- C:\Windows\system32\Macromed
2012-10-30 20:12:14 ----D---- C:\Program Files (x86)\ASUS
2012-10-30 20:11:45 ----SHD---- C:\Windows\Installer
2012-10-30 19:52:51 ----N---- C:\Windows\system32\MpSigStub.exe
2012-10-30 19:49:19 ----D---- C:\Users\Jara\AppData\Roaming\Opera
2012-10-30 19:49:16 ----D---- C:\Program Files (x86)\Opera
2012-10-30 19:37:23 ----D---- C:\Users\Jara\AppData\Roaming\Identities
2012-10-30 19:37:09 ----SD---- C:\Users\Jara\AppData\Roaming\Microsoft
2012-10-30 19:37:09 ----D---- C:\Users\Jara\AppData\Roaming\Media Center Programs
2012-10-30 19:36:56 ----SHD---- C:\Recovery
2012-10-30 19:36:56 ----SHD---- C:\ProgramData\Šablony
2012-10-30 19:36:56 ----SHD---- C:\ProgramData\Plocha
2012-10-30 19:36:56 ----SHD---- C:\ProgramData\Oblíbené položky
2012-10-30 19:36:56 ----SHD---- C:\ProgramData\Nabídka Start
2012-10-30 19:36:56 ----SHD---- C:\ProgramData\Dokumenty
2012-10-30 19:36:56 ----SHD---- C:\ProgramData\Data aplikací
2012-10-30 19:31:29 ----D---- C:\Windows\SoftwareDistribution
2012-10-30 19:29:02 ----D---- C:\Windows\Prefetch
2012-10-30 19:28:47 ----ASH---- C:\pagefile.sys
2012-10-30 19:28:47 ----ASH---- C:\hiberfil.sys
2012-10-30 19:28:46 ----SHD---- C:\System Volume Information
2012-10-30 19:27:57 ----D---- C:\Windows\Panther
2012-10-30 19:27:44 ----RASH---- C:\BOOTSECT.BAK
2012-10-30 19:27:43 ----SHD---- C:\Boot
2012-10-30 19:25:42 ----D---- C:\Windows\system32\oem
======List of files/folders modified in the last 1 month======
2012-11-29 04:01:35 ----D---- C:\Windows\Temp
2012-11-29 04:00:37 ----D---- C:\Windows\winsxs
2012-11-29 04:00:33 ----D---- C:\Windows\AppPatch
2012-11-29 04:00:30 ----D---- C:\Windows\system32\catroot
2012-11-29 04:00:29 ----D---- C:\Windows\system32\catroot2
2012-11-29 03:58:27 ----D---- C:\Windows\system32\config
2012-11-29 03:39:54 ----RD---- C:\Program Files
2012-11-29 02:24:49 ----D---- C:\Windows\System32
2012-11-29 02:24:49 ----D---- C:\Windows\inf
2012-11-29 02:24:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-28 14:48:38 ----HD---- C:\ProgramData
2012-11-28 13:56:24 ----RD---- C:\Program Files (x86)
2012-11-25 14:21:49 ----D---- C:\Windows
2012-11-25 10:38:53 ----D---- C:\Windows\SysWOW64
2012-11-25 04:17:30 ----D---- C:\Windows\SYSWOW64\drivers
2012-11-25 04:16:01 ----D---- C:\Windows\system32\drivers
2012-11-20 13:23:50 ----D---- C:\Windows\Tasks
2012-11-19 11:10:24 ----RSD---- C:\Windows\Fonts
2012-11-19 11:10:11 ----D---- C:\Program Files (x86)\Common Files
2012-11-19 11:09:59 ----D---- C:\Program Files (x86)\MSBuild
2012-11-19 11:09:41 ----D---- C:\Windows\ShellNew
2012-11-19 11:06:33 ----A---- C:\Windows\win.ini
2012-11-17 21:37:20 ----D---- C:\Windows\system32\wbem
2012-11-17 21:36:30 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-11-17 21:36:26 ----D---- C:\Windows\system32\DriverStore
2012-11-17 21:36:26 ----D---- C:\Windows\system32\drivers\etc
2012-11-17 21:36:25 ----D---- C:\Windows\registration
2012-11-17 21:26:23 ----D---- C:\Windows\debug
2012-11-17 20:34:14 ----D---- C:\Windows\system32\Tasks
2012-11-17 20:33:57 ----D---- C:\Program Files\Common Files
2012-11-14 07:36:52 ----D---- C:\Windows\rescache
2012-11-14 07:14:28 ----D---- C:\Windows\Microsoft.NET
2012-11-14 07:14:27 ----RSD---- C:\Windows\assembly
2012-11-14 04:16:45 ----D---- C:\Windows\SYSWOW64\migration
2012-11-14 04:16:45 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-11-14 04:16:45 ----D---- C:\Windows\system32\migration
2012-11-14 04:16:45 ----D---- C:\Windows\system32\drivers\cs-CZ
2012-11-14 04:16:45 ----D---- C:\Windows\system32\cs-CZ
2012-11-14 04:16:45 ----D---- C:\Windows\PolicyDefinitions
2012-11-14 04:16:45 ----D---- C:\Program Files (x86)\Internet Explorer
2012-11-14 04:16:44 ----D---- C:\Program Files\Internet Explorer
2012-11-12 08:12:46 ----D---- C:\Windows\Logs
2012-11-06 03:48:55 ----D---- C:\Windows\system32\wdi
2012-11-02 14:57:27 ----D---- C:\Windows\system32\drivers\UMDF
2012-11-02 04:45:14 ----D---- C:\Windows\system32\NDF
2012-11-01 22:59:44 ----D---- C:\Windows\system32\zh-TW
2012-11-01 22:59:44 ----D---- C:\Windows\system32\zh-CN
2012-11-01 22:59:44 ----D---- C:\Windows\system32\tr-TR
2012-11-01 22:59:44 ----D---- C:\Windows\system32\sv-SE
2012-11-01 22:59:44 ----D---- C:\Windows\system32\ru-RU
2012-11-01 22:59:44 ----D---- C:\Windows\system32\pt-PT
2012-11-01 22:59:44 ----D---- C:\Windows\system32\pl-PL
2012-11-01 22:59:44 ----D---- C:\Windows\system32\nl-NL
2012-11-01 22:59:44 ----D---- C:\Windows\system32\ko-KR
2012-11-01 22:59:44 ----D---- C:\Windows\system32\ja-JP
2012-11-01 22:59:44 ----D---- C:\Windows\system32\it-IT
2012-11-01 22:59:44 ----D---- C:\Windows\system32\hu-HU
2012-11-01 22:59:44 ----D---- C:\Windows\system32\fr-FR
2012-11-01 22:59:44 ----D---- C:\Windows\system32\fi-FI
2012-11-01 22:59:44 ----D---- C:\Windows\system32\es-ES
2012-11-01 22:59:44 ----D---- C:\Windows\system32\en-US
2012-11-01 22:59:44 ----D---- C:\Windows\system32\el-GR
2012-11-01 22:59:44 ----D---- C:\Windows\system32\de-DE
2012-11-01 22:59:44 ----D---- C:\Windows\system32\da-DK
2012-11-01 21:17:22 ----D---- C:\Windows\system32\wfp
2012-11-01 21:17:21 ----D---- C:\Windows\system32\CodeIntegrity
2012-11-01 21:15:39 ----SD---- C:\ProgramData\Microsoft
2012-10-31 18:35:06 ----D---- C:\Windows\SYSWOW64\en-US
2012-10-31 06:49:33 ----D---- C:\Windows\SYSWOW64\wbem
2012-10-31 06:49:32 ----D---- C:\Windows\system32\drivers\en-US
2012-10-31 04:13:27 ----D---- C:\Program Files\Windows Sidebar
2012-10-31 04:13:27 ----D---- C:\Program Files\Windows Mail
2012-10-31 04:13:27 ----D---- C:\Program Files (x86)\Windows Sidebar
2012-10-31 04:13:27 ----D---- C:\Program Files (x86)\Windows Portable Devices
2012-10-31 04:13:27 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2012-10-31 04:13:27 ----D---- C:\Program Files (x86)\Windows Media Player
2012-10-31 04:13:27 ----D---- C:\Program Files (x86)\Windows Mail
2012-10-31 04:13:26 ----D---- C:\Windows\servicing
2012-10-31 04:13:26 ----D---- C:\Windows\ehome
2012-10-31 04:13:26 ----D---- C:\Program Files\Windows Portable Devices
2012-10-31 04:13:26 ----D---- C:\Program Files\Windows Photo Viewer
2012-10-31 04:13:26 ----D---- C:\Program Files\Windows Media Player
2012-10-31 04:13:26 ----D---- C:\Program Files\Windows Journal
2012-10-31 04:13:26 ----D---- C:\Program Files\Windows Defender
2012-10-31 04:13:26 ----D---- C:\Program Files\DVD Maker
2012-10-31 04:13:26 ----D---- C:\Program Files\Common Files\System
2012-10-31 04:13:24 ----SHD---- C:\Windows\BitLockerDiscoveryVolumeContents
2012-10-31 04:13:24 ----D---- C:\Windows\SYSWOW64\Setup
2012-10-31 04:13:24 ----D---- C:\Windows\SYSWOW64\oobe
2012-10-31 04:13:24 ----D---- C:\Windows\SYSWOW64\da-DK
2012-10-31 04:13:24 ----D---- C:\Windows\SYSWOW64\cs
2012-10-31 04:13:24 ----D---- C:\Windows\SYSWOW64\AdvancedInstallers
2012-10-31 04:13:22 ----D---- C:\Windows\SYSWOW64\sppui
2012-10-31 04:13:22 ----D---- C:\Windows\SYSWOW64\migwiz
2012-10-31 04:13:22 ----D---- C:\Windows\SYSWOW64\manifeststore
2012-10-31 04:13:22 ----D---- C:\Windows\SYSWOW64\es-ES
2012-10-31 04:13:22 ----D---- C:\Windows\SYSWOW64\Dism
2012-10-31 04:13:16 ----D---- C:\Windows\system32\Setup
2012-10-31 04:13:16 ----D---- C:\Windows\system32\oobe
2012-10-31 04:13:16 ----D---- C:\Windows\system32\cs
2012-10-31 04:13:16 ----D---- C:\Windows\system32\AdvancedInstallers
2012-10-31 04:13:15 ----D---- C:\Windows\system32\sppui
2012-10-31 04:13:15 ----D---- C:\Windows\system32\manifeststore
2012-10-31 04:13:14 ----D---- C:\Windows\system32\migwiz
2012-10-31 04:13:14 ----D---- C:\Windows\system32\Dism
2012-10-31 04:13:00 ----D---- C:\Windows\system32\Boot
2012-10-31 04:10:54 ----A---- C:\Windows\SYSWOW64\msclmd.dll
2012-10-31 04:10:54 ----A---- C:\Windows\system32\msclmd.dll
2012-10-30 20:27:11 ----D---- C:\Windows\system32\LogFiles
2012-10-30 19:52:37 ----D---- C:\Windows\system32\restore
2012-10-30 19:37:20 ----SHD---- C:\$Recycle.Bin
2012-10-30 19:37:07 ----RD---- C:\Users
2012-10-30 19:36:56 ----D---- C:\Windows\system32\Recovery
2012-10-30 19:36:56 ----D---- C:\Program Files\Windows NT
2012-10-30 19:31:54 ----D---- C:\Windows\system32\sysprep
2012-10-30 19:29:18 ----D---- C:\Windows\CSC
2012-10-30 19:25:42 ----D---- C:\Windows\Setup
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2012-10-05 111456]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-11-04 868848]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2012-09-04 50296]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
R3 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-01-05 21384]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-09-29 25928]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2007-08-09 13680]
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2012-07-05 33224]
R3 SiSGbeLH;SiS191/SiS190 – ovladač NDIS 6.0 zařízení sítě Ethernet; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2012-07-05 21904]
S3 ar4u4ul9;ar4u4ul9; C:\Windows\system32\drivers\ar4u4ul9.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 tsusbhub;tsusbhub; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2012-11-02 1340976]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-06 5814392]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
R3 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-09 821592]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
S3 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-31 464256]
S3 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-10-30 651720]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-11-24 115168]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-10-30 1255736]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
-----------------EOF-----------------
Re: Prosím o kontrolu logu
Zdravim 
Jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze 
Odinstalujte IObit Malware Fighter a pripadne vse od IObit. Dokaze to nadelat vice skody nez uzitku.
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze Odinstalujte IObit Malware Fighter a pripadne vse od IObit. Dokaze to nadelat vice skody nez uzitku. Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu
Zdravím., W7 mám legální. Brácha mi je dal, že je firemní. Mně osobně by stačilo Pro. Kvůli bitové kopii. Samozřejmě zachování licence Acrobata..
Vše jsem dělal podle návodu, ale po cca 15 min. mi OtL zmrzl. System mi hodil hlášku s koncovkou bat(nechtěně jsem to kliknutím zavřel. ale OTL běží dál. Jen zmrzlý)
Vše jsem dělal podle návodu, ale po cca 15 min. mi OtL zmrzl. System mi hodil hlášku s koncovkou bat(nechtěně jsem to kliknutím zavřel. ale OTL běží dál. Jen zmrzlý)
Re: Prosím o kontrolu logu
Tuhle chybu OTL obcas udela. Zkuste ho tedy spustit jeste jednou, ale s timto upravenym skriptem
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /sPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu
Zde je jedna část logu
OTL logfile created on: 30.11.2012 16:59:23 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jara\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,74 Gb Available Physical Memory | 68,43% Memory free
8,00 Gb Paging File | 6,63 Gb Available in Paging File | 82,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 70,11 Gb Total Space | 34,19 Gb Free Space | 48,77% Space Free | Partition Type: NTFS
Drive D: | 628,43 Gb Total Space | 191,60 Gb Free Space | 30,49% Space Free | Partition Type: NTFS
Drive J: | 931,51 Gb Total Space | 333,21 Gb Free Space | 35,77% Space Free | Partition Type: NTFS
Drive K: | 931,51 Gb Total Space | 467,24 Gb Free Space | 50,16% Space Free | Partition Type: NTFS
Computer Name: JARA-PC | User Name: Jara | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.11.30 03:14:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jara\Desktop\OTL.exe
PRC - [2012.11.26 17:26:37 | 000,878,480 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2012.11.06 19:00:32 | 003,143,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - [2012.11.06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
PRC - [2012.11.02 00:08:48 | 001,340,976 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
PRC - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
PRC - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2009.09.25 09:24:36 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009.08.19 20:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2009.06.19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2008.12.22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008.06.11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
========== Modules (No Company Name) ==========
MOD - [2012.11.07 18:38:03 | 014,586,808 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll
========== Services (SafeList) ==========
SRV:64bit: - [2009.08.18 02:36:20 | 000,203,264 | ---- | M] (AMD) [On_Demand | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.11.24 14:43:22 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.11.06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012.11.02 00:08:48 | 001,340,976 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe -- (avgfws)
SRV - [2012.10.30 22:31:13 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.11.04 20:08:15 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012.10.22 13:02:44 | 000,154,464 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2012.10.15 03:48:50 | 000,063,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012.10.05 03:32:50 | 000,111,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2012.10.02 03:30:38 | 000,185,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012.09.29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.09.21 03:46:04 | 000,200,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012.09.21 03:46:00 | 000,225,120 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2012.09.14 03:05:18 | 000,040,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2012.09.04 10:39:32 | 000,050,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.06.27 01:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.08.18 03:48:48 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007.08.09 01:21:00 | 000,013,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaulturl: "http://search.babylon.com/web/{searchTe ... h&AF=14542"
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0
FF - prefs.js..extensions.enabledAddons: firegestures%40xuldev.org:1.6.18
FF - prefs.js..extensions.enabledAddons: plugin%40yontoo.com:1.20.00
FF - prefs.js..extensions.enabledAddons: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.2
FF - prefs.js..extensions.enabledAddons: %7B64161300-e22b-11db-8314-0800200c9a66%7D:0.9.6.10
FF - prefs.js..extensions.enabledAddons: %7BB17C1C5A-04B1-11DB-9804-B622A1EF5492%7D:1.2.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0
FF - prefs.js..extensions.enabledItems: silvermelxt@pardal.de:1.3.6
FF - prefs.js..extensions.enabledItems: firegestures@xuldev.org:1.6.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: silvermel@pardal.de:1.3.6
FF - prefs.js..extensions.enabledItems: {080955ad-b8bb-4500-806f-d2b9ad73d72e}:1.8.71
FF - prefs.js..keyword.URL: "https://isearch.avg.com/search?cid=%7B0 ... &sap=ku&q="
FF - prefs.js..network.proxy.http: "83.208.124.70"
FF - prefs.js..network.proxy.type: 0
FF - user.js..browser.search.openintab: false
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.24 14:43:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.11.24 14:43:17 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.24 14:43:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.11.24 14:43:17 | 000,000,000 | ---D | M]
[2012.10.31 20:20:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jara\AppData\Roaming\Mozilla\Extensions
[2012.11.30 03:17:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\extensions
[2012.11.02 20:17:13 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2012.11.12 07:51:44 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\extensions\plugin@yontoo.com
[2012.11.28 03:47:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\extensions\staged
[2012.11.02 20:17:13 | 000,142,418 | ---- | M] () (No name found) -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\extensions\firegestures@xuldev.org.xpi
[2011.08.11 14:36:12 | 000,012,785 | ---- | M] () (No name found) -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\extensions\oneLiner@prospector.labs.mozilla.xpi
[2012.11.12 07:51:36 | 000,213,316 | ---- | M] () (No name found) -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\extensions\torntv@torntv.com.xpi
[2012.11.02 20:17:14 | 000,281,285 | ---- | M] () (No name found) -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
[2012.06.13 19:51:14 | 000,089,442 | ---- | M] () (No name found) -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi
[2012.11.28 03:47:05 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.01.24 04:08:54 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2011.08.15 06:48:52 | 000,000,377 | ---- | M] () -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\searchplugins\aukro.xml
[2011.08.15 06:48:28 | 000,000,380 | ---- | M] () -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\searchplugins\cojeco.xml
[2010.07.29 04:41:02 | 000,005,551 | ---- | M] () -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\searchplugins\google-maps.xml
[2010.07.29 04:47:08 | 000,002,388 | ---- | M] () -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\searchplugins\hellspy.xml
[2010.09.22 11:16:18 | 000,002,689 | ---- | M] () -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\searchplugins\search-defender.xml
[2011.08.15 06:49:02 | 000,000,406 | ---- | M] () -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\searchplugins\sfd.xml
[2010.09.08 05:22:42 | 000,004,140 | ---- | M] () -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\searchplugins\youtube.xml
[2012.11.24 14:43:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) -- C:\USERS\JARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VOWFHEII.DEFAULT\EXTENSIONS\ASCSURFINGPROTECTION@IOBIT.COM
[2012.11.24 14:43:22 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.11.24 14:43:19 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.11.24 14:43:19 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.11.24 14:43:19 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.11.24 14:43:19 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.11.24 14:43:19 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (PDFXChange 2012) - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll (Tracker Software Products (Canada) Ltd.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (PDFXChange 2012) - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll (Tracker Software Products (Canada) Ltd.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Acrobat Assistant 8.0] c:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] c:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Prevést cíl vazby do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Prevést cíl vazby do existujícího PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Prevést do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Pridat do stávajícího PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Prevést cíl vazby do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Prevést cíl vazby do existujícího PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Prevést do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Pridat do stávajícího PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B540387-1521-4078-AD8C-DEDF2D3387E0}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CCD03761-A88E-4D2B-8A1C-BEA29D7AC6BF}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2012.11.30 03:14:14 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jara\Desktop\OTL.exe
[2012.11.29 16:09:34 | 000,000,000 | ---D | C] -- C:\Users\Jara\Documents\Poznámkové bloky aplikace OneNote
[2012.11.29 03:39:54 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.11.29 03:39:53 | 000,000,000 | ---D | C] -- C:\rsit
[2012.11.29 03:30:44 | 005,008,458 | ---- | C] (Swearware) -- C:\Users\Jara\Desktop\ComboFix.exe
[2012.11.28 14:48:38 | 000,000,000 | ---D | C] -- C:\ProgramData\vsosdk
[2012.11.28 13:56:34 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\Vso
[2012.11.28 13:56:24 | 000,000,000 | ---D | C] -- C:\ProgramData\VSO
[2012.11.28 13:56:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VSO
[2012.11.25 10:38:49 | 000,626,688 | ---- | C] (On2.com) -- C:\Windows\SysWow64\vp7vfw.dll
[2012.11.25 10:38:48 | 001,184,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wvc1dmod.dll
[2012.11.25 10:20:29 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Local\Programs
[2012.11.25 04:16:16 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\Malwarebytes
[2012.11.25 04:15:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.11.25 04:15:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.11.25 04:15:56 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.11.25 04:15:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.11.24 14:43:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.11.21 08:34:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
[2012.11.21 08:34:16 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2012.11.20 13:23:50 | 000,000,000 | ---D | C] -- C:\Windows\tasks\TaskDisabled
[2012.11.20 10:54:55 | 000,000,000 | ---D | C] -- C:\Users\Jara\licman
[2012.11.20 10:54:54 | 000,000,000 | ---D | C] -- C:\Users\Jara\ERPro
[2012.11.20 10:53:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kroll Ontrack
[2012.11.19 11:34:32 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Local\Apps
[2012.11.19 11:10:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012.11.19 11:09:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2012.11.19 10:59:09 | 000,051,032 | R--- | C] (Adobe Systems Inc) -- C:\Windows\SysNative\AdobePDF.dll
[2012.11.19 10:59:09 | 000,024,416 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\SysNative\AdobePDFUI.dll
[2012.11.19 08:40:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3
[2012.11.17 21:07:43 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.11.14 04:12:14 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012.11.14 04:12:14 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012.11.14 04:06:41 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.11.14 04:06:40 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.11.14 04:06:39 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.11.14 04:06:39 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.11.14 04:06:39 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.11.14 04:06:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.11.14 04:06:39 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.11.14 04:06:39 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.11.14 04:06:38 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.11.14 04:06:38 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.11.14 04:06:38 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.11.14 04:06:38 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.11.14 04:06:36 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.11.14 04:06:36 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.11.14 04:06:36 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.11.14 04:04:52 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012.11.14 04:04:51 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012.11.14 04:04:51 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012.11.14 04:04:51 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012.11.14 04:04:23 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012.11.14 04:04:23 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012.11.14 04:04:22 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012.11.14 04:04:22 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012.11.14 04:04:22 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012.11.14 04:04:22 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012.11.14 04:04:10 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012.11.14 04:04:10 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012.11.14 04:04:10 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012.11.14 04:04:04 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012.11.14 04:04:04 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012.11.12 08:12:03 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Local\CrashDumps
[2012.11.12 07:51:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2012.11.11 05:33:07 | 000,000,000 | ---D | C] -- C:\Users\Jara\Documents\default
[2012.11.10 04:56:11 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012.11.10 04:56:11 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2012.11.10 04:55:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2012.11.10 04:55:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2012.11.09 09:44:51 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012.11.08 23:21:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012.11.07 04:39:10 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Local\GHISLER
[2012.11.07 04:17:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
[2012.11.07 04:17:22 | 000,000,000 | ---D | C] -- C:\totalcmd
[2012.11.07 04:17:22 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\GHISLER
[2012.11.06 04:47:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
[2012.11.05 21:25:12 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Local\Microsoft Games
[2012.11.05 20:54:28 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Jara\AppData\Roaming\pcouffin.sys
[2012.11.05 20:54:27 | 000,000,000 | ---D | C] -- C:\Users\Jara\Documents\PcSetup
[2012.11.05 20:48:49 | 000,000,000 | ---D | C] -- C:\Users\Jara\Documents\ConvertXtoDVD
[2012.11.04 20:23:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%
[2012.11.04 15:59:40 | 000,000,000 | ---D | C] -- C:\ProgramData\ChessBase
[2012.11.04 15:52:35 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2012.11.04 15:52:35 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2012.11.04 15:52:35 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2012.11.04 15:52:35 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2012.11.04 15:52:33 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2012.11.04 15:52:33 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2012.11.04 15:52:31 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2012.11.04 15:52:31 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2012.11.04 15:52:31 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2012.11.04 15:52:31 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2012.11.04 15:52:31 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2012.11.04 15:52:31 | 000,069,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012.11.04 15:52:29 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2012.11.04 15:52:29 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2012.11.04 15:52:28 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2012.11.04 15:52:28 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2012.11.04 15:52:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChessBase
[2012.11.04 15:48:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ChessBase
[2012.11.04 15:33:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.11.04 15:28:50 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\Skype
[2012.11.04 15:02:52 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\Apple Computer
[2012.11.04 14:48:10 | 000,000,000 | ---D | C] -- C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
[2012.11.04 14:48:10 | 000,000,000 | ---D | C] -- C:\ProgramData\{6F2F3866-38AD-4f48-852C-2FF5DE7A7588}
[2012.11.04 14:35:04 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2012.11.04 14:35:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2012.11.04 04:20:11 | 000,057,472 | ---- | C] (Tracker Software Products (Canada) Ltd.) -- C:\Windows\SysNative\pxc50pm.dll
[2012.11.04 04:19:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange 5 Pro
[2012.11.04 04:08:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2012.11.03 20:45:09 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Local\MigWiz
[2012.11.03 04:27:13 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\Hard Disk Sentinel
[2012.11.03 04:25:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Sentinel
[2012.11.03 04:25:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hard Disk Sentinel
[2012.11.02 20:13:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.11.02 20:13:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.11.02 20:08:38 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012.11.02 20:08:31 | 000,189,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012.11.02 20:08:31 | 000,188,904 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012.11.02 20:08:31 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012.11.02 20:08:23 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012.11.02 20:04:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2012.11.02 20:04:18 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\Real
[2012.11.02 20:03:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2012.11.02 20:01:48 | 001,034,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012.11.02 20:01:48 | 000,916,456 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012.11.02 18:01:25 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\AIMP3
[2012.11.02 18:00:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AIMP3
[2012.11.02 15:02:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoner Photo Studio 15
[2012.11.02 15:02:09 | 000,000,000 | ---D | C] -- C:\Program Files\Zoner
[2012.11.02 14:13:44 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\dvdcss
[2012.11.02 12:52:12 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.11.02 04:25:54 | 000,000,000 | ---D | C] -- C:\Program Files\Wireless Console 2
[2012.11.02 04:25:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wireless Console 2
[2012.11.01 22:59:40 | 000,439,808 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvs.dll
[2012.11.01 22:56:46 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\nn-NO
[2012.11.01 22:56:45 | 000,060,416 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvui.dll
[2012.11.01 22:56:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2012.11.01 22:56:37 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012.11.01 22:56:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atheros
[2012.11.01 22:55:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2012.11.01 22:55:46 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\InstallShield
[2012.11.01 22:55:37 | 000,000,000 | ---D | C] -- C:\SWSetup
[2012.11.01 21:30:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2012.11.01 21:02:32 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Local\ElevatedDiagnostics
[2012.11.01 18:26:33 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Local\Diagnostics
[2012.11.01 04:20:57 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\Ashampoo
[2012.11.01 04:20:41 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Local\ashampoo
[2012.11.01 04:20:41 | 000,000,000 | ---D | C] -- C:\ProgramData\ashampoo
[2012.11.01 04:19:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo
[2012.11.01 04:07:40 | 000,000,000 | ---D | C] -- C:\Users\Jara\Documents\ZPS15
[2012.11.01 04:07:39 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\Zoner
[2012.11.01 04:07:38 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Local\Zoner
[2012.11.01 04:07:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Zoner
[2012.10.31 21:13:35 | 000,000,000 | ---D | C] -- C:\Program Files\Tracker Software
[2012.10.31 20:25:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.10.31 20:22:40 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Local\Macromedia
[2012.10.31 20:20:21 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\Mozilla
[2012.10.31 20:20:21 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Local\Mozilla
[2012.10.31 20:10:30 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\uTorrent
[2012.10.31 20:03:56 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.10.31 20:03:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.10.31 20:03:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.10.31 18:17:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2012.10.31 17:38:02 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
========== Files - Modified Within 30 Days ==========
[2012.11.30 17:00:39 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.11.30 03:14:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jara\Desktop\OTL.exe
[2012.11.30 01:27:38 | 001,470,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.30 01:27:38 | 000,631,292 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.11.30 01:27:38 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.30 01:27:38 | 000,121,914 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.11.30 01:27:38 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.29 16:09:34 | 000,001,314 | ---- | M] () -- C:\Users\Jara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
[2012.11.29 16:03:17 | 000,016,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.29 16:03:17 | 000,016,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.29 15:55:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.29 15:55:53 | 3220,652,032 | -HS- | M] () -- C:\hiberfil.sys
OTL logfile created on: 30.11.2012 16:59:23 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jara\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,74 Gb Available Physical Memory | 68,43% Memory free
8,00 Gb Paging File | 6,63 Gb Available in Paging File | 82,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 70,11 Gb Total Space | 34,19 Gb Free Space | 48,77% Space Free | Partition Type: NTFS
Drive D: | 628,43 Gb Total Space | 191,60 Gb Free Space | 30,49% Space Free | Partition Type: NTFS
Drive J: | 931,51 Gb Total Space | 333,21 Gb Free Space | 35,77% Space Free | Partition Type: NTFS
Drive K: | 931,51 Gb Total Space | 467,24 Gb Free Space | 50,16% Space Free | Partition Type: NTFS
Computer Name: JARA-PC | User Name: Jara | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.11.30 03:14:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jara\Desktop\OTL.exe
PRC - [2012.11.26 17:26:37 | 000,878,480 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2012.11.06 19:00:32 | 003,143,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - [2012.11.06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
PRC - [2012.11.02 00:08:48 | 001,340,976 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
PRC - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
PRC - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2009.09.25 09:24:36 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009.08.19 20:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2009.06.19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2008.12.22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008.06.11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
========== Modules (No Company Name) ==========
MOD - [2012.11.07 18:38:03 | 014,586,808 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll
========== Services (SafeList) ==========
SRV:64bit: - [2009.08.18 02:36:20 | 000,203,264 | ---- | M] (AMD) [On_Demand | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.11.24 14:43:22 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.11.06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012.11.02 00:08:48 | 001,340,976 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe -- (avgfws)
SRV - [2012.10.30 22:31:13 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.11.04 20:08:15 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012.10.22 13:02:44 | 000,154,464 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2012.10.15 03:48:50 | 000,063,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012.10.05 03:32:50 | 000,111,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2012.10.02 03:30:38 | 000,185,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012.09.29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.09.21 03:46:04 | 000,200,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012.09.21 03:46:00 | 000,225,120 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2012.09.14 03:05:18 | 000,040,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2012.09.04 10:39:32 | 000,050,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.06.27 01:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.08.18 03:48:48 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007.08.09 01:21:00 | 000,013,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaulturl: "http://search.babylon.com/web/{searchTe ... h&AF=14542"
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0
FF - prefs.js..extensions.enabledAddons: firegestures%40xuldev.org:1.6.18
FF - prefs.js..extensions.enabledAddons: plugin%40yontoo.com:1.20.00
FF - prefs.js..extensions.enabledAddons: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.2
FF - prefs.js..extensions.enabledAddons: %7B64161300-e22b-11db-8314-0800200c9a66%7D:0.9.6.10
FF - prefs.js..extensions.enabledAddons: %7BB17C1C5A-04B1-11DB-9804-B622A1EF5492%7D:1.2.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0
FF - prefs.js..extensions.enabledItems: silvermelxt@pardal.de:1.3.6
FF - prefs.js..extensions.enabledItems: firegestures@xuldev.org:1.6.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: silvermel@pardal.de:1.3.6
FF - prefs.js..extensions.enabledItems: {080955ad-b8bb-4500-806f-d2b9ad73d72e}:1.8.71
FF - prefs.js..keyword.URL: "https://isearch.avg.com/search?cid=%7B0 ... &sap=ku&q="
FF - prefs.js..network.proxy.http: "83.208.124.70"
FF - prefs.js..network.proxy.type: 0
FF - user.js..browser.search.openintab: false
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.24 14:43:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.11.24 14:43:17 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.24 14:43:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.11.24 14:43:17 | 000,000,000 | ---D | M]
[2012.10.31 20:20:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jara\AppData\Roaming\Mozilla\Extensions
[2012.11.30 03:17:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\extensions
[2012.11.02 20:17:13 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2012.11.12 07:51:44 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\extensions\plugin@yontoo.com
[2012.11.28 03:47:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\extensions\staged
[2012.11.02 20:17:13 | 000,142,418 | ---- | M] () (No name found) -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\extensions\firegestures@xuldev.org.xpi
[2011.08.11 14:36:12 | 000,012,785 | ---- | M] () (No name found) -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\extensions\oneLiner@prospector.labs.mozilla.xpi
[2012.11.12 07:51:36 | 000,213,316 | ---- | M] () (No name found) -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\extensions\torntv@torntv.com.xpi
[2012.11.02 20:17:14 | 000,281,285 | ---- | M] () (No name found) -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
[2012.06.13 19:51:14 | 000,089,442 | ---- | M] () (No name found) -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi
[2012.11.28 03:47:05 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.01.24 04:08:54 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2011.08.15 06:48:52 | 000,000,377 | ---- | M] () -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\searchplugins\aukro.xml
[2011.08.15 06:48:28 | 000,000,380 | ---- | M] () -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\searchplugins\cojeco.xml
[2010.07.29 04:41:02 | 000,005,551 | ---- | M] () -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\searchplugins\google-maps.xml
[2010.07.29 04:47:08 | 000,002,388 | ---- | M] () -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\searchplugins\hellspy.xml
[2010.09.22 11:16:18 | 000,002,689 | ---- | M] () -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\searchplugins\search-defender.xml
[2011.08.15 06:49:02 | 000,000,406 | ---- | M] () -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\searchplugins\sfd.xml
[2010.09.08 05:22:42 | 000,004,140 | ---- | M] () -- C:\Users\Jara\AppData\Roaming\Mozilla\Firefox\Profiles\vowfheii.default\searchplugins\youtube.xml
[2012.11.24 14:43:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) -- C:\USERS\JARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VOWFHEII.DEFAULT\EXTENSIONS\ASCSURFINGPROTECTION@IOBIT.COM
[2012.11.24 14:43:22 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.11.24 14:43:19 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.11.24 14:43:19 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.11.24 14:43:19 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.11.24 14:43:19 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.11.24 14:43:19 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (PDFXChange 2012) - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll (Tracker Software Products (Canada) Ltd.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (PDFXChange 2012) - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll (Tracker Software Products (Canada) Ltd.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Acrobat Assistant 8.0] c:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] c:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Prevést cíl vazby do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Prevést cíl vazby do existujícího PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Prevést do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Pridat do stávajícího PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Prevést cíl vazby do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Prevést cíl vazby do existujícího PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Prevést do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Pridat do stávajícího PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B540387-1521-4078-AD8C-DEDF2D3387E0}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CCD03761-A88E-4D2B-8A1C-BEA29D7AC6BF}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2012.11.30 03:14:14 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jara\Desktop\OTL.exe
[2012.11.29 16:09:34 | 000,000,000 | ---D | C] -- C:\Users\Jara\Documents\Poznámkové bloky aplikace OneNote
[2012.11.29 03:39:54 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.11.29 03:39:53 | 000,000,000 | ---D | C] -- C:\rsit
[2012.11.29 03:30:44 | 005,008,458 | ---- | C] (Swearware) -- C:\Users\Jara\Desktop\ComboFix.exe
[2012.11.28 14:48:38 | 000,000,000 | ---D | C] -- C:\ProgramData\vsosdk
[2012.11.28 13:56:34 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\Vso
[2012.11.28 13:56:24 | 000,000,000 | ---D | C] -- C:\ProgramData\VSO
[2012.11.28 13:56:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VSO
[2012.11.25 10:38:49 | 000,626,688 | ---- | C] (On2.com) -- C:\Windows\SysWow64\vp7vfw.dll
[2012.11.25 10:38:48 | 001,184,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wvc1dmod.dll
[2012.11.25 10:20:29 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Local\Programs
[2012.11.25 04:16:16 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\Malwarebytes
[2012.11.25 04:15:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.11.25 04:15:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.11.25 04:15:56 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.11.25 04:15:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.11.24 14:43:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.11.21 08:34:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
[2012.11.21 08:34:16 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2012.11.20 13:23:50 | 000,000,000 | ---D | C] -- C:\Windows\tasks\TaskDisabled
[2012.11.20 10:54:55 | 000,000,000 | ---D | C] -- C:\Users\Jara\licman
[2012.11.20 10:54:54 | 000,000,000 | ---D | C] -- C:\Users\Jara\ERPro
[2012.11.20 10:53:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kroll Ontrack
[2012.11.19 11:34:32 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Local\Apps
[2012.11.19 11:10:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012.11.19 11:09:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2012.11.19 10:59:09 | 000,051,032 | R--- | C] (Adobe Systems Inc) -- C:\Windows\SysNative\AdobePDF.dll
[2012.11.19 10:59:09 | 000,024,416 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\SysNative\AdobePDFUI.dll
[2012.11.19 08:40:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3
[2012.11.17 21:07:43 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.11.14 04:12:14 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012.11.14 04:12:14 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012.11.14 04:06:41 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.11.14 04:06:40 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.11.14 04:06:39 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.11.14 04:06:39 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.11.14 04:06:39 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.11.14 04:06:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.11.14 04:06:39 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.11.14 04:06:39 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.11.14 04:06:38 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.11.14 04:06:38 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.11.14 04:06:38 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.11.14 04:06:38 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.11.14 04:06:36 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.11.14 04:06:36 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.11.14 04:06:36 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.11.14 04:04:52 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012.11.14 04:04:51 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012.11.14 04:04:51 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012.11.14 04:04:51 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012.11.14 04:04:23 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012.11.14 04:04:23 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012.11.14 04:04:22 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012.11.14 04:04:22 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012.11.14 04:04:22 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012.11.14 04:04:22 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012.11.14 04:04:10 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012.11.14 04:04:10 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012.11.14 04:04:10 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012.11.14 04:04:04 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012.11.14 04:04:04 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012.11.12 08:12:03 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Local\CrashDumps
[2012.11.12 07:51:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2012.11.11 05:33:07 | 000,000,000 | ---D | C] -- C:\Users\Jara\Documents\default
[2012.11.10 04:56:11 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012.11.10 04:56:11 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2012.11.10 04:55:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2012.11.10 04:55:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2012.11.09 09:44:51 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012.11.08 23:21:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012.11.07 04:39:10 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Local\GHISLER
[2012.11.07 04:17:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
[2012.11.07 04:17:22 | 000,000,000 | ---D | C] -- C:\totalcmd
[2012.11.07 04:17:22 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\GHISLER
[2012.11.06 04:47:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
[2012.11.05 21:25:12 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Local\Microsoft Games
[2012.11.05 20:54:28 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Jara\AppData\Roaming\pcouffin.sys
[2012.11.05 20:54:27 | 000,000,000 | ---D | C] -- C:\Users\Jara\Documents\PcSetup
[2012.11.05 20:48:49 | 000,000,000 | ---D | C] -- C:\Users\Jara\Documents\ConvertXtoDVD
[2012.11.04 20:23:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%
[2012.11.04 15:59:40 | 000,000,000 | ---D | C] -- C:\ProgramData\ChessBase
[2012.11.04 15:52:35 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2012.11.04 15:52:35 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2012.11.04 15:52:35 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2012.11.04 15:52:35 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2012.11.04 15:52:33 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2012.11.04 15:52:33 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2012.11.04 15:52:31 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2012.11.04 15:52:31 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2012.11.04 15:52:31 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2012.11.04 15:52:31 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2012.11.04 15:52:31 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2012.11.04 15:52:31 | 000,069,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012.11.04 15:52:29 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2012.11.04 15:52:29 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2012.11.04 15:52:28 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2012.11.04 15:52:28 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2012.11.04 15:52:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChessBase
[2012.11.04 15:48:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ChessBase
[2012.11.04 15:33:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.11.04 15:28:50 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\Skype
[2012.11.04 15:02:52 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\Apple Computer
[2012.11.04 14:48:10 | 000,000,000 | ---D | C] -- C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
[2012.11.04 14:48:10 | 000,000,000 | ---D | C] -- C:\ProgramData\{6F2F3866-38AD-4f48-852C-2FF5DE7A7588}
[2012.11.04 14:35:04 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2012.11.04 14:35:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2012.11.04 04:20:11 | 000,057,472 | ---- | C] (Tracker Software Products (Canada) Ltd.) -- C:\Windows\SysNative\pxc50pm.dll
[2012.11.04 04:19:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange 5 Pro
[2012.11.04 04:08:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2012.11.03 20:45:09 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Local\MigWiz
[2012.11.03 04:27:13 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\Hard Disk Sentinel
[2012.11.03 04:25:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Sentinel
[2012.11.03 04:25:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hard Disk Sentinel
[2012.11.02 20:13:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.11.02 20:13:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.11.02 20:08:38 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012.11.02 20:08:31 | 000,189,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012.11.02 20:08:31 | 000,188,904 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012.11.02 20:08:31 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012.11.02 20:08:23 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012.11.02 20:04:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2012.11.02 20:04:18 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\Real
[2012.11.02 20:03:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2012.11.02 20:01:48 | 001,034,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012.11.02 20:01:48 | 000,916,456 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012.11.02 18:01:25 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\AIMP3
[2012.11.02 18:00:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AIMP3
[2012.11.02 15:02:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoner Photo Studio 15
[2012.11.02 15:02:09 | 000,000,000 | ---D | C] -- C:\Program Files\Zoner
[2012.11.02 14:13:44 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\dvdcss
[2012.11.02 12:52:12 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.11.02 04:25:54 | 000,000,000 | ---D | C] -- C:\Program Files\Wireless Console 2
[2012.11.02 04:25:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wireless Console 2
[2012.11.01 22:59:40 | 000,439,808 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvs.dll
[2012.11.01 22:56:46 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\nn-NO
[2012.11.01 22:56:45 | 000,060,416 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvui.dll
[2012.11.01 22:56:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2012.11.01 22:56:37 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012.11.01 22:56:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atheros
[2012.11.01 22:55:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2012.11.01 22:55:46 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\InstallShield
[2012.11.01 22:55:37 | 000,000,000 | ---D | C] -- C:\SWSetup
[2012.11.01 21:30:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2012.11.01 21:02:32 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Local\ElevatedDiagnostics
[2012.11.01 18:26:33 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Local\Diagnostics
[2012.11.01 04:20:57 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\Ashampoo
[2012.11.01 04:20:41 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Local\ashampoo
[2012.11.01 04:20:41 | 000,000,000 | ---D | C] -- C:\ProgramData\ashampoo
[2012.11.01 04:19:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo
[2012.11.01 04:07:40 | 000,000,000 | ---D | C] -- C:\Users\Jara\Documents\ZPS15
[2012.11.01 04:07:39 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\Zoner
[2012.11.01 04:07:38 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Local\Zoner
[2012.11.01 04:07:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Zoner
[2012.10.31 21:13:35 | 000,000,000 | ---D | C] -- C:\Program Files\Tracker Software
[2012.10.31 20:25:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.10.31 20:22:40 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Local\Macromedia
[2012.10.31 20:20:21 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\Mozilla
[2012.10.31 20:20:21 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Local\Mozilla
[2012.10.31 20:10:30 | 000,000,000 | ---D | C] -- C:\Users\Jara\AppData\Roaming\uTorrent
[2012.10.31 20:03:56 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.10.31 20:03:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.10.31 20:03:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.10.31 18:17:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2012.10.31 17:38:02 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
========== Files - Modified Within 30 Days ==========
[2012.11.30 17:00:39 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.11.30 03:14:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jara\Desktop\OTL.exe
[2012.11.30 01:27:38 | 001,470,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.30 01:27:38 | 000,631,292 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.11.30 01:27:38 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.30 01:27:38 | 000,121,914 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.11.30 01:27:38 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.29 16:09:34 | 000,001,314 | ---- | M] () -- C:\Users\Jara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
[2012.11.29 16:03:17 | 000,016,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.29 16:03:17 | 000,016,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.29 15:55:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.29 15:55:53 | 3220,652,032 | -HS- | M] () -- C:\hiberfil.sys
Re: Prosím o kontrolu logu
dále
[2012.11.29 03:39:41 | 000,935,175 | ---- | M] () -- C:\Users\Jara\Desktop\RSITx64.exe
[2012.11.29 03:30:44 | 005,008,458 | ---- | M] (Swearware) -- C:\Users\Jara\Desktop\ComboFix.exe
[2012.11.28 13:56:34 | 000,099,384 | ---- | M] () -- C:\Users\Jara\AppData\Roaming\inst.exe
[2012.11.28 13:56:34 | 000,082,816 | ---- | M] (VSO Software) -- C:\Users\Jara\AppData\Roaming\pcouffin.sys
[2012.11.28 13:56:34 | 000,007,859 | ---- | M] () -- C:\Users\Jara\AppData\Roaming\pcouffin.cat
[2012.11.28 13:56:34 | 000,001,167 | ---- | M] () -- C:\Users\Jara\AppData\Roaming\pcouffin.inf
[2012.11.28 13:56:32 | 000,001,228 | ---- | M] () -- C:\Users\Jara\Desktop\ConvertXtoDVD 5.lnk
[2012.11.28 13:55:01 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.11.28 12:56:48 | 000,003,504 | ---- | M] () -- C:\Users\Jara\AppData\Local\SRDownloader.nast
[2012.11.25 10:17:55 | 000,001,057 | ---- | M] () -- C:\Users\Jara\AppData\Roaming\vso_ts_preview.xml
[2012.11.25 04:15:58 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.11.24 04:21:15 | 000,002,266 | ---- | M] () -- C:\Users\Jara\AppData\Local\SRDownloader.err
[2012.11.21 20:16:30 | 001,184,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wvc1dmod.dll
[2012.11.21 20:16:30 | 000,626,688 | ---- | M] (On2.com) -- C:\Windows\SysWow64\vp7vfw.dll
[2012.11.21 08:34:17 | 000,001,658 | ---- | M] () -- C:\Users\Public\Desktop\Recuva.lnk
[2012.11.19 11:16:08 | 000,438,624 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.11.19 10:58:52 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat 9 Pro.lnk
[2012.11.17 18:11:43 | 000,007,636 | ---- | M] () -- C:\Users\Jara\AppData\Local\Resmon.ResmonCfg
[2012.11.08 23:21:39 | 000,000,977 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2012.11.07 18:38:03 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.11.07 18:38:03 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.11.07 04:17:25 | 000,000,646 | ---- | M] () -- C:\Users\Public\Desktop\Total Commander 64 bit.lnk
[2012.11.05 04:04:54 | 000,000,954 | ---- | M] () -- C:\Users\Jara\Desktop\šachy – zástupce.lnk
[2012.11.04 20:08:15 | 000,868,848 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2012.11.04 15:55:36 | 000,000,348 | ---- | M] () -- C:\Users\Jara\Desktop\Jednotka CD-ROM – zástupce.lnk
[2012.11.04 15:52:09 | 000,002,153 | ---- | M] () -- C:\Users\Public\Desktop\Fritz 12.lnk
[2012.11.04 15:33:51 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.11.04 14:35:04 | 000,001,299 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 11.lnk
[2012.11.04 04:19:53 | 000,001,018 | ---- | M] () -- C:\Users\Jara\Desktop\PDF-Viewer.lnk
[2012.11.04 04:19:52 | 000,001,049 | ---- | M] () -- C:\Users\Public\Desktop\Office2PDF5.lnk
[2012.11.04 04:19:52 | 000,001,025 | ---- | M] () -- C:\Users\Public\Desktop\PDF-Tools.lnk
[2012.11.04 04:08:22 | 000,000,943 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012.11.04 03:53:15 | 000,000,697 | ---- | M] () -- C:\Users\Jara\Desktop\Film – zástupce.lnk
[2012.11.04 03:50:56 | 000,000,704 | ---- | M] () -- C:\Users\Jara\Desktop\Music – zástupce.lnk
[2012.11.03 20:24:15 | 000,000,659 | ---- | M] () -- C:\Users\Jara\Desktop\Download – zástupce.lnk
[2012.11.03 04:25:48 | 000,001,003 | ---- | M] () -- C:\Users\Jara\Desktop\Hard Disk Sentinel.lnk
[2012.11.02 20:13:44 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.02 20:08:26 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012.11.02 20:08:25 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012.11.02 20:08:25 | 000,916,456 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012.11.02 20:08:25 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012.11.02 20:08:25 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012.11.02 20:08:25 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012.11.02 15:02:30 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Zoner Photo Studio 15.lnk
[2012.11.02 15:02:30 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Zoner Photo Studio 15 x64.lnk
[2012.11.02 14:57:23 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.11.02 04:07:45 | 000,001,139 | ---- | M] () -- C:\Users\Jara\Desktop\aida64.exe – zástupce.lnk
[2012.11.02 04:06:45 | 000,000,485 | ---- | M] () -- C:\Users\Jara\Desktop\Expansion Drive (K) – zástupce.lnk
========== Files Created - No Company Name ==========
[2012.11.30 03:21:08 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.11.29 16:09:34 | 000,001,314 | ---- | C] () -- C:\Users\Jara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
[2012.11.29 03:39:41 | 000,935,175 | ---- | C] () -- C:\Users\Jara\Desktop\RSITx64.exe
[2012.11.28 13:56:32 | 000,001,228 | ---- | C] () -- C:\Users\Jara\Desktop\ConvertXtoDVD 5.lnk
[2012.11.25 04:15:58 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.11.21 08:34:17 | 000,001,658 | ---- | C] () -- C:\Users\Public\Desktop\Recuva.lnk
[2012.11.14 04:12:16 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.11.14 04:04:51 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.11.07 04:17:25 | 000,000,646 | ---- | C] () -- C:\Users\Public\Desktop\Total Commander 64 bit.lnk
[2012.11.06 04:48:13 | 000,001,057 | ---- | C] () -- C:\Users\Jara\AppData\Roaming\vso_ts_preview.xml
[2012.11.05 20:54:28 | 000,099,384 | ---- | C] () -- C:\Users\Jara\AppData\Roaming\inst.exe
[2012.11.05 20:54:28 | 000,007,859 | ---- | C] () -- C:\Users\Jara\AppData\Roaming\pcouffin.cat
[2012.11.05 20:54:28 | 000,001,167 | ---- | C] () -- C:\Users\Jara\AppData\Roaming\pcouffin.inf
[2012.11.05 04:04:04 | 000,000,954 | ---- | C] () -- C:\Users\Jara\Desktop\šachy – zástupce.lnk
[2012.11.04 20:08:14 | 000,868,848 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2012.11.04 15:55:36 | 000,000,348 | ---- | C] () -- C:\Users\Jara\Desktop\Jednotka CD-ROM – zástupce.lnk
[2012.11.04 15:52:09 | 000,002,153 | ---- | C] () -- C:\Users\Public\Desktop\Fritz 12.lnk
[2012.11.04 15:33:51 | 000,002,533 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.11.04 14:35:04 | 000,001,299 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 11.lnk
[2012.11.04 04:19:53 | 000,001,018 | ---- | C] () -- C:\Users\Jara\Desktop\PDF-Viewer.lnk
[2012.11.04 04:19:52 | 000,001,049 | ---- | C] () -- C:\Users\Public\Desktop\Office2PDF5.lnk
[2012.11.04 04:19:52 | 000,001,025 | ---- | C] () -- C:\Users\Public\Desktop\PDF-Tools.lnk
[2012.11.04 04:08:22 | 000,000,943 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012.11.03 20:24:15 | 000,000,659 | ---- | C] () -- C:\Users\Jara\Desktop\Download – zástupce.lnk
[2012.11.03 20:24:01 | 000,000,697 | ---- | C] () -- C:\Users\Jara\Desktop\Film – zástupce.lnk
[2012.11.03 19:07:55 | 000,002,266 | ---- | C] () -- C:\Users\Jara\AppData\Local\SRDownloader.err
[2012.11.03 04:25:48 | 000,001,003 | ---- | C] () -- C:\Users\Jara\Desktop\Hard Disk Sentinel.lnk
[2012.11.02 20:13:44 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.11.02 20:13:44 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.02 15:02:30 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Zoner Photo Studio 15.lnk
[2012.11.02 15:02:30 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Zoner Photo Studio 15 x64.lnk
[2012.11.02 14:57:23 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.11.02 12:52:12 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.11.02 04:07:45 | 000,001,139 | ---- | C] () -- C:\Users\Jara\Desktop\aida64.exe – zástupce.lnk
[2012.11.02 04:06:45 | 000,000,485 | ---- | C] () -- C:\Users\Jara\Desktop\Expansion Drive (K) – zástupce.lnk
[2012.11.01 05:07:51 | 000,007,636 | ---- | C] () -- C:\Users\Jara\AppData\Local\Resmon.ResmonCfg
[2012.10.30 20:04:02 | 000,003,504 | ---- | C] () -- C:\Users\Jara\AppData\Local\SRDownloader.nast
[2012.10.30 19:31:21 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.11.29 19:01:12 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\AIMP3
[2012.11.01 04:20:57 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Ashampoo
[2012.10.31 04:29:18 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\AVG2013
[2012.10.31 05:40:02 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\ChessBase
[2012.11.07 04:17:22 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\GHISLER
[2012.11.03 04:27:14 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Hard Disk Sentinel
[2012.11.04 15:29:14 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\IObit
[2012.10.30 19:54:55 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Opera
[2012.10.31 04:28:38 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\TuneUp Software
[2012.11.29 03:59:41 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\uTorrent
[2012.11.29 03:59:42 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Vso
[2012.11.01 04:07:39 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Zoner
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,013,506 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012.09.29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.03.30 11:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2012.03.30 12:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012.08.22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2012.03.30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012.09.29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< >
< %systemroot%*.* /U /s >
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.11.17 22:02:22 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Adobe
[2012.11.29 19:01:12 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\AIMP3
[2012.11.04 15:02:52 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Apple Computer
[2012.11.01 04:20:57 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Ashampoo
[2012.10.31 04:29:18 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\AVG2013
[2012.10.31 05:40:02 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\ChessBase
[2012.11.30 01:48:48 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\dvdcss
[2012.11.07 04:17:22 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\GHISLER
[2012.11.03 04:27:14 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Hard Disk Sentinel
[2012.10.30 19:37:23 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Identities
[2012.11.01 22:55:46 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\InstallShield
[2012.11.04 15:29:14 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\IObit
[2012.10.30 20:18:11 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Macromedia
[2012.11.25 04:16:16 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Malwarebytes
[2009.07.14 16:36:38 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Media Center Programs
[2012.11.29 16:09:35 | 000,000,000 | --SD | M] -- C:\Users\Jara\AppData\Roaming\Microsoft
[2012.10.31 20:20:29 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Mozilla
[2012.10.30 19:54:55 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Opera
[2012.11.02 20:09:47 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Real
[2012.11.27 15:12:38 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Skype
[2012.10.31 04:28:38 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\TuneUp Software
[2012.11.29 03:59:41 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\uTorrent
[2012.11.30 16:56:21 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\vlc
[2012.11.29 03:59:42 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Vso
[2012.10.31 05:08:49 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\WinRAR
[2012.11.01 04:07:39 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2012.11.28 13:56:34 | 000,099,384 | ---- | M] () -- C:\Users\Jara\AppData\Roaming\inst.exe
[2012.11.19 08:39:51 | 007,626,672 | ---- | M] (AIMP DevTeam) -- C:\Users\Jara\AppData\Roaming\AIMP3\UpdateInstaller.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< *crack* /s >
< *keygen* /s >
< *loader* /s >
[2008.03.18 07:31:00 | 000,009,216 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\PDFMaker\AutoCAD\OD\AecDummyLoader_2.05_8.dll
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2012.06.09 19:19:38 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012.10.18 17:48:18 | 000,430,080 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Facebook\ZPSPluginLoader.exe
[2012.10.18 17:47:30 | 000,442,368 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 15:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Flickr\ZPSPluginLoader.exe
[2012.10.18 17:48:44 | 000,194,560 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Picasa\ZPSPluginLoader.exe
[2012.10.18 17:56:18 | 000,103,520 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Program32\8bfLoader.exe
[2012.10.18 17:56:32 | 000,017,504 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Program32\WICLoader.exe
[2012.10.18 17:57:26 | 000,020,064 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Program64\WICLoader.exe
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.11.24 04:21:15 | 000,002,266 | ---- | M] () -- \Users\Jara\AppData\Local\SRDownloader.err
[2012.11.28 12:56:48 | 000,003,504 | ---- | M] () -- \Users\Jara\AppData\Local\SRDownloader.nast
[2012.11.10 04:49:15 | 000,011,275 | ---- | M] () -- \Users\Jara\AppData\Local\Opera\Opera\widgets\youtube-downloader-2-1.7-1.oex
[2012.10.30 20:06:48 | 000,000,936 | ---- | M] () -- \Users\Jara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\SRDownloader.exe – zástupce.lnk
[2012.10.30 20:49:08 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 16:22:27 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:46:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 16:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 16:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 16:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 16:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 16:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.10.31 04:11:11 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.10.31 04:11:11 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012.10.31 04:11:11 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012.10.31 04:11:11 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012.10.31 04:11:11 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 12:09:17 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2007.10.10 14:23:56 | 000,001,673 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\amt_assets\LMResources\BadSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,001,545 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\amt_assets\LMResources\CantChangeSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,001,639 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\amt_assets\LMResources\InValidUpGradeSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,000,833 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\amt_assets\LMResources\ReserializeAlert.exv
[2008.02.14 12:28:06 | 000,027,858 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\amt_assets\LMResources\SerializationWF.exv
[2007.10.10 14:23:56 | 000,001,673 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\BadSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,001,545 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\CantChangeSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,001,639 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\InValidUpGradeSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,000,833 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\ReserializeAlert.exv
[2008.02.14 12:28:06 | 000,027,858 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\SerializationWF.exv
[2007.10.10 14:23:56 | 000,001,695 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\ar_AE\BadSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,001,567 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\ar_AE\CantChangeSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,001,661 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\ar_AE\InValidUpGradeSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,000,855 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\ar_AE\ReserializeAlert.exv
[2008.02.14 12:28:06 | 000,027,880 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\ar_AE\SerializationWF.exv
[2007.10.10 14:23:56 | 000,001,695 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\he_IL\BadSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,001,567 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\he_IL\CantChangeSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,001,661 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\he_IL\InValidUpGradeSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,000,855 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\he_IL\ReserializeAlert.exv
[2008.02.14 12:28:08 | 000,027,880 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\he_IL\SerializationWF.exv
[2012.11.03 16:41:51 | 000,003,234 | ---- | M] () -- \Program Files (x86)\Hard Disk Sentinel\DISKDATA_Hard_Disk_Device_1_SERIAL1_DISK1.dat
[2009.08.25 18:11:56 | 000,002,158 | ---- | M] () -- \Program Files (x86)\ChessBase\ChessProgram12\Ribbons\Large\EnterSerial32.png
[2009.08.25 18:12:04 | 000,000,897 | ---- | M] () -- \Program Files (x86)\ChessBase\ChessProgram12\Ribbons\Small\EnterSerial16.png
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:52:08 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.07.14 16:17:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.11.14 04:19:36 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a67380b6387234a8a9032ccd5c3dbf4e\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.11.14 07:07:55 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\fecb0ca59057e9d190318551d40feb22\System.Runtime.Serialization.ni.dll
[2012.11.14 06:54:33 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\6e3b230af51086c55c8e84f2d2ab8e8e\System.Runtime.Serialization.ni.dll
[2012.11.14 04:23:00 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\ab8dae4950e1e2785625c1dfdf3be672\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.11.14 07:11:37 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\0d2c8da8749c683b47f01101c9ea26d5\System.Runtime.Serialization.ni.dll
[2012.11.14 07:11:43 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\87ac195467372a8cee1c388028e15606\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.11.14 07:14:08 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\e245e7c9819fa2e66c0403b82c2897d7\System.Xml.Serialization.ni.dll
[2012.11.14 07:02:57 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\125e2e0f6db2e124502c867fc8ebda4d\System.Runtime.Serialization.ni.dll
[2012.11.14 07:03:09 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\7e16291fd4ee767d64674686ae77e71c\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.11.14 07:07:08 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\e9f2731e53c25d8273c13ead62f95572\System.Xml.Serialization.ni.dll
[2012.10.31 18:38:57 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.11.14 04:14:44 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.10.31 18:38:56 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2012.11.14 04:14:41 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.11.14 04:14:52 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009.07.14 16:17:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.14 16:17:22 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2009.07.14 16:17:25 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 21:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2010.11.05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2009.06.10 21:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2010.11.05 02:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.31 04:10:59 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2012.10.31 04:10:59 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2009.07.14 16:17:49 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009.07.14 16:17:47 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 14:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 14:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 03:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2010.11.20 06:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2009.07.14 03:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2010.11.20 06:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2009.07.14 16:16:38 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 16:17:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2009.07.14 16:17:21 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
< *w7lxe* /s >
< End of report >
[2012.11.29 03:39:41 | 000,935,175 | ---- | M] () -- C:\Users\Jara\Desktop\RSITx64.exe
[2012.11.29 03:30:44 | 005,008,458 | ---- | M] (Swearware) -- C:\Users\Jara\Desktop\ComboFix.exe
[2012.11.28 13:56:34 | 000,099,384 | ---- | M] () -- C:\Users\Jara\AppData\Roaming\inst.exe
[2012.11.28 13:56:34 | 000,082,816 | ---- | M] (VSO Software) -- C:\Users\Jara\AppData\Roaming\pcouffin.sys
[2012.11.28 13:56:34 | 000,007,859 | ---- | M] () -- C:\Users\Jara\AppData\Roaming\pcouffin.cat
[2012.11.28 13:56:34 | 000,001,167 | ---- | M] () -- C:\Users\Jara\AppData\Roaming\pcouffin.inf
[2012.11.28 13:56:32 | 000,001,228 | ---- | M] () -- C:\Users\Jara\Desktop\ConvertXtoDVD 5.lnk
[2012.11.28 13:55:01 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.11.28 12:56:48 | 000,003,504 | ---- | M] () -- C:\Users\Jara\AppData\Local\SRDownloader.nast
[2012.11.25 10:17:55 | 000,001,057 | ---- | M] () -- C:\Users\Jara\AppData\Roaming\vso_ts_preview.xml
[2012.11.25 04:15:58 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.11.24 04:21:15 | 000,002,266 | ---- | M] () -- C:\Users\Jara\AppData\Local\SRDownloader.err
[2012.11.21 20:16:30 | 001,184,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wvc1dmod.dll
[2012.11.21 20:16:30 | 000,626,688 | ---- | M] (On2.com) -- C:\Windows\SysWow64\vp7vfw.dll
[2012.11.21 08:34:17 | 000,001,658 | ---- | M] () -- C:\Users\Public\Desktop\Recuva.lnk
[2012.11.19 11:16:08 | 000,438,624 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.11.19 10:58:52 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat 9 Pro.lnk
[2012.11.17 18:11:43 | 000,007,636 | ---- | M] () -- C:\Users\Jara\AppData\Local\Resmon.ResmonCfg
[2012.11.08 23:21:39 | 000,000,977 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2012.11.07 18:38:03 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.11.07 18:38:03 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.11.07 04:17:25 | 000,000,646 | ---- | M] () -- C:\Users\Public\Desktop\Total Commander 64 bit.lnk
[2012.11.05 04:04:54 | 000,000,954 | ---- | M] () -- C:\Users\Jara\Desktop\šachy – zástupce.lnk
[2012.11.04 20:08:15 | 000,868,848 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2012.11.04 15:55:36 | 000,000,348 | ---- | M] () -- C:\Users\Jara\Desktop\Jednotka CD-ROM – zástupce.lnk
[2012.11.04 15:52:09 | 000,002,153 | ---- | M] () -- C:\Users\Public\Desktop\Fritz 12.lnk
[2012.11.04 15:33:51 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.11.04 14:35:04 | 000,001,299 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 11.lnk
[2012.11.04 04:19:53 | 000,001,018 | ---- | M] () -- C:\Users\Jara\Desktop\PDF-Viewer.lnk
[2012.11.04 04:19:52 | 000,001,049 | ---- | M] () -- C:\Users\Public\Desktop\Office2PDF5.lnk
[2012.11.04 04:19:52 | 000,001,025 | ---- | M] () -- C:\Users\Public\Desktop\PDF-Tools.lnk
[2012.11.04 04:08:22 | 000,000,943 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012.11.04 03:53:15 | 000,000,697 | ---- | M] () -- C:\Users\Jara\Desktop\Film – zástupce.lnk
[2012.11.04 03:50:56 | 000,000,704 | ---- | M] () -- C:\Users\Jara\Desktop\Music – zástupce.lnk
[2012.11.03 20:24:15 | 000,000,659 | ---- | M] () -- C:\Users\Jara\Desktop\Download – zástupce.lnk
[2012.11.03 04:25:48 | 000,001,003 | ---- | M] () -- C:\Users\Jara\Desktop\Hard Disk Sentinel.lnk
[2012.11.02 20:13:44 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.02 20:08:26 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012.11.02 20:08:25 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012.11.02 20:08:25 | 000,916,456 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012.11.02 20:08:25 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012.11.02 20:08:25 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012.11.02 20:08:25 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012.11.02 15:02:30 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Zoner Photo Studio 15.lnk
[2012.11.02 15:02:30 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Zoner Photo Studio 15 x64.lnk
[2012.11.02 14:57:23 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.11.02 04:07:45 | 000,001,139 | ---- | M] () -- C:\Users\Jara\Desktop\aida64.exe – zástupce.lnk
[2012.11.02 04:06:45 | 000,000,485 | ---- | M] () -- C:\Users\Jara\Desktop\Expansion Drive (K) – zástupce.lnk
========== Files Created - No Company Name ==========
[2012.11.30 03:21:08 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.11.29 16:09:34 | 000,001,314 | ---- | C] () -- C:\Users\Jara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
[2012.11.29 03:39:41 | 000,935,175 | ---- | C] () -- C:\Users\Jara\Desktop\RSITx64.exe
[2012.11.28 13:56:32 | 000,001,228 | ---- | C] () -- C:\Users\Jara\Desktop\ConvertXtoDVD 5.lnk
[2012.11.25 04:15:58 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.11.21 08:34:17 | 000,001,658 | ---- | C] () -- C:\Users\Public\Desktop\Recuva.lnk
[2012.11.14 04:12:16 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.11.14 04:04:51 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.11.07 04:17:25 | 000,000,646 | ---- | C] () -- C:\Users\Public\Desktop\Total Commander 64 bit.lnk
[2012.11.06 04:48:13 | 000,001,057 | ---- | C] () -- C:\Users\Jara\AppData\Roaming\vso_ts_preview.xml
[2012.11.05 20:54:28 | 000,099,384 | ---- | C] () -- C:\Users\Jara\AppData\Roaming\inst.exe
[2012.11.05 20:54:28 | 000,007,859 | ---- | C] () -- C:\Users\Jara\AppData\Roaming\pcouffin.cat
[2012.11.05 20:54:28 | 000,001,167 | ---- | C] () -- C:\Users\Jara\AppData\Roaming\pcouffin.inf
[2012.11.05 04:04:04 | 000,000,954 | ---- | C] () -- C:\Users\Jara\Desktop\šachy – zástupce.lnk
[2012.11.04 20:08:14 | 000,868,848 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2012.11.04 15:55:36 | 000,000,348 | ---- | C] () -- C:\Users\Jara\Desktop\Jednotka CD-ROM – zástupce.lnk
[2012.11.04 15:52:09 | 000,002,153 | ---- | C] () -- C:\Users\Public\Desktop\Fritz 12.lnk
[2012.11.04 15:33:51 | 000,002,533 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.11.04 14:35:04 | 000,001,299 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 11.lnk
[2012.11.04 04:19:53 | 000,001,018 | ---- | C] () -- C:\Users\Jara\Desktop\PDF-Viewer.lnk
[2012.11.04 04:19:52 | 000,001,049 | ---- | C] () -- C:\Users\Public\Desktop\Office2PDF5.lnk
[2012.11.04 04:19:52 | 000,001,025 | ---- | C] () -- C:\Users\Public\Desktop\PDF-Tools.lnk
[2012.11.04 04:08:22 | 000,000,943 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012.11.03 20:24:15 | 000,000,659 | ---- | C] () -- C:\Users\Jara\Desktop\Download – zástupce.lnk
[2012.11.03 20:24:01 | 000,000,697 | ---- | C] () -- C:\Users\Jara\Desktop\Film – zástupce.lnk
[2012.11.03 19:07:55 | 000,002,266 | ---- | C] () -- C:\Users\Jara\AppData\Local\SRDownloader.err
[2012.11.03 04:25:48 | 000,001,003 | ---- | C] () -- C:\Users\Jara\Desktop\Hard Disk Sentinel.lnk
[2012.11.02 20:13:44 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.11.02 20:13:44 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.02 15:02:30 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Zoner Photo Studio 15.lnk
[2012.11.02 15:02:30 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Zoner Photo Studio 15 x64.lnk
[2012.11.02 14:57:23 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.11.02 12:52:12 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.11.02 04:07:45 | 000,001,139 | ---- | C] () -- C:\Users\Jara\Desktop\aida64.exe – zástupce.lnk
[2012.11.02 04:06:45 | 000,000,485 | ---- | C] () -- C:\Users\Jara\Desktop\Expansion Drive (K) – zástupce.lnk
[2012.11.01 05:07:51 | 000,007,636 | ---- | C] () -- C:\Users\Jara\AppData\Local\Resmon.ResmonCfg
[2012.10.30 20:04:02 | 000,003,504 | ---- | C] () -- C:\Users\Jara\AppData\Local\SRDownloader.nast
[2012.10.30 19:31:21 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.11.29 19:01:12 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\AIMP3
[2012.11.01 04:20:57 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Ashampoo
[2012.10.31 04:29:18 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\AVG2013
[2012.10.31 05:40:02 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\ChessBase
[2012.11.07 04:17:22 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\GHISLER
[2012.11.03 04:27:14 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Hard Disk Sentinel
[2012.11.04 15:29:14 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\IObit
[2012.10.30 19:54:55 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Opera
[2012.10.31 04:28:38 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\TuneUp Software
[2012.11.29 03:59:41 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\uTorrent
[2012.11.29 03:59:42 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Vso
[2012.11.01 04:07:39 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Zoner
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,013,506 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012.09.29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.03.30 11:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2012.03.30 12:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012.08.22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2012.03.30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012.09.29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< >
< %systemroot%*.* /U /s >
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.11.17 22:02:22 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Adobe
[2012.11.29 19:01:12 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\AIMP3
[2012.11.04 15:02:52 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Apple Computer
[2012.11.01 04:20:57 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Ashampoo
[2012.10.31 04:29:18 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\AVG2013
[2012.10.31 05:40:02 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\ChessBase
[2012.11.30 01:48:48 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\dvdcss
[2012.11.07 04:17:22 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\GHISLER
[2012.11.03 04:27:14 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Hard Disk Sentinel
[2012.10.30 19:37:23 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Identities
[2012.11.01 22:55:46 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\InstallShield
[2012.11.04 15:29:14 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\IObit
[2012.10.30 20:18:11 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Macromedia
[2012.11.25 04:16:16 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Malwarebytes
[2009.07.14 16:36:38 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Media Center Programs
[2012.11.29 16:09:35 | 000,000,000 | --SD | M] -- C:\Users\Jara\AppData\Roaming\Microsoft
[2012.10.31 20:20:29 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Mozilla
[2012.10.30 19:54:55 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Opera
[2012.11.02 20:09:47 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Real
[2012.11.27 15:12:38 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Skype
[2012.10.31 04:28:38 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\TuneUp Software
[2012.11.29 03:59:41 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\uTorrent
[2012.11.30 16:56:21 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\vlc
[2012.11.29 03:59:42 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Vso
[2012.10.31 05:08:49 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\WinRAR
[2012.11.01 04:07:39 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2012.11.28 13:56:34 | 000,099,384 | ---- | M] () -- C:\Users\Jara\AppData\Roaming\inst.exe
[2012.11.19 08:39:51 | 007,626,672 | ---- | M] (AIMP DevTeam) -- C:\Users\Jara\AppData\Roaming\AIMP3\UpdateInstaller.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< *crack* /s >
< *keygen* /s >
< *loader* /s >
[2008.03.18 07:31:00 | 000,009,216 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\PDFMaker\AutoCAD\OD\AecDummyLoader_2.05_8.dll
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2012.06.09 19:19:38 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012.10.18 17:48:18 | 000,430,080 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Facebook\ZPSPluginLoader.exe
[2012.10.18 17:47:30 | 000,442,368 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 15:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Flickr\ZPSPluginLoader.exe
[2012.10.18 17:48:44 | 000,194,560 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Picasa\ZPSPluginLoader.exe
[2012.10.18 17:56:18 | 000,103,520 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Program32\8bfLoader.exe
[2012.10.18 17:56:32 | 000,017,504 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Program32\WICLoader.exe
[2012.10.18 17:57:26 | 000,020,064 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Program64\WICLoader.exe
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.11.24 04:21:15 | 000,002,266 | ---- | M] () -- \Users\Jara\AppData\Local\SRDownloader.err
[2012.11.28 12:56:48 | 000,003,504 | ---- | M] () -- \Users\Jara\AppData\Local\SRDownloader.nast
[2012.11.10 04:49:15 | 000,011,275 | ---- | M] () -- \Users\Jara\AppData\Local\Opera\Opera\widgets\youtube-downloader-2-1.7-1.oex
[2012.10.30 20:06:48 | 000,000,936 | ---- | M] () -- \Users\Jara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\SRDownloader.exe – zástupce.lnk
[2012.10.30 20:49:08 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 16:22:27 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:46:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 16:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 16:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 16:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 16:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 16:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.10.31 04:11:11 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.10.31 04:11:11 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012.10.31 04:11:11 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012.10.31 04:11:11 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012.10.31 04:11:11 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 12:09:17 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2007.10.10 14:23:56 | 000,001,673 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\amt_assets\LMResources\BadSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,001,545 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\amt_assets\LMResources\CantChangeSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,001,639 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\amt_assets\LMResources\InValidUpGradeSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,000,833 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\amt_assets\LMResources\ReserializeAlert.exv
[2008.02.14 12:28:06 | 000,027,858 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\amt_assets\LMResources\SerializationWF.exv
[2007.10.10 14:23:56 | 000,001,673 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\BadSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,001,545 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\CantChangeSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,001,639 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\InValidUpGradeSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,000,833 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\ReserializeAlert.exv
[2008.02.14 12:28:06 | 000,027,858 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\SerializationWF.exv
[2007.10.10 14:23:56 | 000,001,695 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\ar_AE\BadSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,001,567 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\ar_AE\CantChangeSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,001,661 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\ar_AE\InValidUpGradeSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,000,855 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\ar_AE\ReserializeAlert.exv
[2008.02.14 12:28:06 | 000,027,880 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\ar_AE\SerializationWF.exv
[2007.10.10 14:23:56 | 000,001,695 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\he_IL\BadSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,001,567 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\he_IL\CantChangeSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,001,661 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\he_IL\InValidUpGradeSerialNumberAlert.exv
[2007.10.10 14:23:56 | 000,000,855 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\he_IL\ReserializeAlert.exv
[2008.02.14 12:28:08 | 000,027,880 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LMResources\he_IL\SerializationWF.exv
[2012.11.03 16:41:51 | 000,003,234 | ---- | M] () -- \Program Files (x86)\Hard Disk Sentinel\DISKDATA_Hard_Disk_Device_1_SERIAL1_DISK1.dat
[2009.08.25 18:11:56 | 000,002,158 | ---- | M] () -- \Program Files (x86)\ChessBase\ChessProgram12\Ribbons\Large\EnterSerial32.png
[2009.08.25 18:12:04 | 000,000,897 | ---- | M] () -- \Program Files (x86)\ChessBase\ChessProgram12\Ribbons\Small\EnterSerial16.png
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:52:08 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.07.14 16:17:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.11.14 04:19:36 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a67380b6387234a8a9032ccd5c3dbf4e\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.11.14 07:07:55 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\fecb0ca59057e9d190318551d40feb22\System.Runtime.Serialization.ni.dll
[2012.11.14 06:54:33 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\6e3b230af51086c55c8e84f2d2ab8e8e\System.Runtime.Serialization.ni.dll
[2012.11.14 04:23:00 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\ab8dae4950e1e2785625c1dfdf3be672\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.11.14 07:11:37 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\0d2c8da8749c683b47f01101c9ea26d5\System.Runtime.Serialization.ni.dll
[2012.11.14 07:11:43 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\87ac195467372a8cee1c388028e15606\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.11.14 07:14:08 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\e245e7c9819fa2e66c0403b82c2897d7\System.Xml.Serialization.ni.dll
[2012.11.14 07:02:57 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\125e2e0f6db2e124502c867fc8ebda4d\System.Runtime.Serialization.ni.dll
[2012.11.14 07:03:09 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\7e16291fd4ee767d64674686ae77e71c\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.11.14 07:07:08 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\e9f2731e53c25d8273c13ead62f95572\System.Xml.Serialization.ni.dll
[2012.10.31 18:38:57 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.11.14 04:14:44 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.10.31 18:38:56 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2012.11.14 04:14:41 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.11.14 04:14:52 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009.07.14 16:17:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.14 16:17:22 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2009.07.14 16:17:25 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 21:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2010.11.05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2009.06.10 21:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2010.11.05 02:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.31 04:10:59 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2012.10.31 04:10:59 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2009.07.14 16:17:49 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009.07.14 16:17:47 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 14:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 14:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 03:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2010.11.20 06:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2009.07.14 03:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2010.11.20 06:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2009.07.14 16:16:38 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 16:17:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2009.07.14 16:17:21 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
< *w7lxe* /s >
< End of report >
Re: Prosím o kontrolu logu
A tady je druhý log
OTL Extras logfile created on: 30.11.2012 16:59:23 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jara\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,74 Gb Available Physical Memory | 68,43% Memory free
8,00 Gb Paging File | 6,63 Gb Available in Paging File | 82,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 70,11 Gb Total Space | 34,19 Gb Free Space | 48,77% Space Free | Partition Type: NTFS
Drive D: | 628,43 Gb Total Space | 191,60 Gb Free Space | 30,49% Space Free | Partition Type: NTFS
Drive J: | 931,51 Gb Total Space | 333,21 Gb Free Space | 35,77% Space Free | Partition Type: NTFS
Drive K: | 931,51 Gb Total Space | 467,24 Gb Free Space | 50,16% Space Free | Partition Type: NTFS
Computer Name: JARA-PC | User Name: Jara | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A8AFCC-4755-48D9-8027-8FA2349DFB08}" = rport=10243 | protocol=6 | dir=out | app=system |
"{01473909-ABFF-4C07-AC0A-570E07534020}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1B3B9D25-B400-4B49-83DB-03BF6B77BAB4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3BC965EA-22B1-42DE-8438-87EC67E44328}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{49951A3E-E9D8-44C9-840A-91EA61178231}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{50DF5AB4-B83D-41A6-AE1B-309BEE40AD75}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{66327D17-BD36-472A-B7BF-EAF1D1F38C8F}" = rport=138 | protocol=17 | dir=out | app=system |
"{69BFFD60-1A2E-462F-BEC5-E5468F3C4FFE}" = lport=139 | protocol=6 | dir=in | app=system |
"{7455BBAD-799C-4E58-BEAC-0E65353B6ABC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{82C2E426-F554-4FEF-8ECA-A4E88B7E3FCB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{90E6EEA3-1CE8-4BB1-92C9-34364C0C47A5}" = rport=139 | protocol=6 | dir=out | app=system |
"{9217F964-1ADC-477C-B18E-C75E8DBDF621}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9BC39F90-1535-4CF1-8B37-272EC11BA5E6}" = rport=445 | protocol=6 | dir=out | app=system |
"{AEF415CC-E8E8-47CC-A085-094B1D792B0A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{B763CFCC-C47B-4D00-9BA1-6967C7BBC30A}" = rport=137 | protocol=17 | dir=out | app=system |
"{BD4132C5-99ED-4F23-B3E6-E560A3BEF6E5}" = lport=138 | protocol=17 | dir=in | app=system |
"{BE7CB115-A7F0-44B1-888B-A10504E67291}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C60DFAE9-9131-4E67-A855-962D8C9C971D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D6D383F3-6D0C-43CF-9BC9-5C39CD6F644A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E05D48BC-D70F-40B8-84D8-11CE02847C35}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E5EA6AF0-4075-4883-B3D6-33EA74450019}" = lport=445 | protocol=6 | dir=in | app=system |
"{E70629A3-1772-4ADA-960F-312424E56AD0}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08EF47E6-E650-4A6D-A1D0-2F51E1A68991}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{12E7982E-15E4-48E3-8945-86A537FAD120}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{133229D4-F64A-4987-87E0-C2DA23CBACB1}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{19CB7AFD-0268-4BE2-BD6E-3CEFFAE58C10}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{1E8C3503-15BB-448A-840B-C549AD3127E3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{29511443-72A9-46B2-AD76-CE404552209F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2F18243F-CCB6-4FA6-8048-05FBA4F2C57C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{46300430-B057-4258-BBE5-E25C858426FC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{46B25EC3-670E-4F5C-834C-EF4A052F3F66}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{472A79B0-D7D7-4600-AB48-0CE939838491}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4E4BC2E7-E2B5-4DE3-947E-6C8CE6137FF0}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{5084071C-064D-482B-AB4C-F9F6678A27D6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{52B177DD-E4E4-4DB2-99A9-AB61CEE17327}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5351E564-5DF0-422D-AAE4-6CAC59FBC160}" = protocol=6 | dir=out | app=system |
"{54665191-E531-48A2-B940-7F6BBECBF551}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{5B4D0E65-DDF4-4046-80A4-82B987D6FBD9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{65856511-4F96-461E-B818-4731A9B5D21F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{68F6666C-ACE8-43C1-8F7D-C50371654DC8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{690BBA9C-7742-4083-9C2F-2E57CABBAC62}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6FC42C3F-C247-4BED-A01F-9D38B369B42F}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{724F3AEF-A57E-410A-A165-62E26F312259}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AAC49131-BFFB-40B0-94E0-B78316D57AB3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ACB5DDC7-BD2A-43D2-9935-7ED3B772EB34}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{B3A0CA56-DD10-4921-9F5C-052A51E7E459}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B4EEA511-4D4A-4B1B-ADC3-9CD758EE74DD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C52B00AC-0E2A-45A7-889E-F2C99A171ACA}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{CB30CF93-B3B0-4EF8-95B6-C289EE9067EC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D145020B-3E42-4A4A-966E-9596DA4529F5}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{D39FFAAC-EF2F-4746-B744-C72EC005A55C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E67B146F-B182-4CB3-A80D-6DFBE2A8738F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F33BBE4F-8CFB-4A06-A6F1-0479017B56AF}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{FD55450A-0506-44CA-AEA7-2EC2211EFE6C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FDAF2686-D8AC-48D1-A2D9-C8D0B262953F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{FF3B70E2-3008-4C74-A5E9-AC4D74E14864}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{26A24AE4-039D-4CA4-87B4-2F86417009FF}" = Java 7 Update 9 (64-bit)
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{9B305FB9-297D-4F86-BC8B-740E7A1EF200}" = AVG 2013
"{DAD98ADA-0824-4946-98BB-0BDD03233398}" = AVG 2013
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F92F0AAB-2EF6-412C-8BF4-0B11EB535280}_is1" = PDF-XChange 2012 Pro
"AVG" = AVG 2013
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Recuva" = Recuva
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"WinRAR archiver" = WinRAR 4.20 (64-bit)
"ZonerPhotoStudio15_CZ_is1" = Zoner Photo Studio 15
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4F4182DA-3D58-41E3-913D-480F8DA5C863}" = Fritz 12
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{6C44DEFF-8638-49A4-B748-CA59B43F3265}" = Fritz 12
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-1029-4770-7760-000000000004}" = Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak
"{AC76BA86-1029-4770-7760-000000000004}{AC76BA86-1029-4770-7760-000000000004}" = Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1" = VSO ConvertXToDVD
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIMP3" = AIMP3
"Ashampoo Burning Studio 11_is1" = Ashampoo Burning Studio 11 v.11.0.4
"CBReader " = CBReader
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Hard Disk Sentinel_is1" = Hard Disk Sentinel PRO
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.65.1.1000
"Mozilla Firefox 17.0 (x86 cs)" = Mozilla Firefox 17.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Opera 12.11.1661" = Opera 12.11
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.4
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 6.11.2012 0:53:09 | Computer Name = Jara-PC | Source = IMFservice | ID = 0
Description =
Error - 12.11.2012 3:11:36 | Computer Name = Jara-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17567, časové
razítko: 0x4d672ee4 Název chybujícího modulu: ContextMenu64.dll, verze: 9.0.0.332,
časové razítko: 0x4850c363 Kód výjimky: 0xc0000005 Posun chyby: 0x00000000000692ae
ID
chybujícího procesu: 0x45c Čas spuštění chybující aplikace: 0x01cdc087eac0d5f6 Cesta
k chybující aplikaci: C:\Windows\Explorer.EXE Cesta k chybujícímu modulu: C:\Program
Files (x86)\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu64.dll ID zprávy: 31c491f8-2c98-11e2-8bab-0026189e82c6
Error - 17.11.2012 14:46:48 | Computer Name = Jara-PC | Source = MsiInstaller | ID = 10005
Description =
Error - 17.11.2012 16:37:49 | Computer Name = Jara-PC | Source = System Restore | ID = 8210
Description =
Error - 18.11.2012 1:07:24 | Computer Name = Jara-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\common files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdCaps.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 18.11.2012 1:07:24 | Computer Name = Jara-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\common files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdDefrag.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 18.11.2012 1:07:24 | Computer Name = Jara-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\common files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdFS.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 18.11.2012 1:07:24 | Computer Name = Jara-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\common files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 20.11.2012 8:20:21 | Computer Name = Jara-PC | Source = IMFservice | ID = 0
Description =
Error - 20.11.2012 8:20:21 | Computer Name = Jara-PC | Source = IMFservice | ID = 0
Description =
[ System Events ]
Error - 28.11.2012 21:20:38 | Computer Name = Jara-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1058
Error - 29.11.2012 0:42:40 | Computer Name = Jara-PC | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5
Error - 29.11.2012 10:55:59 | Computer Name = Jara-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 29.11.2012 10:55:59 | Computer Name = Jara-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 29.11.2012 10:55:59 | Computer Name = Jara-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 29.11.2012 10:56:02 | Computer Name = Jara-PC | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5
Error - 29.11.2012 10:56:11 | Computer Name = Jara-PC | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5
Error - 29.11.2012 10:56:12 | Computer Name = Jara-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1058
Error - 29.11.2012 10:56:12 | Computer Name = Jara-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1058
Error - 29.11.2012 10:56:12 | Computer Name = Jara-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1058
< End of report >
OTL Extras logfile created on: 30.11.2012 16:59:23 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jara\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,74 Gb Available Physical Memory | 68,43% Memory free
8,00 Gb Paging File | 6,63 Gb Available in Paging File | 82,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 70,11 Gb Total Space | 34,19 Gb Free Space | 48,77% Space Free | Partition Type: NTFS
Drive D: | 628,43 Gb Total Space | 191,60 Gb Free Space | 30,49% Space Free | Partition Type: NTFS
Drive J: | 931,51 Gb Total Space | 333,21 Gb Free Space | 35,77% Space Free | Partition Type: NTFS
Drive K: | 931,51 Gb Total Space | 467,24 Gb Free Space | 50,16% Space Free | Partition Type: NTFS
Computer Name: JARA-PC | User Name: Jara | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A8AFCC-4755-48D9-8027-8FA2349DFB08}" = rport=10243 | protocol=6 | dir=out | app=system |
"{01473909-ABFF-4C07-AC0A-570E07534020}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1B3B9D25-B400-4B49-83DB-03BF6B77BAB4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3BC965EA-22B1-42DE-8438-87EC67E44328}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{49951A3E-E9D8-44C9-840A-91EA61178231}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{50DF5AB4-B83D-41A6-AE1B-309BEE40AD75}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{66327D17-BD36-472A-B7BF-EAF1D1F38C8F}" = rport=138 | protocol=17 | dir=out | app=system |
"{69BFFD60-1A2E-462F-BEC5-E5468F3C4FFE}" = lport=139 | protocol=6 | dir=in | app=system |
"{7455BBAD-799C-4E58-BEAC-0E65353B6ABC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{82C2E426-F554-4FEF-8ECA-A4E88B7E3FCB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{90E6EEA3-1CE8-4BB1-92C9-34364C0C47A5}" = rport=139 | protocol=6 | dir=out | app=system |
"{9217F964-1ADC-477C-B18E-C75E8DBDF621}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9BC39F90-1535-4CF1-8B37-272EC11BA5E6}" = rport=445 | protocol=6 | dir=out | app=system |
"{AEF415CC-E8E8-47CC-A085-094B1D792B0A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{B763CFCC-C47B-4D00-9BA1-6967C7BBC30A}" = rport=137 | protocol=17 | dir=out | app=system |
"{BD4132C5-99ED-4F23-B3E6-E560A3BEF6E5}" = lport=138 | protocol=17 | dir=in | app=system |
"{BE7CB115-A7F0-44B1-888B-A10504E67291}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C60DFAE9-9131-4E67-A855-962D8C9C971D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D6D383F3-6D0C-43CF-9BC9-5C39CD6F644A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E05D48BC-D70F-40B8-84D8-11CE02847C35}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E5EA6AF0-4075-4883-B3D6-33EA74450019}" = lport=445 | protocol=6 | dir=in | app=system |
"{E70629A3-1772-4ADA-960F-312424E56AD0}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08EF47E6-E650-4A6D-A1D0-2F51E1A68991}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{12E7982E-15E4-48E3-8945-86A537FAD120}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{133229D4-F64A-4987-87E0-C2DA23CBACB1}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{19CB7AFD-0268-4BE2-BD6E-3CEFFAE58C10}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{1E8C3503-15BB-448A-840B-C549AD3127E3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{29511443-72A9-46B2-AD76-CE404552209F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2F18243F-CCB6-4FA6-8048-05FBA4F2C57C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{46300430-B057-4258-BBE5-E25C858426FC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{46B25EC3-670E-4F5C-834C-EF4A052F3F66}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{472A79B0-D7D7-4600-AB48-0CE939838491}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4E4BC2E7-E2B5-4DE3-947E-6C8CE6137FF0}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{5084071C-064D-482B-AB4C-F9F6678A27D6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{52B177DD-E4E4-4DB2-99A9-AB61CEE17327}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5351E564-5DF0-422D-AAE4-6CAC59FBC160}" = protocol=6 | dir=out | app=system |
"{54665191-E531-48A2-B940-7F6BBECBF551}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{5B4D0E65-DDF4-4046-80A4-82B987D6FBD9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{65856511-4F96-461E-B818-4731A9B5D21F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{68F6666C-ACE8-43C1-8F7D-C50371654DC8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{690BBA9C-7742-4083-9C2F-2E57CABBAC62}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6FC42C3F-C247-4BED-A01F-9D38B369B42F}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{724F3AEF-A57E-410A-A165-62E26F312259}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AAC49131-BFFB-40B0-94E0-B78316D57AB3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ACB5DDC7-BD2A-43D2-9935-7ED3B772EB34}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{B3A0CA56-DD10-4921-9F5C-052A51E7E459}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B4EEA511-4D4A-4B1B-ADC3-9CD758EE74DD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C52B00AC-0E2A-45A7-889E-F2C99A171ACA}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{CB30CF93-B3B0-4EF8-95B6-C289EE9067EC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D145020B-3E42-4A4A-966E-9596DA4529F5}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{D39FFAAC-EF2F-4746-B744-C72EC005A55C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E67B146F-B182-4CB3-A80D-6DFBE2A8738F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F33BBE4F-8CFB-4A06-A6F1-0479017B56AF}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{FD55450A-0506-44CA-AEA7-2EC2211EFE6C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FDAF2686-D8AC-48D1-A2D9-C8D0B262953F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{FF3B70E2-3008-4C74-A5E9-AC4D74E14864}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{26A24AE4-039D-4CA4-87B4-2F86417009FF}" = Java 7 Update 9 (64-bit)
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{9B305FB9-297D-4F86-BC8B-740E7A1EF200}" = AVG 2013
"{DAD98ADA-0824-4946-98BB-0BDD03233398}" = AVG 2013
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F92F0AAB-2EF6-412C-8BF4-0B11EB535280}_is1" = PDF-XChange 2012 Pro
"AVG" = AVG 2013
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Recuva" = Recuva
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"WinRAR archiver" = WinRAR 4.20 (64-bit)
"ZonerPhotoStudio15_CZ_is1" = Zoner Photo Studio 15
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4F4182DA-3D58-41E3-913D-480F8DA5C863}" = Fritz 12
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{6C44DEFF-8638-49A4-B748-CA59B43F3265}" = Fritz 12
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-1029-4770-7760-000000000004}" = Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak
"{AC76BA86-1029-4770-7760-000000000004}{AC76BA86-1029-4770-7760-000000000004}" = Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1" = VSO ConvertXToDVD
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIMP3" = AIMP3
"Ashampoo Burning Studio 11_is1" = Ashampoo Burning Studio 11 v.11.0.4
"CBReader " = CBReader
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Hard Disk Sentinel_is1" = Hard Disk Sentinel PRO
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.65.1.1000
"Mozilla Firefox 17.0 (x86 cs)" = Mozilla Firefox 17.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Opera 12.11.1661" = Opera 12.11
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.4
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 6.11.2012 0:53:09 | Computer Name = Jara-PC | Source = IMFservice | ID = 0
Description =
Error - 12.11.2012 3:11:36 | Computer Name = Jara-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17567, časové
razítko: 0x4d672ee4 Název chybujícího modulu: ContextMenu64.dll, verze: 9.0.0.332,
časové razítko: 0x4850c363 Kód výjimky: 0xc0000005 Posun chyby: 0x00000000000692ae
ID
chybujícího procesu: 0x45c Čas spuštění chybující aplikace: 0x01cdc087eac0d5f6 Cesta
k chybující aplikaci: C:\Windows\Explorer.EXE Cesta k chybujícímu modulu: C:\Program
Files (x86)\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu64.dll ID zprávy: 31c491f8-2c98-11e2-8bab-0026189e82c6
Error - 17.11.2012 14:46:48 | Computer Name = Jara-PC | Source = MsiInstaller | ID = 10005
Description =
Error - 17.11.2012 16:37:49 | Computer Name = Jara-PC | Source = System Restore | ID = 8210
Description =
Error - 18.11.2012 1:07:24 | Computer Name = Jara-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\common files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdCaps.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 18.11.2012 1:07:24 | Computer Name = Jara-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\common files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdDefrag.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 18.11.2012 1:07:24 | Computer Name = Jara-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\common files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdFS.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 18.11.2012 1:07:24 | Computer Name = Jara-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files (x86)\common files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 20.11.2012 8:20:21 | Computer Name = Jara-PC | Source = IMFservice | ID = 0
Description =
Error - 20.11.2012 8:20:21 | Computer Name = Jara-PC | Source = IMFservice | ID = 0
Description =
[ System Events ]
Error - 28.11.2012 21:20:38 | Computer Name = Jara-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1058
Error - 29.11.2012 0:42:40 | Computer Name = Jara-PC | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5
Error - 29.11.2012 10:55:59 | Computer Name = Jara-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 29.11.2012 10:55:59 | Computer Name = Jara-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 29.11.2012 10:55:59 | Computer Name = Jara-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 29.11.2012 10:56:02 | Computer Name = Jara-PC | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5
Error - 29.11.2012 10:56:11 | Computer Name = Jara-PC | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5
Error - 29.11.2012 10:56:12 | Computer Name = Jara-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1058
Error - 29.11.2012 10:56:12 | Computer Name = Jara-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1058
Error - 29.11.2012 10:56:12 | Computer Name = Jara-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1058
< End of report >
Re: Prosím o kontrolu logu
V logu vidim MBAM. Delal jste uplnou kontrolu? To AVG mate zakoupene? Jestli ne, doporucil bych vymenu. Znovu spustte OTL jako spravceDo spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)
Kód: Vybrat vše
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
:services
SkypeUpdate
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
:otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
FF - prefs.js..browser.search.defaulturl: "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=14542"
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0
FF - prefs.js..extensions.enabledAddons: firegestures%40xuldev.org:1.6.18
FF - prefs.js..extensions.enabledAddons: plugin%40yontoo.com:1.20.00
FF - prefs.js..extensions.enabledAddons: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.2
FF - prefs.js..extensions.enabledAddons: %7B64161300-e22b-11db-8314-0800200c9a66%7D:0.9.6.10
FF - prefs.js..extensions.enabledAddons: %7BB17C1C5A-04B1-11DB-9804-B622A1EF5492%7D:1.2.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0
FF - prefs.js..extensions.enabledItems: silvermelxt@pardal.de:1.3.6
FF - prefs.js..extensions.enabledItems: firegestures@xuldev.org:1.6.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: silvermel@pardal.de:1.3.6
FF - prefs.js..extensions.enabledItems: {080955ad-b8bb-4500-806f-d2b9ad73d72e}:1.8.71
File not found (No name found) -- C:\USERS\JARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VOWFHEII.DEFAULT\EXTENSIONS\ASCSURFINGPROTECTION@IOBIT.COM
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2012.11.04 15:29:14 | 000,000,000 | ---D | M] -- C:\Users\Jara\AppData\Roaming\IObit
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42DFA04F-0F16-418e-B80C-AB97A5AFAD3A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}"=-
"{42DFA04F-0F16-418e-B80C-AB97A5AFAD3A}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Acrobat Assistant 8.0"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ITSecMng] /64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""=-
"Acrobat Assistant 8.0"=-
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Jara
->Temp folder emptied: 4080681 bytes
->Temporary Internet Files folder emptied: 2121808 bytes
->FireFox cache emptied: 13368947 bytes
->Opera cache emptied: 10608589 bytes
->Flash cache emptied: 1612 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 98 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 46424242 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 73,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Jara
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== SERVICES/DRIVERS ==========
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Prefs.js: "http://search.babylon.com/web/{searchTe ... h&AF=14542" removed from browser.search.defaulturl
Prefs.js: "Crawler Search" removed from browser.search.order.1
Prefs.js: "chr-greentree_ff&type=302398" removed from browser.search.param.yahoo-fr
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: ascsurfingprotection%40iobit.com:1.0 removed from extensions.enabledAddons
Prefs.js: firegestures%40xuldev.org:1.6.18 removed from extensions.enabledAddons
Prefs.js: plugin%40yontoo.com:1.20.00 removed from extensions.enabledAddons
Prefs.js: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.2 removed from extensions.enabledAddons
Prefs.js: %7B64161300-e22b-11db-8314-0800200c9a66%7D:0.9.6.10 removed from extensions.enabledAddons
Prefs.js: %7BB17C1C5A-04B1-11DB-9804-B622A1EF5492%7D:1.2.1 removed from extensions.enabledAddons
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0 removed from extensions.enabledAddons
Prefs.js: silvermelxt@pardal.de:1.3.6 removed from extensions.enabledItems
Prefs.js: firegestures@xuldev.org:1.6.1 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 removed from extensions.enabledItems
Prefs.js: silvermel@pardal.de:1.3.6 removed from extensions.enabledItems
Prefs.js: {080955ad-b8bb-4500-806f-d2b9ad73d72e}:1.8.71 removed from extensions.enabledItems
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Users\Jara\AppData\Roaming\IObit\IObit Uninstaller\Log folder moved successfully.
C:\Users\Jara\AppData\Roaming\IObit\IObit Uninstaller folder moved successfully.
C:\Users\Jara\AppData\Roaming\IObit\IObit Malware Fighter folder moved successfully.
C:\Users\Jara\AppData\Roaming\IObit\Advanced SystemCare V6\Startup Manager folder moved successfully.
C:\Users\Jara\AppData\Roaming\IObit\Advanced SystemCare V6\Log folder moved successfully.
C:\Users\Jara\AppData\Roaming\IObit\Advanced SystemCare V6\Internet Booster folder moved successfully.
C:\Users\Jara\AppData\Roaming\IObit\Advanced SystemCare V6\Boottime folder moved successfully.
C:\Users\Jara\AppData\Roaming\IObit\Advanced SystemCare V6\Backup folder moved successfully.
C:\Users\Jara\AppData\Roaming\IObit\Advanced SystemCare V6 folder moved successfully.
C:\Users\Jara\AppData\Roaming\IObit folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP585C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6DA1.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6FA4.tmp\CustomMarshalers.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6FA4.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP74B2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF5A4.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1304.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6038.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPDEF8.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE0AD.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEA8E.tmp folder deleted successfully.
C:\Windows\Installer\MSI1FDC.tmp deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42DFA04F-0F16-418e-B80C-AB97A5AFAD3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42DFA04F-0F16-418e-B80C-AB97A5AFAD3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42DFA04F-0F16-418e-B80C-AB97A5AFAD3A}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Acrobat Assistant 8.0 deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ITSecMng\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Acrobat Assistant 8.0 not found.
OTL by OldTimer - Version 3.2.69.0 log created on 11302012_215900
Files\Folders moved on Reboot...
C:\Users\Jara\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Jara
->Temp folder emptied: 4080681 bytes
->Temporary Internet Files folder emptied: 2121808 bytes
->FireFox cache emptied: 13368947 bytes
->Opera cache emptied: 10608589 bytes
->Flash cache emptied: 1612 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 98 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 46424242 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 73,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Jara
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== SERVICES/DRIVERS ==========
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Prefs.js: "http://search.babylon.com/web/{searchTe ... h&AF=14542" removed from browser.search.defaulturl
Prefs.js: "Crawler Search" removed from browser.search.order.1
Prefs.js: "chr-greentree_ff&type=302398" removed from browser.search.param.yahoo-fr
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: ascsurfingprotection%40iobit.com:1.0 removed from extensions.enabledAddons
Prefs.js: firegestures%40xuldev.org:1.6.18 removed from extensions.enabledAddons
Prefs.js: plugin%40yontoo.com:1.20.00 removed from extensions.enabledAddons
Prefs.js: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.2 removed from extensions.enabledAddons
Prefs.js: %7B64161300-e22b-11db-8314-0800200c9a66%7D:0.9.6.10 removed from extensions.enabledAddons
Prefs.js: %7BB17C1C5A-04B1-11DB-9804-B622A1EF5492%7D:1.2.1 removed from extensions.enabledAddons
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0 removed from extensions.enabledAddons
Prefs.js: silvermelxt@pardal.de:1.3.6 removed from extensions.enabledItems
Prefs.js: firegestures@xuldev.org:1.6.1 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 removed from extensions.enabledItems
Prefs.js: silvermel@pardal.de:1.3.6 removed from extensions.enabledItems
Prefs.js: {080955ad-b8bb-4500-806f-d2b9ad73d72e}:1.8.71 removed from extensions.enabledItems
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Users\Jara\AppData\Roaming\IObit\IObit Uninstaller\Log folder moved successfully.
C:\Users\Jara\AppData\Roaming\IObit\IObit Uninstaller folder moved successfully.
C:\Users\Jara\AppData\Roaming\IObit\IObit Malware Fighter folder moved successfully.
C:\Users\Jara\AppData\Roaming\IObit\Advanced SystemCare V6\Startup Manager folder moved successfully.
C:\Users\Jara\AppData\Roaming\IObit\Advanced SystemCare V6\Log folder moved successfully.
C:\Users\Jara\AppData\Roaming\IObit\Advanced SystemCare V6\Internet Booster folder moved successfully.
C:\Users\Jara\AppData\Roaming\IObit\Advanced SystemCare V6\Boottime folder moved successfully.
C:\Users\Jara\AppData\Roaming\IObit\Advanced SystemCare V6\Backup folder moved successfully.
C:\Users\Jara\AppData\Roaming\IObit\Advanced SystemCare V6 folder moved successfully.
C:\Users\Jara\AppData\Roaming\IObit folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP585C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6DA1.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6FA4.tmp\CustomMarshalers.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6FA4.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP74B2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF5A4.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1304.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6038.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPDEF8.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE0AD.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEA8E.tmp folder deleted successfully.
C:\Windows\Installer\MSI1FDC.tmp deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42DFA04F-0F16-418e-B80C-AB97A5AFAD3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42DFA04F-0F16-418e-B80C-AB97A5AFAD3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42DFA04F-0F16-418e-B80C-AB97A5AFAD3A}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Acrobat Assistant 8.0 deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ITSecMng\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Acrobat Assistant 8.0 not found.
OTL by OldTimer - Version 3.2.69.0 log created on 11302012_215900
Files\Folders moved on Reboot...
C:\Users\Jara\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Re: Prosím o kontrolu logu
Márty84 píše:
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu
Ano dělal. Zde je výsledek
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org
Verze databáze: v2012.11.28.10
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Jara :: JARA-PC [administrátor]
Ochrana: Zakázána
29.11.2012 3:07:44
mbam-log-2012-11-29 (03-07-44).txt
Typ: Úplná kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 319566
Uplynulý čas: 29 minut, 16 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org
Verze databáze: v2012.11.28.10
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Jara :: JARA-PC [administrátor]
Ochrana: Zakázána
29.11.2012 3:07:44
mbam-log-2012-11-29 (03-07-44).txt
Typ: Úplná kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 319566
Uplynulý čas: 29 minut, 16 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
Re: Prosím o kontrolu logu
OK, MBAM odinstalujte, at se tam zbytecne neplete.
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu
RogueKiller V8.3.1 [Nov 29 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Jara [Práva správce]
Mód : Kontrola -- Datum : 12/01/2012 11:24:09
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
ÿþ1
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST750LX003-1AC154 ATA Device +++++
--- User ---
[MBR] 8b351bafd9af2534086f4da09802f06c
[BSP] b571c62dbce5ae3a97b1edcc04013628 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 71790 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 147232768 | Size: 643512 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: Seagate Portable USB Device +++++
--- User ---
[MBR] 58dc704805a0e9adc503f159d6cbc625
[BSP] a65009f5029a38320c23edc412545676 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 953867 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Dokončeno : << RKreport[1]_S_12012012_02d1124.txt >>
RKreport[1]_S_12012012_02d1124.txt
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Jara [Práva správce]
Mód : Kontrola -- Datum : 12/01/2012 11:24:09
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
ÿþ1
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST750LX003-1AC154 ATA Device +++++
--- User ---
[MBR] 8b351bafd9af2534086f4da09802f06c
[BSP] b571c62dbce5ae3a97b1edcc04013628 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 71790 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 147232768 | Size: 643512 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: Seagate Portable USB Device +++++
--- User ---
[MBR] 58dc704805a0e9adc503f159d6cbc625
[BSP] a65009f5029a38320c23edc412545676 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 953867 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Dokončeno : << RKreport[1]_S_12012012_02d1124.txt >>
RKreport[1]_S_12012012_02d1124.txt
Re: Prosím o kontrolu logu
Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?