odstranenie trojana Agent.AK

[zilo9]

Dobry den, chcel by som vas pekne poprosit o pomoc. Pri kopirovani suborov na usb sa deje taka vec, ze mi z nicoho nic vytvori subory na usb ako zastupcov priecinkov co mam na ploche a aj samotny kopirovany subor je vytvoreny iba ako zastupca. Eset endpoint mi vyhadzuje okno, ze sa nasla infiltracia " LNK/Agent.AK trojsky kon, vylieceny zmazanim", ale pri opatovnom vlozeni usb do notebooku je tam trojan opat. Skusal som aj formatovat usb nepomohlo. Prosim teda o pomoc, vopred dakujem. Prikladam log z RSIT pri skenovani som vlozil vsetky disky co mam + telefon. Dakujem

Logfile of random's system information tool 1.09 (written by random/random)
Run by Zilo at 2013-11-19 13:26:06
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 115 GB (39%) free of 295 GB
Total RAM: 3068 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:26:16, on 19. 11. 2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16520)
Boot mode: Normal

Running processes:
C:\Users\Zilo\AppData\Local\Temp\Internet Download Manager.exe
C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Windows\SysWOW64\conime.exe
C:\Windows\SysWOW64\wscript.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Program Files\trend micro\Zilo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Internet Download Manager.exe] "C:\Users\Zilo\AppData\Local\Temp\Internet Download Manager.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [pxickblays] wscript.exe //B "C:\Users\Zilo\AppData\Roaming\pxickblays.vbe"
O4 - HKCU\..\Run: [Internet Download Manager.exe] "C:\Users\Zilo\AppData\Local\Temp\Internet Download Manager.exe"
O4 - HKCU\..\Run: [pxickblays] wscript.exe //B "C:\Users\Zilo\AppData\Roaming\pxickblays.vbe"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Internet Download Manager.exe
O4 - Startup: pxickblays.vbe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_c7d6edb7\AESTSr64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Endpoint Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe
O23 - Service: ESET SHA Service (ESHASRV) - ESET - C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files (x86)\SMINST\BLService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_c7d6edb7\STacSV64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11800 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_c7d6edb7\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vfsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\system32\WLANExt.exe 1365808
taskeng.exe {99072B03-294D-4483-880E-66B8C7CF665D}
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe"
"C:\Windows\system32\Dwm.exe"
taskeng.exe {0EA27985-4C23-4DDE-9A2D-1ABD4F142142}
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_c7d6edb7\AESTSr64.exe
dummy.exe /resident /agreelicense
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe"
C:\Windows\SysWOW64\svchost.exe -k netsvcs
C:\Windows\SysWOW64\srvany.exe
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
C:\Windows\KMService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\SMINST\BLService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Windows Defender\MSASCui.exe" -hide
"C:\Program Files\ESET\ESET Endpoint Security\egui.exe" /hide /waitservice
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Users\Zilo\AppData\Local\Temp\Internet Download Manager.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe"
"C:\Program Files\DigitalPersona\Bin\DPAgent.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe" /Start
"C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"
"C:\Program Files\Common Files\Autodesk Shared\WSCommCntr\lib\\WSCommCntr2.exe" -Embedding
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe"
C:\Windows\System32\mobsync.exe -Embedding
C:\Windows\system32\conime.exe
"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe"
"C:\Program Files\Autodesk\AutoCAD 2011\acad.exe" "C:\Users\Zilo\Desktop\Plagat_700_x_1000_2012_2013_recover000_recover.dwg"
"C:\Windows\System32\wscript.exe" //B "C:\Users\Zilo\AppData\Roaming\pxickblays.vbe"
splwow64
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe59_ Global\UsGthrCtrlFltPipeMssGthrPipe59 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE" /n /dde
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=14372.bf83c00.962597236 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 14372 "\\.\pipe\gecko-crash-server-pipe.14372" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe" --proxy-stub-channel=Flash11336.5E99DC68.3901 --host-broker-channel=Flash11336.5E99DC68.10443 --host-pid=11336 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe" --channel=14432.0014F308.1217163462 --proxy-stub-channel=Flash11336.5E99DC68.3901 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll" --host-npapi-version=27 --type=renderer
"C:\Windows\system32\SearchFilterHost.exe" 0 644 648 656 65536 652
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-61f09203-0646-400e-9cac-558166d6b83b -SystemEventPortName:HostProcess-8593ee08-9fc8-4195-b40c-b11a20925228 -IoCancelEventPortName:HostProcess-6f872221-546e-4ed5-bb37-f03109c9303f -NonStateChangingEventPortName:HostProcess-81af7285-adf6-4dfd-aec2-28d2a6ed036d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b9a14878-4691-4857-a518-a5880d15610f -DeviceGroupId:
"C:\Users\Zilo\Desktop\RSITx64.exe"
wmiadap.exe /R /T

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-31 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-31 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-07-24 1560872]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184]
"egui"=C:\Program Files\ESET\ESET Endpoint Security\egui.exe [2012-07-04 4133072]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2009-02-22 463360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Internet Download Manager.exe"=C:\Users\Zilo\AppData\Local\Temp\Internet Download Manager.exe [2013-09-20 694189]
"pxickblays"=wscript.exe //B C:\Users\Zilo\AppData\Roaming\pxickblays.vbe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe [2013-10-31 829832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer for HP TouchSmart]
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2008-12-25 189736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDAgent]
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2008-11-28 1148200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TSMAgent]
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [2008-12-25 1316136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [2008-11-14 218408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut]
C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"DpAgent"=C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe [2008-12-10 842816]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 323640]
"HP Health Check Scheduler"=c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
"WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-12-08 432432]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-30 642304]
"Internet Download Manager.exe"=C:\Users\Zilo\AppData\Local\Temp\Internet Download Manager.exe [2013-09-20 694189]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-11-02 152392]
"pxickblays"=wscript.exe //B C:\Users\Zilo\AppData\Roaming\pxickblays.vbe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Zilo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Internet Download Manager.exe
pxickblays.vbe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
DPPWDFLT

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

[zilo9]

======List of files/folders created in the last 1 month======

2013-11-19 13:26:07 ----D---- C:\Program Files\trend micro
2013-11-19 13:26:06 ----D---- C:\rsit
2013-11-19 12:45:32 ----D---- C:\Program Files (x86)\ESET
2013-11-16 14:35:51 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-11-15 14:16:20 ----D---- C:\Users\Zilo\AppData\Roaming\Apple Computer
2013-11-15 14:14:24 ----DC---- C:\Windows\system32\DRVSTORE
2013-11-15 14:14:24 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2013-11-15 14:13:14 ----D---- C:\Program Files\iPod
2013-11-15 14:13:09 ----D---- C:\ProgramData\Apple Computer
2013-11-15 14:13:09 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-15 14:13:09 ----D---- C:\Program Files\iTunes
2013-11-15 14:13:09 ----D---- C:\Program Files (x86)\iTunes
2013-11-15 14:11:56 ----D---- C:\Program Files (x86)\Apple Software Update
2013-11-15 14:09:53 ----D---- C:\Windows\LastGood
2013-11-15 14:08:47 ----D---- C:\Program Files\Common Files\Apple
2013-11-15 14:08:00 ----D---- C:\Program Files\Bonjour
2013-11-15 14:08:00 ----D---- C:\Program Files (x86)\Bonjour
2013-11-15 14:07:24 ----D---- C:\ProgramData\Apple
2013-11-13 13:31:28 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-11-13 13:31:28 ----A---- C:\Windows\system32\mshtmled.dll
2013-11-13 13:31:27 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-11-13 13:31:26 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-11-13 13:31:26 ----A---- C:\Windows\system32\ieUnatt.exe
2013-11-13 13:31:26 ----A---- C:\Windows\system32\ieui.dll
2013-11-13 13:31:25 ----A---- C:\Windows\SYSWOW64\url.dll
2013-11-13 13:31:25 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-11-13 13:31:25 ----A---- C:\Windows\system32\jsproxy.dll
2013-11-13 13:31:24 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-11-13 13:31:24 ----A---- C:\Windows\system32\url.dll
2013-11-13 13:31:23 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-11-13 13:31:23 ----A---- C:\Windows\system32\wininet.dll
2013-11-13 13:31:22 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-11-13 13:31:22 ----A---- C:\Windows\system32\urlmon.dll
2013-11-13 13:31:21 ----A---- C:\Windows\system32\msfeeds.dll
2013-11-13 13:31:20 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-11-13 13:31:19 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-11-13 13:31:19 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-11-13 13:31:19 ----A---- C:\Windows\system32\jscript9.dll
2013-11-13 13:31:18 ----A---- C:\Windows\system32\vbscript.dll
2013-11-13 13:31:18 ----A---- C:\Windows\system32\jscript.dll
2013-11-13 13:31:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-11-13 13:31:17 ----A---- C:\Windows\system32\iertutil.dll
2013-11-13 13:31:14 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-11-13 13:31:08 ----A---- C:\Windows\system32\mshtml.dll
2013-11-13 13:31:06 ----A---- C:\Windows\system32\ieframe.dll
2013-11-13 13:31:03 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-11-13 13:23:08 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-11-13 13:23:08 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 13:23:07 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2013-11-13 13:22:48 ----A---- C:\Windows\system32\crypt32.dll
2013-11-13 13:22:47 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-11-13 13:22:39 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2013-11-13 13:22:39 ----A---- C:\Windows\system32\gdi32.dll
2013-11-13 13:20:55 ----A---- C:\Windows\system32\drivers\afd.sys
2013-11-13 10:06:14 ----AH---- C:\Windows\SYSWOW64\ezsidmv.dat
2013-11-07 00:15:49 ----D---- C:\Program Files (x86)\Autodesk
2013-11-06 23:16:58 ----D---- C:\ProgramData\ATI
2013-11-06 23:16:51 ----D---- C:\Program Files (x86)\AMD APP
2013-11-06 23:14:50 ----D---- C:\Program Files (x86)\ATI Technologies
2013-11-06 23:06:37 ----D---- C:\AMD
2013-11-06 22:23:54 ----D---- C:\ProgramData\WindowsSearch
2013-11-06 13:52:48 ----D---- C:\Program Files (x86)\VideoLAN
2013-11-06 12:13:39 ----D---- C:\Users\Zilo\AppData\Roaming\hpqLog
2013-11-06 11:56:15 ----D---- C:\Users\Zilo\AppData\Roaming\InstallShield
2013-11-04 19:10:56 ----D---- C:\Program Files (x86)\Aide PDF to DXF Converter
2013-11-04 14:35:34 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-11-04 14:27:12 ----D---- C:\Program Files (x86)\Any PDF to DWG Converter
2013-11-04 14:14:39 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-11-04 14:14:39 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-11-04 14:14:39 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-11-04 14:14:39 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-11-04 14:14:39 ----A---- C:\Windows\system32\d3d10warp.dll
2013-11-04 14:14:38 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-11-04 14:14:38 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-11-04 14:14:38 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-11-04 14:14:38 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-11-04 14:14:38 ----A---- C:\Windows\system32\FntCache.dll
2013-11-04 14:14:38 ----A---- C:\Windows\system32\DWrite.dll
2013-11-04 14:14:38 ----A---- C:\Windows\system32\d2d1.dll
2013-11-04 14:14:37 ----A---- C:\Windows\system32\d3d10level9.dll
2013-11-04 14:14:37 ----A---- C:\Windows\system32\d3d10core.dll
2013-11-04 14:14:37 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-11-04 14:14:37 ----A---- C:\Windows\system32\d3d10_1.dll
2013-11-04 14:14:36 ----A---- C:\Windows\system32\d3d10.dll
2013-11-04 14:14:32 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-11-04 14:14:32 ----A---- C:\Windows\system32\XpsPrint.dll
2013-11-04 12:55:41 ----D---- C:\Windows\SoftwareDistribution
2013-11-04 00:34:55 ----D---- C:\Program Files\Windows Portable Devices
2013-11-04 00:34:55 ----D---- C:\Program Files (x86)\Windows Portable Devices
2013-11-04 00:34:29 ----D---- C:\Windows\SYSWOW64\spool
2013-11-04 00:15:45 ----A---- C:\Windows\SYSWOW64\WPDShextAutoplay.exe
2013-11-04 00:15:45 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2013-11-04 00:15:44 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2013-11-04 00:15:43 ----A---- C:\Windows\system32\wpdbusenum.dll
2013-11-04 00:15:32 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2013-11-04 00:15:32 ----A---- C:\Windows\system32\WpdMtpUS.dll
2013-11-04 00:15:32 ----A---- C:\Windows\system32\WpdConns.dll
2013-11-04 00:15:32 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2013-11-04 00:15:32 ----A---- C:\Windows\system32\drivers\WpdUsb.sys
2013-11-04 00:15:31 ----A---- C:\Windows\SYSWOW64\WPDShServiceObj.dll
2013-11-04 00:15:31 ----A---- C:\Windows\SYSWOW64\PortableDeviceConnectApi.dll
2013-11-04 00:15:31 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2013-11-04 00:15:31 ----A---- C:\Windows\system32\wpdshext.dll
2013-11-04 00:15:31 ----A---- C:\Windows\system32\WpdMtp.dll
2013-11-04 00:15:31 ----A---- C:\Windows\system32\wpd_ci.dll
2013-11-04 00:15:30 ----A---- C:\Windows\SYSWOW64\WPDSp.dll
2013-11-04 00:15:30 ----A---- C:\Windows\SYSWOW64\PortableDeviceWMDRM.dll
2013-11-04 00:15:30 ----A---- C:\Windows\SYSWOW64\PortableDeviceTypes.dll
2013-11-04 00:15:30 ----A---- C:\Windows\SYSWOW64\PortableDeviceClassExtension.dll
2013-11-04 00:15:30 ----A---- C:\Windows\SYSWOW64\PortableDeviceApi.dll
2013-11-04 00:15:30 ----A---- C:\Windows\system32\WPDSp.dll
2013-11-04 00:15:30 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2013-11-04 00:15:30 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2013-11-04 00:15:30 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2013-11-04 00:15:30 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2013-11-03 23:00:56 ----A---- C:\Windows\system32\winusb.dll
2013-11-03 23:00:55 ----A---- C:\Windows\SYSWOW64\winusb.dll
2013-11-03 23:00:55 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-11-03 23:00:55 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2013-11-03 23:00:55 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2013-11-03 23:00:54 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-11-03 23:00:53 ----A---- C:\Windows\system32\WUDFx.dll
2013-11-03 23:00:53 ----A---- C:\Windows\system32\WUDFHost.exe
2013-11-03 23:00:53 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-11-03 23:00:53 ----A---- C:\Windows\system32\drivers\winusb.sys
2013-11-03 22:49:13 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-11-03 22:49:13 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-11-03 22:49:13 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-11-03 22:49:13 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-11-03 22:49:13 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-11-03 22:49:13 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-11-03 22:49:12 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-11-03 22:49:12 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-11-03 22:49:12 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-11-03 22:49:12 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-11-03 22:49:12 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-11-03 22:49:12 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-11-03 22:49:12 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-11-03 22:49:12 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-11-03 22:49:12 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2013-11-03 22:49:12 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-11-03 22:49:12 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-11-03 22:49:12 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-11-03 22:49:11 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-11-03 22:49:11 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-11-03 22:49:11 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-11-03 22:49:11 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-11-03 22:49:11 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-11-03 22:49:10 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-11-03 22:49:10 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-11-03 22:49:10 ----A---- C:\Windows\SYSWOW64\ieakui.dll
2013-11-03 22:49:10 ----A---- C:\Windows\SYSWOW64\ieaksie.dll
2013-11-03 22:49:10 ----A---- C:\Windows\SYSWOW64\advpack.dll
2013-11-03 22:49:10 ----A---- C:\Windows\SYSWOW64\admparse.dll
2013-11-03 22:49:09 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-11-03 22:49:09 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-11-03 22:49:09 ----A---- C:\Windows\SYSWOW64\ieakeng.dll
2013-11-03 22:49:09 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-11-03 22:49:07 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-03 22:49:07 ----A---- C:\Windows\system32\msrating.dll
2013-11-03 22:49:07 ----A---- C:\Windows\system32\msls31.dll
2013-11-03 22:49:07 ----A---- C:\Windows\system32\mshta.exe
2013-11-03 22:49:07 ----A---- C:\Windows\system32\ieaksie.dll
2013-11-03 22:49:07 ----A---- C:\Windows\system32\admparse.dll
2013-11-03 22:49:06 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-11-03 22:49:06 ----A---- C:\Windows\system32\mshtmler.dll
2013-11-03 22:49:06 ----A---- C:\Windows\system32\msfeedssync.exe
2013-11-03 22:49:06 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-11-03 22:49:06 ----A---- C:\Windows\system32\imgutil.dll
2013-11-03 22:49:06 ----A---- C:\Windows\system32\iesysprep.dll
2013-11-03 22:49:06 ----A---- C:\Windows\system32\iepeers.dll
2013-11-03 22:49:06 ----A---- C:\Windows\system32\ieakui.dll
2013-11-03 22:49:06 ----A---- C:\Windows\system32\ieakeng.dll
2013-11-03 22:49:06 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-11-03 22:49:06 ----A---- C:\Windows\system32\dxtrans.dll
2013-11-03 22:49:06 ----A---- C:\Windows\system32\dxtmsft.dll
2013-11-03 22:49:06 ----A---- C:\Windows\system32\advpack.dll
2013-11-03 22:49:05 ----A---- C:\Windows\system32\wextract.exe
2013-11-03 22:49:05 ----A---- C:\Windows\system32\webcheck.dll
2013-11-03 22:49:05 ----A---- C:\Windows\system32\licmgr10.dll
2013-11-03 22:49:05 ----A---- C:\Windows\system32\inseng.dll
2013-11-03 22:49:05 ----A---- C:\Windows\system32\iexpress.exe
2013-11-03 22:49:05 ----A---- C:\Windows\system32\iesetup.dll
2013-11-03 22:49:05 ----A---- C:\Windows\system32\iernonce.dll
2013-11-03 22:49:05 ----A---- C:\Windows\system32\iedkcs32.dll
2013-11-03 22:49:05 ----A---- C:\Windows\system32\ieapfltr.dll
2013-11-03 22:49:05 ----A---- C:\Windows\system32\ieapfltr.dat
2013-11-03 22:49:05 ----A---- C:\Windows\system32\ie4uinit.exe
2013-11-03 22:49:05 ----A---- C:\Windows\system32\icardie.dll
2013-11-03 22:49:04 ----A---- C:\Windows\system32\pngfilt.dll
2013-11-03 22:49:04 ----A---- C:\Windows\system32\occache.dll
2013-11-03 22:45:55 ----A---- C:\Windows\SYSWOW64\MFH264Dec.dll
2013-11-03 22:45:55 ----A---- C:\Windows\system32\MFH264Dec.dll
2013-11-03 22:45:54 ----A---- C:\Windows\SYSWOW64\mfmp4src.dll
2013-11-03 22:45:54 ----A---- C:\Windows\SYSWOW64\MFHEAACdec.dll
2013-11-03 22:45:54 ----A---- C:\Windows\system32\mfmp4src.dll
2013-11-03 22:45:54 ----A---- C:\Windows\system32\MFHEAACdec.dll
2013-11-03 22:45:53 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2013-11-03 22:45:53 ----A---- C:\Windows\system32\mfreadwrite.dll
2013-11-03 22:45:52 ----A---- C:\Windows\SYSWOW64\mfps.dll
2013-11-03 22:45:52 ----A---- C:\Windows\SYSWOW64\mf.dll
2013-11-03 22:45:52 ----A---- C:\Windows\system32\mfps.dll
2013-11-03 22:45:52 ----A---- C:\Windows\system32\mfpmp.exe
2013-11-03 22:45:52 ----A---- C:\Windows\system32\mf.dll
2013-11-03 22:45:51 ----A---- C:\Windows\SYSWOW64\stobject.dll
2013-11-03 22:45:51 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-11-03 22:45:51 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2013-11-03 22:45:51 ----A---- C:\Windows\system32\stobject.dll
2013-11-03 22:45:51 ----A---- C:\Windows\system32\shdocvw.dll
2013-11-03 22:45:51 ----A---- C:\Windows\system32\mfplat.dll
2013-11-03 22:45:47 ----A---- C:\Windows\system32\XpsRasterService.dll
2013-11-03 22:45:45 ----A---- C:\Windows\SYSWOW64\OpcServices.dll
2013-11-03 22:45:45 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-11-03 22:45:45 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2013-11-03 22:45:45 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2013-11-03 22:45:45 ----A---- C:\Windows\system32\OpcServices.dll
2013-11-03 22:45:45 ----A---- C:\Windows\system32\dxgi.dll
2013-11-03 22:45:44 ----A---- C:\Windows\SYSWOW64\xpsservices.dll
2013-11-03 22:45:44 ----A---- C:\Windows\system32\xpsservices.dll
2013-11-03 22:45:43 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2013-11-03 22:43:53 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-11-03 22:43:53 ----A---- C:\Windows\SYSWOW64\dxdiagn.dll
2013-11-03 22:43:53 ----A---- C:\Windows\SYSWOW64\dxdiag.exe
2013-11-03 22:43:53 ----A---- C:\Windows\system32\WMPhoto.dll
2013-11-03 22:43:53 ----A---- C:\Windows\system32\dxdiagn.dll
2013-11-03 22:43:53 ----A---- C:\Windows\system32\dxdiag.exe
2013-11-03 22:43:52 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-11-03 22:43:52 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-11-03 22:43:52 ----A---- C:\Windows\SYSWOW64\PhotoMetadataHandler.dll
2013-11-03 22:43:52 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-11-03 22:43:52 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-11-03 22:43:52 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-11-03 22:43:52 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2013-11-03 22:43:52 ----A---- C:\Windows\system32\d3d11.dll
2013-11-03 22:05:09 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-11-03 22:05:09 ----A---- C:\Windows\system32\UIAnimation.dll
2013-11-03 22:05:07 ----A---- C:\Windows\SYSWOW64\UIRibbonRes.dll
2013-11-03 22:05:07 ----A---- C:\Windows\SYSWOW64\UIRibbon.dll
2013-11-03 22:05:07 ----A---- C:\Windows\system32\UIRibbonRes.dll
2013-11-03 22:05:07 ----A---- C:\Windows\system32\UIRibbon.dll
2013-11-03 22:02:47 ----A---- C:\Windows\SYSWOW64\wmi.dll
2013-11-03 22:02:47 ----A---- C:\Windows\system32\wmi.dll
2013-11-03 22:02:47 ----A---- C:\Windows\system32\imagehlp.dll
2013-11-03 22:02:47 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2013-11-03 22:02:46 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-11-03 19:20:31 ----A---- C:\Windows\system32\wups2.dll
2013-11-03 19:20:30 ----A---- C:\Windows\system32\wuauclt.exe
2013-11-03 19:20:29 ----A---- C:\Windows\system32\wucltux.dll
2013-11-03 19:20:23 ----A---- C:\Windows\system32\wuaueng.dll
2013-11-03 19:19:26 ----A---- C:\Windows\system32\wups.dll
2013-11-03 19:19:25 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2013-11-03 19:19:24 ----A---- C:\Windows\system32\wudriver.dll
2013-11-03 19:19:24 ----A---- C:\Windows\system32\wuapi.dll
2013-11-03 19:19:21 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2013-11-03 19:19:20 ----A---- C:\Windows\SYSWOW64\wups.dll
2013-11-03 19:18:48 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2013-11-03 19:18:48 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2013-11-03 19:18:48 ----A---- C:\Windows\system32\wuwebv.dll
2013-11-03 19:18:48 ----A---- C:\Windows\system32\wuapp.exe
2013-11-03 17:18:34 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2013-11-03 17:17:49 ----A---- C:\Windows\system32\win32k.sys
2013-11-03 17:17:46 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-11-03 17:17:44 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-11-03 17:17:44 ----A---- C:\Windows\system32\wow64.dll
2013-11-03 17:17:44 ----A---- C:\Windows\system32\smss.exe
2013-11-03 17:17:44 ----A---- C:\Windows\system32\ntdll.dll
2013-11-03 17:17:44 ----A---- C:\Windows\system32\csrsrv.dll
2013-11-03 17:17:43 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-11-03 17:17:43 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-11-03 17:17:43 ----A---- C:\Windows\system32\ntvdm64.dll
2013-11-03 17:17:42 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-11-03 17:17:42 ----A---- C:\Windows\SYSWOW64\user.exe
2013-11-03 17:17:42 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-11-03 17:17:40 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-11-03 17:17:40 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-11-03 17:17:38 ----A---- C:\Windows\system32\rpcrt4.dll
2013-11-03 17:17:37 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-11-03 17:17:30 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2013-11-03 17:17:30 ----A---- C:\Windows\system32\msvcrt.dll
2013-11-03 17:17:21 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-11-03 17:17:20 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-11-03 17:16:58 ----A---- C:\Windows\SYSWOW64\synceng.dll
2013-11-03 17:16:58 ----A---- C:\Windows\system32\synceng.dll
2013-11-03 17:16:55 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-11-03 17:15:30 ----A---- C:\Windows\SYSWOW64\msshsq.dll
2013-11-03 17:15:30 ----A---- C:\Windows\system32\msshsq.dll
2013-11-03 17:15:27 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-11-03 17:15:27 ----A---- C:\Windows\system32\cdd.dll
2013-11-03 17:15:23 ----A---- C:\Windows\SYSWOW64\certutil.exe
2013-11-03 17:15:23 ----A---- C:\Windows\system32\certutil.exe
2013-11-03 17:15:21 ----A---- C:\Windows\system32\certenc.dll
2013-11-03 17:15:20 ----A---- C:\Windows\SYSWOW64\certenc.dll
2013-11-03 17:15:00 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-11-03 17:14:59 ----A---- C:\Windows\system32\icaapi.dll
2013-11-03 17:14:54 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-11-03 17:14:54 ----A---- C:\Windows\system32\qedit.dll
2013-11-03 17:14:46 ----A---- C:\Windows\system32\jnwmon.dll
2013-11-03 17:14:40 ----A---- C:\Windows\system32\ncrypt.dll
2013-11-03 17:14:39 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-11-03 17:14:34 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2013-11-03 17:14:34 ----A---- C:\Windows\system32\qdvd.dll
2013-11-03 17:14:01 ----A---- C:\Windows\system32\kernel32.dll
2013-11-03 17:13:59 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-11-03 17:13:48 ----A---- C:\Windows\SYSWOW64\UIAutomationCore.dll
2013-11-03 17:13:48 ----A---- C:\Windows\SYSWOW64\oleaccrc.dll
2013-11-03 17:13:48 ----A---- C:\Windows\system32\oleaccrc.dll
2013-11-03 17:13:47 ----A---- C:\Windows\system32\UIAutomationCore.dll
2013-11-03 17:13:47 ----A---- C:\Windows\system32\oleacc.dll
2013-11-03 17:13:46 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2013-11-03 17:13:45 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2013-11-03 17:13:45 ----A---- C:\Windows\system32\oleaut32.dll
2013-11-03 17:13:27 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-11-03 17:11:37 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2013-11-03 17:11:37 ----A---- C:\Windows\system32\xmllite.dll
2013-11-03 17:11:30 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2013-11-03 17:11:30 ----A---- C:\Windows\system32\winhttp.dll
2013-11-03 17:11:26 ----A---- C:\Windows\system32\winmm.dll
2013-11-03 17:11:26 ----A---- C:\Windows\system32\mciwave.dll
2013-11-03 17:11:25 ----A---- C:\Windows\SYSWOW64\winmm.dll
2013-11-03 17:11:25 ----A---- C:\Windows\system32\mciseq.dll
2013-11-03 17:11:25 ----A---- C:\Windows\system32\mcicda.dll
2013-11-03 17:11:24 ----A---- C:\Windows\SYSWOW64\mciseq.dll
2013-11-03 17:10:42 ----A---- C:\Windows\system32\drivers\volsnap.sys
2013-11-03 17:10:37 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-11-03 17:10:32 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-11-03 17:10:28 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2013-11-03 17:10:28 ----A---- C:\Windows\system32\EncDec.dll
2013-11-03 16:50:04 ----A---- C:\Windows\SYSWOW64\themeui.dll
2013-11-03 16:50:04 ----A---- C:\Windows\system32\themeui.dll
2013-11-03 16:50:02 ----A---- C:\Windows\system32\win32spl.dll
2013-11-03 16:50:01 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-11-03 16:50:01 ----A---- C:\Windows\SYSWOW64\printcom.dll
2013-11-03 16:49:58 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-11-03 16:49:58 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-11-03 16:49:57 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-11-03 16:49:57 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-11-03 16:49:57 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-11-03 16:49:56 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-11-03 16:49:37 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2013-11-03 16:49:37 ----A---- C:\Windows\system32\drivers\bthport.sys
2013-11-03 16:48:01 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2013-11-03 16:48:01 ----A---- C:\Windows\system32\psisdecd.dll
2013-11-03 16:47:54 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-11-03 16:47:50 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-11-03 16:47:50 ----A---- C:\Windows\system32\lsasrv.dll
2013-11-03 16:47:49 ----A---- C:\Windows\system32\schannel.dll
2013-11-03 16:47:49 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-11-03 16:47:48 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-11-03 16:47:47 ----A---- C:\Windows\system32\secur32.dll
2013-11-03 16:47:47 ----A---- C:\Windows\system32\lsass.exe
2013-11-03 16:47:35 ----A---- C:\Windows\system32\msxml6.dll
2013-11-03 16:47:35 ----A---- C:\Windows\system32\msxml3.dll
2013-11-03 16:47:34 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-11-03 16:47:34 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-11-03 16:47:26 ----A---- C:\Windows\system32\wintrust.dll
2013-11-03 16:47:25 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-11-03 16:47:25 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-11-03 16:47:25 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-11-03 16:47:25 ----A---- C:\Windows\system32\cryptsvc.dll
2013-11-03 16:47:25 ----A---- C:\Windows\system32\cryptnet.dll
2013-11-03 16:46:44 ----A---- C:\Windows\system32\comctl32.dll
2013-11-03 16:46:43 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-11-03 16:46:38 ----A---- C:\Windows\SYSWOW64\shlwapi.dll
2013-11-03 16:46:38 ----A---- C:\Windows\system32\shlwapi.dll
2013-11-03 16:46:33 ----A---- C:\Windows\system32\localspl.dll
2013-11-03 16:46:32 ----A---- C:\Windows\SYSWOW64\localspl.dll
2013-11-03 16:45:58 ----A---- C:\Windows\system32\Wdfres.dll
2013-11-03 16:45:58 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-11-03 16:45:58 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-11-03 16:45:50 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-11-03 16:45:50 ----A---- C:\Windows\system32\tzres.dll
2013-11-03 16:45:14 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2013-11-03 16:45:14 ----A---- C:\Windows\system32\netapi32.dll
2013-11-03 16:45:11 ----A---- C:\Windows\system32\winsrv.dll
2013-11-03 16:45:05 ----A---- C:\Windows\SYSWOW64\quartz.dll
2013-11-03 16:45:05 ----A---- C:\Windows\system32\quartz.dll
2013-11-03 16:44:00 ----A---- C:\Windows\system32\packager.dll
2013-11-03 16:43:59 ----A---- C:\Windows\SYSWOW64\packager.dll
2013-11-03 16:43:48 ----A---- C:\Windows\system32\drivers\partmgr.sys
2013-11-03 16:43:44 ----A---- C:\Windows\system32\mstscax.dll
2013-11-03 16:43:43 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-11-03 16:41:47 ----A---- C:\Windows\system32\shell32.dll
2013-11-03 16:41:45 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-11-03 16:12:32 ----A---- C:\Windows\system32\dpnsvr.exe
2013-11-03 16:12:32 ----A---- C:\Windows\system32\dpnet.dll
2013-11-03 16:12:32 ----A---- C:\Windows\system32\dpnathlp.dll
2013-11-03 16:12:31 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2013-11-03 16:12:30 ----A---- C:\Windows\SYSWOW64\dpnsvr.exe
2013-11-03 16:10:32 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-11-03 16:10:32 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-11-03 16:10:32 ----A---- C:\Windows\system32\atmfd.dll
2013-11-03 16:10:31 ----A---- C:\Windows\system32\atmlib.dll
2013-11-03 16:09:44 ----A---- C:\Windows\system32\cryptdlg.dll
2013-11-03 16:09:43 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2013-11-03 16:08:11 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-11-03 16:08:11 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-11-03 16:08:07 ----A---- C:\Windows\system32\rdpencom.dll
2013-11-03 16:08:06 ----A---- C:\Windows\SYSWOW64\rdpencom.dll
2013-11-03 12:07:46 ----A---- C:\Windows\system32\perfh01B.dat
2013-11-03 12:07:46 ----A---- C:\Windows\system32\perfc01B.dat
2013-11-03 11:57:31 ----D---- C:\Windows\SYSWOW64\vi-VN
2013-11-03 11:57:31 ----D---- C:\Windows\SYSWOW64\eu-ES
2013-11-03 11:57:31 ----D---- C:\Windows\SYSWOW64\ca-ES
2013-11-03 11:57:31 ----D---- C:\Windows\system32\eu-ES
2013-11-03 11:57:31 ----D---- C:\Windows\system32\ca-ES
2013-11-03 11:57:30 ----D---- C:\Windows\system32\vi-VN
2013-11-03 11:08:09 ----D---- C:\Windows\system32\EventProviders
2013-11-03 04:52:30 ----A---- C:\Windows\SYSWOW64\NlsLexicons0007.dll
2013-11-03 04:52:29 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2013-11-03 04:52:20 ----A---- C:\Windows\system32\SLsvc.exe
2013-11-03 04:52:20 ----A---- C:\Windows\system32\SLCExt.dll
2013-11-03 04:52:19 ----A---- C:\Windows\SYSWOW64\FunctionDiscoveryFolder.dll
2013-11-03 04:52:19 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2013-11-03 04:52:15 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2013-11-03 04:52:14 ----A---- C:\Windows\SYSWOW64\NlsLexicons0009.dll
2013-11-03 04:52:07 ----A---- C:\Windows\system32\xmlfilter.dll
2013-11-03 04:52:07 ----A---- C:\Windows\system32\msstrc.dll
2013-11-03 04:52:07 ----A---- C:\Windows\system32\msshooks.dll
2013-11-03 04:52:07 ----A---- C:\Windows\system32\msscntrs.dll
2013-11-03 04:52:06 ----A---- C:\Windows\SYSWOW64\SLCExt.dll
2013-11-03 04:52:06 ----A---- C:\Windows\system32\mssrch.dll
2013-11-03 04:52:02 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2013-11-03 04:51:57 ----A---- C:\Windows\SYSWOW64\WscEapPr.dll
2013-11-03 04:51:56 ----A---- C:\Windows\SYSWOW64\wcnwiz2.dll
2013-11-03 04:51:56 ----A---- C:\Windows\system32\WscEapPr.dll
2013-11-03 04:51:56 ----A---- C:\Windows\system32\wcnwiz2.dll
2013-11-03 04:51:56 ----A---- C:\Windows\system32\tquery.dll
2013-11-03 04:51:55 ----A---- C:\Windows\system32\icardagt.exe
2013-11-03 04:51:55 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2013-11-03 04:51:54 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2013-11-03 04:51:54 ----A---- C:\Windows\system32\imapi2fs.dll
2013-11-03 04:51:51 ----A---- C:\Windows\SYSWOW64\tquery.dll
2013-11-03 04:51:50 ----A---- C:\Windows\system32\msi.dll
2013-11-03 04:51:49 ----A---- C:\Windows\system32\sysmain.dll
2013-11-03 04:51:48 ----A---- C:\Windows\SYSWOW64\PresentationNative_v0300.dll
2013-11-03 04:51:43 ----A---- C:\Windows\system32\scavenge.dll
2013-11-03 04:51:42 ----A---- C:\Windows\system32\drivers\spsys.sys
2013-11-03 04:51:41 ----A---- C:\Windows\SYSWOW64\msi.dll
2013-11-03 04:51:39 ----A---- C:\Windows\SYSWOW64\imapi2fs.dll
2013-11-03 04:51:36 ----A---- C:\Windows\system32\mmcndmgr.dll
2013-11-03 04:51:35 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2013-11-03 04:51:34 ----A---- C:\Windows\system32\p2psvc.dll
2013-11-03 04:51:33 ----A---- C:\Windows\system32\spreview.exe
2013-11-03 04:51:33 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2013-11-03 04:51:32 ----A---- C:\Windows\system32\spinstall.exe
2013-11-03 04:51:32 ----A---- C:\Windows\system32\mmc.exe
2013-11-03 04:51:32 ----A---- C:\Windows\system32\drmv2clt.dll
2013-11-03 04:51:30 ----A---- C:\Windows\system32\esent.dll
2013-11-03 04:51:29 ----A---- C:\Windows\SYSWOW64\spwizui.dll
2013-11-03 04:51:29 ----A---- C:\Windows\system32\spwizui.dll
2013-11-03 04:51:29 ----A---- C:\Windows\system32\SearchIndexer.exe
2013-11-03 04:51:28 ----A---- C:\Windows\SYSWOW64\AuxiliaryDisplayCpl.dll
2013-11-03 04:51:19 ----A---- C:\Windows\SYSWOW64\spreview.exe
2013-11-03 04:51:19 ----A---- C:\Windows\SYSWOW64\spinstall.exe
2013-11-03 04:51:19 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2013-11-03 04:51:17 ----A---- C:\Windows\system32\dfsr.exe
2013-11-03 04:51:16 ----A---- C:\Windows\system32\mssvp.dll
2013-11-03 04:51:14 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2013-11-03 04:51:14 ----A---- C:\Windows\SYSWOW64\p2psvc.dll
2013-11-03 04:51:14 ----A---- C:\Windows\SYSWOW64\EhStorPwdMgr.dll
2013-11-03 04:51:14 ----A---- C:\Windows\SYSWOW64\EhStorAuthn.dll
2013-11-03 04:51:14 ----A---- C:\Windows\system32\sdohlp.dll
2013-11-03 04:51:14 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2013-11-03 04:51:14 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2013-11-03 04:51:14 ----A---- C:\Windows\system32\EhStorAuthn.dll
2013-11-03 04:51:13 ----A---- C:\Windows\system32\mssphtb.dll
2013-11-03 04:51:13 ----A---- C:\Windows\system32\mssph.dll
2013-11-03 04:51:13 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2013-11-03 04:51:12 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2013-11-03 04:51:09 ----A---- C:\Windows\system32\imapi2.dll
2013-11-03 04:51:06 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2013-11-03 04:51:06 ----A---- C:\Windows\SYSWOW64\mssph.dll
2013-11-03 04:51:06 ----A---- C:\Windows\SYSWOW64\MSMPEG2VDEC.DLL
2013-11-03 04:51:06 ----A---- C:\Windows\system32\korwbrkr.dll
2013-11-03 04:51:05 ----A---- C:\Windows\SYSWOW64\imapi2.dll
2013-11-03 04:51:05 ----A---- C:\Windows\system32\Query.dll
2013-11-03 04:51:04 ----A---- C:\Windows\system32\IMJP10K.DLL
2013-11-03 04:51:02 ----A---- C:\Windows\SYSWOW64\sdohlp.dll
2013-11-03 04:51:02 ----A---- C:\Windows\system32\WinSAT.exe
2013-11-03 04:51:02 ----A---- C:\Windows\system32\uDWM.dll
2013-11-03 04:51:00 ----A---- C:\Windows\SYSWOW64\esent.dll
2013-11-03 04:51:00 ----A---- C:\Windows\SYSWOW64\DevicePairing.dll
2013-11-03 04:51:00 ----A---- C:\Windows\system32\DevicePairing.dll
2013-11-03 04:50:59 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2013-11-03 04:50:59 ----A---- C:\Windows\system32\drivers\rfcomm.sys
2013-11-03 04:50:57 ----A---- C:\Windows\SYSWOW64\korwbrkr.dll
2013-11-03 04:50:57 ----A---- C:\Windows\system32\sperror.dll
2013-11-03 04:50:55 ----A---- C:\Windows\SYSWOW64\sperror.dll
2013-11-03 04:50:54 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2013-11-03 04:50:54 ----A---- C:\Windows\system32\P2PGraph.dll
2013-11-03 04:50:53 ----A---- C:\Windows\SYSWOW64\SLC.dll
2013-11-03 04:50:50 ----A---- C:\Windows\SYSWOW64\msjet40.dll
2013-11-03 04:50:50 ----A---- C:\Windows\SYSWOW64\EhStorAPI.dll
2013-11-03 04:50:50 ----A---- C:\Windows\system32\wevtsvc.dll
2013-11-03 04:50:50 ----A---- C:\Windows\system32\IasMigPlugin.dll
2013-11-03 04:50:50 ----A---- C:\Windows\system32\EhStorAPI.dll
2013-11-03 04:50:49 ----A---- C:\Windows\system32\drivers\Storport.sys
2013-11-03 04:50:48 ----A---- C:\Windows\system32\setupapi.dll
2013-11-03 04:50:47 ----A---- C:\Windows\system32\drivers\ndis.sys
2013-11-03 04:50:46 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2013-11-03 04:50:46 ----A---- C:\Windows\system32\SearchFilterHost.exe
2013-11-03 04:50:46 ----A---- C:\Windows\system32\compcln.exe
2013-11-03 04:50:45 ----A---- C:\Windows\SYSWOW64\Query.dll
2013-11-03 04:50:45 ----A---- C:\Windows\system32\qmgr.dll
2013-11-03 04:50:44 ----A---- C:\Windows\SYSWOW64\EhStorShell.dll
2013-11-03 04:50:44 ----A---- C:\Windows\system32\fdBth.dll
2013-11-03 04:50:44 ----A---- C:\Windows\system32\EhStorShell.dll
2013-11-03 04:50:43 ----A---- C:\Windows\SYSWOW64\user32.dll
2013-11-03 04:50:43 ----A---- C:\Windows\system32\srchadmin.dll
2013-11-03 04:50:43 ----A---- C:\Windows\system32\infocardapi.dll
2013-11-03 04:50:42 ----A---- C:\Windows\SYSWOW64\msexch40.dll
2013-11-03 04:50:42 ----A---- C:\Windows\system32\vssapi.dll
2013-11-03 04:50:41 ----A---- C:\Windows\SYSWOW64\P2PGraph.dll
2013-11-03 04:50:41 ----A---- C:\Windows\system32\advapi32.dll
2013-11-03 04:50:40 ----A---- C:\Windows\SYSWOW64\IasMigReader.exe
2013-11-03 04:50:40 ----A---- C:\Windows\system32\rpcss.dll
2013-11-03 04:50:40 ----A---- C:\Windows\system32\diagperf.dll
2013-11-03 04:50:39 ----A---- C:\Windows\explorer.exe
2013-11-03 04:50:38 ----A---- C:\Windows\SYSWOW64\srchadmin.dll
2013-11-03 04:50:38 ----A---- C:\Windows\system32\mblctr.exe
2013-11-03 04:50:37 ----A---- C:\Windows\system32\CertEnroll.dll
2013-11-03 04:50:36 ----A---- C:\Windows\system32\VSSVC.exe
2013-11-03 04:50:35 ----A---- C:\Windows\SYSWOW64\DevicePairingWizard.exe
2013-11-03 04:50:35 ----A---- C:\Windows\system32\spoolss.dll
2013-11-03 04:50:35 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2013-11-03 04:50:34 ----A---- C:\Windows\SYSWOW64\mmc.exe
2013-11-03 04:50:34 ----A---- C:\Windows\system32\comsvcs.dll
2013-11-03 04:50:33 ----A---- C:\Windows\SYSWOW64\IasMigPlugin.dll
2013-11-03 04:50:33 ----A---- C:\Windows\system32\browseui.dll
2013-11-03 04:50:32 ----A---- C:\Windows\SYSWOW64\riched20.dll
2013-11-03 04:50:31 ----A---- C:\Windows\SYSWOW64\Magnify.exe
2013-11-03 04:50:31 ----A---- C:\Windows\system32\d3d9.dll
2013-11-03 04:50:30 ----A---- C:\Windows\SYSWOW64\fdBth.dll
2013-11-03 04:50:26 ----A---- C:\Windows\SYSWOW64\RacEngn.dll
2013-11-03 04:50:25 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2013-11-03 04:50:25 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2013-11-03 04:50:25 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2013-11-03 04:50:23 ----A---- C:\Windows\system32\drivers\netio.sys
2013-11-03 04:50:22 ----A---- C:\Windows\SYSWOW64\spoolss.dll
2013-11-03 04:50:22 ----A---- C:\Windows\SYSWOW64\milcore.dll
2013-11-03 04:50:22 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2013-11-03 04:50:21 ----A---- C:\Windows\SYSWOW64\NaturalLanguage6.dll
2013-11-03 04:50:21 ----A---- C:\Windows\system32\iasrecst.dll
2013-11-03 04:50:20 ----A---- C:\Windows\system32\Magnify.exe
2013-11-03 04:50:20 ----A---- C:\Windows\system32\dpapimig.exe
2013-11-03 04:50:20 ----A---- C:\Windows\system32\dbgeng.dll
2013-11-03 04:50:19 ----A---- C:\Windows\system32\eudcedit.exe
2013-11-03 04:50:18 ----A---- C:\Windows\system32\fsquirt.exe
2013-11-03 04:50:18 ----A---- C:\Windows\system32\apds.dll
2013-11-03 04:50:16 ----A---- C:\Windows\system32\gpedit.dll
2013-11-03 04:50:16 ----A---- C:\Windows\system32\audiosrv.dll
2013-11-03 04:50:15 ----A---- C:\Windows\SYSWOW64\msjtes40.dll
2013-11-03 04:50:15 ----A---- C:\Windows\system32\msctf.dll
2013-11-03 04:50:15 ----A---- C:\Windows\system32\es.dll
2013-11-03 04:50:14 ----A---- C:\Windows\SYSWOW64\Storprop.dll
2013-11-03 04:50:14 ----A---- C:\Windows\SYSWOW64\msvcp60.dll
2013-11-03 04:50:14 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2013-11-03 04:50:14 ----A---- C:\Windows\SYSWOW64\gpedit.dll
2013-11-03 04:50:14 ----A---- C:\Windows\system32\slwmi.dll
2013-11-03 04:50:14 ----A---- C:\Windows\system32\evr.dll
2013-11-03 04:50:14 ----A---- C:\Windows\system32\comuid.dll
2013-11-03 04:50:13 ----A---- C:\Windows\system32\user32.dll
2013-11-03 04:50:13 ----A---- C:\Windows\system32\RacEngn.dll
2013-11-03 04:50:12 ----A---- C:\Windows\SYSWOW64\es.dll
2013-11-03 04:50:12 ----A---- C:\Windows\system32\photowiz.dll
2013-11-03 04:50:12 ----A---- C:\Windows\system32\ipsmsnap.dll
2013-11-03 04:50:11 ----A---- C:\Windows\system32\nlhtml.dll
2013-11-03 04:50:11 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2013-11-03 04:50:10 ----A---- C:\Windows\SYSWOW64\mstext40.dll
2013-11-03 04:50:10 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2013-11-03 04:50:10 ----A---- C:\Windows\system32\wevtapi.dll
2013-11-03 04:50:09 ----A---- C:\Windows\system32\SLC.dll
2013-11-03 04:50:09 ----A---- C:\Windows\system32\PresentationSettings.exe
2013-11-03 04:50:09 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2013-11-03 04:50:08 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-11-03 04:50:08 ----A---- C:\Windows\system32\msihnd.dll
2013-11-03 04:50:08 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2013-11-03 04:50:07 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2013-11-03 04:50:07 ----A---- C:\Windows\system32\certcli.dll
2013-11-03 04:50:06 ----A---- C:\Windows\SYSWOW64\slwmi.dll
2013-11-03 04:50:06 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2013-11-03 04:50:05 ----A---- C:\Windows\SYSWOW64\msxbde40.dll
2013-11-03 04:50:05 ----A---- C:\Windows\system32\wcnwiz.dll
2013-11-03 04:50:05 ----A---- C:\Windows\system32\WcnNetsh.dll
2013-11-03 04:50:04 ----A---- C:\Windows\SYSWOW64\vssapi.dll
2013-11-03 04:50:04 ----A---- C:\Windows\system32\devmgr.dll
2013-11-03 04:50:03 ----A---- C:\Windows\SYSWOW64\DevicePairingProxy.dll
2013-11-03 04:50:03 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-11-03 04:50:03 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2013-11-03 04:50:02 ----A---- C:\Windows\system32\wcncsvc.dll
2013-11-03 04:50:01 ----A---- C:\Windows\system32\NetProjW.dll
2013-11-03 04:50:01 ----A---- C:\Windows\system32\msctfp.dll
2013-11-03 04:50:01 ----A---- C:\Windows\system32\fdBthProxy.dll
2013-11-03 04:50:00 ----A---- C:\Windows\system32\msdtctm.dll
2013-11-03 04:49:59 ----A---- C:\Windows\system32\davclnt.dll
2013-11-03 04:49:58 ----A---- C:\Windows\SYSWOW64\msrepl40.dll
2013-11-03 04:49:58 ----A---- C:\Windows\system32\msvcp60.dll
2013-11-03 04:49:57 ----A---- C:\Windows\system32\WebClnt.dll
2013-11-03 04:49:57 ----A---- C:\Windows\system32\w32time.dll
2013-11-03 04:49:56 ----A---- C:\Windows\SYSWOW64\propsys.dll
2013-11-03 04:49:56 ----A---- C:\Windows\SYSWOW64\newdev.dll
2013-11-03 04:49:56 ----A---- C:\Windows\system32\rsaenh.dll
2013-11-03 04:49:56 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2013-11-03 04:49:55 ----A---- C:\Windows\SYSWOW64\iasrecst.dll
2013-11-03 04:49:55 ----A---- C:\Windows\SYSWOW64\eudcedit.exe
2013-11-03 04:49:55 ----A---- C:\Windows\system32\SLCommDlg.dll
2013-11-03 04:49:55 ----A---- C:\Windows\system32\gpsvc.dll
2013-11-03 04:49:55 ----A---- C:\Windows\system32\drivers\netbt.sys
2013-11-03 04:49:54 ----A---- C:\Windows\system32\certmgr.dll
2013-11-03 04:49:53 ----A---- C:\Windows\SYSWOW64\explorer.exe
2013-11-03 04:49:53 ----A---- C:\Windows\system32\umpnpmgr.dll
2013-11-03 04:49:53 ----A---- C:\Windows\system32\msdtcprx.dll
2013-11-03 04:49:51 ----A---- C:\Windows\SYSWOW64\setupapi.dll
2013-11-03 04:49:50 ----A---- C:\Windows\SYSWOW64\mspbde40.dll
2013-11-03 04:49:48 ----A---- C:\Windows\SYSWOW64\d3d9.dll
2013-11-03 04:49:48 ----A---- C:\Windows\system32\drivers\rdbss.sys
2013-11-03 04:49:47 ----A---- C:\Windows\system32\PhotoScreensaver.scr
2013-11-03 04:49:46 ----A---- C:\Windows\system32\swprv.dll
2013-11-03 04:49:45 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-11-03 04:49:45 ----A---- C:\Windows\system32\SLUI.exe
2013-11-03 04:49:44 ----A---- C:\Windows\system32\WMNetMgr.dll
2013-11-03 04:49:42 ----A---- C:\Windows\SYSWOW64\msltus40.dll
2013-11-03 04:49:42 ----A---- C:\Windows\system32\MPSSVC.dll
2013-11-03 04:49:41 ----A---- C:\Windows\system32\ci.dll
2013-11-03 04:49:40 ----A---- C:\Windows\SYSWOW64\msrd3x40.dll
2013-11-03 04:49:39 ----A---- C:\Windows\SYSWOW64\browseui.dll
2013-11-03 04:49:39 ----A---- C:\Windows\system32\WMVSDECD.DLL
2013-11-03 04:49:39 ----A---- C:\Windows\system32\samsrv.dll
2013-11-03 04:49:38 ----A---- C:\Windows\SYSWOW64\wevtapi.dll
2013-11-03 04:49:38 ----A---- C:\Windows\system32\sqlsrv32.dll
2013-11-03 04:49:37 ----A---- C:\Windows\system32\ipsecsnp.dll
2013-11-03 04:49:37 ----A---- C:\Windows\system32\iassdo.dll
2013-11-03 04:49:36 ----A---- C:\Windows\SYSWOW64\photowiz.dll
2013-11-03 04:49:36 ----A---- C:\Windows\SYSWOW64\nlhtml.dll
2013-11-03 04:49:35 ----A---- C:\Windows\system32\wercon.exe
2013-11-03 04:49:33 ----A---- C:\Windows\system32\services.exe
2013-11-03 04:49:33 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2013-11-03 04:49:31 ----A---- C:\Windows\system32\authui.dll
2013-11-03 04:49:29 ----A---- C:\Windows\SYSWOW64\WcnNetsh.dll
2013-11-03 04:49:29 ----A---- C:\Windows\SYSWOW64\SLCommDlg.dll
2013-11-03 04:49:28 ----A---- C:\Windows\system32\QAGENTRT.DLL
2013-11-03 04:49:28 ----A---- C:\Windows\system32\mswsock.dll
2013-11-03 04:49:28 ----A---- C:\Windows\system32\comdlg32.dll
2013-11-03 04:49:27 ----A---- C:\Windows\SYSWOW64\netshell.dll
2013-11-03 04:49:27 ----A---- C:\Windows\SYSWOW64\apds.dll
2013-11-03 04:49:27 ----A---- C:\Windows\system32\propdefs.dll
2013-11-03 04:49:26 ----A---- C:\Windows\SYSWOW64\xmlfilter.dll
2013-11-03 04:49:26 ----A---- C:\Windows\SYSWOW64\mswstr10.dll
2013-11-03 04:49:26 ----A---- C:\Windows\system32\ws2_32.dll
2013-11-03 04:49:25 ----A---- C:\Windows\SYSWOW64\msctf.dll
2013-11-03 04:49:25 ----A---- C:\Windows\system32\netlogon.dll
2013-11-03 04:49:25 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-11-03 04:49:24 ----A---- C:\Windows\system32\WerFaultSecure.exe
2013-11-03 04:49:24 ----A---- C:\Windows\system32\eapphost.dll
2013-11-03 04:49:23 ----A---- C:\Windows\system32\emdmgmt.dll
2013-11-03 04:49:22 ----A---- C:\Windows\system32\newdev.dll
2013-11-03 04:49:21 ----A---- C:\Windows\system32\WinSCard.dll
2013-11-03 04:49:21 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-11-03 04:49:20 ----A---- C:\Windows\SYSWOW64\eapphost.dll
2013-11-03 04:49:20 ----A---- C:\Windows\system32\azroles.dll
2013-11-03 04:49:19 ----A---- C:\Windows\SYSWOW64\sqlsrv32.dll
2013-11-03 04:49:19 ----A---- C:\Windows\SYSWOW64\msrd2x40.dll
2013-11-03 04:49:19 ----A---- C:\Windows\system32\MMDevAPI.dll
2013-11-03 04:49:17 ----A---- C:\Windows\system32\IPSECSVC.DLL
2013-11-03 04:49:16 ----A---- C:\Windows\SYSWOW64\propdefs.dll
2013-11-03 04:49:16 ----A---- C:\Windows\system32\wlanpref.dll
2013-11-03 04:49:16 ----A---- C:\Windows\system32\wevtutil.exe
2013-11-03 04:49:13 ----A---- C:\Windows\system32\msscb.dll
2013-11-03 04:49:13 ----A---- C:\Windows\system32\milcore.dll
2013-11-03 04:49:10 ----A---- C:\Windows\SYSWOW64\dbgeng.dll
2013-11-03 04:49:10 ----A---- C:\Windows\system32\Wldap32.dll
2013-11-03 04:49:10 ----A---- C:\Windows\system32\iasnap.dll
2013-11-03 04:49:09 ----A---- C:\Windows\SYSWOW64\wevtutil.exe
2013-11-03 04:49:09 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2013-11-03 04:49:09 ----A---- C:\Windows\system32\mssitlb.dll
2013-11-03 04:49:07 ----A---- C:\Windows\SYSWOW64\mmcndmgr.dll
2013-11-03 04:49:07 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2013-11-03 04:49:06 ----A---- C:\Windows\system32\mcmde.dll
2013-11-03 04:49:03 ----A---- C:\Windows\system32\iassam.dll
2013-11-03 04:49:03 ----A---- C:\Windows\system32\bthserv.dll
2013-11-03 04:49:02 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2013-11-03 04:49:02 ----A---- C:\Windows\SYSWOW64\devmgr.dll
2013-11-03 04:49:02 ----A---- C:\Windows\system32\rtffilt.dll
2013-11-03 04:49:01 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2013-11-03 04:49:01 ----A---- C:\Windows\SYSWOW64\msctfp.dll
2013-11-03 04:49:01 ----A---- C:\Windows\SYSWOW64\fdBthProxy.dll
2013-11-03 04:49:01 ----A---- C:\Windows\system32\propsys.dll
2013-11-03 04:49:00 ----A---- C:\Windows\SYSWOW64\msscb.dll
2013-11-03 04:49:00 ----A---- C:\Windows\SYSWOW64\adsldpc.dll
2013-11-03 04:48:58 ----A---- C:\Windows\SYSWOW64\wcnwiz.dll
2013-11-03 04:48:58 ----A---- C:\Windows\SYSWOW64\evr.dll
2013-11-03 04:48:57 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2013-11-03 04:48:57 ----A---- C:\Windows\system32\winlogon.exe
2013-11-03 04:48:56 ----A---- C:\Windows\system32\vds.exe
2013-11-03 04:48:56 ----A---- C:\Windows\system32\scrrun.dll
2013-11-03 04:48:56 ----A---- C:\Windows\system32\mscms.dll
2013-11-03 04:48:55 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2013-11-03 04:48:55 ----A---- C:\Windows\system32\reg.exe
2013-11-03 04:48:55 ----A---- C:\Windows\system32\imapi.dll
2013-11-03 04:48:55 ----A---- C:\Windows\system32\fdProxy.dll
2013-11-03 04:48:53 ----A---- C:\Windows\SYSWOW64\services.exe
2013-11-03 04:48:52 ----A---- C:\Windows\SYSWOW64\comdlg32.dll
2013-11-03 04:48:52 ----A---- C:\Windows\system32\mimefilt.dll
2013-11-03 04:48:51 ----A---- C:\Windows\SYSWOW64\mimefilt.dll
2013-11-03 04:48:51 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2013-11-03 04:48:51 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2013-11-03 04:48:51 ----A---- C:\Windows\system32\adtschema.dll
2013-11-03 04:48:50 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2013-11-03 04:48:50 ----A---- C:\Windows\system32\brcpl.dll
2013-11-03 04:48:49 ----A---- C:\Windows\SYSWOW64\certcli.dll
2013-11-03 04:48:49 ----A---- C:\Windows\system32\wdc.dll
2013-11-03 04:48:48 ----A---- C:\Windows\SYSWOW64\msjter40.dll
2013-11-03 04:48:48 ----A---- C:\Windows\SYSWOW64\msdtcprx.dll
2013-11-03 04:48:47 ----A---- C:\Windows\SYSWOW64\ipsmsnap.dll
2013-11-03 04:48:46 ----A---- C:\Windows\SYSWOW64\mswdat10.dll
2013-11-03 04:48:46 ----A---- C:\Windows\system32\rasmans.dll
2013-11-03 04:48:46 ----A---- C:\Windows\system32\inetpp.dll
2013-11-03 04:48:46 ----A---- C:\Windows\system32\drivers\rasl2tp.sys
2013-11-03 04:48:45 ----A---- C:\Windows\SYSWOW64\rtffilt.dll
2013-11-03 04:48:45 ----A---- C:\Windows\SYSWOW64\reg.exe
2013-11-03 04:48:45 ----A---- C:\Windows\system32\offfilt.dll
2013-11-03 04:48:45 ----A---- C:\Windows\system32\CertEnrollUI.dll
2013-11-03 04:48:44 ----A---- C:\Windows\SYSWOW64\WMNetMgr.dll
2013-11-03 04:48:44 ----A---- C:\Windows\system32\pdh.dll
2013-11-03 04:48:44 ----A---- C:\Windows\system32\clfs.sys
2013-11-03 04:48:43 ----A---- C:\Windows\SYSWOW64\PhotoScreensaver.scr
2013-11-03 04:48:43 ----A---- C:\Windows\system32\wiaservc.dll
2013-11-03 04:48:43 ----A---- C:\Windows\system32\fundisc.dll
2013-11-03 04:48:43 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-11-03 04:48:42 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2013-11-03 04:48:42 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2013-11-03 04:48:42 ----A---- C:\Windows\system32\RelMon.dll
2013-11-03 04:48:42 ----A---- C:\Windows\system32\mtxclu.dll
2013-11-03 04:48:41 ----A---- C:\Windows\system32\sysclass.dll
2013-11-03 04:48:41 ----A---- C:\Windows\system32\scrobj.dll
2013-11-03 04:48:41 ----A---- C:\Windows\system32\drivers\raspptp.sys
2013-11-03 04:48:40 ----A---- C:\Windows\SYSWOW64\rsaenh.dll
2013-11-03 04:48:40 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2013-11-03 04:48:36 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2013-11-03 04:48:34 ----A---- C:\Windows\SYSWOW64\msstrc.dll
2013-11-03 04:48:34 ----A---- C:\Windows\SYSWOW64\MMDevAPI.dll
2013-11-03 04:48:34 ----A---- C:\Windows\system32\pnpsetup.dll
2013-11-03 04:48:34 ----A---- C:\Windows\system32\msinfo32.exe
2013-11-03 04:48:34 ----A---- C:\Windows\system32\adsldpc.dll
2013-11-03 04:48:33 ----A---- C:\Windows\system32\drivers\pci.sys
2013-11-03 04:48:33 ----A---- C:\Windows\system32\drivers\msahci.sys
2013-11-03 04:48:32 ----A---- C:\Windows\system32\sethc.exe
2013-11-03 04:48:31 ----A---- C:\Windows\system32\msiexec.exe
2013-11-03 04:48:30 ----A---- C:\Windows\SYSWOW64\mtxclu.dll
2013-11-03 04:48:30 ----A---- C:\Windows\system32\rasdiag.dll
2013-11-03 04:48:29 ----A---- C:\Windows\SYSWOW64\mscories.dll
2013-11-03 04:48:29 ----A---- C:\Windows\SYSWOW64\hidserv.dll
2013-11-03 04:48:29 ----A---- C:\Windows\SYSWOW64\fundisc.dll
2013-11-03 04:48:29 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2013-11-03 04:48:29 ----A---- C:\Windows\system32\wisptis.exe
2013-11-03 04:48:28 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2013-11-03 04:48:28 ----A---- C:\Windows\system32\TsWpfWrp.exe
2013-11-03 04:48:28 ----A---- C:\Windows\system32\iasrad.dll
2013-11-03 04:48:27 ----A---- C:\Windows\system32\drivers\termdd.sys
2013-11-03 04:48:27 ----A---- C:\Windows\system32\drivers\acpi.sys
2013-11-03 04:48:26 ----A---- C:\Windows\system32\osk.exe
2013-11-03 04:48:26 ----A---- C:\Windows\system32\autofmt.exe
2013-11-03 04:48:25 ----A---- C:\Windows\system32\AudioSes.dll
2013-11-03 04:48:24 ----A---- C:\Windows\system32\Utilman.exe
2013-11-03 04:48:24 ----A---- C:\Windows\system32\tcpipcfg.dll
2013-11-03 04:48:24 ----A---- C:\Windows\system32\iasdatastore.dll
2013-11-03 04:48:23 ----A---- C:\Windows\system32\SLUINotify.dll
2013-11-03 04:48:22 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2013-11-03 04:48:22 ----A---- C:\Windows\SYSWOW64\imapi.dll
2013-11-03 04:48:22 ----A---- C:\Windows\system32\termsrv.dll
2013-11-03 04:48:22 ----A---- C:\Windows\system32\cryptui.dll
2013-11-03 04:48:21 ----A---- C:\Windows\SYSWOW64\wdc.dll
2013-11-03 04:48:21 ----A---- C:\Windows\SYSWOW64\chsbrkr.dll
2013-11-03 04:48:21 ----A---- C:\Windows\system32\printui.dll
2013-11-03 04:48:20 ----A---- C:\Windows\SYSWOW64\imm32.dll
2013-11-03 04:48:19 ----A---- C:\Windows\SYSWOW64\iassdo.dll
2013-11-03 04:48:19 ----A---- C:\Windows\system32\connect.dll
2013-11-03 04:48:18 ----A---- C:\Windows\system32\WerFault.exe
2013-11-03 04:48:18 ----A---- C:\Windows\system32\pnidui.dll
2013-11-03 04:48:18 ----A---- C:\Windows\system32\iasads.dll
2013-11-03 04:48:18 ----A---- C:\Windows\system32\drivers\crashdmp.sys
2013-11-03 04:48:17 ----A---- C:\Windows\SYSWOW64\pnidui.dll
2013-11-03 04:48:17 ----A---- C:\Windows\SYSWOW64\autofmt.exe
2013-11-03 04:48:17 ----A---- C:\Windows\system32\dhcpcsvc.dll
2013-11-03 04:48:16 ----A---- C:\Windows\system32\drvinst.exe
2013-11-03 04:48:15 ----A---- C:\Windows\SYSWOW64\spcmsg.dll
2013-11-03 04:48:15 ----A---- C:\Windows\SYSWOW64\slmgr.vbs
2013-11-03 04:48:15 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-11-03 04:48:15 ----A---- C:\Windows\system32\spcmsg.dll
2013-11-03 04:48:15 ----A---- C:\Windows\system32\slmgr.vbs
2013-11-03 04:48:15 ----A---- C:\Windows\system32\scansetting.dll
2013-11-03 04:48:15 ----A---- C:\Windows\system32\dsound.dll
2013-11-03 04:48:15 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2013-11-03 04:48:14 ----A---- C:\Windows\system32\untfs.dll
2013-11-03 04:48:14 ----A---- C:\Windows\system32\prnntfy.dll
2013-11-03 04:48:14 ----A---- C:\Windows\system32\netcenter.dll
2013-11-03 04:48:14 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2013-11-03 04:48:13 ----A---- C:\Windows\system32\pidgenx.dll
2013-11-03 04:48:12 ----A---- C:\Windows\SYSWOW64\pdh.dll
2013-11-03 04:48:12 ----A---- C:\Windows\SYSWOW64\dhcpcsvc.dll
2013-11-03 04:48:12 ----A---- C:\Windows\system32\drivers\mup.sys
2013-11-03 04:48:12 ----A---- C:\Windows\system32\diskpart.exe
2013-11-03 04:48:11 ----A---- C:\Windows\SYSWOW64\CertEnrollUI.dll
2013-11-03 04:48:11 ----A---- C:\Windows\SYSWOW64\azroles.dll
2013-11-03 04:48:11 ----A---- C:\Windows\system32\vdsdyn.dll
2013-11-03 04:48:11 ----A---- C:\Windows\system32\SCardSvr.dll
2013-11-03 04:48:10 ----A---- C:\Windows\system32\userenv.dll
2013-11-03 04:48:10 ----A---- C:\Windows\system32\rasdlg.dll
2013-11-03 04:48:09 ----A---- C:\Windows\SYSWOW64\pidgenx.dll
2013-11-03 04:48:09 ----A---- C:\Windows\system32\spp.dll
2013-11-03 04:48:09 ----A---- C:\Windows\system32\InkEd.dll
2013-11-03 04:48:09 ----A---- C:\Windows\system32\drivers\msrpc.sys
2013-11-03 04:48:09 ----A---- C:\Windows\system32\drivers\ipfltdrv.sys
2013-11-03 04:48:08 ----A---- C:\Windows\system32\mscories.dll
2013-11-03 04:48:07 ----A---- C:\Windows\system32\chsbrkr.dll
2013-11-03 04:48:06 ----A---- C:\Windows\SYSWOW64\winlogon.exe
2013-11-03 04:48:06 ----A---- C:\Windows\SYSWOW64\SyncCenter.dll
2013-11-03 04:48:05 ----A---- C:\Windows\SYSWOW64\msjetoledb40.dll
2013-11-03 04:48:05 ----A---- C:\Windows\SYSWOW64\comuid.dll
2013-11-03 04:48:05 ----A---- C:\Windows\system32\dskquoui.dll
2013-11-03 04:48:04 ----A---- C:\Windows\SYSWOW64\certmgr.dll
2013-11-03 04:48:04 ----A---- C:\Windows\system32\drivers\disk.sys
2013-11-03 04:48:03 ----A---- C:\Windows\SYSWOW64\spp.dll
2013-11-03 04:48:03 ----A---- C:\Windows\SYSWOW64\sethc.exe
2013-11-03 04:48:03 ----A---- C:\Windows\SYSWOW64\iassam.dll
2013-11-03 04:48:03 ----A---- C:\Windows\system32\PSHED.DLL
2013-11-03 04:48:03 ----A---- C:\Windows\system32\iashlpr.dll
2013-11-03 04:48:02 ----A---- C:\Windows\SYSWOW64\untfs.dll
2013-11-03 04:48:02 ----A---- C:\Windows\SYSWOW64\scrobj.dll
2013-11-03 04:48:01 ----A---- C:\Windows\system32\drivers\pciidex.sys
2013-11-03 04:48:00 ----A---- C:\Windows\system32\rasapi32.dll
2013-11-03 04:48:00 ----A---- C:\Windows\system32\mssprxy.dll
2013-11-03 04:48:00 ----A---- C:\Windows\system32\autoconv.exe
2013-11-03 04:47:59 ----A---- C:\Windows\system32\mpr.dll
2013-11-03 04:47:59 ----A---- C:\Windows\system32\diskraid.exe
2013-11-03 04:47:59 ----A---- C:\Windows\system32\autochk.exe
2013-11-03 04:47:58 ----A---- C:\Windows\system32\samlib.dll
2013-11-03 04:47:58 ----A---- C:\Windows\system32\onex.dll
2013-11-03 04:47:58 ----A---- C:\Windows\system32\ntprint.dll
2013-11-03 04:47:58 ----A---- C:\Windows\system32\ntmarta.dll
2013-11-03 04:47:58 ----A---- C:\Windows\system32\drivers\volmgr.sys
2013-11-03 04:47:57 ----A---- C:\Windows\SYSWOW64\autochk.exe
2013-11-03 04:47:57 ----A---- C:\Windows\system32\iassvcs.dll
2013-11-03 04:47:57 ----A---- C:\Windows\system32\drivers\ecache.sys
2013-11-03 04:47:57 ----A---- C:\Windows\system32\drivers\bthenum.sys
2013-11-03 04:47:56 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-11-03 04:47:55 ----A---- C:\Windows\SYSWOW64\printui.dll
2013-11-03 04:47:55 ----A---- C:\Windows\SYSWOW64\iasnap.dll
2013-11-03 04:47:55 ----A---- C:\Windows\system32\WMVENCOD.DLL
2013-11-03 04:47:54 ----A---- C:\Windows\SYSWOW64\autoconv.exe
2013-11-03 04:47:54 ----A---- C:\Windows\system32\profsvc.dll
2013-11-03 04:47:53 ----A---- C:\Windows\system32\scecli.dll
2013-11-03 04:47:53 ----A---- C:\Windows\system32\rpchttp.dll
2013-11-03 04:47:52 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-11-03 04:47:52 ----A---- C:\Windows\SYSWOW64\basecsp.dll
2013-11-03 04:47:52 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2013-11-03 04:47:51 ----A---- C:\Windows\SYSWOW64\userenv.dll
2013-11-03 04:47:51 ----A---- C:\Windows\SYSWOW64\onex.dll
2013-11-03 04:47:51 ----A---- C:\Windows\SYSWOW64\audiodg.exe
2013-11-03 04:47:51 ----A---- C:\Windows\system32\drivers\Dumpata.sys
2013-11-03 04:47:50 ----A---- C:\Windows\SYSWOW64\osk.exe
2013-11-03 04:47:50 ----A---- C:\Windows\system32\iasacct.dll
2013-11-03 04:47:50 ----A---- C:\Windows\system32\basecsp.dll
2013-11-03 04:47:49 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-11-03 04:47:49 ----A---- C:\Windows\system32\wusa.exe
2013-11-03 04:47:49 ----A---- C:\Windows\system32\powrprof.dll
2013-11-03 04:47:49 ----A---- C:\Windows\system32\logman.exe
2013-11-03 04:47:49 ----A---- C:\Windows\system32\dwm.exe
2013-11-03 04:47:49 ----A---- C:\Windows\system32\drivers\spldr.sys
2013-11-03 04:47:48 ----A---- C:\Windows\system32\themecpl.dll
2013-11-03 04:47:48 ----A---- C:\Windows\system32\drivers\atapi.sys
2013-11-03 04:47:47 ----A---- C:\Windows\system32\regsvc.dll
2013-11-03 04:47:47 ----A---- C:\Windows\system32\networkmap.dll
2013-11-03 04:47:46 ----A---- C:\Windows\system32\mspaint.exe
2013-11-03 04:47:45 ----A---- C:\Windows\SYSWOW64\RelMon.dll
2013-11-03 04:47:45 ----A---- C:\Windows\system32\wow64win.dll
2013-11-03 04:47:45 ----A---- C:\Windows\system32\drivers\ks.sys
2013-11-03 04:47:45 ----A---- C:\Windows\system32\drivers\exfat.sys
2013-11-03 04:47:44 ----A---- C:\Windows\system32\wsepno.dll
2013-11-03 04:47:44 ----A---- C:\Windows\system32\wpccpl.dll
2013-11-03 04:47:43 ----A---- C:\Windows\SYSWOW64\WinSCard.dll
2013-11-03 04:47:43 ----A---- C:\Windows\system32\tapisrv.dll
2013-11-03 04:47:43 ----A---- C:\Windows\system32\Faultrep.dll
2013-11-03 04:47:42 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2013-11-03 04:47:42 ----A---- C:\Windows\system32\scesrv.dll
2013-11-03 04:47:41 ----A---- C:\Windows\SYSWOW64\WerFaultSecure.exe
2013-11-03 04:47:41 ----A---- C:\Windows\SYSWOW64\offfilt.dll
2013-11-03 04:47:40 ----A---- C:\Windows\SYSWOW64\Utilman.exe
2013-11-03 04:47:40 ----A---- C:\Windows\system32\mstlsapi.dll
2013-11-03 04:47:40 ----A---- C:\Windows\system32\authz.dll
2013-11-03 04:47:39 ----A---- C:\Windows\SYSWOW64\WerFault.exe
2013-11-03 04:47:38 ----A---- C:\Windows\SYSWOW64\diskraid.exe
2013-11-03 04:47:38 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2013-11-03 04:47:37 ----A---- C:\Windows\SYSWOW64\SndVol.exe
2013-11-03 04:47:37 ----A---- C:\Windows\SYSWOW64\mscms.dll
2013-11-03 04:47:36 ----A---- C:\Windows\SYSWOW64\prnntfy.dll
2013-11-03 04:47:36 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2013-11-03 04:47:36 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2013-11-03 04:47:36 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2013-11-03 04:47:36 ----A---- C:\Windows\system32\wsnmp32.dll
2013-11-03 04:47:35 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-11-03 04:47:35 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2013-11-03 04:47:35 ----A---- C:\Windows\system32\TSTheme.exe
2013-11-03 04:47:34 ----A---- C:\Windows\SYSWOW64\ulib.dll
2013-11-03 04:47:34 ----A---- C:\Windows\SYSWOW64\iasdatastore.dll
2013-11-03 04:47:34 ----A---- C:\Windows\system32\systemcpl.dll
2013-11-03 04:47:34 ----A---- C:\Windows\system32\dot3svc.dll
2013-11-03 04:47:33 ----A---- C:\Windows\SYSWOW64\dsound.dll
2013-11-03 04:47:32 ----A---- C:\Windows\SYSWOW64\IPHLPAPI.DLL
2013-11-03 04:47:32 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2013-11-03 04:47:31 ----A---- C:\Windows\system32\usercpl.dll
2013-11-03 04:47:31 ----A---- C:\Windows\system32\console.dll
2013-11-03 04:47:30 ----A---- C:\Windows\SYSWOW64\wscntfy.dll
2013-11-03 04:47:30 ----A---- C:\Windows\SYSWOW64\rastapi.dll
2013-11-03 04:47:30 ----A---- C:\Windows\SYSWOW64\pnpsetup.dll
2013-11-03 04:47:30 ----A---- C:\Windows\SYSWOW64\fdProxy.dll
2013-11-03 04:47:30 ----A---- C:\Windows\system32\zipfldr.dll
2013-11-03 04:47:29 ----A---- C:\Windows\SYSWOW64\ipsecsnp.dll
2013-11-03 04:47:29 ----A---- C:\Windows\system32\rastapi.dll
2013-11-03 04:47:29 ----A---- C:\Windows\system32\odbccp32.dll
2013-11-03 04:47:28 ----A---- C:\Windows\SYSWOW64\wlangpui.dll
2013-11-03 04:47:28 ----A---- C:\Windows\SYSWOW64\diskpart.exe
2013-11-03 04:47:28 ----A---- C:\Windows\system32\wer.dll
2013-11-03 04:47:27 ----A---- C:\Windows\SYSWOW64\gpapi.dll
2013-11-03 04:47:27 ----A---- C:\Windows\system32\perfdisk.dll
2013-11-03 04:47:26 ----A---- C:\Windows\SYSWOW64\iashlpr.dll
2013-11-03 04:47:26 ----A---- C:\Windows\system32\bcrypt.dll
2013-11-03 04:47:25 ----A---- C:\Windows\system32\drivers\tdx.sys
2013-11-03 04:47:25 ----A---- C:\Windows\system32\autoplay.dll
2013-11-03 04:47:24 ----A---- C:\Windows\SYSWOW64\vdsdyn.dll
2013-11-03 04:47:24 ----A---- C:\Windows\system32\wpcao.dll
2013-11-03 04:47:23 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2013-11-03 04:47:22 ----A---- C:\Windows\SYSWOW64\logman.exe
2013-11-03 04:47:22 ----A---- C:\Windows\system32\wscript.exe
2013-11-03 04:47:22 ----A---- C:\Windows\system32\newdev.exe
2013-11-03 04:47:21 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2013-11-03 04:47:20 ----A---- C:\Windows\SYSWOW64\rasapi32.dll
2013-11-03 04:47:20 ----A---- C:\Windows\system32\powercpl.dll
2013-11-03 04:47:19 ----A---- C:\Windows\system32\DeviceEject.exe
2013-11-03 04:47:18 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2013-11-03 04:47:18 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-03 04:47:18 ----A---- C:\Windows\system32\msisip.dll
2013-11-03 04:47:17 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2013-11-03 04:47:17 ----A---- C:\Windows\system32\pcaui.dll
2013-11-03 04:47:17 ----A---- C:\Windows\system32\mscorier.dll
2013-11-03 04:47:16 ----A---- C:\Windows\SYSWOW64\wusa.exe
2013-11-03 04:47:15 ----A---- C:\Windows\SYSWOW64\iasrad.dll
2013-11-03 04:47:15 ----A---- C:\Windows\system32\wshbth.dll
2013-11-03 04:47:15 ----A---- C:\Windows\system32\slcc.dll
2013-11-03 04:47:15 ----A---- C:\Windows\system32\hdwwiz.exe
2013-11-03 04:47:14 ----A---- C:\Windows\system32\regapi.dll
2013-11-03 04:47:13 ----A---- C:\Windows\SYSWOW64\findstr.exe
2013-11-03 04:47:13 ----A---- C:\Windows\system32\sud.dll
2013-11-03 04:47:13 ----A---- C:\Windows\system32\modemui.dll
2013-11-03 04:47:12 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2013-11-03 04:47:11 ----A---- C:\Windows\SYSWOW64\wshext.dll
2013-11-03 04:47:11 ----A---- C:\Windows\SYSWOW64\netcenter.dll
2013-11-03 04:47:11 ----A---- C:\Windows\system32\ulib.dll
2013-11-03 04:47:11 ----A---- C:\Windows\system32\feclient.dll
2013-11-03 04:47:10 ----A---- C:\Windows\system32\vdsutil.dll
2013-11-03 04:47:10 ----A---- C:\Windows\system32\accessibilitycpl.dll
2013-11-03 04:47:08 ----A---- C:\Windows\system32\drivers\pacer.sys
2013-11-03 04:47:08 ----A---- C:\Windows\system32\apphelp.dll
2013-11-03 04:47:07 ----A---- C:\Windows\system32\wshext.dll
2013-11-03 04:47:07 ----A---- C:\Windows\system32\cscript.exe
2013-11-03 04:47:06 ----A---- C:\Windows\system32\chtbrkr.dll
2013-11-03 04:47:05 ----A---- C:\Windows\SYSWOW64\wer.dll
2013-11-03 04:47:05 ----A---- C:\Windows\SYSWOW64\rasdlg.dll
2013-11-03 04:47:05 ----A---- C:\Windows\SYSWOW64\iassvcs.dll
2013-11-03 04:47:05 ----A---- C:\Windows\system32\imm32.dll
2013-11-03 04:47:04 ----A---- C:\Windows\system32\pnpui.dll
2013-11-03 04:47:04 ----A---- C:\Windows\system32\ncryptui.dll
2013-11-03 04:47:03 ----A---- C:\Windows\system32\drivers\udfs.sys
2013-11-03 04:47:02 ----A---- C:\Windows\SYSWOW64\wsnmp32.dll
2013-11-03 04:47:02 ----A---- C:\Windows\SYSWOW64\themecpl.dll
2013-11-03 04:47:02 ----A---- C:\Windows\system32\riched20.dll
2013-11-03 04:47:01 ----A---- C:\Windows\system32\tcpmon.dll
2013-11-03 04:47:00 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2013-11-03 04:47:00 ----A---- C:\Windows\system32\drivers\wanarp.sys
2013-11-03 04:46:59 ----A---- C:\Windows\SYSWOW64\scansetting.dll
2013-11-03 04:46:59 ----A---- C:\Windows\SYSWOW64\ntmarta.dll
2013-11-03 04:46:59 ----A---- C:\Windows\system32\rasppp.dll
2013-11-03 04:46:58 ----A---- C:\Windows\SYSWOW64\msutb.dll
2013-11-03 04:46:58 ----A---- C:\Windows\SYSWOW64\mstlsapi.dll
2013-11-03 04:46:58 ----A---- C:\Windows\SYSWOW64\iasads.dll
2013-11-03 04:46:57 ----A---- C:\Windows\SYSWOW64\slcc.dll
2013-11-03 04:46:57 ----A---- C:\Windows\system32\dataclen.dll
2013-11-03 04:46:55 ----A---- C:\Windows\system32\srcore.dll
2013-11-03 04:46:54 ----A---- C:\Windows\SYSWOW64\powrprof.dll
2013-11-03 04:46:54 ----A---- C:\Windows\system32\SndVolSSO.dll
2013-11-03 04:46:54 ----A---- C:\Windows\system32\ifmon.dll
2013-11-03 04:46:53 ----A---- C:\Windows\SYSWOW64\iasacct.dll
2013-11-03 04:46:53 ----A---- C:\Windows\system32\rasplap.dll

[zilo9]

2013-11-03 04:46:52 ----A---- C:\Windows\SYSWOW64\powercpl.dll
2013-11-03 04:46:52 ----A---- C:\Windows\SYSWOW64\networkmap.dll
2013-11-03 04:46:52 ----A---- C:\Windows\SYSWOW64\icardres.dll
2013-11-03 04:46:52 ----A---- C:\Windows\system32\icardres.dll
2013-11-03 04:46:51 ----A---- C:\Windows\SYSWOW64\PerfCenterCPL.dll
2013-11-03 04:46:50 ----A---- C:\Windows\system32\oleprn.dll
2013-11-03 04:46:49 ----A---- C:\Windows\SYSWOW64\newdev.exe
2013-11-03 04:46:49 ----A---- C:\Windows\SYSWOW64\authz.dll
2013-11-03 04:46:49 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2013-11-03 04:46:48 ----A---- C:\Windows\system32\wlangpui.dll
2013-11-03 04:46:48 ----A---- C:\Windows\system32\fc.exe
2013-11-03 04:46:47 ----A---- C:\Windows\system32\WMVXENCD.DLL
2013-11-03 04:46:46 ----A---- C:\Windows\SYSWOW64\connect.dll
2013-11-03 04:46:46 ----A---- C:\Windows\system32\cmmon32.exe
2013-11-03 04:46:44 ----A---- C:\Windows\SYSWOW64\sud.dll
2013-11-03 04:46:44 ----A---- C:\Windows\system32\thawbrkr.dll
2013-11-03 04:46:44 ----A---- C:\Windows\system32\drivers\npfs.sys
2013-11-03 04:46:43 ----A---- C:\Windows\system32\scksp.dll
2013-11-03 04:46:42 ----A---- C:\Windows\SYSWOW64\systemcpl.dll
2013-11-03 04:46:42 ----A---- C:\Windows\SYSWOW64\pcaui.dll
2013-11-03 04:46:42 ----A---- C:\Windows\system32\hidserv.dll
2013-11-03 04:46:41 ----A---- C:\Windows\system32\wscisvif.dll
2013-11-03 04:46:41 ----A---- C:\Windows\system32\raschap.dll
2013-11-03 04:46:41 ----A---- C:\Windows\system32\BFE.DLL
2013-11-03 04:46:39 ----A---- C:\Windows\SYSWOW64\samlib.dll
2013-11-03 04:46:39 ----A---- C:\Windows\SYSWOW64\mmci.dll
2013-11-03 04:46:39 ----A---- C:\Windows\SYSWOW64\accessibilitycpl.dll
2013-11-03 04:46:39 ----A---- C:\Windows\system32\spwinsat.dll
2013-11-03 04:46:39 ----A---- C:\Windows\system32\iaspolcy.dll
2013-11-03 04:46:37 ----A---- C:\Windows\SYSWOW64\usercpl.dll
2013-11-03 04:46:36 ----A---- C:\Windows\SYSWOW64\autoplay.dll
2013-11-03 04:46:32 ----A---- C:\Windows\SYSWOW64\wlanpref.dll
2013-11-03 04:46:32 ----A---- C:\Windows\system32\rekeywiz.exe
2013-11-03 04:46:32 ----A---- C:\Windows\system32\drivers\fastfat.sys
2013-11-03 04:46:31 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2013-11-03 04:46:31 ----A---- C:\Windows\system32\msimtf.dll
2013-11-03 04:46:29 ----A---- C:\Windows\SYSWOW64\regapi.dll
2013-11-03 04:46:29 ----A---- C:\Windows\system32\SyncCenter.dll
2013-11-03 04:46:28 ----A---- C:\Windows\SYSWOW64\wpcao.dll
2013-11-03 04:46:28 ----A---- C:\Windows\SYSWOW64\vdsutil.dll
2013-11-03 04:46:28 ----A---- C:\Windows\SYSWOW64\msinfo32.exe
2013-11-03 04:46:28 ----A---- C:\Windows\system32\mscandui.dll
2013-11-03 04:46:27 ----A---- C:\Windows\SYSWOW64\tapisrv.dll
2013-11-03 04:46:27 ----A---- C:\Windows\system32\rdpwsx.dll
2013-11-03 04:46:27 ----A---- C:\Windows\system32\PnPUnattend.exe
2013-11-03 04:46:27 ----A---- C:\Windows\system32\msscp.dll
2013-11-03 04:46:25 ----A---- C:\Windows\SYSWOW64\scksp.dll
2013-11-03 04:46:25 ----A---- C:\Windows\SYSWOW64\feclient.dll
2013-11-03 04:46:25 ----A---- C:\Windows\system32\msftedit.dll
2013-11-03 04:46:24 ----A---- C:\Windows\system32\certprop.dll
2013-11-03 04:46:22 ----A---- C:\Windows\system32\WMPEncEn.dll
2013-11-03 04:46:22 ----A---- C:\Windows\system32\dsprop.dll
2013-11-03 04:46:20 ----A---- C:\Windows\SYSWOW64\WMPEncEn.dll
2013-11-03 04:46:19 ----A---- C:\Windows\SYSWOW64\mpr.dll
2013-11-03 04:46:19 ----A---- C:\Windows\system32\wiaaut.dll
2013-11-03 04:46:18 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2013-11-03 04:46:18 ----A---- C:\Windows\SYSWOW64\oleprn.dll
2013-11-03 04:46:18 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2013-11-03 04:46:17 ----A---- C:\Windows\system32\AUDIOKSE.dll
2013-11-03 04:46:16 ----A---- C:\Windows\SYSWOW64\rekeywiz.exe
2013-11-03 04:46:16 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2013-11-03 04:46:16 ----A---- C:\Windows\SYSWOW64\dot3msm.dll
2013-11-03 04:46:16 ----A---- C:\Windows\system32\wsdchngr.dll
2013-11-03 04:46:15 ----A---- C:\Windows\SYSWOW64\wscisvif.dll
2013-11-03 04:46:15 ----A---- C:\Windows\SYSWOW64\iaspolcy.dll
2013-11-03 04:46:15 ----A---- C:\Windows\system32\whealogr.dll
2013-11-03 04:46:15 ----A---- C:\Windows\system32\fontext.dll
2013-11-03 04:46:14 ----A---- C:\Windows\system32\dot3msm.dll
2013-11-03 04:46:12 ----A---- C:\Windows\SYSWOW64\dpapimig.exe
2013-11-03 04:46:11 ----A---- C:\Windows\SYSWOW64\ncryptui.dll
2013-11-03 04:46:10 ----A---- C:\Windows\SYSWOW64\perfdisk.dll
2013-11-03 04:46:10 ----A---- C:\Windows\SYSWOW64\certreq.exe
2013-11-03 04:46:09 ----A---- C:\Windows\SYSWOW64\hdwwiz.exe
2013-11-03 04:46:09 ----A---- C:\Windows\system32\wmpeffects.dll
2013-11-03 04:46:08 ----A---- C:\Windows\SYSWOW64\rasgcw.dll
2013-11-03 04:46:08 ----A---- C:\Windows\system32\msnetobj.dll
2013-11-03 04:46:07 ----A---- C:\Windows\SYSWOW64\scecli.dll
2013-11-03 04:46:07 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2013-11-03 04:46:06 ----A---- C:\Windows\system32\netshell.dll
2013-11-03 04:46:05 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2013-11-03 04:46:05 ----A---- C:\Windows\SYSWOW64\rasplap.dll
2013-11-03 04:46:05 ----A---- C:\Windows\system32\dimsroam.dll
2013-11-03 04:46:04 ----A---- C:\Windows\SYSWOW64\TSTheme.exe
2013-11-03 04:46:04 ----A---- C:\Windows\SYSWOW64\spwinsat.dll
2013-11-03 04:46:04 ----A---- C:\Windows\system32\PnPutil.exe
2013-11-03 04:46:03 ----A---- C:\Windows\SYSWOW64\tcpipcfg.dll
2013-11-03 04:46:03 ----A---- C:\Windows\system32\drmmgrtn.dll
2013-11-03 04:46:02 ----A---- C:\Windows\SYSWOW64\fdWSD.dll
2013-11-03 04:46:02 ----A---- C:\Windows\SYSWOW64\cmmon32.exe
2013-11-03 04:46:02 ----A---- C:\Windows\system32\conime.exe
2013-11-03 04:46:01 ----A---- C:\Windows\SYSWOW64\tcpmon.dll
2013-11-03 04:46:01 ----A---- C:\Windows\system32\wmdrmdev.dll
2013-11-03 04:46:01 ----A---- C:\Windows\system32\certreq.exe
2013-11-03 04:46:00 ----A---- C:\Windows\SYSWOW64\whealogr.dll
2013-11-03 04:46:00 ----A---- C:\Windows\system32\SndVol.exe
2013-11-03 04:46:00 ----A---- C:\Windows\system32\shsetup.dll
2013-11-03 04:45:59 ----A---- C:\Windows\system32\msutb.dll
2013-11-03 04:45:58 ----A---- C:\Windows\system32\wlanui.dll
2013-11-03 04:45:57 ----A---- C:\Windows\system32\uxsms.dll
2013-11-03 04:45:57 ----A---- C:\Windows\system32\netplwiz.dll
2013-11-03 04:45:56 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2013-11-03 04:45:56 ----A---- C:\Windows\system32\drivers\watchdog.sys
2013-11-03 04:45:56 ----A---- C:\Windows\system32\drivers\rmcast.sys
2013-11-03 04:45:55 ----A---- C:\Windows\SYSWOW64\cmdial32.dll
2013-11-03 04:45:55 ----A---- C:\Windows\system32\drivers\rassstp.sys
2013-11-03 04:45:54 ----A---- C:\Windows\system32\blackbox.dll
2013-11-03 04:45:52 ----A---- C:\Windows\system32\oobefldr.dll
2013-11-03 04:45:51 ----A---- C:\Windows\SYSWOW64\conime.exe
2013-11-03 04:45:51 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2013-11-03 04:45:51 ----A---- C:\Windows\system32\cmdial32.dll
2013-11-03 04:45:50 ----A---- C:\Windows\SYSWOW64\SCardSvr.dll
2013-11-03 04:45:50 ----A---- C:\Windows\SYSWOW64\raschap.dll
2013-11-03 04:45:50 ----A---- C:\Windows\SYSWOW64\fontext.dll
2013-11-03 04:45:50 ----A---- C:\Windows\system32\wscsvc.dll
2013-11-03 04:45:48 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2013-11-03 04:45:48 ----A---- C:\Windows\system32\MSVidCtl.dll
2013-11-03 04:45:48 ----A---- C:\Windows\system32\fdWSD.dll
2013-11-03 04:45:47 ----A---- C:\Windows\SYSWOW64\wiaaut.dll
2013-11-03 04:45:47 ----A---- C:\Windows\system32\wlgpclnt.dll
2013-11-03 04:45:47 ----A---- C:\Windows\system32\drivers\nwifi.sys
2013-11-03 04:45:46 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2013-11-03 04:45:46 ----A---- C:\Windows\SYSWOW64\wlanui.dll
2013-11-03 04:45:46 ----A---- C:\Windows\system32\cipher.exe
2013-11-03 04:45:45 ----A---- C:\Windows\SYSWOW64\rasppp.dll
2013-11-03 04:45:45 ----A---- C:\Windows\system32\wmdrmsdk.dll
2013-11-03 04:45:44 ----A---- C:\Windows\SYSWOW64\shwebsvc.dll
2013-11-03 04:45:44 ----A---- C:\Windows\SYSWOW64\dsprop.dll
2013-11-03 04:45:42 ----A---- C:\Windows\SYSWOW64\oobefldr.dll
2013-11-03 04:45:42 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2013-11-03 04:45:42 ----A---- C:\Windows\system32\l2nacp.dll
2013-11-03 04:45:41 ----A---- C:\Windows\system32\softkbd.dll
2013-11-03 04:45:40 ----A---- C:\Windows\SYSWOW64\shsetup.dll
2013-11-03 04:45:40 ----A---- C:\Windows\system32\btpanui.dll
2013-11-03 04:45:39 ----A---- C:\Windows\SYSWOW64\modemui.dll
2013-11-03 04:45:39 ----A---- C:\Windows\system32\rasmontr.dll
2013-11-03 04:45:39 ----A---- C:\Windows\system32\input.dll
2013-11-03 04:45:38 ----A---- C:\Windows\SYSWOW64\rasmontr.dll
2013-11-03 04:45:38 ----A---- C:\Windows\SYSWOW64\mscandui.dll
2013-11-03 04:45:37 ----A---- C:\Windows\SYSWOW64\chtbrkr.dll
2013-11-03 04:45:36 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2013-11-03 04:45:35 ----A---- C:\Windows\SYSWOW64\dataclen.dll
2013-11-03 04:45:35 ----A---- C:\Windows\system32\NcdProp.dll
2013-11-03 04:45:35 ----A---- C:\Windows\system32\cscapi.dll
2013-11-03 04:45:34 ----A---- C:\Windows\SYSWOW64\wlgpclnt.dll
2013-11-03 04:45:34 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2013-11-03 04:45:34 ----A---- C:\Windows\system32\drivers\ohci1394.sys
2013-11-03 04:45:33 ----A---- C:\Windows\SYSWOW64\credui.dll
2013-11-03 04:45:32 ----A---- C:\Windows\system32\rstrui.exe
2013-11-03 04:45:32 ----A---- C:\Windows\system32\findstr.exe
2013-11-03 04:45:31 ----A---- C:\Windows\SYSWOW64\netplwiz.dll
2013-11-03 04:45:30 ----A---- C:\Windows\SYSWOW64\WSDMon.dll
2013-11-03 04:45:30 ----A---- C:\Windows\system32\deskmon.dll
2013-11-03 04:45:29 ----A---- C:\Windows\SYSWOW64\wmpeffects.dll
2013-11-03 04:45:29 ----A---- C:\Windows\system32\mstask.dll
2013-11-03 04:45:28 ----A---- C:\Windows\system32\adsmsext.dll
2013-11-03 04:45:27 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2013-11-03 04:45:26 ----A---- C:\Windows\system32\wpdwcn.dll
2013-11-03 04:45:25 ----A---- C:\Windows\SYSWOW64\networkexplorer.dll
2013-11-03 04:45:25 ----A---- C:\Windows\system32\msctfui.dll
2013-11-03 04:45:24 ----A---- C:\Windows\SYSWOW64\wpcsvc.dll
2013-11-03 04:45:24 ----A---- C:\Windows\SYSWOW64\logagent.exe
2013-11-03 04:45:24 ----A---- C:\Windows\SYSWOW64\ifmon.dll
2013-11-03 04:45:24 ----A---- C:\Windows\SYSWOW64\cipher.exe
2013-11-03 04:45:23 ----A---- C:\Windows\SYSWOW64\msscp.dll
2013-11-03 04:45:23 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2013-11-03 04:45:23 ----A---- C:\Windows\system32\version.dll
2013-11-03 04:45:22 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2013-11-03 04:45:22 ----A---- C:\Windows\SYSWOW64\gpresult.exe
2013-11-03 04:45:22 ----A---- C:\Windows\system32\WMADMOD.DLL
2013-11-03 04:45:22 ----A---- C:\Windows\system32\mdminst.dll
2013-11-03 04:45:21 ----A---- C:\Windows\SYSWOW64\msimtf.dll
2013-11-03 04:45:21 ----A---- C:\Windows\system32\wmdrmnet.dll
2013-11-03 04:45:20 ----A---- C:\Windows\SYSWOW64\wpdwcn.dll
2013-11-03 04:45:19 ----A---- C:\Windows\SYSWOW64\thawbrkr.dll
2013-11-03 04:45:18 ----A---- C:\Windows\SYSWOW64\sendmail.dll
2013-11-03 04:45:18 ----A---- C:\Windows\system32\credui.dll
2013-11-03 04:45:17 ----A---- C:\Windows\SYSWOW64\softkbd.dll
2013-11-03 04:45:17 ----A---- C:\Windows\system32\rasdial.exe
2013-11-03 04:45:17 ----A---- C:\Windows\system32\logagent.exe
2013-11-03 04:45:16 ----A---- C:\Windows\SYSWOW64\msctfui.dll
2013-11-03 04:45:16 ----A---- C:\Windows\SYSWOW64\MediaMetadataHandler.dll
2013-11-03 04:45:16 ----A---- C:\Windows\system32\WSDMon.dll
2013-11-03 04:45:16 ----A---- C:\Windows\system32\rshx32.dll
2013-11-03 04:45:15 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2013-11-03 04:45:14 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2013-11-03 04:45:14 ----A---- C:\Windows\SYSWOW64\dmsynth.dll
2013-11-03 04:45:14 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2013-11-03 04:45:14 ----A---- C:\Windows\system32\drivers\hidusb.sys
2013-11-03 04:45:11 ----A---- C:\Windows\system32\cscdll.dll
2013-11-03 04:45:10 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2013-11-03 04:45:10 ----A---- C:\Windows\system32\mprapi.dll
2013-11-03 04:45:09 ----A---- C:\Windows\SYSWOW64\puiapi.dll
2013-11-03 04:45:09 ----A---- C:\Windows\system32\drivers\smb.sys
2013-11-03 04:45:09 ----A---- C:\Windows\system32\deskadp.dll
2013-11-03 04:45:08 ----A---- C:\Windows\SYSWOW64\input.dll
2013-11-03 04:45:07 ----A---- C:\Windows\SYSWOW64\wmdrmdev.dll
2013-11-03 04:45:07 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2013-11-03 04:45:07 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2013-11-03 04:45:06 ----A---- C:\Windows\SYSWOW64\wshbth.dll
2013-11-03 04:45:06 ----A---- C:\Windows\SYSWOW64\version.dll
2013-11-03 04:45:06 ----A---- C:\Windows\SYSWOW64\mprapi.dll
2013-11-03 04:45:05 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2013-11-03 04:45:05 ----A---- C:\Windows\SYSWOW64\msisip.dll
2013-11-03 04:45:05 ----A---- C:\Windows\SYSWOW64\fc.exe
2013-11-03 04:45:05 ----A---- C:\Windows\system32\SMBHelperClass.dll
2013-11-03 04:45:05 ----A---- C:\Windows\system32\fdSSDP.dll
2013-11-03 04:45:04 ----A---- C:\Windows\system32\bthci.dll
2013-11-03 04:45:03 ----A---- C:\Windows\system32\gpapi.dll
2013-11-03 04:45:02 ----A---- C:\Windows\SYSWOW64\fdSSDP.dll
2013-11-03 04:45:02 ----A---- C:\Windows\SYSWOW64\dmusic.dll
2013-11-03 04:45:02 ----A---- C:\Windows\system32\eapp3hst.dll
2013-11-03 04:45:01 ----A---- C:\Windows\SYSWOW64\MsCtfMonitor.dll
2013-11-03 04:45:01 ----A---- C:\Windows\system32\wscntfy.dll
2013-11-03 04:45:01 ----A---- C:\Windows\system32\dot3cfg.dll
2013-11-03 04:45:00 ----A---- C:\Windows\SYSWOW64\cscapi.dll
2013-11-03 04:45:00 ----A---- C:\Windows\system32\ftp.exe
2013-11-03 04:45:00 ----A---- C:\Windows\system32\drivers\dxg.sys
2013-11-03 04:44:59 ----A---- C:\Windows\SYSWOW64\msjint40.dll
2013-11-03 04:44:59 ----A---- C:\Windows\system32\networkexplorer.dll
2013-11-03 04:44:58 ----A---- C:\Windows\SYSWOW64\l2nacp.dll
2013-11-03 04:44:58 ----A---- C:\Windows\SYSWOW64\eapp3hst.dll
2013-11-03 04:44:58 ----A---- C:\Windows\system32\wmpps.dll
2013-11-03 04:44:58 ----A---- C:\Windows\system32\PNPXAssoc.dll
2013-11-03 04:44:58 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2013-11-03 04:44:57 ----A---- C:\Windows\SYSWOW64\ftp.exe
2013-11-03 04:44:57 ----A---- C:\Windows\system32\drivers\tdi.sys
2013-11-03 04:44:57 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-11-03 04:44:56 ----A---- C:\Windows\SYSWOW64\cscdll.dll
2013-11-03 04:44:54 ----A---- C:\Windows\SYSWOW64\wsdchngr.dll
2013-11-03 04:44:54 ----A---- C:\Windows\SYSWOW64\wmdrmnet.dll
2013-11-03 04:44:54 ----A---- C:\Windows\system32\Storprop.dll
2013-11-03 04:44:53 ----A---- C:\Windows\SYSWOW64\SMBHelperClass.dll
2013-11-03 04:44:52 ----A---- C:\Windows\SYSWOW64\rasdial.exe
2013-11-03 04:44:52 ----A---- C:\Windows\SYSWOW64\rasdiag.dll
2013-11-03 04:44:52 ----A---- C:\Windows\system32\mydocs.dll
2013-11-03 04:44:52 ----A---- C:\Windows\system32\hbaapi.dll
2013-11-03 04:44:51 ----A---- C:\Windows\SYSWOW64\bthudtask.exe
2013-11-03 04:44:51 ----A---- C:\Windows\system32\fdWCN.dll
2013-11-03 04:44:50 ----A---- C:\Windows\SYSWOW64\fdWCN.dll
2013-11-03 04:44:50 ----A---- C:\Windows\SYSWOW64\eappcfg.dll
2013-11-03 04:44:50 ----A---- C:\Windows\SYSWOW64\dot3cfg.dll
2013-11-03 04:44:49 ----A---- C:\Windows\SYSWOW64\ipconfig.exe
2013-11-03 04:44:49 ----A---- C:\Windows\SYSWOW64\CHxReadingStringIME.dll
2013-11-03 04:44:49 ----A---- C:\Windows\system32\eappcfg.dll
2013-11-03 04:44:48 ----A---- C:\Windows\SYSWOW64\MSAC3ENC.DLL
2013-11-03 04:44:48 ----A---- C:\Windows\system32\SLLUA.exe
2013-11-03 04:44:48 ----A---- C:\Windows\system32\networkitemfactory.dll
2013-11-03 04:44:47 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2013-11-03 04:44:46 ----A---- C:\Windows\SYSWOW64\slcinst.dll
2013-11-03 04:44:45 ----A---- C:\Windows\SYSWOW64\nslookup.exe
2013-11-03 04:44:45 ----A---- C:\Windows\SYSWOW64\networkitemfactory.dll
2013-11-03 04:44:44 ----A---- C:\Windows\system32\slcinst.dll
2013-11-03 04:44:43 ----A---- C:\Windows\SYSWOW64\ocsetup.exe
2013-11-03 04:44:43 ----A---- C:\Windows\SYSWOW64\eappgnui.dll
2013-11-03 04:44:43 ----A---- C:\Windows\system32\eappgnui.dll
2013-11-03 04:44:42 ----A---- C:\Windows\SYSWOW64\hbaapi.dll
2013-11-03 04:44:42 ----A---- C:\Windows\SYSWOW64\FwRemoteSvr.dll
2013-11-03 04:44:42 ----A---- C:\Windows\system32\ocsetup.exe
2013-11-03 04:44:41 ----A---- C:\Windows\SYSWOW64\fdeploy.dll
2013-11-03 04:44:40 ----A---- C:\Windows\SYSWOW64\mmcico.dll
2013-11-03 04:44:37 ----A---- C:\Windows\system32\bitsigd.dll
2013-11-03 04:44:36 ----A---- C:\Windows\SYSWOW64\gpupdate.exe
2013-11-03 04:44:36 ----A---- C:\Windows\system32\wscapi.dll
2013-11-03 04:44:36 ----A---- C:\Windows\system32\cbsra.exe
2013-11-03 04:44:30 ----A---- C:\Windows\system32\iscsilog.dll
2013-11-03 04:44:30 ----A---- C:\Windows\system32\bthudtask.exe
2013-11-03 04:44:29 ----A---- C:\Windows\SYSWOW64\NcdProp.dll
2013-11-03 04:44:28 ----A---- C:\Windows\system32\vss_ps.dll
2013-11-03 04:44:25 ----A---- C:\Windows\SYSWOW64\vdmdbg.dll
2013-11-03 04:44:25 ----A---- C:\Windows\SYSWOW64\odbcconf.dll
2013-11-03 04:44:25 ----A---- C:\Windows\system32\odbcconf.dll
2013-11-03 04:44:25 ----A---- C:\Windows\system32\inetppui.dll
2013-11-03 04:44:24 ----A---- C:\Windows\SYSWOW64\wmpps.dll
2013-11-03 04:44:23 ----A---- C:\Windows\SYSWOW64\slwga.dll
2013-11-03 04:44:23 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2013-11-03 04:44:22 ----A---- C:\Windows\SYSWOW64\winrnr.dll
2013-11-03 04:44:20 ----A---- C:\Windows\system32\midimap.dll
2013-11-03 04:44:18 ----A---- C:\Windows\system32\drivers\cdrom.sys
2013-11-03 04:44:16 ----A---- C:\Windows\SYSWOW64\midimap.dll
2013-11-03 04:44:10 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2013-11-03 04:44:09 ----A---- C:\Windows\system32\wow64cpu.dll
2013-11-03 04:44:09 ----A---- C:\Windows\system32\drivers\stream.sys
2013-11-03 04:44:07 ----A---- C:\Windows\system32\drivers\raspppoe.sys
2013-11-03 04:44:02 ----A---- C:\Windows\SYSWOW64\f3ahvoas.dll
2013-11-03 04:44:02 ----A---- C:\Windows\system32\f3ahvoas.dll
2013-11-03 04:44:01 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2013-11-03 04:44:01 ----A---- C:\Windows\system32\msimsg.dll
2013-11-03 04:42:34 ----A---- C:\Windows\SYSWOW64\wdscore.dll
2013-11-03 04:41:36 ----A---- C:\Windows\SYSWOW64\drvstore.dll
2013-11-03 04:33:41 ----A---- C:\Windows\system32\SmiEngine.dll
2013-11-03 04:33:20 ----A---- C:\Windows\system32\wdscore.dll
2013-11-03 04:33:20 ----A---- C:\Windows\system32\PkgMgr.exe
2013-11-03 04:32:23 ----A---- C:\Windows\system32\drvstore.dll
2013-11-02 03:40:47 ----A---- C:\Windows\dd_vcredistUI267A.txt
2013-11-02 03:40:47 ----A---- C:\Windows\dd_vcredistMSI267A.txt
2013-11-02 03:31:12 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2013-11-02 03:31:12 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2013-11-02 03:31:12 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2013-11-02 03:31:12 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2013-11-02 03:31:11 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2013-11-02 03:31:11 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2013-11-02 03:31:11 ----A---- C:\Windows\system32\PresentationHost.exe
2013-11-02 03:31:11 ----A---- C:\Windows\system32\netfxperf.dll
2013-11-02 03:31:11 ----A---- C:\Windows\system32\mscoree.dll
2013-11-02 03:31:10 ----A---- C:\Windows\system32\dfshim.dll
2013-11-01 23:34:30 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2013-11-01 23:33:53 ----D---- C:\Windows\PCHEALTH
2013-11-01 23:33:53 ----D---- C:\Program Files (x86)\Microsoft.NET
2013-11-01 23:30:23 ----D---- C:\Program Files\Microsoft Office
2013-11-01 23:23:33 ----RHD---- C:\MSOCache
2013-11-01 17:35:55 ----D---- C:\ProgramData\FLEXnet
2013-11-01 17:10:32 ----D---- C:\Program Files\Common Files\Macrovision Shared
2013-11-01 17:05:07 ----D---- C:\Program Files\Common Files\Autodesk Shared
2013-11-01 17:05:07 ----D---- C:\Program Files\Autodesk
2013-11-01 17:00:54 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2013-11-01 17:00:54 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2013-11-01 17:00:54 ----A---- C:\Windows\system32\d3dx10_41.dll
2013-11-01 17:00:54 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2013-11-01 17:00:52 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2013-11-01 17:00:52 ----A---- C:\Windows\system32\D3DX9_41.dll
2013-11-01 17:00:34 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2013-11-01 17:00:34 ----A---- C:\Windows\system32\d3dx9_30.dll
2013-11-01 16:16:58 ----D---- C:\Users\Zilo\AppData\Roaming\Autodesk
2013-11-01 16:16:58 ----D---- C:\ProgramData\Autodesk
2013-11-01 16:09:16 ----D---- C:\Autodesk
2013-11-01 10:55:29 ----A---- C:\Windows\dd_vcredistMSI2507.txt
2013-11-01 10:55:27 ----A---- C:\Windows\dd_vcredistUI2507.txt
2013-11-01 02:17:57 ----D---- C:\Users\Zilo\AppData\Roaming\GHISLER
2013-11-01 02:17:57 ----D---- C:\totalcmd
2013-11-01 02:10:34 ----D---- C:\Users\Zilo\AppData\Roaming\WinRAR
2013-11-01 02:10:28 ----D---- C:\Program Files\WinRAR
2013-11-01 02:06:30 ----D---- C:\ProgramData\Panda Security
2013-11-01 02:06:16 ----D---- C:\Program Files (x86)\Panda USB Vaccine
2013-11-01 02:00:22 ----D---- C:\Program Files (x86)\Adobe
2013-11-01 01:57:04 ----D---- C:\Users\Zilo\AppData\Roaming\Auslogics
2013-11-01 01:57:01 ----D---- C:\Program Files (x86)\Auslogics
2013-11-01 01:54:19 ----D---- C:\ProgramData\Auslogics
2013-11-01 01:49:39 ----D---- C:\ProgramData\Sony
2013-11-01 01:49:39 ----D---- C:\Program Files (x86)\Sony
2013-11-01 01:30:27 ----D---- C:\Users\Zilo\AppData\Roaming\vlc
2013-11-01 01:28:37 ----D---- C:\Program Files\VideoLAN
2013-11-01 01:23:45 ----N---- C:\Windows\system32\MpSigStub.exe
2013-11-01 01:22:02 ----D---- C:\Program Files\CCleaner
2013-11-01 01:13:47 ----A---- C:\Windows\SYSWOW64\srvany.exe
2013-11-01 01:13:47 ----A---- C:\Windows\KMService.exe
2013-11-01 00:53:53 ----D---- C:\ProgramData\Microsoft Help
2013-11-01 00:50:22 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2013-11-01 00:50:15 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2013-11-01 00:37:21 ----D---- C:\Users\Zilo\AppData\Roaming\DAEMON Tools Lite
2013-11-01 00:37:21 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-11-01 00:16:22 ----D---- C:\Program Files\ESET
2013-11-01 00:16:21 ----D---- C:\ProgramData\ESET
2013-10-31 23:26:08 ----SHD---- C:\System Volume Information
2013-10-31 22:02:38 ----D---- C:\Users\Zilo\AppData\Roaming\CyberLink
2013-10-31 21:57:04 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-10-31 21:56:59 ----D---- C:\Windows\system32\Macromed
2013-10-31 21:32:34 ----A---- C:\Windows\system32\srvsvc.dll
2013-10-31 21:32:33 ----A---- C:\Windows\SYSWOW64\sscore.dll
2013-10-31 21:32:33 ----A---- C:\Windows\system32\sscore.dll
2013-10-31 21:32:33 ----A---- C:\Windows\system32\netevent.dll
2013-10-31 21:32:32 ----A---- C:\Windows\SYSWOW64\netevent.dll
2013-10-31 21:28:08 ----D---- C:\Program Files (x86)\MSXML 4.0
2013-10-31 21:21:41 ----D---- C:\Users\Zilo\AppData\Roaming\ESET
2013-10-31 21:02:24 ----D---- C:\Program Files (x86)\Google
2013-10-31 21:00:50 ----D---- C:\Users\Zilo\AppData\Roaming\Mozilla
2013-10-31 21:00:42 ----D---- C:\ProgramData\Mozilla
2013-10-31 21:00:41 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-31 20:42:57 ----D---- C:\Windows\SYSWOW64\WindowsPowerShell
2013-10-31 20:42:55 ----D---- C:\Windows\system32\WindowsPowerShell
2013-10-31 19:30:52 ----A---- C:\Windows\system32\browserchoice.exe
2013-10-31 19:03:45 ----A---- C:\Windows\SYSWOW64\nshhttp.dll
2013-10-31 19:03:45 ----A---- C:\Windows\system32\nshhttp.dll
2013-10-31 19:03:42 ----A---- C:\Windows\system32\httpapi.dll
2013-10-31 19:03:42 ----A---- C:\Windows\system32\drivers\http.sys
2013-10-31 19:03:41 ----A---- C:\Windows\SYSWOW64\httpapi.dll
2013-10-31 18:30:17 ----A---- C:\Windows\SYSWOW64\winrsmgr.dll
2013-10-31 18:30:17 ----A---- C:\Windows\system32\winrsmgr.dll
2013-10-31 18:30:16 ----A---- C:\Windows\system32\wsmplpxy.dll
2013-10-31 18:30:16 ----A---- C:\Windows\system32\winrssrv.dll
2013-10-31 18:30:11 ----A---- C:\Windows\SYSWOW64\wsmplpxy.dll
2013-10-31 18:30:11 ----A---- C:\Windows\SYSWOW64\winrssrv.dll
2013-10-31 18:30:02 ----A---- C:\Windows\SYSWOW64\pwrshplugin.dll
2013-10-31 18:30:02 ----A---- C:\Windows\system32\wsmprovhost.exe
2013-10-31 18:30:02 ----A---- C:\Windows\system32\winrshost.exe
2013-10-31 18:30:02 ----A---- C:\Windows\system32\pwrshplugin.dll
2013-10-31 18:30:00 ----A---- C:\Windows\system32\winrs.exe
2013-10-31 18:29:52 ----A---- C:\Windows\SYSWOW64\WsmRes.dll
2013-10-31 18:29:52 ----A---- C:\Windows\system32\WsmRes.dll
2013-10-31 18:29:52 ----A---- C:\Windows\system32\wevtfwd.dll
2013-10-31 18:29:52 ----A---- C:\Windows\system32\wecutil.exe
2013-10-31 18:29:52 ----A---- C:\Windows\system32\wecsvc.dll
2013-10-31 18:29:52 ----A---- C:\Windows\system32\wecapi.dll
2013-10-31 18:29:51 ----A---- C:\Windows\SYSWOW64\wsmprovhost.exe
2013-10-31 18:29:51 ----A---- C:\Windows\SYSWOW64\winrshost.exe
2013-10-31 18:29:51 ----A---- C:\Windows\SYSWOW64\winrs.exe
2013-10-31 18:29:51 ----A---- C:\Windows\SYSWOW64\wevtfwd.dll
2013-10-31 18:29:51 ----A---- C:\Windows\SYSWOW64\wecutil.exe
2013-10-31 18:29:51 ----A---- C:\Windows\SYSWOW64\wecapi.dll
2013-10-31 18:29:45 ----A---- C:\Windows\SYSWOW64\winrm.vbs
2013-10-31 18:29:45 ----A---- C:\Windows\system32\winrm.vbs
2013-10-31 18:29:43 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2013-10-31 18:29:43 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2013-10-31 18:29:43 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2013-10-31 18:29:43 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2013-10-31 18:29:43 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2013-10-31 18:29:43 ----A---- C:\Windows\SYSWOW64\winrscmd.dll
2013-10-31 18:29:43 ----A---- C:\Windows\system32\WsmWmiPl.dll
2013-10-31 18:29:43 ----A---- C:\Windows\system32\WsmSvc.dll
2013-10-31 18:29:43 ----A---- C:\Windows\system32\WsmAuto.dll
2013-10-31 18:29:43 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2013-10-31 18:29:43 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2013-10-31 18:29:43 ----A---- C:\Windows\system32\winrscmd.dll
2013-10-31 18:15:11 ----D---- C:\Windows\system32\MRT
2013-10-31 17:21:33 ----D---- C:\ProgramData\Oracle
2013-10-31 17:21:19 ----D---- C:\ProgramData\Sun
2013-10-31 17:21:08 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-10-31 17:20:58 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-10-31 17:20:58 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-10-31 17:20:58 ----A---- C:\Windows\SYSWOW64\java.exe
2013-10-31 17:20:32 ----D---- C:\Program Files (x86)\Java
2013-10-31 17:07:37 ----D---- C:\Program Files\ATI Technologies
2013-10-31 17:03:19 ----D---- C:\Intel
2013-10-31 16:55:14 ----A---- C:\Windows\system32\stcplx64.dll
2013-10-31 16:55:14 ----A---- C:\Windows\system32\stapi64.dll
2013-10-31 16:55:14 ----A---- C:\Windows\system32\drivers\stwrt64.sys
2013-10-31 16:55:09 ----D---- C:\Program Files\IDT
2013-10-31 16:42:09 ----A---- C:\Windows\SYSWOW64\sbe.dll
2013-10-31 16:42:09 ----A---- C:\Windows\system32\sbe.dll
2013-10-31 16:42:08 ----A---- C:\Windows\SYSWOW64\sbeio.dll
2013-10-31 16:42:08 ----A---- C:\Windows\system32\sbeio.dll
2013-10-31 16:41:48 ----A---- C:\Windows\system32\unregmp2.exe
2013-10-31 16:41:46 ----A---- C:\Windows\SYSWOW64\unregmp2.exe
2013-10-31 16:41:03 ----A---- C:\Windows\system32\drivers\srv.sys
2013-10-31 16:41:01 ----A---- C:\Windows\SYSWOW64\ole32.dll
2013-10-31 16:41:01 ----A---- C:\Windows\system32\ole32.dll
2013-10-31 16:40:57 ----A---- C:\Windows\SYSWOW64\WSDApi.dll
2013-10-31 16:40:57 ----A---- C:\Windows\system32\WSDApi.dll
2013-10-31 16:40:29 ----A---- C:\Windows\system32\kerberos.dll
2013-10-31 16:40:28 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2013-10-31 16:40:19 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-10-31 16:40:19 ----A---- C:\Windows\system32\drivers\tunnel.sys
2013-10-31 16:40:19 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-10-31 16:40:03 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2013-10-31 16:40:03 ----A---- C:\Windows\system32\odbc32.dll
2013-10-31 16:39:51 ----A---- C:\Windows\system32\wmp.dll
2013-10-31 16:39:49 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-10-31 16:39:46 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2013-10-31 16:39:46 ----A---- C:\Windows\system32\spwmp.dll
2013-10-31 16:39:46 ----A---- C:\Windows\system32\dxmasf.dll
2013-10-31 16:39:45 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-10-31 16:39:45 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2013-10-31 16:39:44 ----A---- C:\Windows\system32\wmploc.DLL
2013-10-31 16:39:15 ----A---- C:\Windows\SYSWOW64\shsvcs.dll
2013-10-31 16:39:15 ----A---- C:\Windows\system32\shsvcs.dll
2013-10-31 16:38:54 ----A---- C:\Windows\system32\netiohlp.dll
2013-10-31 16:38:53 ----A---- C:\Windows\SYSWOW64\netiohlp.dll
2013-10-31 16:38:53 ----A---- C:\Windows\system32\NETSTAT.EXE
2013-10-31 16:38:52 ----A---- C:\Windows\SYSWOW64\NETSTAT.EXE
2013-10-31 16:38:52 ----A---- C:\Windows\system32\MRINFO.EXE
2013-10-31 16:38:52 ----A---- C:\Windows\system32\ARP.EXE
2013-10-31 16:38:51 ----A---- C:\Windows\SYSWOW64\TCPSVCS.EXE
2013-10-31 16:38:51 ----A---- C:\Windows\SYSWOW64\MRINFO.EXE
2013-10-31 16:38:51 ----A---- C:\Windows\SYSWOW64\HOSTNAME.EXE
2013-10-31 16:38:51 ----A---- C:\Windows\SYSWOW64\finger.exe
2013-10-31 16:38:51 ----A---- C:\Windows\SYSWOW64\ARP.EXE
2013-10-31 16:38:51 ----A---- C:\Windows\system32\TCPSVCS.EXE
2013-10-31 16:38:50 ----A---- C:\Windows\SYSWOW64\ROUTE.EXE
2013-10-31 16:38:50 ----A---- C:\Windows\system32\ROUTE.EXE
2013-10-31 16:38:50 ----A---- C:\Windows\system32\HOSTNAME.EXE
2013-10-31 16:38:50 ----A---- C:\Windows\system32\finger.exe
2013-10-31 16:37:57 ----A---- C:\Windows\SYSWOW64\tsbyuv.dll
2013-10-31 16:37:57 ----A---- C:\Windows\system32\tsbyuv.dll
2013-10-31 16:37:57 ----A---- C:\Windows\system32\msvidc32.dll
2013-10-31 16:37:57 ----A---- C:\Windows\system32\iyuv_32.dll
2013-10-31 16:37:56 ----A---- C:\Windows\SYSWOW64\msvidc32.dll
2013-10-31 16:37:56 ----A---- C:\Windows\SYSWOW64\msrle32.dll
2013-10-31 16:37:56 ----A---- C:\Windows\system32\msyuv.dll
2013-10-31 16:37:56 ----A---- C:\Windows\system32\msrle32.dll
2013-10-31 16:37:56 ----A---- C:\Windows\system32\mciavi32.dll
2013-10-31 16:37:56 ----A---- C:\Windows\system32\avifil32.dll
2013-10-31 16:37:56 ----A---- C:\Windows\system32\avicap32.dll
2013-10-31 16:37:55 ----A---- C:\Windows\SYSWOW64\msyuv.dll
2013-10-31 16:37:55 ----A---- C:\Windows\SYSWOW64\msvfw32.dll
2013-10-31 16:37:55 ----A---- C:\Windows\SYSWOW64\mciavi32.dll
2013-10-31 16:37:55 ----A---- C:\Windows\SYSWOW64\iyuv_32.dll
2013-10-31 16:37:55 ----A---- C:\Windows\SYSWOW64\avifil32.dll
2013-10-31 16:37:48 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2013-10-31 16:37:48 ----A---- C:\Windows\system32\asycfilt.dll
2013-10-31 16:37:42 ----A---- C:\Windows\system32\gameux.dll
2013-10-31 16:37:41 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-10-31 16:37:40 ----A---- C:\Windows\SYSWOW64\Apphlpdm.dll
2013-10-31 16:37:40 ----A---- C:\Windows\system32\Apphlpdm.dll
2013-10-31 16:37:39 ----A---- C:\Windows\SYSWOW64\GameUXLegacyGDFs.dll
2013-10-31 16:37:39 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2013-10-31 16:37:29 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2013-10-31 16:37:29 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2013-10-31 16:37:12 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2013-10-31 16:37:11 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2013-10-31 16:37:05 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2013-10-31 16:37:05 ----A---- C:\Windows\system32\t2embed.dll
2013-10-31 16:36:55 ----A---- C:\Windows\SYSWOW64\rastls.dll
2013-10-31 16:36:55 ----A---- C:\Windows\system32\rastls.dll
2013-10-31 16:36:51 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2013-10-31 16:36:51 ----A---- C:\Windows\system32\rtutils.dll
2013-10-31 16:36:47 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2013-10-31 16:36:46 ----A---- C:\Windows\system32\MP4SDECD.DLL
2013-10-31 16:36:45 ----A---- C:\Windows\system32\spoolsv.exe
2013-10-31 16:36:42 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2013-10-31 16:36:36 ----A---- C:\Windows\system32\drivers\srvnet.sys
2013-10-31 16:36:35 ----A---- C:\Windows\system32\drivers\srv2.sys
2013-10-31 16:36:33 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2013-10-31 16:36:33 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2013-10-31 16:36:33 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2013-10-31 16:35:42 ----A---- C:\Windows\system32\RMActivate.exe
2013-10-31 16:35:41 ----A---- C:\Windows\system32\secproc_isv.dll
2013-10-31 16:35:41 ----A---- C:\Windows\system32\secproc.dll
2013-10-31 16:35:41 ----A---- C:\Windows\system32\RMActivate_isv.exe
2013-10-31 16:35:40 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2013-10-31 16:35:40 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2013-10-31 16:35:38 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2013-10-31 16:35:38 ----A---- C:\Windows\SYSWOW64\secproc.dll
2013-10-31 16:35:38 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2013-10-31 16:35:37 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2013-10-31 16:35:37 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2013-10-31 16:35:37 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2013-10-31 16:35:36 ----A---- C:\Windows\system32\msdrm.dll
2013-10-31 16:35:35 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2013-10-31 16:35:35 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2013-10-31 16:35:35 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2013-10-31 16:35:35 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2013-10-31 16:35:35 ----A---- C:\Windows\system32\secproc_ssp.dll
2013-10-31 16:35:22 ----A---- C:\Windows\system32\winresume.exe
2013-10-31 16:35:21 ----A---- C:\Windows\system32\winload.exe
2013-10-31 16:35:19 ----A---- C:\Windows\system32\kdusb.dll
2013-10-31 16:35:19 ----A---- C:\Windows\system32\kdcom.dll
2013-10-31 16:35:19 ----A---- C:\Windows\system32\kd1394.dll
2013-10-31 16:35:14 ----A---- C:\Windows\system32\mstsc.exe
2013-10-31 16:35:13 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-10-31 16:35:13 ----A---- C:\Windows\SYSWOW64\tscupgrd.exe
2013-10-31 16:35:13 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2013-10-31 16:35:13 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-10-31 16:35:13 ----A---- C:\Windows\system32\tsgqec.dll
2013-10-31 16:35:13 ----A---- C:\Windows\system32\tscupgrd.exe
2013-10-31 16:35:13 ----A---- C:\Windows\system32\aaclient.dll
2013-10-31 16:28:36 ----A---- C:\Windows\system32\drivers\bowser.sys
2013-10-31 16:27:14 ----A---- C:\Windows\system32\consent.exe
2013-10-31 16:25:11 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2013-10-31 16:25:11 ----A---- C:\Windows\system32\inetcomm.dll
2013-10-31 16:25:05 ----A---- C:\Windows\system32\sdclt.exe
2013-10-31 16:24:59 ----A---- C:\Windows\SYSWOW64\WMVCORE.DLL
2013-10-31 16:24:59 ----A---- C:\Windows\system32\WMVCORE.DLL
2013-10-31 16:24:54 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2013-10-31 16:24:54 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2013-10-31 16:24:54 ----A---- C:\Windows\system32\rrinstaller.exe
2013-10-31 16:24:53 ----A---- C:\Windows\SYSWOW64\mferror.dll
2013-10-31 16:24:53 ----A---- C:\Windows\system32\mferror.dll
2013-10-31 16:24:49 ----A---- C:\Windows\SYSWOW64\atl.dll
2013-10-31 16:24:49 ----A---- C:\Windows\system32\atl.dll
2013-10-31 16:24:21 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2013-10-31 16:24:21 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2013-10-31 16:24:21 ----A---- C:\Windows\system32\wdigest.dll
2013-10-31 16:24:21 ----A---- C:\Windows\system32\msv1_0.dll
2013-10-31 16:24:17 ----A---- C:\Windows\system32\drivers\dfsc.sys
2013-10-31 16:23:41 ----A---- C:\Windows\SYSWOW64\msasn1.dll
2013-10-31 16:23:41 ----A---- C:\Windows\system32\msasn1.dll
2013-10-31 16:23:23 ----A---- C:\Windows\system32\wkssvc.dll
2013-10-31 16:23:12 ----A---- C:\Windows\SYSWOW64\cabview.dll
2013-10-31 16:23:12 ----A---- C:\Windows\system32\cabview.dll
2013-10-31 16:22:05 ----D---- C:\Users\Zilo\AppData\Roaming\Macromedia
2013-10-31 16:21:51 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-10-31 16:21:51 ----A---- C:\Windows\system32\usp10.dll
2013-10-31 16:21:44 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-10-31 16:21:44 ----A---- C:\Windows\system32\fontsub.dll
2013-10-31 16:21:43 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-10-31 16:21:43 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-10-31 16:21:43 ----A---- C:\Windows\system32\dciman32.dll
2013-10-31 16:21:01 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2013-10-31 16:21:01 ----A---- C:\Windows\system32\wmpmde.dll
2013-10-31 16:20:33 ----D---- C:\Users\Zilo\AppData\Roaming\Adobe
2013-10-31 16:20:10 ----A---- C:\Windows\system32\mfc42u.dll
2013-10-31 16:20:10 ----A---- C:\Windows\system32\mfc42.dll
2013-10-31 16:20:09 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2013-10-31 16:20:09 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2013-10-31 16:19:57 ----A---- C:\Windows\SYSWOW64\wmpdxm.dll
2013-10-31 16:19:57 ----A---- C:\Windows\system32\wmpdxm.dll
2013-10-31 15:57:21 ----D---- C:\Users\Zilo\AppData\Roaming\Macrovision
2013-10-31 15:56:37 ----A---- C:\ProgramData\HPWALog.txt
2013-10-31 15:56:15 ----D---- C:\Users\Zilo\AppData\Roaming\DigitalPersona
2013-10-31 15:56:09 ----D---- C:\Users\Zilo\AppData\Roaming\ATI
2013-10-31 15:55:20 ----D---- C:\Users\Zilo\AppData\Roaming\Identities
2013-10-31 15:44:58 ----D---- C:\Users\Zilo\AppData\Roaming\HP TCS
2013-10-31 15:44:52 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2013-10-31 15:44:52 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2013-10-31 15:44:52 ----A---- C:\Windows\system32\dnsrslvr.dll
2013-10-31 15:44:52 ----A---- C:\Windows\system32\dnscacheugc.exe
2013-10-31 15:44:52 ----A---- C:\Windows\system32\dnsapi.dll
2013-10-31 15:43:45 ----A---- C:\Windows\system32\wlansvc.dll
2013-10-31 15:43:45 ----A---- C:\Windows\system32\wlanmsm.dll
2013-10-31 15:43:45 ----A---- C:\Windows\system32\wlanhlp.dll
2013-10-31 15:43:44 ----A---- C:\Windows\SYSWOW64\wlansec.dll
2013-10-31 15:43:44 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2013-10-31 15:43:44 ----A---- C:\Windows\SYSWOW64\wlanhlp.dll
2013-10-31 15:43:44 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2013-10-31 15:43:44 ----A---- C:\Windows\SYSWOW64\L2SecHC.dll
2013-10-31 15:43:44 ----A---- C:\Windows\system32\wlansec.dll
2013-10-31 15:43:44 ----A---- C:\Windows\system32\wlanapi.dll
2013-10-31 15:43:44 ----A---- C:\Windows\system32\L2SecHC.dll
2013-10-31 15:42:43 ----A---- C:\Windows\system32\schedsvc.dll
2013-10-31 15:42:42 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2013-10-31 15:42:42 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2013-10-31 15:42:42 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2013-10-31 15:42:42 ----A---- C:\Windows\system32\wmicmiplugin.dll
2013-10-31 15:42:42 ----A---- C:\Windows\system32\taskschd.dll
2013-10-31 15:42:42 ----A---- C:\Windows\system32\taskeng.exe
2013-10-31 15:42:42 ----A---- C:\Windows\system32\taskcomp.dll
2013-10-31 15:40:42 ----D---- C:\Program Files (x86)\Microsoft Office
2013-10-31 15:39:27 ----D---- C:\Program Files (x86)\Microsoft Works
2013-10-31 15:36:51 ----D---- C:\ProgramData\Adobe
2013-10-31 15:32:38 ----SD---- C:\Users\Zilo\AppData\Roaming\Microsoft
2013-10-31 15:32:38 ----D---- C:\Users\Zilo\AppData\Roaming\Media Center Programs
2013-10-31 15:29:10 ----SHD---- C:\ProgramData\Šablony
2013-10-31 15:29:10 ----SHD---- C:\ProgramData\Plocha
2013-10-31 15:29:10 ----SHD---- C:\ProgramData\Oblíbené položky
2013-10-31 15:29:10 ----SHD---- C:\ProgramData\Nabídka Start
2013-10-31 15:29:10 ----SHD---- C:\ProgramData\Dokumenty
2013-10-31 15:29:10 ----SHD---- C:\ProgramData\Data aplikací
2013-10-31 15:22:32 ----SD---- C:\$RECYCLE.BIN
2013-10-31 15:17:40 ----D---- C:\Windows\system32\tr
2013-10-31 15:17:40 ----D---- C:\Windows\system32\sv
2013-10-31 15:17:40 ----D---- C:\Windows\system32\ru
2013-10-31 15:17:40 ----D---- C:\Windows\system32\no
2013-10-31 15:17:40 ----D---- C:\Windows\system32\da
2013-10-31 15:17:39 ----D---- C:\Windows\system32\ko
2013-10-31 15:17:39 ----D---- C:\Windows\system32\ja
2013-10-31 15:17:39 ----D---- C:\Windows\system32\it
2013-10-31 15:17:39 ----D---- C:\Windows\system32\fr
2013-10-31 15:17:39 ----D---- C:\Windows\system32\es
2013-10-31 15:17:39 ----D---- C:\Windows\system32\de
2013-10-31 15:17:38 ----D---- C:\Windows\SYSWOW64\tr
2013-10-31 15:17:38 ----D---- C:\Windows\SYSWOW64\sv
2013-10-31 15:17:38 ----D---- C:\Windows\SYSWOW64\ru
2013-10-31 15:17:38 ----D---- C:\Windows\SYSWOW64\no
2013-10-31 15:17:38 ----D---- C:\Windows\SYSWOW64\da
2013-10-31 15:17:35 ----D---- C:\Windows\SYSWOW64\ko
2013-10-31 15:17:35 ----D---- C:\Windows\SYSWOW64\ja
2013-10-31 15:17:35 ----D---- C:\Windows\SYSWOW64\it
2013-10-31 15:17:35 ----D---- C:\Windows\SYSWOW64\fr
2013-10-31 15:17:35 ----D---- C:\Windows\SYSWOW64\es
2013-10-31 15:17:35 ----D---- C:\Windows\SYSWOW64\de
2013-10-31 15:17:35 ----D---- C:\Windows\DPDrv
2013-10-31 15:17:33 ----D---- C:\ProgramData\Macrovision
2013-10-31 15:17:33 ----D---- C:\Program Files\DigitalPersona
2013-10-31 15:17:33 ----D---- C:\Program Files (x86)\DigitalPersona
2013-10-31 14:54:20 ----ASH---- C:\hiberfil.sys
2013-10-31 14:52:29 ----A---- C:\Windows\system32\drivers\btwrchid.sys
2013-10-31 14:52:29 ----A---- C:\Windows\system32\drivers\btwavdt.sys
2013-10-31 14:52:29 ----A---- C:\Windows\system32\drivers\btwaudio.sys
2013-10-31 14:52:22 ----A---- C:\Windows\system32\BtwRSupport.dll
2013-10-31 14:52:17 ----D---- C:\Windows\SYSWOW64\es-MX
2013-10-31 14:52:17 ----D---- C:\Windows\SYSWOW64\es-AR
2013-10-31 14:52:17 ----D---- C:\Windows\system32\es-MX
2013-10-31 14:52:17 ----D---- C:\Windows\system32\es-AR
2013-10-31 14:52:14 ----D---- C:\Program Files\WIDCOMM
2013-10-31 14:50:56 ----D---- C:\Windows\SYSWOW64\HPMDP
2013-10-31 14:50:08 ----D---- C:\Windows\Driver Cache
2013-10-31 14:50:08 ----A---- C:\Windows\system32\drivers\AVerAF15.sys
2013-10-31 14:50:07 ----D---- C:\Program Files (x86)\AVerMedia
2013-10-31 14:48:13 ----A---- C:\Windows\SYSWOW64\CSVer.dll
2013-10-31 14:48:12 ----D---- C:\Program Files (x86)\Intel
2013-10-31 14:47:19 ----D---- C:\Windows\system32\no-NO
2013-10-31 14:47:15 ----A---- C:\Windows\system32\bcmwlrc.dll
2013-10-31 14:47:15 ----A---- C:\Windows\system32\bcmwlcoi.dll
2013-10-31 14:47:15 ----A---- C:\Windows\system32\bcmihvui64.dll
2013-10-31 14:47:14 ----D---- C:\Program Files\Broadcom
2013-10-31 14:47:14 ----A---- C:\Windows\system32\drivers\BCMWL664.SYS
2013-10-31 14:47:14 ----A---- C:\Windows\system32\bcmihvsrv64.dll
2013-10-31 14:46:18 ----A---- C:\Windows\system32\RtNicProp64.dll
2013-10-31 14:46:18 ----A---- C:\Windows\system32\drivers\Rtlh64.sys
2013-10-31 14:46:17 ----D---- C:\Program Files (x86)\Realtek
2013-10-31 14:45:55 ----A---- C:\Windows\system32\AESTEC64.dll
2013-10-31 14:45:55 ----A---- C:\Windows\system32\AESTAR64.dll
2013-10-31 14:45:55 ----A---- C:\Windows\system32\AESTAC64.dll
2013-10-31 14:45:52 ----A---- C:\Windows\system32\stlang64.dll
2013-10-31 14:45:52 ----A---- C:\Windows\system32\idt64mp1.exe
2013-10-31 14:45:52 ----A---- C:\Windows\system32\AESTCo64.dll
2013-10-31 14:45:52 ----A---- C:\Windows\sttray64.exe
2013-10-31 14:45:46 ----D---- C:\Windows\system32\SRSLabs
2013-10-31 14:45:20 ----A---- C:\Windows\system32\staco64.dll
2013-10-31 14:45:18 ----A---- C:\Windows\system32\stapo64.dll
2013-10-31 14:44:42 ----D---- C:\Program Files\DIFX
2013-10-31 14:44:19 ----D---- C:\Program Files\Validity Sensors, Inc
2013-10-31 14:44:13 ----D---- C:\Windows\JMCR_DIR
2013-10-31 14:43:55 ----A---- C:\Windows\SYSWOW64\JmCrIcon.dll
2013-10-31 14:43:55 ----A---- C:\Windows\system32\JmCrIcon.dll
2013-10-31 14:43:30 ----D---- C:\Program Files\Synaptics
2013-10-31 14:39:54 ----D---- C:\Program Files\ATI
2013-10-31 14:34:15 ----A---- C:\Windows\bthservsdp.dat
2013-10-31 14:27:56 ----D---- C:\Windows\Prefetch
2013-10-31 14:27:47 ----ASH---- C:\pagefile.sys

======List of files/folders modified in the last 1 month======

2013-11-19 13:26:10 ----D---- C:\Windows\Temp
2013-11-19 13:26:07 ----RD---- C:\Program Files
2013-11-19 12:45:32 ----RD---- C:\Program Files (x86)
2013-11-19 12:06:42 ----D---- C:\Windows\System32
2013-11-19 12:06:42 ----D---- C:\Windows\inf
2013-11-19 12:06:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-18 18:44:59 ----D---- C:\Windows
2013-11-15 14:18:59 ----D---- C:\Windows\system32\drivers
2013-11-15 14:16:33 ----SHD---- C:\Windows\Installer
2013-11-15 14:16:00 ----D---- C:\Windows\SysWOW64
2013-11-15 14:14:24 ----D---- C:\Windows\system32\catroot
2013-11-15 14:13:09 ----HD---- C:\ProgramData
2013-11-15 14:11:40 ----D---- C:\Windows\winsxs
2013-11-15 14:10:54 ----D---- C:\Windows\system32\catroot2
2013-11-15 14:08:47 ----D---- C:\Program Files\Common Files
2013-11-15 14:07:24 ----D---- C:\Program Files (x86)\Common Files
2013-11-15 00:09:30 ----D---- C:\Windows\Debug
2013-11-14 22:17:40 ----D---- C:\Windows\system32\NDF
2013-11-13 14:14:47 ----D---- C:\Windows\rescache
2013-11-13 13:43:14 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-11-13 13:43:14 ----D---- C:\Windows\SYSWOW64\migration
2013-11-13 13:43:14 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-11-13 13:43:14 ----D---- C:\Windows\system32\sk-SK
2013-11-13 13:43:14 ----D---- C:\Windows\system32\migration
2013-11-13 13:43:14 ----D---- C:\Windows\system32\cs-CZ
2013-11-13 13:43:14 ----D---- C:\Program Files (x86)\Internet Explorer
2013-11-13 13:43:13 ----D---- C:\Program Files\Internet Explorer
2013-11-13 13:26:40 ----A---- C:\Windows\system32\mrt.exe
2013-11-11 16:08:56 ----D---- C:\Windows\system32\WDI
2013-11-07 21:58:52 ----SD---- C:\ProgramData\Microsoft
2013-11-07 00:12:12 ----SD---- C:\Windows\Downloaded Program Files
2013-11-06 23:14:02 ----RSD---- C:\Windows\assembly
2013-11-06 12:13:54 ----D---- C:\Program Files (x86)\Hewlett-Packard
2013-11-06 12:10:34 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-11-06 12:05:57 ----D---- C:\SWSetup
2013-11-06 12:04:20 ----D---- C:\Windows\system32\drivers\UMDF
2013-11-06 12:00:46 ----D---- C:\ProgramData\Hewlett-Packard
2013-11-06 11:56:52 ----D---- C:\Windows\system32\zh-TW
2013-11-06 11:56:51 ----D---- C:\Windows\system32\zh-CN
2013-11-06 11:56:51 ----D---- C:\Windows\system32\tr-TR
2013-11-06 11:56:51 ----D---- C:\Windows\system32\th-TH
2013-11-06 11:56:50 ----D---- C:\Windows\system32\sv-SE
2013-11-06 11:56:50 ----D---- C:\Windows\system32\sl-SI
2013-11-06 11:56:48 ----D---- C:\Windows\system32\ru-RU
2013-11-06 11:56:47 ----D---- C:\Windows\system32\ro-RO
2013-11-06 11:56:47 ----D---- C:\Windows\system32\pt-PT
2013-11-06 11:56:46 ----D---- C:\Windows\system32\pt-BR
2013-11-06 11:56:46 ----D---- C:\Windows\system32\pl-PL
2013-11-06 11:56:45 ----D---- C:\Windows\system32\nl-NL
2013-11-06 11:56:45 ----D---- C:\Windows\system32\nb-NO
2013-11-06 11:56:44 ----D---- C:\Windows\system32\lv-LV
2013-11-06 11:56:44 ----D---- C:\Windows\system32\lt-LT
2013-11-06 11:56:43 ----D---- C:\Windows\system32\ko-KR
2013-11-06 11:56:43 ----D---- C:\Windows\system32\ja-JP
2013-11-06 11:56:42 ----D---- C:\Windows\system32\it-IT
2013-11-06 11:56:42 ----D---- C:\Windows\system32\hu-HU
2013-11-06 11:56:41 ----D---- C:\Windows\system32\hr-HR
2013-11-06 11:56:41 ----D---- C:\Windows\system32\he-IL
2013-11-06 11:56:40 ----D---- C:\Windows\system32\fr-FR
2013-11-06 11:56:39 ----D---- C:\Windows\system32\fi-FI
2013-11-06 11:56:39 ----D---- C:\Windows\system32\et-EE
2013-11-06 11:56:38 ----D---- C:\Windows\system32\es-ES
2013-11-06 11:56:38 ----D---- C:\Windows\system32\en-US
2013-11-06 11:56:37 ----D---- C:\Windows\system32\el-GR
2013-11-06 11:56:37 ----D---- C:\Windows\system32\de-DE
2013-11-06 11:56:37 ----D---- C:\Windows\system32\da-DK
2013-11-06 11:56:36 ----D---- C:\Windows\system32\bg-BG
2013-11-06 11:56:36 ----D---- C:\Windows\system32\ar-SA
2013-11-04 18:27:41 ----D---- C:\Windows\Microsoft.NET
2013-11-04 07:40:38 ----D---- C:\Windows\panther
2013-11-04 07:40:38 ----D---- C:\Windows\Logs
2013-11-04 07:13:10 ----D---- C:\Windows\system32\Tasks
2013-11-04 00:34:55 ----D---- C:\Windows\AppPatch
2013-11-04 00:34:54 ----D---- C:\Windows\SYSWOW64\wbem
2013-11-04 00:34:54 ----D---- C:\Windows\system32\wbem
2013-11-04 00:34:52 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-11-04 00:34:52 ----D---- C:\Windows\SYSWOW64\uk-UA
2013-11-04 00:34:52 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-11-04 00:34:52 ----D---- C:\Windows\SYSWOW64\sr-Latn-CS
2013-11-04 00:34:52 ----D---- C:\Windows\SYSWOW64\sl-SI
2013-11-04 00:34:52 ----D---- C:\Windows\SYSWOW64\ro-RO
2013-11-04 00:34:52 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-11-04 00:34:52 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-11-04 00:34:52 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-11-04 00:34:52 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-11-04 00:34:52 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-11-04 00:34:52 ----D---- C:\Windows\SYSWOW64\lv-LV
2013-11-04 00:34:52 ----D---- C:\Windows\SYSWOW64\lt-LT
2013-11-04 00:34:52 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-11-04 00:34:52 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-11-04 00:34:52 ----D---- C:\Windows\SYSWOW64\it-IT
2013-11-04 00:34:52 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-11-04 00:34:52 ----D---- C:\Windows\SYSWOW64\hr-HR
2013-11-04 00:34:52 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-11-04 00:34:52 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-11-04 00:34:52 ----D---- C:\Windows\SYSWOW64\en-US
2013-11-04 00:34:52 ----D---- C:\Windows\SYSWOW64\el-GR
2013-11-04 00:34:52 ----D---- C:\Windows\SYSWOW64\de-DE
2013-11-04 00:34:52 ----D---- C:\Windows\SYSWOW64\da-DK
2013-11-04 00:34:52 ----D---- C:\Windows\SYSWOW64\bg-BG
2013-11-04 00:34:52 ----D---- C:\Windows\SYSWOW64\ar-SA
2013-11-04 00:34:51 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-11-04 00:34:51 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-11-04 00:34:51 ----D---- C:\Windows\SYSWOW64\th-TH
2013-11-04 00:34:51 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-11-04 00:34:51 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-11-04 00:34:51 ----D---- C:\Windows\SYSWOW64\he-IL
2013-11-04 00:34:51 ----D---- C:\Windows\SYSWOW64\et-EE
2013-11-04 00:34:51 ----D---- C:\Windows\SYSWOW64\es-ES
2013-11-04 00:34:50 ----D---- C:\Windows\system32\zh-HK
2013-11-04 00:34:50 ----D---- C:\Windows\system32\uk-UA
2013-11-04 00:34:50 ----D---- C:\Windows\system32\sr-Latn-CS
2013-11-04 00:34:48 ----D---- C:\Windows\SYSWOW64\XPSViewer
2013-11-04 00:34:48 ----D---- C:\Program Files\Windows Mail
2013-11-04 00:34:48 ----D---- C:\Program Files (x86)\Windows Mail
2013-11-04 00:34:47 ----D---- C:\Windows\ehome
2013-11-04 00:34:47 ----D---- C:\Program Files\Windows Journal
2013-11-04 00:34:37 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-11-04 00:34:33 ----RD---- C:\Windows\Offline Web Pages
2013-11-04 00:34:32 ----D---- C:\Windows\PolicyDefinitions
2013-11-04 00:34:29 ----D---- C:\Windows\system32\drivers\sk-SK
2013-11-04 00:34:28 ----RSD---- C:\Windows\Fonts
2013-11-04 00:34:27 ----D---- C:\Program Files\Common Files\System
2013-11-03 12:09:52 ----SD---- C:\boot
2013-11-03 11:59:00 ----D---- C:\Program Files\Windows Sidebar
2013-11-03 11:59:00 ----D---- C:\Program Files\Windows Media Player
2013-11-03 11:59:00 ----D---- C:\Program Files\Movie Maker
2013-11-03 11:58:59 ----D---- C:\Program Files\Windows Photo Gallery
2013-11-03 11:58:59 ----D---- C:\Program Files\Windows Collaboration
2013-11-03 11:58:56 ----D---- C:\Program Files\Windows Defender
2013-11-03 11:58:56 ----D---- C:\Program Files (x86)\Windows Sidebar
2013-11-03 11:58:56 ----D---- C:\Program Files (x86)\Windows Calendar
2013-11-03 11:58:55 ----D---- C:\Program Files (x86)\Windows Photo Gallery
2013-11-03 11:58:55 ----D---- C:\Program Files (x86)\Windows Media Player
2013-11-03 11:58:54 ----D---- C:\Windows\servicing
2013-11-03 11:58:44 ----D---- C:\Windows\SYSWOW64\oobe
2013-11-03 11:58:43 ----D---- C:\Windows\SYSWOW64\setup
2013-11-03 11:58:43 ----D---- C:\Windows\SYSWOW64\cs
2013-11-03 11:58:43 ----D---- C:\Windows\SYSWOW64\AdvancedInstallers
2013-11-03 11:58:42 ----D---- C:\Windows\SYSWOW64\SLUI
2013-11-03 11:58:41 ----D---- C:\Windows\SYSWOW64\manifeststore
2013-11-03 11:58:41 ----D---- C:\Windows\SYSWOW64\en
2013-11-03 11:58:40 ----D---- C:\Windows\SYSWOW64\migwiz
2013-11-03 11:58:07 ----D---- C:\Windows\IME
2013-11-03 11:58:05 ----D---- C:\Windows\system32\oobe
2013-11-03 11:58:04 ----D---- C:\Windows\system32\setup
2013-11-03 11:58:04 ----D---- C:\Windows\system32\cs
2013-11-03 11:58:04 ----D---- C:\Windows\system32\AdvancedInstallers
2013-11-03 11:58:03 ----D---- C:\Windows\system32\SLUI
2013-11-03 11:58:01 ----D---- C:\Windows\system32\manifeststore
2013-11-03 11:58:01 ----D---- C:\Windows\system32\en
2013-11-03 11:58:00 ----D---- C:\Windows\system32\drivers\en-US
2013-11-03 11:57:59 ----D---- C:\Windows\system32\migwiz
2013-11-03 11:57:29 ----D---- C:\Windows\system32\Boot
2013-11-03 11:29:56 ----A---- C:\Windows\fonts\GlobalUserInterface.CompositeFont
2013-11-03 03:03:40 ----A---- C:\Windows\win.ini
2013-11-02 13:44:33 ----D---- C:\Program Files (x86)\CyberLink
2013-11-02 13:38:28 ----D---- C:\ProgramData\CyberLink
2013-11-02 12:40:52 ----HD---- C:\Windows\system32\GroupPolicy
2013-11-01 23:32:29 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-11-01 23:30:03 ----D---- C:\Windows\ShellNew
2013-11-01 23:12:15 ----D---- C:\Program Files (x86)\MSBuild
2013-10-31 23:26:43 ----A---- C:\Windows\CSUP.txt
2013-10-31 21:57:06 ----D---- C:\Windows\Tasks
2013-10-31 21:17:27 ----D---- C:\Windows\system32\LogFiles
2013-10-31 20:31:31 ----D---- C:\ProgramData\Norton
2013-10-31 15:55:22 ----D---- C:\Program Files (x86)\SMINST
2013-10-31 15:44:18 ----RD---- C:\Program Files (x86)\Online Services
2013-10-31 15:42:25 ----D---- C:\Windows\system32\restore
2013-10-31 15:42:24 ----HD---- C:\System.sav
2013-10-31 15:34:15 ----D---- C:\Windows\SYSWOW64\drivers
2013-10-31 15:32:29 ----RD---- C:\Users
2013-10-31 15:29:10 ----D---- C:\Program Files\Windows NT
2013-10-31 15:23:06 ----D---- C:\Windows\system32\sysprep
2013-10-31 15:17:12 ----D---- C:\ProgramData\Temp
2013-10-31 15:12:43 ----A---- C:\Windows\SYSWOW64\MFC71.dll
2013-10-31 15:12:04 ----D---- C:\Program Files\Hewlett-Packard
2013-10-31 14:56:05 ----A---- C:\Windows\SYSWOW64\ezsvc7x.dll
2013-10-31 14:52:56 ----HD---- C:\HP
2013-10-31 14:52:22 ----SD---- C:\Windows\system32\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2012-03-29 63008]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-11-01 283064]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-07-10 213416]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-29 152136]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2012-03-29 38288]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2013/10/31 14:59:49]; \??\C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-11-28 146928]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2012-03-29 194848]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-30 359936]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdLH6.sys [2012-02-23 92176]
R3 AVerAF15;HP DVB-T TV Tuner; C:\Windows\System32\Drivers\AVerAF15.sys [2008-07-04 306688]
R3 BCM43XX;Broadcom 802.11 - ovládač sieťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl664.sys [2013-11-06 2685432]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-09-04 64000]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 18432]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-10-23 128352]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2008-08-06 174592]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2009-02-22 473088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-07-24 250928]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 168960]
R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-07-14 40448]
R3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 87040]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 26112]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 115712]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 695296]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 35328]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-06-23 91176]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2008-06-23 99368]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-06-23 19752]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 275456]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 NETw3v64;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\NETw3v64.sys [2008-01-21 3154432]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 178176]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 111104]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x64.sys [2006-10-04 273408]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_c7d6edb7\AESTSr64.exe [2009-02-12 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-30 238080]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 DpHost;@C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe [2008-12-10 322624]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe [2012-07-04 999704]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 KMService;KMService; C:\Windows\syswow64\srvany.exe [2003-04-18 8192]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Program Files (x86)\SMINST\BLService.exe [2008-12-17 365952]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_c7d6edb7\STacSV64.exe [2009-02-22 267776]
R2 vfsFPService;Validity Fingerprint Service; C:\Windows\system32\vfsFPService.exe [2008-11-18 721712]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-11-01 1436424]
R3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-11-02 641352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-31 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-31 257416]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Endpoint Security\EHttpSrv.exe [2012-07-04 35720]
S3 ESHASRV;ESET SHA Service; C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe [2012-07-04 190208]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-31 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-16 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 1022632]

-----------------EOF-----------------

[zilo9]

Extras.zip

(9.52 KiB) Staženo 84 x

Ahoj, ospravedlnujem sa za to odpovedanie sameho seba, som v tomto rookie. Takze prikladam OTL log a v prilohe extras.

OTL logfile created on: 19. 11. 2013 15:44:38 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Zilo\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

3,00 Gb Total Physical Memory | 1,58 Gb Available Physical Memory | 52,79% Memory free
6,22 Gb Paging File | 3,55 Gb Available in Paging File | 57,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287,97 Gb Total Space | 112,44 Gb Free Space | 39,05% Space Free | Partition Type: NTFS
Drive D: | 10,11 Gb Total Space | 1,73 Gb Free Space | 17,09% Space Free | Partition Type: NTFS
Drive E: | 2,74 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 465,76 Gb Total Space | 49,87 Gb Free Space | 10,71% Space Free | Partition Type: NTFS
Drive H: | 3,72 Gb Total Space | 3,71 Gb Free Space | 99,74% Space Free | Partition Type: FAT32
Drive I: | 3,76 Gb Total Space | 1,00 Gb Free Space | 26,64% Space Free | Partition Type: FAT32

Computer Name: ZILO9 | User Name: Zilo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013/11/19 15:28:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Zilo\Desktop\OTL.exe
PRC - [2013/11/16 14:36:13 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/09/20 01:33:02 | 000,694,189 | ---- | M] () -- C:\Users\Zilo\AppData\Local\Temp\Internet Download Manager.exe
PRC - [2013/09/07 09:14:38 | 000,055,624 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
PRC - [2012/07/04 10:17:42 | 000,999,704 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe
PRC - [2010/04/10 09:03:46 | 000,077,824 | ---- | M] () -- C:\Windows\KMService.exe
PRC - [2009/09/23 16:45:50 | 001,287,176 | ---- | M] (Panda Security) -- C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
PRC - [2009/04/11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\conime.exe
PRC - [2008/12/17 16:11:40 | 000,365,952 | ---- | M] () -- C:\Program Files (x86)\SMINST\BLService.exe
PRC - [2008/12/10 19:56:36 | 000,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
PRC - [2008/12/10 19:56:36 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
PRC - [2003/04/18 19:06:26 | 000,008,192 | ---- | M] () -- C:\Windows\SysWOW64\srvany.exe


========== Modules (All) ==========

MOD - [2013/11/19 15:28:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Zilo\Desktop\OTL.exe
MOD - [2013/11/16 14:36:13 | 000,302,192 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
MOD - [2013/11/16 14:36:13 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
MOD - [2013/11/16 14:36:13 | 000,272,496 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
MOD - [2013/11/16 14:36:12 | 003,459,696 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
MOD - [2013/11/16 14:36:11 | 000,130,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
MOD - [2013/11/16 14:36:11 | 000,017,008 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
MOD - [2013/11/16 14:36:10 | 003,363,952 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/11/16 14:36:10 | 001,776,240 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nss3.dll
MOD - [2013/11/16 14:36:10 | 000,393,328 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
MOD - [2013/11/16 14:36:10 | 000,092,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
MOD - [2013/11/16 14:36:09 | 000,153,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
MOD - [2013/11/16 14:36:03 | 022,031,984 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xul.dll
MOD - [2013/11/03 22:45:54 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfmp4src.dll
MOD - [2013/11/03 22:45:53 | 000,261,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfreadwrite.dll
MOD - [2013/11/03 22:45:52 | 002,873,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mf.dll
MOD - [2013/11/03 22:45:51 | 001,075,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2013/11/03 22:45:51 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfplat.dll
MOD - [2013/11/03 22:45:45 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2013/11/03 22:45:45 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2013/11/03 22:43:52 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2013/11/02 01:05:44 | 000,041,288 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.Resources\sk.lproj\iTunesHelperLocalized.dll
MOD - [2013/11/02 00:29:44 | 000,152,392 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
MOD - [2013/11/02 00:29:44 | 000,148,808 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.dll
MOD - [2013/11/02 00:29:44 | 000,040,264 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
MOD - [2013/11/01 10:51:34 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MOD - [2013/11/01 10:51:34 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
MOD - [2013/10/13 11:08:04 | 009,739,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2013/10/13 10:37:03 | 001,104,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2013/10/13 10:35:38 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2013/10/13 10:29:02 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vbscript.dll
MOD - [2013/10/13 10:27:40 | 001,796,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2013/10/11 03:07:57 | 000,596,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2013/10/03 13:46:36 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2013/10/03 13:45:45 | 000,993,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2013/09/20 01:33:02 | 000,694,189 | ---- | M] () -- C:\Users\Zilo\AppData\Local\Temp\Internet Download Manager.exe
MOD - [2013/09/13 19:51:44 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/09/13 19:51:44 | 000,039,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
MOD - [2013/09/13 19:51:22 | 000,456,592 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
MOD - [2013/09/13 19:51:22 | 000,124,816 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
MOD - [2013/09/13 19:51:22 | 000,053,648 | ---- | M] (Open Source Software community project) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
MOD - [2013/09/13 19:51:20 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/09/13 19:51:20 | 000,329,616 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libtidy.dll
MOD - [2013/09/13 19:51:18 | 001,292,136 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
MOD - [2013/09/13 19:51:18 | 000,923,496 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
MOD - [2013/09/13 19:51:18 | 000,043,408 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
MOD - [2013/09/13 19:51:16 | 016,303,976 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
MOD - [2013/09/13 19:51:14 | 001,833,288 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\Foundation.dll
MOD - [2013/09/13 19:51:10 | 001,079,624 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
MOD - [2013/09/13 19:51:06 | 002,464,072 | ---- | M] (Apple, Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
MOD - [2013/09/13 19:51:06 | 000,075,664 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
MOD - [2013/09/13 19:51:06 | 000,017,296 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
MOD - [2013/09/07 09:14:38 | 001,624,392 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices.dll
MOD - [2013/09/07 09:14:38 | 000,153,928 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServicesUI.dll
MOD - [2013/09/07 09:14:38 | 000,055,624 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
MOD - [2013/09/07 09:14:38 | 000,047,432 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer_main.dll
MOD - [2013/09/07 09:14:22 | 001,673,544 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
MOD - [2013/08/27 03:47:50 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll
MOD - [2013/08/27 03:47:50 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll
MOD - [2013/08/27 03:47:50 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll
MOD - [2013/08/27 03:47:50 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll
MOD - [2013/08/27 02:32:20 | 000,683,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2013/08/27 02:28:36 | 001,069,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2013/07/10 10:47:49 | 000,677,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2013/07/09 13:04:30 | 001,168,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2013/07/08 05:20:04 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2013/07/08 05:16:55 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2013/07/04 05:21:02 | 000,532,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll
MOD - [2013/07/02 09:16:26 | 000,254,336 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MOD - [2013/06/19 19:44:54 | 001,366,656 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE11\msxml5.dll
MOD - [2013/05/08 14:51:49 | 000,019,056 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ViewerPS.dll
MOD - [2013/04/30 05:20:00 | 000,048,544 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiuxpag.dll
MOD - [2013/04/30 05:19:52 | 000,929,736 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\aticfx32.dll
MOD - [2013/04/30 05:19:42 | 006,857,392 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atidxx32.dll
MOD - [2013/04/03 04:56:06 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18813_none_9e51e050ca1696a4\GdiPlus.dll
MOD - [2012/11/22 04:54:36 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2012/11/20 05:22:50 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2012/11/02 11:19:33 | 001,248,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll
MOD - [2012/09/28 17:13:29 | 000,860,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2012/06/29 17:01:42 | 000,467,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll
MOD - [2012/06/08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2012/06/05 17:47:10 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\System\ado\msado15.dll
MOD - [2012/06/02 01:05:11 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2012/06/02 01:04:25 | 000,278,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2012/02/29 16:09:53 | 000,157,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2011/12/14 17:17:47 | 000,680,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2011/11/16 17:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2011/10/14 17:03:25 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2011/08/30 23:05:04 | 000,073,064 | ---- | M] (Apple Inc.) -- C:\Windows\SysWOW64\dnssd.dll
MOD - [2011/08/30 23:05:02 | 000,121,704 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
MOD - [2011/08/25 17:14:01 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011/08/25 17:14:01 | 000,238,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011/06/15 17:12:11 | 000,182,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2011/03/03 16:40:04 | 002,159,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcGenral.dll
MOD - [2011/03/02 16:44:26 | 000,168,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2010/08/31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2010/06/28 18:00:21 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010/06/18 18:31:29 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010/05/04 20:13:07 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msshsq.dll
MOD - [2010/04/16 17:46:48 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2010/03/18 17:15:26 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
MOD - [2010/03/18 17:15:26 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
MOD - [2010/02/25 14:19:48 | 000,323,640 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
MOD - [2010/02/25 14:19:26 | 000,364,088 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.dll
MOD - [2009/10/01 02:02:17 | 002,537,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wpdshext.dll
MOD - [2009/09/04 12:41:59 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2009/07/17 14:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009/07/01 15:44:34 | 000,632,888 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
MOD - [2009/04/11 07:28:26 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wshbth.dll
MOD - [2009/04/11 07:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2009/04/11 07:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2009/04/11 07:28:25 | 000,250,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll
MOD - [2009/04/11 07:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2009/04/11 07:28:25 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wmiutils.dll
MOD - [2009/04/11 07:28:25 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2009/04/11 07:28:25 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2009/04/11 07:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009/04/11 07:28:25 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009/04/11 07:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2009/04/11 07:28:24 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2009/04/11 07:28:24 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\scrobj.dll
MOD - [2009/04/11 07:28:24 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\scrrun.dll
MOD - [2009/04/11 07:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2009/04/11 07:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009/04/11 07:28:23 | 002,226,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\networkexplorer.dll
MOD - [2009/04/11 07:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2009/04/11 07:28:23 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009/04/11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SLC.dll
MOD - [2009/04/11 07:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009/04/11 07:28:23 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009/04/11 07:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2009/04/11 07:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2009/04/11 07:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009/04/11 07:28:20 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2009/04/11 07:28:20 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2009/04/11 07:28:20 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2009/04/11 07:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009/04/11 07:28:20 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2009/04/11 07:28:19 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\evr.dll
MOD - [2009/04/11 07:28:19 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009/04/11 07:28:19 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009/04/11 07:28:18 | 001,324,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\browseui.dll
MOD - [2009/04/11 07:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009/04/11 07:28:18 | 000,396,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioEng.dll
MOD - [2009/04/11 07:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009/04/11 07:28:18 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2009/04/11 07:28:18 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2009/04/11 07:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\authz.dll
MOD - [2009/04/11 07:28:18 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davclnt.dll
MOD - [2009/04/11 07:28:18 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2009/04/11 07:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2009/04/11 07:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2009/04/11 07:28:17 | 000,155,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wscript.exe
MOD - [2009/04/11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009/04/11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\conime.exe
MOD - [2009/04/11 07:27:17 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wshom.ocx
MOD - [2009/04/11 07:27:12 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2009/04/11 07:27:12 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009/04/11 07:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2009/04/11 07:26:44 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009/04/11 07:26:43 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009/04/11 07:26:43 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2008/12/10 19:56:36 | 000,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
MOD - [2008/12/10 19:56:34 | 000,666,688 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpOCache.dll
MOD - [2008/12/10 19:56:34 | 000,470,080 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpOFeedb.dll
MOD - [2008/12/10 19:56:34 | 000,359,488 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpOSet.dll
MOD - [2008/12/10 19:56:32 | 000,330,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Windows\SysWOW64\DPFPApi.dll
MOD - [2008/12/10 19:56:32 | 000,240,704 | ---- | M] (DigitalPersona, Inc.) -- C:\Windows\SysWOW64\DpClback.dll
MOD - [2008/12/08 15:34:24 | 000,054,576 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe
MOD - [2008/01/21 03:52:09 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2008/01/21 03:52:02 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2008/01/21 03:52:01 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll
MOD - [2008/01/21 03:51:46 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MP3DMOD.DLL
MOD - [2008/01/21 03:51:15 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
MOD - [2008/01/21 03:51:11 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2008/01/21 03:51:11 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2008/01/21 03:51:08 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2008/01/21 03:51:05 | 000,234,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2008/01/21 03:51:04 | 000,188,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemdisp.dll
MOD - [2008/01/21 03:51:03 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2008/01/21 03:51:00 | 000,326,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\actxprxy.dll
MOD - [2008/01/21 03:50:54 | 000,187,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2008/01/21 03:50:47 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2008/01/21 03:50:47 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntlanman.dll
MOD - [2008/01/21 03:50:36 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2008/01/21 03:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2008/01/21 03:50:31 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2008/01/21 03:50:28 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2008/01/21 03:50:15 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2008/01/21 03:50:15 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2008/01/21 03:50:09 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
MOD - [2008/01/21 03:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2008/01/21 03:50:00 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2008/01/21 03:49:49 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2008/01/21 03:49:44 | 000,155,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dssenh.dll
MOD - [2008/01/21 03:49:43 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2008/01/21 03:49:34 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2008/01/21 03:49:33 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll
MOD - [2008/01/21 03:49:15 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc_os.dll
MOD - [2008/01/21 03:49:12 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2008/01/21 03:49:06 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2008/01/21 03:48:57 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll
MOD - [2008/01/21 03:48:55 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2008/01/21 03:48:43 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2008/01/21 03:48:43 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2008/01/21 03:48:31 | 000,798,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2008/01/21 03:48:21 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\thumbcache.dll
MOD - [2008/01/21 03:48:15 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2008/01/21 03:48:14 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2008/01/21 03:48:11 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdart.dll
MOD - [2008/01/21 03:47:40 | 000,090,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Defender\MpOAV.dll
MOD - [2006/11/02 16:02:33 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2006/11/02 16:01:41 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IconCodecService.dll
MOD - [2006/11/02 10:46:13 | 000,191,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\tapi32.dll
MOD - [2006/11/02 10:46:13 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shimeng.dll
MOD - [2006/11/02 10:46:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shfolder.dll
MOD - [2006/11/02 10:46:13 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sfc.dll
MOD - [2006/11/02 10:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2006/11/02 10:46:12 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2006/11/02 10:46:12 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2006/11/02 10:46:07 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2006/11/02 10:46:05 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hid.dll
MOD - [2006/11/02 10:46:05 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2006/11/02 10:46:04 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\drprov.dll
MOD - [2006/11/02 09:33:06 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/11/01 17:10:33 | 001,436,424 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2013/04/30 04:52:38 | 000,238,080 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/07/04 10:18:44 | 000,190,208 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe -- (ESHASRV)
SRV:64bit: - [2012/07/04 10:18:26 | 000,035,720 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Endpoint Security\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2012/07/04 10:17:42 | 000,999,704 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2011/05/13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\Hpservice.exe -- (hpsrv)
SRV:64bit: - [2009/02/22 21:08:10 | 000,267,776 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_c7d6edb7\STacSV64.exe -- (STacSV)
SRV:64bit: - [2009/02/12 04:21:34 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_c7d6edb7\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2008/11/18 06:09:46 | 000,721,712 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vfsFPService.exe -- (vfsFPService)
SRV:64bit: - [2008/01/21 03:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/11/16 14:36:11 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/10/31 21:57:05 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/03/30 05:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/12/17 16:11:40 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/12/10 19:56:36 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV - [2008/11/18 06:09:42 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vfsFPService.exe -- (vfsFPService)
SRV - [2008/02/03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)
SRV - [2003/04/18 19:06:26 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/11/06 11:56:08 | 002,685,432 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX)
DRV:64bit: - [2013/11/01 00:50:22 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/04/30 05:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2013/04/30 05:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/04/30 03:48:14 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/10 10:16:32 | 000,213,416 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\eamonm.sys -- (eamonm)
DRV:64bit: - [2012/03/29 11:03:56 | 000,194,848 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\epfw.sys -- (epfw)
DRV:64bit: - [2012/03/29 11:03:56 | 000,063,008 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2012/03/29 11:03:54 | 000,152,136 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012/03/29 11:03:54 | 000,038,288 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2012/02/29 14:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/23 13:31:50 | 000,092,176 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdLH6.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/05/13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2010/02/25 14:19:02 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2009/10/01 01:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/02/22 21:08:10 | 000,473,088 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2008/10/23 10:42:06 | 000,128,352 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\jmcr.sys -- (JMCR)
DRV:64bit: - [2008/09/04 18:48:00 | 000,064,000 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\enecir.sys -- (enecir)
DRV:64bit: - [2008/08/06 17:26:08 | 000,174,592 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/07/24 17:48:10 | 000,250,928 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2008/07/04 06:23:12 | 000,306,688 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AVerAF15.sys -- (AVerAF15)
DRV:64bit: - [2008/06/23 12:54:02 | 000,099,368 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2008/06/23 12:54:02 | 000,091,176 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2008/06/23 12:54:02 | 000,019,752 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2008/01/21 03:46:57 | 003,154,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys -- (NETw3v64)
DRV:64bit: - [2008/01/21 03:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2006/10/04 02:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV - [2008/11/28 18:04:24 | 000,146,928 | ---- | M] (CyberLink Corp.) [2013/10/31 14:59:49] [Kernel | Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4116362256-3208974170-2117722004-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
IE - HKU\S-1-5-21-4116362256-3208974170-2117722004-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
IE - HKU\S-1-5-21-4116362256-3208974170-2117722004-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4116362256-3208974170-2117722004-1000\..\SearchScopes,DefaultScope = {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
IE - HKU\S-1-5-21-4116362256-3208974170-2117722004-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-4116362256-3208974170-2117722004-1000\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search?q={searchTerms}
IE - HKU\S-1-5-21-4116362256-3208974170-2117722004-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4116362256-3208974170-2117722004-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.centrum.sk"
FF - prefs.js..extensions.enabledAddons: %7B73007fef-a6e0-47d3-b4e7-dfc116ed6f65%7D:1.1
FF - prefs.js..extensions.enabledAddons: %7B7b1bf0b6-a1b9-42b0-b75d-252036438bdc%7D:6.7
FF - prefs.js..extensions.enabledAddons: %7B77d2ed30-4cd2-11e0-b8af-0800200c9a66%7D:9.2.2
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET ENDPOINT SECURITY\MOZILLA THUNDERBIRD [2013/11/01 00:17:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2013/10/31 15:17:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird [2013/11/01 00:17:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\firefoxext [2013/10/31 15:17:35 | 000,000,000 | ---D | M]

[2013/10/31 21:00:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zilo\AppData\Roaming\mozilla\Extensions
[2013/11/12 23:53:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zilo\AppData\Roaming\mozilla\Firefox\Profiles\7k1w0kn6.default\extensions
[2013/11/12 16:12:46 | 000,000,000 | ---D | M] (FT DeepDark) -- C:\Users\Zilo\AppData\Roaming\mozilla\Firefox\Profiles\7k1w0kn6.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
[2013/11/12 23:53:09 | 002,795,957 | ---- | M] () (No name found) -- C:\Users\Zilo\AppData\Roaming\mozilla\firefox\profiles\7k1w0kn6.default\extensions\nasanightlaunch@example.com.xpi
[2013/11/01 00:21:55 | 000,003,771 | ---- | M] () (No name found) -- C:\Users\Zilo\AppData\Roaming\mozilla\firefox\profiles\7k1w0kn6.default\extensions\{73007fef-a6e0-47d3-b4e7-dfc116ed6f65}.xpi
[2013/11/07 23:57:46 | 000,045,456 | ---- | M] () (No name found) -- C:\Users\Zilo\AppData\Roaming\mozilla\firefox\profiles\7k1w0kn6.default\extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi
[2013/11/01 00:19:23 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Zilo\AppData\Roaming\mozilla\firefox\profiles\7k1w0kn6.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/11/16 14:35:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/11/16 14:36:13 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: DAEMON Search (Enabled)
CHR - default_search_provider: search_url = http://www.daemon-search.com/search?q={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - Extension: Docs = C:\Users\Zilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Disk Google = C:\Users\Zilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\Zilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: H\u013Eada\u0165 v Google = C:\Users\Zilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Pe\u0148a\u017Eenka Google = C:\Users\Zilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Gmail = C:\Users\Zilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006/09/18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Endpoint Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Internet Download Manager.exe] C:\Users\Zilo\AppData\Local\Temp\Internet Download Manager.exe ()
O4 - HKLM..\Run: [pxickblays] wscript.exe //B "C:\Users\Zilo\AppData\Roaming\pxickblays.vbe" File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-4116362256-3208974170-2117722004-1000..\Run: [Internet Download Manager.exe] C:\Users\Zilo\AppData\Local\Temp\Internet Download Manager.exe ()
O4 - HKU\S-1-5-21-4116362256-3208974170-2117722004-1000..\Run: [pxickblays] wscript.exe //B "C:\Users\Zilo\AppData\Roaming\pxickblays.vbe" File not found
O4 - HKU\S-1-5-21-4116362256-3208974170-2117722004-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Users\Zilo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Internet Download Manager.exe ()
O4 - Startup: C:\Users\Zilo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pxickblays.vbe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} http://195.28.70.134/kapor2/lib/mgaxctrl.cab (Autodesk MapGuide ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 147.175.167.251 147.175.189.200
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{22733D82-51A2-40F7-B06C-FAA7C9E39608}: DhcpNameServer = 147.175.167.251 147.175.189.200
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Zilo\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta programu Windows Fotogaléria.jpg
O24 - Desktop BackupWallPaper: C:\Users\Zilo\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta programu Windows Fotogaléria.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/11/01 16:09:16 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2013/10/31 14:12:35 | 000,000,000 | --SD | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/02/15 05:53:50 | 000,000,027 | ---- | M] () - F:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2013/11/19 15:44:20 | 000,000,633 | ---- | M] () - I:\AUTORUN.INF.lnk -- [ FAT32 ]
O32 - AutoRun File - [2013/10/21 07:03:52 | 000,000,016 | -H-- | M] () - I:\AUTORUN.INF -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[zilo9]

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013/11/19 15:28:09 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Zilo\Desktop\OTL.exe
[2013/11/19 13:26:07 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013/11/19 13:26:06 | 000,000,000 | ---D | C] -- C:\rsit
[2013/11/19 12:45:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2013/11/19 12:44:59 | 002,347,384 | ---- | C] (ESET) -- C:\Users\Zilo\Desktop\esetsmartinstaller_sky.exe
[2013/11/18 18:45:14 | 000,000,000 | ---D | C] -- C:\Users\Zilo\AppData\Local\Microsoft Games
[2013/11/18 17:14:40 | 000,000,000 | ---D | C] -- C:\Users\Zilo\Desktop\Californication
[2013/11/18 12:52:07 | 000,000,000 | ---D | C] -- C:\Users\Zilo\Desktop\Diplomka MOJA
[2013/11/16 14:35:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/11/15 14:30:18 | 000,000,000 | ---D | C] -- C:\Users\Zilo\Desktop\Reliving Things
[2013/11/15 14:16:21 | 000,000,000 | ---D | C] -- C:\Users\Zilo\AppData\Local\Apple Computer
[2013/11/15 14:16:20 | 000,000,000 | ---D | C] -- C:\Users\Zilo\AppData\Roaming\Apple Computer
[2013/11/15 14:16:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/11/15 14:14:24 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2013/11/15 14:14:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013/11/15 14:13:14 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/11/15 14:13:09 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/11/15 14:13:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/11/15 14:13:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013/11/15 14:13:09 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/11/15 14:12:01 | 000,000,000 | ---D | C] -- C:\Users\Zilo\AppData\Local\Apple
[2013/11/15 14:11:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013/11/15 14:09:53 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2013/11/15 14:08:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013/11/15 14:08:00 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013/11/15 14:08:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013/11/15 14:07:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013/11/15 14:07:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013/11/14 21:52:11 | 000,000,000 | ---D | C] -- C:\Users\Zilo\Desktop\Were.the.Millers.2013.EXTENDED.720p.BluRay.x264-SPARKS
[2013/11/14 21:38:02 | 000,000,000 | ---D | C] -- C:\Users\Zilo\Desktop\Into.The.Mind.2013.720p.BluRay.x264-CiNEFiLE
[2013/11/13 13:31:28 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/11/13 13:31:28 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/11/13 13:31:26 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/11/13 13:31:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/11/13 13:31:26 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/11/13 13:31:25 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/11/13 13:31:25 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/11/13 13:31:24 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/11/13 13:31:21 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/11/13 13:31:21 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/11/13 13:31:21 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/11/13 13:31:19 | 002,334,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/11/13 13:31:19 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/11/13 13:31:18 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/11/13 13:31:18 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/11/13 13:23:08 | 000,781,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2013/11/13 13:23:07 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2013/11/13 13:22:48 | 001,278,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/11/13 13:22:39 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll

========== Files - Modified Within 7 Days ==========

[2013/11/19 15:47:30 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/11/19 15:46:14 | 001,470,416 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/11/19 15:46:14 | 000,598,980 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013/11/19 15:46:14 | 000,595,996 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/11/19 15:46:14 | 000,118,004 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013/11/19 15:46:14 | 000,104,070 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/11/19 15:46:14 | 000,055,338 | ---- | M] () -- C:\Windows\SysNative\perfh01B.dat
[2013/11/19 15:46:14 | 000,014,060 | ---- | M] () -- C:\Windows\SysNative\perfc01B.dat
[2013/11/19 15:28:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Zilo\Desktop\OTL.exe
[2013/11/19 15:16:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/19 15:13:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/19 15:04:08 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/19 15:04:08 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/19 15:03:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/19 13:22:51 | 000,935,175 | ---- | M] () -- C:\Users\Zilo\Desktop\RSITx64.exe
[2013/11/19 12:49:58 | 000,527,794 | ---- | M] () -- C:\Users\Zilo\Desktop\jedalny_listok.pdf
[2013/11/19 12:45:02 | 002,347,384 | ---- | M] (ESET) -- C:\Users\Zilo\Desktop\esetsmartinstaller_sky.exe
[2013/11/19 11:44:10 | 000,092,538 | ---- | M] () -- C:\Users\Zilo\Desktop\SKUS_2013_zadania_z_cviceni_20131114.pdf
[2013/11/18 23:32:35 | 000,034,816 | ---- | M] () -- C:\Users\Zilo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/11/18 22:49:04 | 2959,601,664 | ---- | M] () -- C:\Users\Zilo\Desktop\The Cabin In The Woods 2012 720p BRRip XviD AC3-LEGi0N.avi
[2013/11/18 22:45:05 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/16 23:40:22 | 4133,745,471 | ---- | M] () -- C:\Users\Zilo\Desktop\Prisoners.2013.1080p.WEB-DL.X264.AC3.HQ.Hive-CM8.mkv
[2013/11/16 18:33:19 | 000,002,037 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/11/16 14:27:35 | 000,073,064 | ---- | M] () -- C:\Users\Zilo\AppData\Roaming\pxickblays.vbe
[2013/11/16 14:27:35 | 000,073,064 | ---- | M] () -- C:\Users\Zilo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pxickblays.vbe
[2013/11/15 19:39:16 | 000,000,189 | -H-- | M] () -- C:\Users\Zilo\Desktop\Plagat_700_x_1000_2012_2013_recover000.dwl2
[2013/11/15 19:39:16 | 000,000,039 | -H-- | M] () -- C:\Users\Zilo\Desktop\Plagat_700_x_1000_2012_2013_recover000.dwl
[2013/11/15 14:16:03 | 000,001,694 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/11/15 00:15:26 | 3218,276,352 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/15 00:13:54 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013/11/13 19:32:12 | 000,611,674 | ---- | M] () -- C:\Users\Zilo\Desktop\STU-SvF-zfv.jpg
[2013/11/13 18:54:07 | 000,074,553 | ---- | M] () -- C:\Users\Zilo\Desktop\eden-park-sa-nastahoval-na-bratislavsky-strkovec-3617-big-image.jpg
[2013/11/13 17:08:33 | 000,245,705 | ---- | M] () -- C:\Users\Zilo\Desktop\Plagat_700_x_1000_-_nahlad.pdf
[2013/11/13 10:06:14 | 000,000,056 | -H-- | M] () -- C:\Windows\SysWow64\ezsidmv.dat
[2013/11/12 23:55:34 | 000,061,673 | ---- | M] () -- C:\Users\Zilo\Desktop\World.War.Z.2013.Unrated.Cut.720p.BluRay.x264.DTS-WiKi.srt

========== Files Created - No Company Name ==========

[2013/11/19 15:47:30 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/11/19 13:22:46 | 000,935,175 | ---- | C] () -- C:\Users\Zilo\Desktop\RSITx64.exe
[2013/11/19 12:49:36 | 000,527,794 | ---- | C] () -- C:\Users\Zilo\Desktop\jedalny_listok.pdf
[2013/11/19 11:44:03 | 000,092,538 | ---- | C] () -- C:\Users\Zilo\Desktop\SKUS_2013_zadania_z_cviceni_20131114.pdf
[2013/11/18 22:43:55 | 2959,601,664 | ---- | C] () -- C:\Users\Zilo\Desktop\The Cabin In The Woods 2012 720p BRRip XviD AC3-LEGi0N.avi
[2013/11/16 23:35:32 | 4133,745,471 | ---- | C] () -- C:\Users\Zilo\Desktop\Prisoners.2013.1080p.WEB-DL.X264.AC3.HQ.Hive-CM8.mkv
[2013/11/16 14:27:42 | 000,073,064 | ---- | C] () -- C:\Users\Zilo\AppData\Roaming\pxickblays.vbe
[2013/11/16 14:27:42 | 000,073,064 | ---- | C] () -- C:\Users\Zilo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pxickblays.vbe
[2013/11/15 19:28:28 | 000,000,189 | -H-- | C] () -- C:\Users\Zilo\Desktop\Plagat_700_x_1000_2012_2013_recover000.dwl2
[2013/11/15 19:28:28 | 000,000,039 | -H-- | C] () -- C:\Users\Zilo\Desktop\Plagat_700_x_1000_2012_2013_recover000.dwl
[2013/11/15 14:16:03 | 000,001,694 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/11/15 14:11:58 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013/11/14 22:43:42 | 000,687,944 | ---- | C] () -- C:\Users\Zilo\Desktop\w0000118.jpg
[2013/11/14 22:41:55 | 001,025,084 | ---- | C] () -- C:\Users\Zilo\Desktop\w0000146.jpg
[2013/11/14 22:35:50 | 000,263,346 | ---- | C] () -- C:\Users\Zilo\Desktop\w03.jpg
[2013/11/13 19:32:11 | 000,611,674 | ---- | C] () -- C:\Users\Zilo\Desktop\STU-SvF-zfv.jpg
[2013/11/13 18:54:04 | 000,074,553 | ---- | C] () -- C:\Users\Zilo\Desktop\eden-park-sa-nastahoval-na-bratislavsky-strkovec-3617-big-image.jpg
[2013/11/13 17:08:31 | 000,245,705 | ---- | C] () -- C:\Users\Zilo\Desktop\Plagat_700_x_1000_-_nahlad.pdf
[2013/11/13 13:23:08 | 000,217,074 | ---- | C] () -- C:\Windows\SysNative\WFP.TMF
[2013/11/13 13:13:08 | 000,694,189 | ---- | C] () -- C:\Users\Zilo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Internet Download Manager.exe
[2013/11/13 10:06:14 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2013/11/12 23:55:46 | 000,061,673 | ---- | C] () -- C:\Users\Zilo\Desktop\World.War.Z.2013.Unrated.Cut.720p.BluRay.x264.DTS-WiKi.srt
[2013/11/03 04:51:14 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2013/11/03 04:49:42 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2013/11/03 04:48:05 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/11/02 12:40:52 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/11/01 01:13:47 | 000,077,824 | ---- | C] () -- C:\Windows\KMService.exe
[2013/11/01 01:13:47 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2013/11/01 00:04:22 | 000,006,836 | ---- | C] () -- C:\Users\Zilo\AppData\Local\d3d9caps.dat
[2013/10/31 21:44:38 | 000,034,816 | ---- | C] () -- C:\Users\Zilo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/10/31 14:54:22 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/10/31 14:34:15 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat

========== ZeroAccess Check ==========

[2006/11/02 16:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 18:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 08:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/21 03:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/11/01 01:57:04 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\Auslogics
[2013/11/01 17:41:26 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\Autodesk
[2013/11/01 11:12:10 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\DAEMON Tools Lite
[2013/10/31 15:56:15 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\DigitalPersona
[2013/10/31 21:21:41 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\ESET
[2013/11/01 02:18:41 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\GHISLER

========== Purity Check ==========



========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ST9320320AS ATA Device
Partitions: 2
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 - Removable Media
Interface type: USB
Media Type: Removable Media
Model: USB DISK 2.0 USB Device
Partitions: 1
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE2 - External hard disk media
Interface type: USB
Media Type: External hard disk media
Model: Seagate FreeAgent GoFlex USB Device
Partitions: 1
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE3 - Removable Media
Interface type: USB
Media Type: Removable Media
Model: pqi IntelligentStick USB Device
Partitions: 1
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 288,00GB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 10,00GB
Starting Offset: 309210382336
Hidden sectors: 0


DeviceID: Disk #1, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 4,00GB
Starting Offset: 4128768
Hidden sectors: 0


DeviceID: Disk #2, Partition #0
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 466,00GB
Starting Offset: 32256
Hidden sectors: 0

[zilo9]

DeviceID: Disk #3, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 4,00GB
Starting Offset: 32256
Hidden sectors: 0

[2013/10/31 14:52:56 | 000,000,000 | -H-D | M] -- C:\HP
[2013/11/01 23:23:33 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2013/11/15 14:13:09 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2013/10/31 15:42:24 | 000,000,000 | -H-D | M] -- C:\System.sav
[2013/11/06 12:10:34 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2013/11/01 01:37:42 | 014,965,064 | -H-- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Picasa3\setup.exe
[2013/11/01 17:14:48 | 000,000,000 | -H-D | M] -- C:\Program Files\Autodesk\AutoCAD 2011\UserDataCache
[2013/11/15 15:03:01 | 000,000,000 | -H-D | M] -- C:\ProgramData\Apple Computer\iTunes\SC Info
[2013/10/31 22:02:35 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser
[2013/10/31 22:02:35 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser\Power2Go\6.0
[2006/11/02 16:07:25 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2013/10/31 15:29:10 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2013/11/15 15:03:01 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Apple Computer\iTunes\SC Info
[2013/10/31 22:02:35 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser
[2013/10/31 22:02:35 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser\Power2Go\6.0
[2006/11/02 16:07:25 | 000,000,000 | RH-D | M] -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2006/11/02 14:33:54 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2013/11/15 14:16:03 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2006/11/02 13:34:32 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites
[2013/10/31 22:02:38 | 000,000,000 | -H-D | M] -- C:\Users\Public\CyberLink\OLReg
[2013/10/31 22:02:38 | 000,000,000 | -H-D | M] -- C:\Users\Public\CyberLink\Power2Go
[2013/10/31 22:02:38 | 000,000,000 | -H-D | M] -- C:\Users\Public\CyberLink\OLReg\HKEY_CLASS_ROOT\CLSID\{397A21FB-EADF-4116-9027-32B8FA04C3E2}\Version\6.0
[2013/10/31 15:33:13 | 000,000,000 | -H-D | M] -- C:\Users\Zilo\AppData
[2013/11/04 14:33:54 | 000,000,000 | -H-D | M] -- C:\Users\Zilo\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2013/11/04 14:33:54 | 000,000,000 | -H-D | M] -- C:\Users\Zilo\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
[2013/10/31 21:44:29 | 000,000,000 | -H-D | M] -- C:\Users\Zilo\AppData\Local\Microsoft\Media Player\Vyrovnávacia pamäť pre obaly albumov
[2013/10/31 15:55:55 | 000,000,000 | RH-D | M] -- C:\Users\Zilo\AppData\Local\Microsoft\Windows\Burn\Burn
[2013/11/01 00:40:33 | 000,000,000 | RH-D | M] -- C:\Users\Zilo\AppData\Local\Microsoft\Windows\Burn\Burn1
[2013/10/31 22:02:38 | 000,000,000 | -H-D | M] -- C:\Users\Zilo\AppData\Roaming\CyberLink\MediaCache\Power2Go
[2013/11/04 07:11:53 | 000,000,000 | -H-D | M] -- C:\Users\Zilo\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
[2013/11/04 07:11:53 | 000,000,000 | -H-D | M] -- C:\Users\Zilo\AppData\Roaming\Microsoft\Windows\IETldCache\Low
[2013/11/04 07:11:53 | 000,000,000 | -H-D | M] -- C:\Users\Zilo\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
[2009/07/26 14:56:57 | 000,000,000 | -H-D | M] -- C:\Users\Zilo\Documents\Dokumenty\Webcam\FileSharingTmp
[2006/11/02 14:33:54 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData
[2006/11/02 14:33:54 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData
[2013/11/02 12:40:52 | 000,000,000 | -H-D | M] -- C:\Windows\SysNative\GroupPolicy

========== Base Services ==========
SRV:64bit: - [2006/11/02 12:16:28 | 000,026,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2008/01/21 03:48:17 | 000,045,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2008/01/21 03:48:16 | 000,080,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2009/04/11 08:11:22 | 001,081,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2009/04/11 08:11:13 | 000,458,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bfe.dll -- (BFE)
SRV:64bit: - [2011/11/16 15:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/04/11 08:11:14 | 000,361,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/04/11 07:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2008/01/21 03:49:11 | 000,103,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2013/07/08 05:12:34 | 000,174,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013/07/08 05:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2009/04/11 08:11:23 | 000,719,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2009/04/11 08:11:14 | 000,268,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcsvc.dll -- (Dhcp)
SRV - [2009/04/11 07:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcsvc.dll -- (Dhcp)
SRV:64bit: - [2011/03/02 17:12:21 | 000,117,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2008/01/21 03:50:17 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/04/11 08:11:15 | 000,024,064 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/04/11 07:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2008/01/21 03:48:03 | 000,342,016 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2009/04/11 08:11:15 | 000,533,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\ipsecsvc.dll -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/04/11 08:11:26 | 000,480,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2008/01/21 03:49:56 | 000,037,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2008/01/21 03:48:10 | 000,348,160 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2008/01/21 03:48:40 | 000,304,128 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2008/01/21 03:49:21 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2008/01/21 03:50:27 | 000,206,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2008/01/21 03:49:42 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2009/04/11 08:11:27 | 000,313,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2010/08/17 15:54:20 | 000,273,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2011/11/16 15:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
SRV:64bit: - [2009/04/11 08:11:14 | 000,399,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\emdmgmt.dll -- (EMDMgmt)
SRV:64bit: - [2008/01/21 03:48:24 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2009/04/11 08:11:22 | 000,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2009/04/11 08:11:23 | 000,719,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2008/01/21 03:49:09 | 000,028,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2011/11/16 15:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/04/11 08:11:31 | 000,074,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/09/06 19:28:38 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2009/07/10 12:51:23 | 000,302,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2009/07/10 12:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
SRV:64bit: - [2009/04/11 08:10:35 | 002,582,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SLsvc.exe -- (slsvc)
SRV:64bit: - [2010/11/06 12:18:13 | 000,855,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2009/04/11 08:11:26 | 000,318,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2009/04/11 07:28:24 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/10 12:51:23 | 000,302,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (Themes)
SRV - [2009/07/10 12:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (Themes)
SRV:64bit: - [2009/04/11 08:11:22 | 000,178,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2009/04/11 08:11:03 | 001,433,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vssvc.exe -- (VSS)
SRV:64bit: - [2009/04/11 08:11:13 | 000,446,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2009/04/11 08:11:13 | 000,446,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2008/01/21 03:47:28 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SDRSVC.dll -- (SDRSVC)
SRV:64bit: - [2008/01/21 03:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/04/11 08:11:28 | 001,491,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (Eventlog)
SRV:64bit: - [2009/04/11 08:11:15 | 000,603,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mpssvc.dll -- (MpsSvc)
SRV:64bit: - [2009/04/11 08:11:28 | 000,572,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2009/04/11 08:10:29 | 000,125,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2009/04/11 07:27:45 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/04/11 08:11:29 | 000,221,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/06/02 23:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2009/04/11 08:11:14 | 000,208,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/11 20:11:20 | 000,615,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2009/06/10 12:53:17 | 000,203,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

< >
[2006/11/02 16:42:03 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006/11/02 16:42:03 | 000,016,520 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013/10/31 21:02:30 | 000,000,928 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/10/31 21:02:31 | 000,000,932 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013/10/31 21:57:06 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< MD5 for: ACPI.SYS >
[2009/04/11 08:15:32 | 000,325,608 | ---- | M] (Microsoft Corporation) MD5=1965AAFFAB07E3FB03C77F81BEBA3547 -- C:\Windows\SysNative\drivers\acpi.sys
[2009/04/11 08:15:32 | 000,325,608 | ---- | M] (Microsoft Corporation) MD5=1965AAFFAB07E3FB03C77F81BEBA3547 -- C:\Windows\winsxs\amd64_acpi.inf_31bf3856ad364e35_6.0.6002.18005_none_8092d89383870bca\acpi.sys
[2008/01/21 03:46:50 | 000,326,712 | ---- | M] (Microsoft Corporation) MD5=8C99ED256A889D647935A97C543B7B85 -- C:\Windows\winsxs\amd64_acpi.inf_31bf3856ad364e35_6.0.6001.18000_none_7ea75f878665407e\acpi.sys

< MD5 for: AFD.SYS >
[2012/01/03 15:21:38 | 000,404,992 | ---- | M] (Microsoft Corporation) MD5=022ED7EB19DFECF39C106E0F9CF2BB19 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.22770_none_362b4e6b2d472f6a\afd.sys
[2011/04/21 15:20:24 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=0CC146C4ADDEA45791B18B1E2659F4A9 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18457_none_35be4fb214130ed1\afd.sys
[2009/04/11 06:44:24 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=12415CCFD3E7CEC55B5184E67B039FE4 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18005_none_35f2572213ec5bd2\afd.sys
[2013/09/04 03:31:51 | 000,404,992 | ---- | M] (Microsoft Corporation) MD5=2BA159E1F9FD75F6A496742B20F1D9CF -- C:\Windows\SysNative\drivers\afd.sys
[2013/09/04 03:31:51 | 000,404,992 | ---- | M] (Microsoft Corporation) MD5=2BA159E1F9FD75F6A496742B20F1D9CF -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18928_none_35dfc93e13f9c618\afd.sys
[2011/04/21 14:54:10 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=7B8E5F3A0626CA83B706F0738830845F -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.22629_none_366a5ebb2d168a9d\afd.sys
[2011/04/21 14:42:48 | 000,407,552 | ---- | M] (Microsoft Corporation) MD5=9BB97042FA331A0FB4BDD98B9280A50A -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18639_none_33ef7c5016dab752\afd.sys
[2011/04/21 14:47:41 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=B53144D2EBB0843DD0436F5EA6953F65 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.22905_none_34958b832fe3983b\afd.sys
[2012/01/03 15:25:21 | 000,404,992 | ---- | M] (Microsoft Corporation) MD5=C4F6CE6087760AD70960C9EB130E7943 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18564_none_35b080ce141ddbe4\afd.sys
[2013/09/04 08:49:59 | 000,404,992 | ---- | M] (Microsoft Corporation) MD5=C711597CD7CE7CBD9AAFCA44B37D9EF9 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.23207_none_367ddf9f2d084512\afd.sys
[2008/01/21 03:48:18 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=DB37041AB857ABC7E179E856D8E1582C -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18000_none_3406de1616ca9086\afd.sys

< MD5 for: AGP440.SYS >
[2008/01/21 03:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\SysNative\drivers\AGP440.sys
[2008/01/21 03:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008/01/21 03:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys

< MD5 for: ATAPI.SYS >
[2008/01/21 03:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009/02/23 15:52:49 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=35137384FFB6FB4B4C3063CEB5DB34BE -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6000.20847_none_37d5e5fef5f86cf7\atapi.sys
[2009/02/23 15:52:49 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=B388797CAAB36D523840347CC6A39B96 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.22193_none_398211faf34b271a\atapi.sys
[2009/04/11 08:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\SysNative\drivers\atapi.sys
[2009/04/11 08:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/04/11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\SysWOW64\autochk.exe
[2009/04/11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008/01/21 03:50:26 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2009/04/11 08:09:58 | 000,734,720 | ---- | M] (Microsoft Corporation) MD5=E24D4475713CB382A720D003BDDA9628 -- C:\Windows\SysNative\autochk.exe
[2009/04/11 08:09:58 | 000,734,720 | ---- | M] (Microsoft Corporation) MD5=E24D4475713CB382A720D003BDDA9628 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_3ffe01d977405f71\autochk.exe
[2008/01/21 03:49:38 | 000,733,696 | ---- | M] (Microsoft Corporation) MD5=F74203F70337352EEABADAE16A05EAEA -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_3e1288cd7a1e9425\autochk.exe

< MD5 for: CDROM.SYS >
[2008/01/21 03:46:54 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=3B2FB35363423ED60C8FBF15FC8680BD -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_bbc7f7665c24db80\cdrom.sys
[2009/04/11 06:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\SysNative\drivers\cdrom.sys
[2009/04/11 06:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_bdb370725946a6cc\cdrom.sys

< MD5 for: CMD.EXE >
[2008/01/21 03:50:37 | 000,363,008 | ---- | M] (Microsoft Corporation) MD5=72A73B43C20902760022FBC91B3EC948 -- C:\Windows\SysNative\cmd.exe
[2008/01/21 03:50:37 | 000,363,008 | ---- | M] (Microsoft Corporation) MD5=72A73B43C20902760022FBC91B3EC948 -- C:\Windows\winsxs\amd64_microsoft-windows-commandprompt_31bf3856ad364e35_6.0.6001.18000_none_e72b6240d2b9faa5\cmd.exe
[2008/01/21 03:48:06 | 000,318,976 | ---- | M] (Microsoft Corporation) MD5=74F26FC01B180D4A99A168ED69C30A53 -- C:\Windows\SysWOW64\cmd.exe
[2008/01/21 03:48:06 | 000,318,976 | ---- | M] (Microsoft Corporation) MD5=74F26FC01B180D4A99A168ED69C30A53 -- C:\Windows\winsxs\wow64_microsoft-windows-commandprompt_31bf3856ad364e35_6.0.6001.18000_none_f1800c93071abca0\cmd.exe

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 12:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\SysNative\cngaudit.dll
[2006/11/02 12:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2013/10/03 14:16:48 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=165E9D93A84A7F55EBEEB1B554110680 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23235_none_78542a95b127239a\cryptsvc.dll
[2009/04/11 08:11:14 | 000,166,912 | ---- | M] (Microsoft Corporation) MD5=18918613E63F387CDE4D95CA7D49DCF7 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_d409adf4504e8a6b\cryptsvc.dll
[2013/04/24 05:09:48 | 000,174,592 | ---- | M] (Microsoft Corporation) MD5=1B22BC0B71F65001479DAB792C3F626C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18831_none_d3e54c38506a621a\cryptsvc.dll
[2013/04/24 05:00:30 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=3EDE4C1F9672C972479201544969ADCB -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18831_none_77c6b0b4980cf0e4\cryptsvc.dll
[2008/01/21 03:49:08 | 000,165,376 | ---- | M] (Microsoft Corporation) MD5=4374F784121D8B3BB466B03F5E5EBD33 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_d21e34e8532cbf1f\cryptsvc.dll
[2013/04/17 13:30:06 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=58CEF2D243575512657452B9E89A2E1F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18827_none_77d7825c97ff6cfd\cryptsvc.dll
[2013/07/08 05:12:34 | 000,174,592 | ---- | M] (Microsoft Corporation) MD5=5AAC48EAF8EACF247DB44FB61B900D89 -- C:\Windows\SysNative\cryptsvc.dll
[2013/07/08 05:12:34 | 000,174,592 | ---- | M] (Microsoft Corporation) MD5=5AAC48EAF8EACF247DB44FB61B900D89 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18881_none_d3af3c9c5092edcf\cryptsvc.dll
[2013/10/03 15:10:11 | 000,177,664 | ---- | M] (Microsoft Corporation) MD5=66C5431A70C1EA482819DA8AB5B7D274 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23235_none_d472c619698494d0\cryptsvc.dll
[2013/07/08 05:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=684C130BBC6DB681BAD4920A4C944AA5 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013/07/08 05:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=684C130BBC6DB681BAD4920A4C944AA5 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18881_none_7790a11898357c99\cryptsvc.dll
[2013/04/17 14:04:03 | 000,174,592 | ---- | M] (Microsoft Corporation) MD5=6D151DA5731286E52FD2D40DCB8623DB -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18827_none_d3f61de0505cde33\cryptsvc.dll
[2008/01/21 03:49:56 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2013/07/08 03:50:53 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=828805E2E7F529B24849AD52740288DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23154_none_783d888db13844fe\cryptsvc.dll
[2013/07/08 04:31:51 | 000,177,664 | ---- | M] (Microsoft Corporation) MD5=C848E7E63A1A56F092AF5C6032048BD6 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23154_none_d45c24116995b634\cryptsvc.dll
[2013/04/17 12:28:51 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=CC8E2C87016A07892B5448D764BF8A30 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23097_none_781547d5b15603a0\cryptsvc.dll
[2013/04/24 04:38:16 | 000,177,664 | ---- | M] (Microsoft Corporation) MD5=F47B316D81160CB2A0BC5F87046B6EFE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23101_none_d48f32cf696fde7a\cryptsvc.dll
[2013/04/17 13:32:53 | 000,177,664 | ---- | M] (Microsoft Corporation) MD5=F4F2EB4634C783874EFA0516BF3D088F -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23097_none_d433e35969b374d6\cryptsvc.dll
[2009/04/11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
[2013/04/24 04:46:45 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=FBE051C07C3D2B9011ECB1C7A73120C1 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23101_none_7870974bb1126d44\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2008/01/21 03:49:57 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=B4ABE68596B173FF2AB2076BC7C35EB4 -- C:\Windows\SysNative\csrss.exe
[2008/01/21 03:49:57 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=B4ABE68596B173FF2AB2076BC7C35EB4 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_b5027f5b9c731f82\csrss.exe

< MD5 for: EXPLORER.EXE >
[2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2008/10/29 07:15:50 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2008/10/30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2009/04/11 08:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\explorer.exe
[2009/04/11 08:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[2008/10/28 03:30:12 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2008/10/29 07:49:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe
[2008/10/30 06:30:07 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2008/10/28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2008/01/21 03:48:44 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
[2008/01/21 03:49:23 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe

< MD5 for: FASTFAT.SYS >
[2009/04/11 05:54:10 | 000,198,144 | ---- | M] (Microsoft Corporation) MD5=1A4BEE34277784619DDAF0422C0C6E23 -- C:\Windows\SysNative\drivers\fastfat.sys
[2009/04/11 05:54:10 | 000,198,144 | ---- | M] (Microsoft Corporation) MD5=1A4BEE34277784619DDAF0422C0C6E23 -- C:\Windows\winsxs\amd64_microsoft-windows-fat_31bf3856ad364e35_6.0.6002.18005_none_0cbd40100ce36561\fastfat.sys
[2008/01/21 03:48:14 | 000,198,656 | ---- | M] (Microsoft Corporation) MD5=FE731D345ED9EEABBC72A59B35941834 -- C:\Windows\winsxs\amd64_microsoft-windows-fat_31bf3856ad364e35_6.0.6001.18000_none_0ad1c7040fc19a15\fastfat.sys

< MD5 for: FICHIER_ENCODE[1].VBE >
[2013/11/16 14:27:35 | 000,073,064 | ---- | M] () MD5=6579C780A6DA259752877F56171C3AAF -- C:\Users\Zilo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6MDIKBP9\fichier_encode[1].vbe

< MD5 for: HAL.DLL >
[2009/04/11 08:15:31 | 000,233,448 | ---- | M] (Microsoft Corporation) MD5=822EA80D8E91D1BD5F31954348842AAA -- C:\Windows\SysNative\hal.dll
[2009/04/11 08:15:31 | 000,233,448 | ---- | M] (Microsoft Corporation) MD5=822EA80D8E91D1BD5F31954348842AAA -- C:\Windows\winsxs\amd64_hal.inf_31bf3856ad364e35_6.0.6002.18005_none_612624babd6ea012\hal.dll
[2008/01/21 03:46:51 | 000,233,528 | ---- | M] (Microsoft Corporation) MD5=D63C785A6EF1A3DE684781698A0CC9AF -- C:\Windows\winsxs\amd64_hal.inf_31bf3856ad364e35_6.0.6001.18000_none_5f3aabaec04cd4c6\hal.dll

< MD5 for: I8042PRT.SYS >
[2008/01/21 03:24:52 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=4D19BBA55832D905D8F50E1F4510A4C1 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6000.20734_none_f1f3f8e5ad6225bc\i8042prt.sys
[2008/01/21 03:24:52 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=4D19BBA55832D905D8F50E1F4510A4C1 -- C:\Windows\winsxs\amd64_msmouse.inf_31bf3856ad364e35_6.0.6000.20734_none_a8d99689a6c46c90\i8042prt.sys
[2008/01/21 03:24:52 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=51363D487CA91F1704742B989642C6B3 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6000.16609_none_f18fcd509427b0d2\i8042prt.sys
[2008/01/21 03:24:52 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=51363D487CA91F1704742B989642C6B3 -- C:\Windows\winsxs\amd64_msmouse.inf_31bf3856ad364e35_6.0.6000.16609_none_a8756af48d89f7a6\i8042prt.sys
[2008/01/21 03:46:59 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=CBB597659A2713CE0C9CC20C88C7591F -- C:\Windows\SysNative\drivers\i8042prt.sys
[2008/01/21 03:47:27 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=CBB597659A2713CE0C9CC20C88C7591F -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_f36d095c91565db4\i8042prt.sys
[2008/01/21 03:47:27 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=CBB597659A2713CE0C9CC20C88C7591F -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6002.18005_none_f55882688e782900\i8042prt.sys
[2008/01/21 03:46:59 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=CBB597659A2713CE0C9CC20C88C7591F -- C:\Windows\winsxs\amd64_msmouse.inf_31bf3856ad364e35_6.0.6001.18000_none_aa52a7008ab8a488\i8042prt.sys

< MD5 for: IASTORV.SYS >
[2008/01/21 03:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2008/01/21 03:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2008/01/21 03:46:51 | 000,023,608 | ---- | M] (Microsoft Corporation) MD5=0672BFCEDC6FC468A2B0500D81437F4F -- C:\Windows\SysNative\drivers\isapnp.sys
[2008/01/21 03:46:51 | 000,023,608 | ---- | M] (Microsoft Corporation) MD5=0672BFCEDC6FC468A2B0500D81437F4F -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\isapnp.sys
[2008/01/21 03:46:51 | 000,023,608 | ---- | M] (Microsoft Corporation) MD5=0672BFCEDC6FC468A2B0500D81437F4F -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\isapnp.sys

< MD5 for: KBDCLASS.SYS >
[2008/01/21 03:47:27 | 000,042,040 | ---- | M] (Microsoft Corporation) MD5=423696F3BA6472DD17699209B933BC26 -- C:\Windows\SysNative\drivers\kbdclass.sys
[2008/01/21 03:47:27 | 000,042,040 | ---- | M] (Microsoft Corporation) MD5=423696F3BA6472DD17699209B933BC26 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_f36d095c91565db4\kbdclass.sys
[2008/01/21 03:47:27 | 000,042,040 | ---- | M] (Microsoft Corporation) MD5=423696F3BA6472DD17699209B933BC26 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6002.18005_none_f55882688e782900\kbdclass.sys
[2008/01/21 03:24:52 | 000,042,040 | ---- | M] (Microsoft Corporation) MD5=88EE8513158979334FEEBFD777DFF390 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6000.20734_none_f1f3f8e5ad6225bc\kbdclass.sys
[2008/01/21 03:24:52 | 000,042,040 | ---- | M] (Microsoft Corporation) MD5=AC1BA7446D5343DFD4267A6E0D4FC0AF -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6000.16609_none_f18fcd509427b0d2\kbdclass.sys

< MD5 for: LSASS.EXE >
[2009/06/15 14:21:28 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=02474FBCB00AA5C622E92F620DB9A041 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_02bcb9272e6ecc60\lsass.exe
[2012/06/01 23:14:33 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=0688C6F0E5B1E0ADB1E10BF6A9023063 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22869_none_04a16b072b950d95\lsass.exe
[2009/09/10 16:22:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=1104B18819392FEA12FB5F9E170E66B3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_00fbc3d9312b9991\lsass.exe
[2009/02/13 09:52:40 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1979F94B28107233315DD6220F2304DD -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_02ad19252e799f25\lsass.exe
[2008/01/21 03:48:17 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_026926461528a96c\lsass.exe
[2008/01/21 03:48:17 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_02635b98152c3e5e\lsass.exe
[2008/01/21 03:48:17 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_04549f52124a74b8\lsass.exe
[2009/06/15 14:34:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=1E766E4C5BF9E230AD37A56BF7DB6C94 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_00d282d7314a3edc\lsass.exe
[2011/11/16 15:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=260BF9C43EE12C6898A9F5AAB0FB0E5D -- C:\Windows\SysNative\lsass.exe
[2011/11/16 15:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=260BF9C43EE12C6898A9F5AAB0FB0E5D -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_042567f8126e70e3\lsass.exe
[2011/11/16 15:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=260BF9C43EE12C6898A9F5AAB0FB0E5D -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_04276a72126ca0b8\lsass.exe
[2009/06/15 14:32:30 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=306E4503E083A498AE797FF59FA72839 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_00373bf8183ad660\lsass.exe
[2009/06/15 14:15:02 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=40348DCEC0712ED42231C5F90A69A690 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_041a8e8e12769b11\lsass.exe
[2009/09/09 12:32:36 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=41FB90DF49F203672F459122EF1F13B1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_02effd0d2e47247b\lsass.exe
[2011/11/16 15:08:48 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=54BC2124F6BCF2050D7C3057C0611AD4 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_04b006f32b8b272b\lsass.exe
[2009/02/13 06:14:46 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=563B71CEF1D46A24C5980FA2988DB67F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_0101906d312801c6\lsass.exe
[2009/06/15 14:26:45 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=80F4593E92FF960E4763380D3168E498 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_021f7b32155f99ff\lsass.exe
[2009/09/10 15:57:16 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=BBBCE2DACDCCD5EA60A50D0023AE2DE9 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_04c69d972b7a16dd\lsass.exe
[2009/02/13 08:46:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=E231BDBD7D69857EEFFDEB3A48A53824 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_006d4b9418124aab\lsass.exe
[2009/06/15 14:12:52 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=EBDAEE60E442BEA413E5D7CEDFB09463 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_04a52ba32b935432\lsass.exe

< MD5 for: NDIS.SYS >
[2008/01/21 03:50:38 | 000,739,384 | ---- | M] (Microsoft Corporation) MD5=2A2EE457AF36C5C9A6808C768BD3A12B -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_03e5c74ad46c7e4e\ndis.sys
[2009/04/11 08:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\Windows\SysNative\drivers\ndis.sys
[2009/04/11 08:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_05d14056d18e499a\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008/01/21 03:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009/04/11 08:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\SysNative\netlogon.dll
[2009/04/11 08:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[2008/01/21 03:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll

< MD5 for: NTFS.SYS >
[2013/03/03 20:13:14 | 001,513,320 | ---- | M] (Microsoft Corporation) MD5=2ACCAA3C3C55370A32F17B3595E1A217 -- C:\Windows\SysNative\drivers\ntfs.sys
[2013/03/03 20:13:14 | 001,513,320 | ---- | M] (Microsoft Corporation) MD5=2ACCAA3C3C55370A32F17B3595E1A217 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18799_none_041dfd72d2b022fb\ntfs.sys
[2013/03/03 20:13:14 | 001,501,032 | ---- | M] (Microsoft Corporation) MD5=AED552361D97B9C49D51902B70CE713D -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.23070_none_04b41183ebc5d73d\ntfs.sys
[2009/04/11 08:15:34 | 001,515,496 | ---- | M] (Microsoft Corporation) MD5=BAC869DFB98E499BA4D9BB1FB43270E1 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_047b3e4cd26ad615\ntfs.sys
[2008/01/21 03:50:39 | 001,540,152 | ---- | M] (Microsoft Corporation) MD5=FE86BA5AC3B50E2CA911E9C60C07B638 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_028fc540d5490ac9\ntfs.sys

< MD5 for: NTOSKRNL.EXE >
[2009/04/11 08:15:36 | 004,699,608 | ---- | M] (Microsoft Corporation) MD5=1B60CCC70788044404EEFBBB389FC111 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_ca3a763069a24eea\ntoskrnl.exe
[2009/02/23 16:07:28 | 004,694,584 | ---- | M] (Microsoft Corporation) MD5=247A2AAF7E5189716192EE19EC6EC6FB -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18145_none_c828c0cc6c9c6f3c\ntoskrnl.exe
[2010/10/15 15:02:22 | 004,689,808 | ---- | M] (Microsoft Corporation) MD5=255A6D981139EFEF605A88E003D1B2A2 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22505_none_cac41a9382bfe350\ntoskrnl.exe
[2009/02/23 16:09:40 | 004,694,584 | ---- | M] (Microsoft Corporation) MD5=2850680962ECC6C6D26EEE9F2FA58BE6 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22258_none_c8aa8e8985bf76fc\ntoskrnl.exe
[2009/02/23 16:07:28 | 004,429,368 | ---- | M] (Microsoft Corporation) MD5=2A87B3D380E3800BF247D82E58F0FCBA -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16754_none_c636b1f06f7ee0e5\ntoskrnl.exe
[2010/10/15 15:02:22 | 004,678,032 | ---- | M] (Microsoft Corporation) MD5=3A22B135BC4341025E19B9ADFB26C02A -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22777_none_c893f7e585d0874a\ntoskrnl.exe
[2010/10/15 15:02:22 | 004,699,024 | ---- | M] (Microsoft Corporation) MD5=4065E920FB6ED05B5F62A1FB6908C6C5 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18327_none_ca26dc9e69b0b0ef\ntoskrnl.exe
[2009/02/23 16:07:28 | 004,694,584 | ---- | M] (Microsoft Corporation) MD5=5E31190EF331709EAB9FB66C3683540B -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22269_none_c8a0bee785c6ac44\ntoskrnl.exe
[2009/03/03 06:04:30 | 004,691,424 | ---- | M] (Microsoft Corporation) MD5=65252FED486E5BF1E384CA65C16148C7 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22389_none_c88b20f585d6e14d\ntoskrnl.exe
[2008/01/21 03:49:27 | 004,694,072 | ---- | M] (Microsoft Corporation) MD5=6760643D6400CA78640E9DD3824115B1 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18000_none_c84efd246c80839e\ntoskrnl.exe
[2009/02/23 15:49:45 | 004,694,584 | ---- | M] (Microsoft Corporation) MD5=6DEA6827709FC6F047580111651DFF02 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18063_none_c8111e7a6cae7749\ntoskrnl.exe
[2012/04/03 09:22:15 | 004,699,520 | ---- | M] (Microsoft Corporation) MD5=7180984A68411B9D2F2495E03561B47E -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18607_none_ca3c822869a07082\ntoskrnl.exe
[2010/10/15 15:02:22 | 004,692,368 | ---- | M] (Microsoft Corporation) MD5=760A67A51D409EB396D1942D5555435C -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18538_none_c836992e6c9193ec\ntoskrnl.exe
[2013/07/08 05:51:57 | 004,691,904 | ---- | M] (Microsoft Corporation) MD5=82272D72710ED6A40E9A2A2286A9BBF4 -- C:\Windows\SysNative\ntoskrnl.exe
[2013/07/08 05:51:57 | 004,691,904 | ---- | M] (Microsoft Corporation) MD5=82272D72710ED6A40E9A2A2286A9BBF4 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18881_none_c9e004d869e6b24e\ntoskrnl.exe
[2009/03/03 05:44:15 | 004,427,232 | ---- | M] (Microsoft Corporation) MD5=8B3095B00E832ABFC7047A04E681CCDE -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16830_none_c64852866f7240ce\ntoskrnl.exe
[2009/02/23 15:49:45 | 004,694,584 | ---- | M] (Microsoft Corporation) MD5=A1DC0EFF401FE35688F1046F10BEE5BF -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22167_none_c89ebc6d85c87c6f\ntoskrnl.exe
[2013/07/08 05:08:19 | 004,664,256 | ---- | M] (Microsoft Corporation) MD5=B1AAE884320029A58F72B7CE0ABBDDB2 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23154_none_ca8cec4d82e97ab3\ntoskrnl.exe
[2012/04/03 09:22:16 | 004,687,232 | ---- | M] (Microsoft Corporation) MD5=B59E026F49BF06B435795F867AD46009 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22831_none_ca9faf5982dbc93c\ntoskrnl.exe
[2009/03/03 05:38:29 | 004,413,936 | ---- | M] (Microsoft Corporation) MD5=CC172711FF2FCE0673321A951B02C379 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21023_none_c6df983d888543ee\ntoskrnl.exe
[2009/03/03 06:02:29 | 004,692,448 | ---- | M] (Microsoft Corporation) MD5=ED97E8551F0B1844250ED1B07393B10D -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18226_none_c83f62d46c8b4dd8\ntoskrnl.exe
[2009/02/23 16:07:28 | 004,416,056 | ---- | M] (Microsoft Corporation) MD5=EFAAC7A874B65DF3F26B5092291D4859 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20921_none_c6ddbf878886ddfe\ntoskrnl.exe

< MD5 for: NVRAID.SYS >
[2008/01/21 03:46:54 | 000,128,056 | ---- | M] (NVIDIA Corporation) MD5=2C040B7ADA5B06F6FACADAC8514AA034 -- C:\Windows\SysNative\drivers\nvraid.sys
[2008/01/21 03:46:54 | 000,128,056 | ---- | M] (NVIDIA Corporation) MD5=2C040B7ADA5B06F6FACADAC8514AA034 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2008/01/21 03:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\SysNative\drivers\nvstor.sys
[2008/01/21 03:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys

< MD5 for: PXICKBLAYS.VBE >
[2013/11/16 14:27:35 | 000,073,064 | ---- | M] () MD5=6579C780A6DA259752877F56171C3AAF -- C:\Users\Zilo\AppData\Local\Temp\pxickblays.vbe
[2013/11/16 14:27:35 | 000,073,064 | ---- | M] () MD5=6579C780A6DA259752877F56171C3AAF -- C:\Users\Zilo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pxickblays.vbe
[2013/11/16 14:27:35 | 000,073,064 | ---- | M] () Unable to obtain MD5 -- C:\Users\Zilo\AppData\Roaming\pxickblays.vbe

< MD5 for: REGEDIT.EXE >
[2008/01/21 03:49:53 | 000,161,792 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\regedit.exe
[2008/01/21 03:50:29 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\SysWOW64\regedit.exe
[2008/01/21 03:50:29 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_5aa1fb3ac896d9c8\regedit.exe
[2008/01/21 03:49:53 | 000,161,792 | ---- | M] (Microsoft Corporation) MD5=5DFBCE56E689D90AE9E2FB278F80058E -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_504d50e8943617cd\regedit.exe

< MD5 for: SCECLI.DLL >
[2008/01/21 03:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2008/01/21 03:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009/04/11 08:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\SysNative\scecli.dll
[2009/04/11 08:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll

< MD5 for: SERVICES.EXE >
[2008/01/21 03:50:34 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009/04/11 08:10:50 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=934E0B7D77FF78C18D9F8891221B6DE3 -- C:\Windows\SysNative\services.exe
[2009/04/11 08:10:50 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=934E0B7D77FF78C18D9F8891221B6DE3 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.exe
[2009/04/11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\SysWOW64\services.exe
[2009/04/11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[2008/01/21 03:49:44 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=DFAC660F0F139276CC9299812DE42719 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.exe

< MD5 for: SMSS.EXE >
[2013/03/09 02:48:36 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=34B7B826716B166778ED454B7628EF5E -- C:\Windows\SysNative\smss.exe
[2013/03/09 02:48:36 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=34B7B826716B166778ED454B7628EF5E -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18805_none_0a44cbbcceb0c574\smss.exe
[2013/07/08 02:52:33 | 000,075,776 | ---- | M] (Microsoft Corporation) MD5=731772AD357CBCEE7B560A44AA7EAD47 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23154_none_0a9732a9e7f80805\smss.exe
[2008/01/21 03:50:36 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=9FC8E8C0F344EAE043740B72794DA3CC -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_08594380d18f10f0\smss.exe
[2009/04/11 08:10:54 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=C17704EA5B0F83D78F1377075FFE1C89 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_0a44bc8cceb0dc3c\smss.exe

< MD5 for: SPOOLSV.EXE >
[2010/08/17 15:54:44 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=439017BE66398AB809D81B3AE8393883 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_34a17b8490538c82\spoolsv.exe
[2010/08/17 15:02:18 | 000,270,848 | ---- | M] (Microsoft Corporation) MD5=7F59AA690212241B398D6DBE4071EE3C -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_32cba802932180c9\spoolsv.exe
[2010/08/17 15:04:48 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=92E6738D25C2123BE9515C0EAC0776CD -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_3260788179ed5d57\spoolsv.exe
[2008/01/21 03:49:35 | 000,267,264 | ---- | M] (Microsoft Corporation) MD5=E6519A9E756D74DC51C697BA62162F51 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_326a3ea579e6364c\spoolsv.exe
[2009/04/11 08:10:56 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=EADA445EAEDD1D7DF4C5EB42B3612729 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_3455b7b177080198\spoolsv.exe
[2010/08/17 15:54:20 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=F66FF751E7EFC816D266977939EF5DC3 -- C:\Windows\SysNative\spoolsv.exe
[2010/08/17 15:54:20 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=F66FF751E7EFC816D266977939EF5DC3 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_33f36be77751de08\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2008/01/21 03:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\SysWOW64\svchost.exe
[2008/01/21 03:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2008/01/21 03:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\SysNative\svchost.exe
[2008/01/21 03:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_11d9f524bdab2f1b\svchost.exe

< MD5 for: TCPIP.SYS >
[2010/06/16 18:14:29 | 001,424,264 | ---- | M] (Microsoft Corporation) MD5=0011810B5211FDACD784DE585262ECFE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_119c298735134c99\tcpip.sys
[2010/02/18 16:01:57 | 001,420,688 | ---- | M] (Microsoft Corporation) MD5=30C4ABC8075DEA44D7E775D434AF1753 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_0f2e179c1ecd900b\tcpip.sys
[2009/08/14 15:44:27 | 001,200,640 | ---- | M] (Microsoft Corporation) MD5=34B30202AECCB530FDDC6C6CCFA2FB46 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_bbc5fabc4a894d2a\tcpip.sys
[2010/02/18 13:25:21 | 001,200,640 | ---- | M] (Microsoft Corporation) MD5=396CF3FD8D2A4FDF55570C01894DB9DF -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_bba931004aa006ed\tcpip.sys
[2009/08/14 19:05:16 | 001,418,840 | ---- | M] (Microsoft Corporation) MD5=3BCD46BE9988B09D3510A0EF54F0D65B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_0f32e3e61ecadee9\tcpip.sys
[2010/02/18 16:04:06 | 001,414,032 | ---- | M] (Microsoft Corporation) MD5=4680D08A2E8A2509CD9B751D7AF59606 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys
[2010/02/18 15:22:15 | 001,423,752 | ---- | M] (Microsoft Corporation) MD5=4AD4600DF1F09EE7462152C061B683C8 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_118286a1352721f8\tcpip.sys
[2009/08/14 17:42:31 | 001,413,208 | ---- | M] (Microsoft Corporation) MD5=74B776CA1B328095FE23A3306B1613A3 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_0f6c030d3823f645\tcpip.sys
[2008/01/21 03:51:16 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=7A1183FBB802F5ABAD7FA18BC67E0858 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_0f3cadd61ec3b22c\tcpip.sys
[2010/02/18 13:27:40 | 001,198,080 | ---- | M] (Microsoft Corporation) MD5=7B0B928E318CADC23C87226BE0A1097D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_bc37d12363b92291\tcpip.sys
[2010/06/16 17:40:37 | 001,420,176 | ---- | M] (Microsoft Corporation) MD5=7D86275FB640011B372FD566C0EAFA8D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_0ede67001f09ee46\tcpip.sys
[2009/02/23 15:49:45 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=8E041924441FF8755E5B4F135C8C3767 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_0efecf2c1ef1a5d7\tcpip.sys
[2010/06/16 18:11:35 | 001,426,816 | ---- | M] (Microsoft Corporation) MD5=973658A2EA9C06B2976884B9046DFC6C -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_10d97a5c1c20ef58\tcpip.sys
[2009/04/11 08:15:48 | 001,426,408 | ---- | M] (Microsoft Corporation) MD5=99D07AD0EF2C535610F6573C29BC045E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_112826e21be57d78\tcpip.sys
[2009/08/14 17:39:38 | 001,425,992 | ---- | M] (Microsoft Corporation) MD5=A7BFF59C2F610F62E6C292074FF36A1E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_10c2d66e1c321395\tcpip.sys
[2010/02/18 15:28:06 | 001,427,336 | ---- | M] (Microsoft Corporation) MD5=B4B7B375FDD672AF79B0CBE9B9A48B47 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_112c2bd61be1dd22\tcpip.sys
[2013/07/05 05:45:27 | 001,423,808 | ---- | M] (Microsoft Corporation) MD5=C2CB949645C299E23FBFD26CAD3FC96E -- C:\Windows\SysNative\drivers\tcpip.sys
[2013/07/05 05:45:27 | 001,423,808 | ---- | M] (Microsoft Corporation) MD5=C2CB949645C299E23FBFD26CAD3FC96E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18880_none_10ccb5401c2ac785\tcpip.sys
[2010/06/17 00:28:33 | 001,414,544 | ---- | M] (Microsoft Corporation) MD5=D43D5336BE9DD93E02EE124297295713 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys
[2009/08/14 17:32:21 | 001,424,952 | ---- | M] (Microsoft Corporation) MD5=D45D67A18C9FD4CC637BC9D4585C0646 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_11acc42135079bb6\tcpip.sys
[2009/08/15 23:55:23 | 001,196,032 | ---- | M] (Microsoft Corporation) MD5=D4E30E6BADFF21865C3A075457CF9C00 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_bc4f6fa963a72036\tcpip.sys
[2013/07/05 04:58:11 | 001,417,664 | ---- | M] (Microsoft Corporation) MD5=EA8623BDD511A1ACD18DA4883860ADDE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23152_none_11789c6b352e7693\tcpip.sys
[2009/02/23 15:49:45 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=F10A60005FB50698E33A1940C6EBB010 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_0f8c6d1f380baafd\tcpip.sys

< MD5 for: TDX.SYS >
[2009/04/11 06:43:00 | 000,094,720 | ---- | M] (Microsoft Corporation) MD5=458919C8C42E398DC4802178D5FFEE27 -- C:\Windows\SysNative\drivers\tdx.sys
[2009/04/11 06:43:00 | 000,094,720 | ---- | M] (Microsoft Corporation) MD5=458919C8C42E398DC4802178D5FFEE27 -- C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_4847dcdb9194e539\tdx.sys
[2008/01/21 03:49:53 | 000,094,208 | ---- | M] (Microsoft Corporation) MD5=8C39C72E0E853DE04748C0337D9B9216 -- C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6001.18000_none_465c63cf947319ed\tdx.sys

< MD5 for: USER32.DLL >
[2008/01/21 03:48:29 | 000,820,224 | ---- | M] (Microsoft Corporation) MD5=32B87D215905F648EBE36A621978442C -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_295707c525b9f068\user32.dll
[2008/01/21 03:49:14 | 000,648,192 | ---- | M] (Microsoft Corporation) MD5=3D691030DBD3BD75DE1501BE54F0D425 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_33abb2175a1ab263\user32.dll
[2009/04/11 07:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\SysWOW64\user32.dll
[2009/04/11 07:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_35972b23573c7daf\user32.dll
[2009/04/11 08:11:27 | 000,820,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysNative\user32.dll
[2009/04/11 08:11:27 | 000,820,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_2b4280d122dbbbb4\user32.dll

< MD5 for: USERINIT.EXE >
[2008/01/21 03:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008/01/21 03:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008/01/21 03:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe
[2008/01/21 03:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe

< MD5 for: WDF01000.SYS >
[2008/01/21 03:24:55 | 000,869,432 | ---- | M] (Microsoft Corporation) MD5=2545296D7CA1F72E3769FE5510919EE9 -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.0.6000.16609_none_d09477b1d91add3e\Wdf01000.sys
[2013/06/26 23:58:36 | 000,785,624 | ---- | M] (Microsoft Corporation) MD5=37CE6867FC4A6827009A713A9737262C -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.0.6002.23153_none_d4aea29cecb367de\Wdf01000.sys
[2012/07/26 05:55:47 | 000,785,512 | ---- | M] (Microsoft Corporation) MD5=442783E2CB0DA19873B7A63833FF4CB4 -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.0.6001.18703_none_d274c1e5d646c236\Wdf01000.sys
[2012/07/26 05:55:47 | 000,785,512 | ---- | M] (Microsoft Corporation) MD5=442783E2CB0DA19873B7A63833FF4CB4 -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.0.6001.23004_none_d2ff3902ef63abc0\Wdf01000.sys
[2012/07/26 05:55:47 | 000,785,512 | ---- | M] (Microsoft Corporation) MD5=442783E2CB0DA19873B7A63833FF4CB4 -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.0.6002.18574_none_d4108689d3a4f16f\Wdf01000.sys
[2012/07/26 05:55:47 | 000,785,512 | ---- | M] (Microsoft Corporation) MD5=442783E2CB0DA19873B7A63833FF4CB4 -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.0.6002.22806_none_d4e7d728ec87fa9e\Wdf01000.sys
[2008/01/21 03:24:55 | 000,869,432 | ---- | M] (Microsoft Corporation) MD5=7595779E5FEDAA2C192B4081712F358C -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.0.6000.20734_none_d0f8a346f2555228\Wdf01000.sys
[2008/01/21 03:50:39 | 000,881,720 | ---- | M] (Microsoft Corporation) MD5=D02E7E4567DA1E7582FBF6A91144B0DF -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.0.6001.18000_none_d271b3bdd6498a20\Wdf01000.sys
[2013/06/27 00:00:44 | 000,785,624 | ---- | M] (Microsoft Corporation) MD5=E2C933EDBC389386EBE6D2BA953F43D8 -- C:\Windows\SysNative\drivers\Wdf01000.sys
[2013/06/27 00:00:44 | 000,785,624 | ---- | M] (Microsoft Corporation) MD5=E2C933EDBC389386EBE6D2BA953F43D8 -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.0.6002.18880_none_d401bb27d3b09f79\Wdf01000.sys

< MD5 for: WIN32K.SYS >
[2009/02/23 15:55:20 | 002,742,784 | ---- | M] (Microsoft Corporation) MD5=02AB35687E6319BA807553C65C8BE9B6 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22271_none_155104c56c39b4d5\win32k.sys
[2008/01/21 03:49:08 | 002,740,736 | ---- | M] (Microsoft Corporation) MD5=051A537773FEF04102580798E5539346 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18000_none_1512153e52e43af6\win32k.sys
[2012/04/02 14:59:51 | 002,766,848 | ---- | M] (Microsoft Corporation) MD5=1B2FA55699E457E67EF9981E538DB3BD -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18607_none_16ff9a42500427da\win32k.sys
[2009/02/23 15:30:06 | 002,741,760 | ---- | M] (Microsoft Corporation) MD5=341DC0239C5B7B49142A1E945B8739BC -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22125_none_158b13a36c0d9155\win32k.sys
[2011/06/02 14:50:04 | 002,764,288 | ---- | M] (Microsoft Corporation) MD5=3F74EBF3BE34531BB8E50A72FB8D8FCF -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18475_none_16b1e66e503ebe75\win32k.sys
[2013/08/29 08:48:37 | 002,775,552 | ---- | M] (Microsoft Corporation) MD5=43BD97E12433A7B630536F1E9F645D44 -- C:\Windows\SysNative\win32k.sys
[2013/08/29 08:48:37 | 002,775,552 | ---- | M] (Microsoft Corporation) MD5=43BD97E12433A7B630536F1E9F645D44 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18927_none_16ea001c50145731\win32k.sys
[2012/04/02 15:01:50 | 002,768,896 | ---- | M] (Microsoft Corporation) MD5=4479A29ED324DB322B09C471520BAAE2 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22831_none_1762c773693f8094\win32k.sys
[2013/08/29 08:46:35 | 002,778,624 | ---- | M] (Microsoft Corporation) MD5=583DC902435896ED66C4E324441864B1 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.23204_none_178615e96924a37d\win32k.sys
[2011/06/02 14:36:25 | 002,767,360 | ---- | M] (Microsoft Corporation) MD5=5C1199E33D879C11BBA6D494AABA2FA4 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22653_none_174f2463694df0d6\win32k.sys
[2011/06/02 14:20:03 | 002,762,752 | ---- | M] (Microsoft Corporation) MD5=65B58F5FE00AA4600C933822061C61CD -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22927_none_158d23676c0bad3b\win32k.sys
[2009/02/23 15:30:06 | 002,749,440 | ---- | M] (Microsoft Corporation) MD5=8683708DC6C4D294821739E199252317 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16646_none_130698a455d8b1d3\win32k.sys
[2009/02/23 15:30:06 | 002,741,760 | ---- | M] (Microsoft Corporation) MD5=8A85511E2ECBE099B214E7CA2C618D8F -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18027_none_1503776c52ee2439\win32k.sys
[2009/02/23 15:30:06 | 002,750,976 | ---- | M] (Microsoft Corporation) MD5=90BCE6FE4A3CD91F7E3B64CB31331BAE -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.20782_none_1360f4976f1a5c05\win32k.sys
[2009/02/23 15:55:20 | 002,752,000 | ---- | M] (Microsoft Corporation) MD5=C08D2DA903501DBED4A9C69C8285824B -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.20922_none_13a1d7eb6ee9aead\win32k.sys
[2009/04/11 06:11:52 | 002,745,344 | ---- | M] (Microsoft Corporation) MD5=CE583F63B4ED60A6819AD64C172D9860 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18005_none_16fd8e4a50060642\win32k.sys
[2009/02/23 15:55:20 | 002,750,976 | ---- | M] (Microsoft Corporation) MD5=D213407F31E705AAEDB5260F54C0D35A -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16754_none_12f9ca0a55e2983d\win32k.sys
[2009/02/23 15:55:20 | 002,742,272 | ---- | M] (Microsoft Corporation) MD5=FA3641B32902CA21AC0CF1B979CD3A46 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18145_none_14ebd8e653002694\win32k.sys
[2011/06/02 14:22:31 | 002,762,240 | ---- | M] (Microsoft Corporation) MD5=FB8476A6367B3BC667303BB48614F7BB -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18653_none_14df11e4530a019a\win32k.sys

< MD5 for: WINLOGON.EXE >
[2009/04/11 08:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe
[2009/04/11 08:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008/01/21 03:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/21 03:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WINSRV.DLL >
[2011/04/20 16:16:49 | 000,450,048 | ---- | M] (Microsoft Corporation) MD5=2D94E4CE322F12061D3FA7DBE65E9AC5 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6001.18638_none_1284d01654c3b456\winsrv.dll
[2011/04/20 16:38:31 | 000,450,560 | ---- | M] (Microsoft Corporation) MD5=33353C4E98C0CCF7E2A817536EB58985 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.22628_none_14ffb2816aff87a1\winsrv.dll
[2009/04/11 08:11:28 | 000,450,560 | ---- | M] (Microsoft Corporation) MD5=36F234FD1AA7BAE559BB1C483FC76286 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.18005_none_1488ab3251d4722d\winsrv.dll
[2013/03/08 04:53:03 | 000,451,072 | ---- | M] (Microsoft Corporation) MD5=5B42F82BBFB9DE6BD9DB818B95AB6EF6 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.23075_none_14c67fdb6b2af208\winsrv.dll
[2008/01/21 03:49:09 | 000,450,048 | ---- | M] (Microsoft Corporation) MD5=A9C654098A5CA39618DA9D022A6691B8 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6001.18000_none_129d322654b2a6e1\winsrv.dll
[2011/04/20 15:59:09 | 000,450,048 | ---- | M] (Microsoft Corporation) MD5=CCCFC223E76D14E622D8F2BB5E90B58D -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6001.22904_none_132adf496dcc953f\winsrv.dll
[2013/03/08 05:18:52 | 000,451,072 | ---- | M] (Microsoft Corporation) MD5=D665D594B7E11133D29D726BDDC7A5B0 -- C:\Windows\SysNative\winsrv.dll
[2013/03/08 05:18:52 | 000,451,072 | ---- | M] (Microsoft Corporation) MD5=D665D594B7E11133D29D726BDDC7A5B0 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.18804_none_1487ba1851d5420e\winsrv.dll
[2011/04/20 17:03:39 | 000,451,072 | ---- | M] (Microsoft Corporation) MD5=E5E5E593D4850B0AA24CF58B552147F3 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.18456_none_1453a37851fc0bd5\winsrv.dll

< MD5 for: WS2_32.DLL >
[2008/01/21 03:49:45 | 000,265,216 | ---- | M] (Microsoft Corporation) MD5=63944ECFE4878C1C4889689324CABFAB -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_4ed64c4686b376fa\ws2_32.dll
[2008/01/21 03:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\SysWOW64\ws2_32.dll
[2008/01/21 03:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
[2008/01/21 03:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_f4a329cecb77d110\ws2_32.dll
[2009/04/11 08:11:31 | 000,264,704 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysNative\ws2_32.dll
[2009/04/11 08:11:31 | 000,264,704 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_50c1c55283d54246\ws2_32.dll

< MD5 for: WSCRIPT.EXE >
[2008/01/21 03:48:02 | 000,155,648 | ---- | M] (Microsoft Corporation) MD5=518466BED4F50B1BAD32475E756CA748 -- C:\Windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.18000_none_486853160059f17b\wscript.exe
[2009/02/23 15:48:27 | 000,155,648 | ---- | M] (Microsoft Corporation) MD5=549FA98184D34DA75D84F9914BE2DEFB -- C:\Windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.18068_none_482f75de008363d9\wscript.exe
[2009/02/23 15:48:27 | 000,166,912 | ---- | M] (Microsoft Corporation) MD5=8008128D00DEEAD87F755D1D0BDC83FF -- C:\Windows\winsxs\amd64_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.18068_none_a44e1161b8e0d50f\wscript.exe
[2009/04/11 08:11:12 | 000,166,912 | ---- | M] (Microsoft Corporation) MD5=895083A7A0C4A75C6F8825895050ABB7 -- C:\Windows\SysNative\wscript.exe
[2009/04/11 08:11:12 | 000,166,912 | ---- | M] (Microsoft Corporation) MD5=895083A7A0C4A75C6F8825895050ABB7 -- C:\Windows\winsxs\amd64_microsoft-windows-scripting_31bf3856ad364e35_6.0.6002.18005_none_a67267a5b5d92dfd\wscript.exe
[2009/02/23 15:48:26 | 000,166,912 | ---- | M] (Microsoft Corporation) MD5=B7CA108AF48AA7546176EB0C068984F5 -- C:\Windows\winsxs\amd64_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.22175_none_a4c9dd62d20944c5\wscript.exe
[2008/01/21 03:50:21 | 000,167,424 | ---- | M] (Microsoft Corporation) MD5=C6F370369775AC1486F431152BAE675D -- C:\Windows\winsxs\amd64_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.18000_none_a486ee99b8b762b1\wscript.exe
[2009/02/23 15:48:26 | 000,155,648 | ---- | M] (Microsoft Corporation) MD5=DF89C42EBCAE106EAD8657344FF9119D -- C:\Windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.22175_none_48ab41df19abd38f\wscript.exe
[2009/04/11 07:28:17 | 000,155,648 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\wscript.exe
[2009/04/11 07:28:17 | 000,155,648 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6002.18005_none_4a53cc21fd7bbcc7\wscript.exe

< >

< %systemroot%\system32\logevent.dll /md5 >

< %systemroot%\system32\sceclt.dll /md5 >

< %systemroot%\system32\ntelogon.dll /md5 >

< %systemroot%\system32\consrv.dll /md5 >

< >

< %systemroot%\system32\logevent.dll /md5 /64 >

< %systemroot%\system32\sceclt.dll /md5 /64 >

< %systemroot%\system32\ntelogon.dll /md5 /64 >

< %systemroot%\system32\consrv.dll /md5 /64 >

< >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013/11/19 15:47:30 | 000,000,512 | ---- | M] () MD5=F6D85E36C06986069831D72260FF4CBB -- C:\PhysicalMBR.bin

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013/11/16 14:36:13 | 000,275,568 | ---- | M] (Mozilla Corporation) MD5=077D59BA0FD4007E841B6C670862B065 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013/10/13 11:49:16 | 000,757,488 | ---- | M] (Microsoft Corporation) MD5=06085B62BC7E0C8E2605CEA38774D956 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2013/11/14 12:29:33 | 000,863,184 | ---- | M] (Google Inc.) MD5=636D97B3BAF854511FF3F4093E895FED -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %systemroot%\system32\Spool\prtprocs\*.* /s >
[2012/02/01 16:30:34 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\x64\jnwppr.dll
[2009/02/23 15:20:18 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\system32\Spool\prtprocs\x64\cs-CZ\LMPRTPRC.DLL.mui
[2006/11/02 16:13:03 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\system32\Spool\prtprocs\x64\en-US\LMPRTPRC.DLL.mui

< %systemroot%\system32\drivers\*.sys /10 >

< %systemroot%\system32\drivers\*.sys /X >
[2013/10/31 15:34:15 | 000,000,000 | RHS- | M] () -- C:\Windows\system32\drivers\103C_HP_cNB_Pavilion dv7 Notebook PC_Y5335KV_0U_QCNF92320Y7_E510510-221_4A_I3624_SHP_V18.51_F.46_T110825_WV3-1_L41B_M3069_J320_7Intel_867A_92.10_#131031_N10EC8168;14E44315_(NZ834EA#AKB)_XMOBILE_CN10_Z_2Rev 1.MRK
[2006/09/18 22:26:46 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2006/09/18 22:26:46 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /10 >
[2013/11/13 11:25:58 | 000,000,052 | ---- | M] () -- C:\Windows\system32\DOErrors.log
[2013/11/13 10:06:14 | 000,000,056 | -H-- | M] () -- C:\Windows\system32\ezsidmv.dat

< %systemroot%\system32\*.dll /lockedfiles >
[2012/11/02 11:19:33 | 001,248,768 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msxml3.dll
[2009/04/11 07:28:24 | 000,172,032 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\scrrun.dll

< %systemroot%\system32\*.* /lockedfiles >
[2008/01/21 03:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msscript.ocx
[2012/11/02 11:19:33 | 001,248,768 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msxml3.dll
[2009/04/11 07:28:24 | 000,172,032 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\scrrun.dll
[2006/11/02 08:29:16 | 000,016,896 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\stdole2.tlb
[2009/04/11 07:28:17 | 000,155,648 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\wscript.exe
[2009/04/11 07:27:17 | 000,135,168 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\wshom.ocx

< %systemroot%\system32\config\*.sav >

< >

< c:\$Recycle.Bin|L,N,U,@;true;true;true /FN >

< c:\Windows\Installer|L,N,U,@;true;true;true /FN >

< >

< %systemroot%\Tasks\*.job >
[2013/11/19 16:16:13 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013/11/18 22:45:05 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/11/19 16:13:02 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\*.* /U /s >
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[12 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %systemroot%\*. /rp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Nabídka Start\*.lnk /x >

< %ALLUSERSPROFILE%\Data Aplikácií\*.* >

< %ALLUSERSPROFILE%\Data Aplikácií\*.exe /s >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %APPDATA%\*. >
[2013/11/01 01:58:07 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\Adobe
[2013/11/15 14:19:57 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\Apple Computer
[2013/10/31 15:56:09 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\ATI
[2013/11/01 01:57:04 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\Auslogics
[2013/11/01 17:41:26 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\Autodesk
[2013/10/31 22:02:38 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\CyberLink
[2013/11/01 11:12:10 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\DAEMON Tools Lite
[2013/10/31 15:56:15 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\DigitalPersona
[2013/10/31 21:21:41 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\ESET
[2013/11/01 02:18:41 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\GHISLER
[2013/10/31 15:44:58 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\HP TCS
[2013/11/06 12:13:39 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\hpqLog
[2013/10/31 15:55:20 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\Identities
[2013/11/06 11:56:15 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\InstallShield
[2013/10/31 16:22:05 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\Macromedia
[2013/10/31 15:57:21 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\Macrovision
[2006/11/02 16:07:25 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\Media Center Programs
[2013/11/13 14:52:44 | 000,000,000 | --SD | M] -- C:\Users\Zilo\AppData\Roaming\Microsoft
[2013/10/31 21:00:55 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\Mozilla
[2013/11/19 00:50:55 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\vlc
[2013/11/01 02:11:05 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\WinRAR

< %APPDATA%\*.* >
[2013/11/16 14:27:35 | 000,073,064 | ---- | M] () -- C:\Users\Zilo\AppData\Roaming\pxickblays.vbe

< %APPDATA%\*.exe /s >
[2013/09/20 01:33:02 | 000,694,189 | ---- | M] () -- C:\Users\Zilo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Internet Download Manager.exe

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\system32|bak;true;false;false /fp >

< %PROGRAMFILES%|bak;true;false;false /fp >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Internet Download Manager.exe" = "C:\Users\Zilo\AppData\Local\Temp\Internet Download Manager.exe" -- [2013/09/20 01:33:02 | 000,694,189 | ---- | M] ()
"pxickblays" = wscript.exe //B "C:\Users\Zilo\AppData\Roaming\pxickblays.vbe" -- [2009/04/11 07:28:17 | 000,155,648 | ---- | M] (Microsoft Corporation)

========== Files - Unicode (All) ==========
[2013/11/14 22:38:37 | 000,980,486 | ---- | C] ()(C:\Users\Zilo\Desktop\000664 (????????, ???????, 3d ???).jpg) -- C:\Users\Zilo\Desktop\000664 (Фантазия, рисунок, 3d мир).jpg
[2013/11/14 22:38:20 | 000,275,580 | ---- | C] ()(C:\Users\Zilo\Desktop\003197 (?????, ??????????, ???????).jpg) -- C:\Users\Zilo\Desktop\003197 (Взрыв, катастрофа, планета).jpg
[2013/11/14 22:38:04 | 000,434,009 | ---- | C] ()(C:\Users\Zilo\Desktop\004377 (??????, ????, ????????).jpg) -- C:\Users\Zilo\Desktop\004377 (Монстр, воин, пистолет).jpg
[2011/01/17 23:46:06 | 000,275,580 | ---- | M] ()(C:\Users\Zilo\Desktop\003197 (?????, ??????????, ???????).jpg) -- C:\Users\Zilo\Desktop\003197 (Взрыв, катастрофа, планета).jpg
[2011/01/17 21:44:22 | 000,434,009 | ---- | M] ()(C:\Users\Zilo\Desktop\004377 (??????, ????, ????????).jpg) -- C:\Users\Zilo\Desktop\004377 (Монстр, воин, пистолет).jpg
[2011/01/17 21:40:04 | 000,980,486 | ---- | M] ()(C:\Users\Zilo\Desktop\000664 (????????, ???????, 3d ???).jpg) -- C:\Users\Zilo\Desktop\000664 (Фантазия, рисунок, 3d мир).jpg

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\System32\config\systemprofile\AppData\Local\Data aplikací] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\Windows\System32\config\systemprofile\AppData\Local\Historie] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\Windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\Windows\System32\config\systemprofile\Data aplikací] -> C:\Windows\system32\config\systemprofile\AppData\Roaming -> Junction
[C:\Windows\System32\config\systemprofile\Local Settings] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\Windows\System32\config\systemprofile\Soubory cookie] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies -> Junction
[C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Data aplikací] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Historie] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Data aplikací] -> C:\Windows\system32\config\systemprofile\AppData\Roaming -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Local Settings] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Soubory cookie] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies -> Junction

< End of report >

[zilo9]

Takze tento log sa otvoril po restartovani pocitaca. Ked som otvoril USB boli tam vytvoreny zastupcovia toho virusu pravdepodobne, tak som ich vymazal a slo to v pohode, ale skusil som skopirovat subor na USB to slo v pohode, ale nevidim ho tam. a ukazuje ze je priecinok prazdny. Tak som dal znovu kopirovat a vyhadzuje mi okno, ze subor uz existuje a ci si zelam ho nahradit skopirovat, alebo skopirovat a ponechat aj povodny, nechapem tomu, podla logu vyzera, ze vsetko bolo odstranene. Teraz mam dat znovu kontrolu pomocou OTL ako prvykrat? Velka vdaka za pomoc


========== OTL ==========
Process Internet Download Manager.exe killed successfully!
Registry key HKEY_USERS\S-1-5-21-4116362256-3208974170-2117722004-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Internet Download Manager.exe deleted successfully.
C:\Users\Zilo\AppData\Local\Temp\Internet Download Manager.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\pxickblays deleted successfully.
Registry value HKEY_USERS\S-1-5-21-4116362256-3208974170-2117722004-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Internet Download Manager.exe deleted successfully.
File C:\Users\Zilo\AppData\Local\Temp\Internet Download Manager.exe not found.
Registry value HKEY_USERS\S-1-5-21-4116362256-3208974170-2117722004-1000\Software\Microsoft\Windows\CurrentVersion\Run\\pxickblays deleted successfully.
C:\Users\Zilo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Internet Download Manager.exe moved successfully.
C:\Users\Zilo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pxickblays.vbe moved successfully.
File not found.
F:\Autorun.inf moved successfully.
I:\AUTORUN.INF.lnk moved successfully.
File I:\AUTORUN.INF not found.
File move failed. C:\Users\Zilo\AppData\Roaming\pxickblays.vbe scheduled to be moved on reboot.
File C:\Users\Zilo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pxickblays.vbe not found.
C:\Users\Zilo\AppData\Local\Temp\pxickblays.vbe moved successfully.
C:\Users\Zilo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6MDIKBP9\fichier_encode[1].vbe moved successfully.
File C:\Users\Zilo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Internet Download Manager.exe not found.

OTL by OldTimer - Version 3.2.69.0 log created on 11192013_172355

Files\Folders moved on Reboot...
C:\Users\Zilo\AppData\Roaming\pxickblays.vbe moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[zilo9]

tak virus ostal, nezmizol, vsetko po starom...ale prisiel som na jednu vec, ze ten virus subory ktore su na USB da ako skryte a nevidno ich, ale ked som nastavil zobrazit skryte subory, tak tam boli...spustil som znova OTL s nastaveniami aj tym logom...

[zilo9]

OTL logfile created on: 19. 11. 2013 17:45:03 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Zilo\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

3,00 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 46,69% Memory free
6,19 Gb Paging File | 4,00 Gb Available in Paging File | 64,62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287,97 Gb Total Space | 112,62 Gb Free Space | 39,11% Space Free | Partition Type: NTFS
Drive D: | 10,11 Gb Total Space | 1,73 Gb Free Space | 17,09% Space Free | Partition Type: NTFS
Drive E: | 2,74 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 465,76 Gb Total Space | 49,87 Gb Free Space | 10,71% Space Free | Partition Type: NTFS
Drive H: | 3,72 Gb Total Space | 3,71 Gb Free Space | 99,73% Space Free | Partition Type: FAT32
Drive I: | 3,76 Gb Total Space | 1,00 Gb Free Space | 26,63% Space Free | Partition Type: FAT32

Computer Name: ZILO9 | User Name: Zilo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013/11/19 15:28:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Zilo\Desktop\OTL.exe
PRC - [2013/11/16 14:36:13 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/07/04 10:17:42 | 000,999,704 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe
PRC - [2010/04/10 09:03:46 | 000,077,824 | ---- | M] () -- C:\Windows\KMService.exe
PRC - [2009/09/23 16:45:50 | 001,287,176 | ---- | M] (Panda Security) -- C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
PRC - [2008/12/17 16:11:40 | 000,365,952 | ---- | M] () -- C:\Program Files (x86)\SMINST\BLService.exe
PRC - [2008/12/10 19:56:36 | 000,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
PRC - [2008/12/10 19:56:36 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
PRC - [2003/04/18 19:06:26 | 000,008,192 | ---- | M] () -- C:\Windows\SysWOW64\srvany.exe


========== Modules (No Company Name) ==========

MOD - [2013/11/16 14:36:10 | 003,363,952 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/09/13 19:51:44 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/09/13 19:51:20 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/11/01 17:10:33 | 001,436,424 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2013/04/30 04:52:38 | 000,238,080 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/07/04 10:18:44 | 000,190,208 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe -- (ESHASRV)
SRV:64bit: - [2012/07/04 10:18:26 | 000,035,720 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Endpoint Security\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2012/07/04 10:17:42 | 000,999,704 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2011/05/13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\Hpservice.exe -- (hpsrv)
SRV:64bit: - [2009/02/22 21:08:10 | 000,267,776 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_c7d6edb7\STacSV64.exe -- (STacSV)
SRV:64bit: - [2009/02/12 04:21:34 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_c7d6edb7\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2008/11/18 06:09:46 | 000,721,712 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vfsFPService.exe -- (vfsFPService)
SRV:64bit: - [2008/01/21 03:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/11/19 17:32:45 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/11/16 14:36:11 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/03/30 05:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/12/17 16:11:40 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/12/10 19:56:36 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV - [2008/11/18 06:09:42 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vfsFPService.exe -- (vfsFPService)
SRV - [2008/02/03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)
SRV - [2003/04/18 19:06:26 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/11/06 11:56:08 | 002,685,432 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX)
DRV:64bit: - [2013/11/01 00:50:22 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/04/30 05:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2013/04/30 05:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/04/30 03:48:14 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/10 10:16:32 | 000,213,416 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\eamonm.sys -- (eamonm)
DRV:64bit: - [2012/03/29 11:03:56 | 000,194,848 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\epfw.sys -- (epfw)
DRV:64bit: - [2012/03/29 11:03:56 | 000,063,008 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2012/03/29 11:03:54 | 000,152,136 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012/03/29 11:03:54 | 000,038,288 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2012/02/29 14:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/23 13:31:50 | 000,092,176 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdLH6.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/05/13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2010/02/25 14:19:02 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2009/10/01 01:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/02/22 21:08:10 | 000,473,088 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2008/10/23 10:42:06 | 000,128,352 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\jmcr.sys -- (JMCR)
DRV:64bit: - [2008/09/04 18:48:00 | 000,064,000 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\enecir.sys -- (enecir)
DRV:64bit: - [2008/08/06 17:26:08 | 000,174,592 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/07/24 17:48:10 | 000,250,928 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2008/07/04 06:23:12 | 000,306,688 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AVerAF15.sys -- (AVerAF15)
DRV:64bit: - [2008/06/23 12:54:02 | 000,099,368 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2008/06/23 12:54:02 | 000,091,176 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2008/06/23 12:54:02 | 000,019,752 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2008/01/21 03:46:57 | 003,154,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys -- (NETw3v64)
DRV:64bit: - [2008/01/21 03:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2006/10/04 02:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV - [2008/11/28 18:04:24 | 000,146,928 | ---- | M] (CyberLink Corp.) [2013/10/31 14:59:49] [Kernel | Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4116362256-3208974170-2117722004-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
IE - HKU\S-1-5-21-4116362256-3208974170-2117722004-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
IE - HKU\S-1-5-21-4116362256-3208974170-2117722004-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4116362256-3208974170-2117722004-1000\..\SearchScopes,DefaultScope = {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
IE - HKU\S-1-5-21-4116362256-3208974170-2117722004-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-4116362256-3208974170-2117722004-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4116362256-3208974170-2117722004-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.centrum.sk"
FF - prefs.js..extensions.enabledAddons: %7B73007fef-a6e0-47d3-b4e7-dfc116ed6f65%7D:1.1
FF - prefs.js..extensions.enabledAddons: %7B7b1bf0b6-a1b9-42b0-b75d-252036438bdc%7D:6.7
FF - prefs.js..extensions.enabledAddons: %7B77d2ed30-4cd2-11e0-b8af-0800200c9a66%7D:9.2.2
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET ENDPOINT SECURITY\MOZILLA THUNDERBIRD [2013/11/01 00:17:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2013/10/31 15:17:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird [2013/11/01 00:17:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\firefoxext [2013/10/31 15:17:35 | 000,000,000 | ---D | M]

[2013/10/31 21:00:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zilo\AppData\Roaming\mozilla\Extensions
[2013/11/12 23:53:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zilo\AppData\Roaming\mozilla\Firefox\Profiles\7k1w0kn6.default\extensions
[2013/11/12 16:12:46 | 000,000,000 | ---D | M] (FT DeepDark) -- C:\Users\Zilo\AppData\Roaming\mozilla\Firefox\Profiles\7k1w0kn6.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
[2013/11/12 23:53:09 | 002,795,957 | ---- | M] () (No name found) -- C:\Users\Zilo\AppData\Roaming\mozilla\firefox\profiles\7k1w0kn6.default\extensions\nasanightlaunch@example.com.xpi
[2013/11/01 00:21:55 | 000,003,771 | ---- | M] () (No name found) -- C:\Users\Zilo\AppData\Roaming\mozilla\firefox\profiles\7k1w0kn6.default\extensions\{73007fef-a6e0-47d3-b4e7-dfc116ed6f65}.xpi
[2013/11/07 23:57:46 | 000,045,456 | ---- | M] () (No name found) -- C:\Users\Zilo\AppData\Roaming\mozilla\firefox\profiles\7k1w0kn6.default\extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi
[2013/11/01 00:19:23 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Zilo\AppData\Roaming\mozilla\firefox\profiles\7k1w0kn6.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/11/16 14:35:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/11/16 14:36:13 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: DAEMON Search (Enabled)
CHR - default_search_provider: search_url = http://www.daemon-search.com/search?q={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - Extension: Docs = C:\Users\Zilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Disk Google = C:\Users\Zilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\Zilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: H\u013Eada\u0165 v Google = C:\Users\Zilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Pe\u0148a\u017Eenka Google = C:\Users\Zilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Gmail = C:\Users\Zilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006/09/18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Endpoint Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [pxickblays] wscript.exe //B "C:\Users\Zilo\AppData\Roaming\pxickblays.vbe" File not found
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe (DigitalPersona, Inc.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [pxickblays] wscript.exe //B "C:\Users\Zilo\AppData\Roaming\pxickblays.vbe" File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-4116362256-3208974170-2117722004-1000..\Run: [pxickblays] wscript.exe //B "C:\Users\Zilo\AppData\Roaming\pxickblays.vbe" File not found
O4 - Startup: C:\Users\Zilo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pxickblays.vbe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} http://195.28.70.134/kapor2/lib/mgaxctrl.cab (Autodesk MapGuide ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 147.175.167.251 147.175.189.200
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{22733D82-51A2-40F7-B06C-FAA7C9E39608}: DhcpNameServer = 147.175.167.251 147.175.189.200
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Zilo\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta programu Windows Fotogaléria.jpg
O24 - Desktop BackupWallPaper: C:\Users\Zilo\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta programu Windows Fotogaléria.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/11/01 16:09:16 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2013/10/31 14:12:35 | 000,000,000 | --SD | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2013/10/21 07:03:52 | 000,000,016 | -H-- | M] () - I:\AUTORUN.INF -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

[zilo9]

========== Files/Folders - Created Within 7 Days ==========

[2013/11/19 17:23:55 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/11/19 15:28:09 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Zilo\Desktop\OTL.exe
[2013/11/19 13:26:07 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013/11/19 13:26:06 | 000,000,000 | ---D | C] -- C:\rsit
[2013/11/19 12:45:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2013/11/19 12:44:59 | 002,347,384 | ---- | C] (ESET) -- C:\Users\Zilo\Desktop\esetsmartinstaller_sky.exe
[2013/11/18 18:45:14 | 000,000,000 | ---D | C] -- C:\Users\Zilo\AppData\Local\Microsoft Games
[2013/11/18 17:14:40 | 000,000,000 | ---D | C] -- C:\Users\Zilo\Desktop\Californication
[2013/11/18 12:52:07 | 000,000,000 | ---D | C] -- C:\Users\Zilo\Desktop\Diplomka MOJA
[2013/11/16 14:35:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/11/15 14:30:18 | 000,000,000 | ---D | C] -- C:\Users\Zilo\Desktop\Reliving Things
[2013/11/15 14:16:21 | 000,000,000 | ---D | C] -- C:\Users\Zilo\AppData\Local\Apple Computer
[2013/11/15 14:16:20 | 000,000,000 | ---D | C] -- C:\Users\Zilo\AppData\Roaming\Apple Computer
[2013/11/15 14:16:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/11/15 14:14:24 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2013/11/15 14:14:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013/11/15 14:13:14 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/11/15 14:13:09 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/11/15 14:13:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/11/15 14:13:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013/11/15 14:13:09 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/11/15 14:12:01 | 000,000,000 | ---D | C] -- C:\Users\Zilo\AppData\Local\Apple
[2013/11/15 14:11:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013/11/15 14:08:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013/11/15 14:08:00 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013/11/15 14:08:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013/11/15 14:07:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013/11/15 14:07:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013/11/14 21:52:11 | 000,000,000 | ---D | C] -- C:\Users\Zilo\Desktop\Were.the.Millers.2013.EXTENDED.720p.BluRay.x264-SPARKS
[2013/11/14 21:38:02 | 000,000,000 | ---D | C] -- C:\Users\Zilo\Desktop\Into.The.Mind.2013.720p.BluRay.x264-CiNEFiLE
[2013/11/13 13:31:28 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/11/13 13:31:28 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/11/13 13:31:26 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/11/13 13:31:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/11/13 13:31:26 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/11/13 13:31:25 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/11/13 13:31:25 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/11/13 13:31:24 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/11/13 13:31:21 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/11/13 13:31:21 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/11/13 13:31:21 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/11/13 13:31:19 | 002,334,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/11/13 13:31:19 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/11/13 13:31:18 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/11/13 13:31:18 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/11/13 13:23:08 | 000,781,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2013/11/13 13:23:07 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2013/11/13 13:22:48 | 001,278,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/11/13 13:22:39 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll

========== Files - Modified Within 7 Days ==========

[2013/11/19 17:47:53 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/11/19 17:32:47 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/19 17:32:45 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/11/19 17:32:45 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/11/19 17:28:52 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/19 17:28:50 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/19 17:28:50 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/19 17:28:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/19 17:28:40 | 3218,276,352 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/19 17:26:20 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013/11/19 17:13:01 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/19 16:53:30 | 000,009,750 | ---- | M] () -- C:\Users\Zilo\Desktop\Extras.zip
[2013/11/19 15:46:14 | 001,470,416 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/11/19 15:46:14 | 000,598,980 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013/11/19 15:46:14 | 000,595,996 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/11/19 15:46:14 | 000,118,004 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013/11/19 15:46:14 | 000,104,070 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/11/19 15:46:14 | 000,055,338 | ---- | M] () -- C:\Windows\SysNative\perfh01B.dat
[2013/11/19 15:46:14 | 000,014,060 | ---- | M] () -- C:\Windows\SysNative\perfc01B.dat
[2013/11/19 15:28:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Zilo\Desktop\OTL.exe
[2013/11/19 13:22:51 | 000,935,175 | ---- | M] () -- C:\Users\Zilo\Desktop\RSITx64.exe
[2013/11/19 12:49:58 | 000,527,794 | ---- | M] () -- C:\Users\Zilo\Desktop\jedalny_listok.pdf
[2013/11/19 12:45:02 | 002,347,384 | ---- | M] (ESET) -- C:\Users\Zilo\Desktop\esetsmartinstaller_sky.exe
[2013/11/19 11:44:10 | 000,092,538 | ---- | M] () -- C:\Users\Zilo\Desktop\SKUS_2013_zadania_z_cviceni_20131114.pdf
[2013/11/18 23:32:35 | 000,034,816 | ---- | M] () -- C:\Users\Zilo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/11/18 22:49:04 | 2959,601,664 | ---- | M] () -- C:\Users\Zilo\Desktop\The Cabin In The Woods 2012 720p BRRip XviD AC3-LEGi0N.avi
[2013/11/16 23:40:22 | 4133,745,471 | ---- | M] () -- C:\Users\Zilo\Desktop\Prisoners.2013.1080p.WEB-DL.X264.AC3.HQ.Hive-CM8.mkv
[2013/11/16 18:33:19 | 000,002,037 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/11/16 14:27:35 | 000,073,064 | ---- | M] () -- C:\Users\Zilo\AppData\Roaming\pxickblays.vbe
[2013/11/16 14:27:35 | 000,073,064 | ---- | M] () -- C:\Users\Zilo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pxickblays.vbe
[2013/11/15 19:39:16 | 000,000,189 | -H-- | M] () -- C:\Users\Zilo\Desktop\Plagat_700_x_1000_2012_2013_recover000.dwl2
[2013/11/15 19:39:16 | 000,000,039 | -H-- | M] () -- C:\Users\Zilo\Desktop\Plagat_700_x_1000_2012_2013_recover000.dwl
[2013/11/15 14:16:03 | 000,001,694 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/11/13 19:32:12 | 000,611,674 | ---- | M] () -- C:\Users\Zilo\Desktop\STU-SvF-zfv.jpg
[2013/11/13 18:54:07 | 000,074,553 | ---- | M] () -- C:\Users\Zilo\Desktop\eden-park-sa-nastahoval-na-bratislavsky-strkovec-3617-big-image.jpg
[2013/11/13 17:08:33 | 000,245,705 | ---- | M] () -- C:\Users\Zilo\Desktop\Plagat_700_x_1000_-_nahlad.pdf
[2013/11/13 10:06:14 | 000,000,056 | -H-- | M] () -- C:\Windows\SysWow64\ezsidmv.dat
[2013/11/12 23:55:34 | 000,061,673 | ---- | M] () -- C:\Users\Zilo\Desktop\World.War.Z.2013.Unrated.Cut.720p.BluRay.x264.DTS-WiKi.srt

========== Files Created - No Company Name ==========

[2013/11/19 17:29:44 | 000,073,064 | ---- | C] () -- C:\Users\Zilo\AppData\Roaming\pxickblays.vbe
[2013/11/19 17:24:27 | 000,073,064 | ---- | C] () -- C:\Users\Zilo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pxickblays.vbe
[2013/11/19 16:53:30 | 000,009,750 | ---- | C] () -- C:\Users\Zilo\Desktop\Extras.zip
[2013/11/19 15:47:30 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/11/19 13:22:46 | 000,935,175 | ---- | C] () -- C:\Users\Zilo\Desktop\RSITx64.exe
[2013/11/19 12:49:36 | 000,527,794 | ---- | C] () -- C:\Users\Zilo\Desktop\jedalny_listok.pdf
[2013/11/19 11:44:03 | 000,092,538 | ---- | C] () -- C:\Users\Zilo\Desktop\SKUS_2013_zadania_z_cviceni_20131114.pdf
[2013/11/18 22:43:55 | 2959,601,664 | ---- | C] () -- C:\Users\Zilo\Desktop\The Cabin In The Woods 2012 720p BRRip XviD AC3-LEGi0N.avi
[2013/11/16 23:35:32 | 4133,745,471 | ---- | C] () -- C:\Users\Zilo\Desktop\Prisoners.2013.1080p.WEB-DL.X264.AC3.HQ.Hive-CM8.mkv
[2013/11/15 19:28:28 | 000,000,189 | -H-- | C] () -- C:\Users\Zilo\Desktop\Plagat_700_x_1000_2012_2013_recover000.dwl2
[2013/11/15 19:28:28 | 000,000,039 | -H-- | C] () -- C:\Users\Zilo\Desktop\Plagat_700_x_1000_2012_2013_recover000.dwl
[2013/11/15 14:16:03 | 000,001,694 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/11/15 14:11:58 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013/11/14 22:43:42 | 000,687,944 | ---- | C] () -- C:\Users\Zilo\Desktop\w0000118.jpg
[2013/11/14 22:41:55 | 001,025,084 | ---- | C] () -- C:\Users\Zilo\Desktop\w0000146.jpg
[2013/11/14 22:35:50 | 000,263,346 | ---- | C] () -- C:\Users\Zilo\Desktop\w03.jpg
[2013/11/13 19:32:11 | 000,611,674 | ---- | C] () -- C:\Users\Zilo\Desktop\STU-SvF-zfv.jpg
[2013/11/13 18:54:04 | 000,074,553 | ---- | C] () -- C:\Users\Zilo\Desktop\eden-park-sa-nastahoval-na-bratislavsky-strkovec-3617-big-image.jpg
[2013/11/13 17:08:31 | 000,245,705 | ---- | C] () -- C:\Users\Zilo\Desktop\Plagat_700_x_1000_-_nahlad.pdf
[2013/11/13 13:23:08 | 000,217,074 | ---- | C] () -- C:\Windows\SysNative\WFP.TMF
[2013/11/13 10:06:14 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2013/11/12 23:55:46 | 000,061,673 | ---- | C] () -- C:\Users\Zilo\Desktop\World.War.Z.2013.Unrated.Cut.720p.BluRay.x264.DTS-WiKi.srt
[2013/11/03 04:51:14 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2013/11/03 04:49:42 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2013/11/03 04:48:05 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/11/02 12:40:52 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/11/01 01:13:47 | 000,077,824 | ---- | C] () -- C:\Windows\KMService.exe
[2013/11/01 01:13:47 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2013/11/01 00:04:22 | 000,006,836 | ---- | C] () -- C:\Users\Zilo\AppData\Local\d3d9caps.dat
[2013/10/31 21:44:38 | 000,034,816 | ---- | C] () -- C:\Users\Zilo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/10/31 14:54:22 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/10/31 14:34:15 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat

========== ZeroAccess Check ==========

[2006/11/02 16:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 18:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 08:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/21 03:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/11/01 01:57:04 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\Auslogics
[2013/11/01 17:41:26 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\Autodesk
[2013/11/01 11:12:10 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\DAEMON Tools Lite
[2013/10/31 15:56:15 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\DigitalPersona
[2013/10/31 21:21:41 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\ESET
[2013/11/01 02:18:41 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\GHISLER

========== Purity Check ==========



========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ST9320320AS ATA Device
Partitions: 2
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 - Removable Media
Interface type: USB
Media Type: Removable Media
Model: USB DISK 2.0 USB Device
Partitions: 1
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE2 - External hard disk media
Interface type: USB
Media Type: External hard disk media
Model: Seagate FreeAgent GoFlex USB Device
Partitions: 1
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE3 - Removable Media
Interface type: USB
Media Type: Removable Media
Model: pqi IntelligentStick USB Device
Partitions: 1
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 288,00GB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 10,00GB
Starting Offset: 309210382336
Hidden sectors: 0


DeviceID: Disk #1, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 4,00GB
Starting Offset: 4128768
Hidden sectors: 0


DeviceID: Disk #2, Partition #0
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 466,00GB
Starting Offset: 32256
Hidden sectors: 0


DeviceID: Disk #3, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 4,00GB
Starting Offset: 32256
Hidden sectors: 0

[2013/10/31 14:52:56 | 000,000,000 | -H-D | M] -- C:\HP
[2013/11/01 23:23:33 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2013/11/19 17:29:26 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2013/10/31 15:42:24 | 000,000,000 | -H-D | M] -- C:\System.sav
[2013/11/06 12:10:34 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2013/11/01 01:37:42 | 014,965,064 | -H-- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Picasa3\setup.exe
[2013/11/01 17:14:48 | 000,000,000 | -H-D | M] -- C:\Program Files\Autodesk\AutoCAD 2011\UserDataCache
[2013/11/15 15:03:01 | 000,000,000 | -H-D | M] -- C:\ProgramData\Apple Computer\iTunes\SC Info
[2013/10/31 22:02:35 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser
[2013/10/31 22:02:35 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser\Power2Go\6.0
[2006/11/02 16:07:25 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2013/10/31 15:29:10 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2013/11/15 15:03:01 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Apple Computer\iTunes\SC Info
[2013/10/31 22:02:35 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser
[2013/10/31 22:02:35 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser\Power2Go\6.0
[2006/11/02 16:07:25 | 000,000,000 | RH-D | M] -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2006/11/02 14:33:54 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2013/11/15 14:16:03 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2006/11/02 13:34:32 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites
[2013/10/31 22:02:38 | 000,000,000 | -H-D | M] -- C:\Users\Public\CyberLink\OLReg
[2013/10/31 22:02:38 | 000,000,000 | -H-D | M] -- C:\Users\Public\CyberLink\Power2Go
[2013/10/31 22:02:38 | 000,000,000 | -H-D | M] -- C:\Users\Public\CyberLink\OLReg\HKEY_CLASS_ROOT\CLSID\{397A21FB-EADF-4116-9027-32B8FA04C3E2}\Version\6.0
[2013/10/31 15:33:13 | 000,000,000 | -H-D | M] -- C:\Users\Zilo\AppData
[2013/11/04 14:33:54 | 000,000,000 | -H-D | M] -- C:\Users\Zilo\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2013/11/04 14:33:54 | 000,000,000 | -H-D | M] -- C:\Users\Zilo\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
[2013/10/31 21:44:29 | 000,000,000 | -H-D | M] -- C:\Users\Zilo\AppData\Local\Microsoft\Media Player\Vyrovnávacia pamäť pre obaly albumov
[2013/10/31 15:55:55 | 000,000,000 | RH-D | M] -- C:\Users\Zilo\AppData\Local\Microsoft\Windows\Burn\Burn
[2013/11/01 00:40:33 | 000,000,000 | RH-D | M] -- C:\Users\Zilo\AppData\Local\Microsoft\Windows\Burn\Burn1
[2013/10/31 22:02:38 | 000,000,000 | -H-D | M] -- C:\Users\Zilo\AppData\Roaming\CyberLink\MediaCache\Power2Go
[2013/11/04 07:11:53 | 000,000,000 | -H-D | M] -- C:\Users\Zilo\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
[2013/11/04 07:11:53 | 000,000,000 | -H-D | M] -- C:\Users\Zilo\AppData\Roaming\Microsoft\Windows\IETldCache\Low
[2013/11/04 07:11:53 | 000,000,000 | -H-D | M] -- C:\Users\Zilo\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
[2009/07/26 14:56:57 | 000,000,000 | -H-D | M] -- C:\Users\Zilo\Documents\Dokumenty\Webcam\FileSharingTmp
[2006/11/02 14:33:54 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData
[2006/11/02 14:33:54 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData
[2013/11/02 12:40:52 | 000,000,000 | -H-D | M] -- C:\Windows\SysNative\GroupPolicy

========== Base Services ==========
SRV:64bit: - [2006/11/02 12:16:28 | 000,026,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2008/01/21 03:48:17 | 000,045,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2008/01/21 03:48:16 | 000,080,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2009/04/11 08:11:22 | 001,081,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2009/04/11 08:11:13 | 000,458,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bfe.dll -- (BFE)
SRV:64bit: - [2011/11/16 15:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/04/11 08:11:14 | 000,361,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/04/11 07:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2008/01/21 03:49:11 | 000,103,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2013/07/08 05:12:34 | 000,174,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013/07/08 05:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2009/04/11 08:11:23 | 000,719,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2009/04/11 08:11:14 | 000,268,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcsvc.dll -- (Dhcp)
SRV - [2009/04/11 07:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcsvc.dll -- (Dhcp)
SRV:64bit: - [2011/03/02 17:12:21 | 000,117,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2008/01/21 03:50:17 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/04/11 08:11:15 | 000,024,064 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/04/11 07:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2008/01/21 03:48:03 | 000,342,016 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2009/04/11 08:11:15 | 000,533,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\ipsecsvc.dll -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/04/11 08:11:26 | 000,480,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2008/01/21 03:49:56 | 000,037,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2008/01/21 03:48:10 | 000,348,160 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2008/01/21 03:48:40 | 000,304,128 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2008/01/21 03:49:21 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2008/01/21 03:50:27 | 000,206,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2008/01/21 03:49:42 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2009/04/11 08:11:27 | 000,313,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2010/08/17 15:54:20 | 000,273,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2011/11/16 15:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
SRV:64bit: - [2009/04/11 08:11:14 | 000,399,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\emdmgmt.dll -- (EMDMgmt)
SRV:64bit: - [2008/01/21 03:48:24 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2009/04/11 08:11:22 | 000,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2009/04/11 08:11:23 | 000,719,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2008/01/21 03:49:09 | 000,028,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2011/11/16 15:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/04/11 08:11:31 | 000,074,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/09/06 19:28:38 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2009/07/10 12:51:23 | 000,302,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2009/07/10 12:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
SRV:64bit: - [2009/04/11 08:10:35 | 002,582,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SLsvc.exe -- (slsvc)
SRV:64bit: - [2010/11/06 12:18:13 | 000,855,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2009/04/11 08:11:26 | 000,318,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2009/04/11 07:28:24 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/10 12:51:23 | 000,302,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (Themes)
SRV - [2009/07/10 12:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (Themes)
SRV:64bit: - [2009/04/11 08:11:22 | 000,178,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2009/04/11 08:11:03 | 001,433,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vssvc.exe -- (VSS)
SRV:64bit: - [2009/04/11 08:11:13 | 000,446,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2009/04/11 08:11:13 | 000,446,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2008/01/21 03:47:28 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SDRSVC.dll -- (SDRSVC)
SRV:64bit: - [2008/01/21 03:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/04/11 08:11:28 | 001,491,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (Eventlog)
SRV:64bit: - [2009/04/11 08:11:15 | 000,603,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mpssvc.dll -- (MpsSvc)
SRV:64bit: - [2009/04/11 08:11:28 | 000,572,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2009/04/11 08:10:29 | 000,125,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2009/04/11 07:27:45 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/04/11 08:11:29 | 000,221,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/06/02 23:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2009/04/11 08:11:14 | 000,208,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/11 20:11:20 | 000,615,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2009/06/10 12:53:17 | 000,203,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

< >
[2006/11/02 16:42:03 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006/11/02 16:42:03 | 000,016,886 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013/10/31 21:02:30 | 000,000,928 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/10/31 21:02:31 | 000,000,932 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013/10/31 21:57:06 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

[zilo9]

< MD5 for: ACPI.SYS >
[2009/04/11 08:15:32 | 000,325,608 | ---- | M] (Microsoft Corporation) MD5=1965AAFFAB07E3FB03C77F81BEBA3547 -- C:\Windows\SysNative\drivers\acpi.sys
[2009/04/11 08:15:32 | 000,325,608 | ---- | M] (Microsoft Corporation) MD5=1965AAFFAB07E3FB03C77F81BEBA3547 -- C:\Windows\winsxs\amd64_acpi.inf_31bf3856ad364e35_6.0.6002.18005_none_8092d89383870bca\acpi.sys
[2008/01/21 03:46:50 | 000,326,712 | ---- | M] (Microsoft Corporation) MD5=8C99ED256A889D647935A97C543B7B85 -- C:\Windows\winsxs\amd64_acpi.inf_31bf3856ad364e35_6.0.6001.18000_none_7ea75f878665407e\acpi.sys

< MD5 for: AFD.SYS >
[2012/01/03 15:21:38 | 000,404,992 | ---- | M] (Microsoft Corporation) MD5=022ED7EB19DFECF39C106E0F9CF2BB19 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.22770_none_362b4e6b2d472f6a\afd.sys
[2011/04/21 15:20:24 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=0CC146C4ADDEA45791B18B1E2659F4A9 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18457_none_35be4fb214130ed1\afd.sys
[2009/04/11 06:44:24 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=12415CCFD3E7CEC55B5184E67B039FE4 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18005_none_35f2572213ec5bd2\afd.sys
[2013/09/04 03:31:51 | 000,404,992 | ---- | M] (Microsoft Corporation) MD5=2BA159E1F9FD75F6A496742B20F1D9CF -- C:\Windows\SysNative\drivers\afd.sys
[2013/09/04 03:31:51 | 000,404,992 | ---- | M] (Microsoft Corporation) MD5=2BA159E1F9FD75F6A496742B20F1D9CF -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18928_none_35dfc93e13f9c618\afd.sys
[2011/04/21 14:54:10 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=7B8E5F3A0626CA83B706F0738830845F -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.22629_none_366a5ebb2d168a9d\afd.sys
[2011/04/21 14:42:48 | 000,407,552 | ---- | M] (Microsoft Corporation) MD5=9BB97042FA331A0FB4BDD98B9280A50A -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18639_none_33ef7c5016dab752\afd.sys
[2011/04/21 14:47:41 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=B53144D2EBB0843DD0436F5EA6953F65 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.22905_none_34958b832fe3983b\afd.sys
[2012/01/03 15:25:21 | 000,404,992 | ---- | M] (Microsoft Corporation) MD5=C4F6CE6087760AD70960C9EB130E7943 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18564_none_35b080ce141ddbe4\afd.sys
[2013/09/04 08:49:59 | 000,404,992 | ---- | M] (Microsoft Corporation) MD5=C711597CD7CE7CBD9AAFCA44B37D9EF9 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.23207_none_367ddf9f2d084512\afd.sys
[2008/01/21 03:48:18 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=DB37041AB857ABC7E179E856D8E1582C -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18000_none_3406de1616ca9086\afd.sys

< MD5 for: AGP440.SYS >
[2008/01/21 03:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\SysNative\drivers\AGP440.sys
[2008/01/21 03:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008/01/21 03:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys

< MD5 for: ATAPI.SYS >
[2008/01/21 03:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009/02/23 15:52:49 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=35137384FFB6FB4B4C3063CEB5DB34BE -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6000.20847_none_37d5e5fef5f86cf7\atapi.sys
[2009/02/23 15:52:49 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=B388797CAAB36D523840347CC6A39B96 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.22193_none_398211faf34b271a\atapi.sys
[2009/04/11 08:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\SysNative\drivers\atapi.sys
[2009/04/11 08:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/04/11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\SysWOW64\autochk.exe
[2009/04/11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008/01/21 03:50:26 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2009/04/11 08:09:58 | 000,734,720 | ---- | M] (Microsoft Corporation) MD5=E24D4475713CB382A720D003BDDA9628 -- C:\Windows\SysNative\autochk.exe
[2009/04/11 08:09:58 | 000,734,720 | ---- | M] (Microsoft Corporation) MD5=E24D4475713CB382A720D003BDDA9628 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_3ffe01d977405f71\autochk.exe
[2008/01/21 03:49:38 | 000,733,696 | ---- | M] (Microsoft Corporation) MD5=F74203F70337352EEABADAE16A05EAEA -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_3e1288cd7a1e9425\autochk.exe

< MD5 for: CDROM.SYS >
[2008/01/21 03:46:54 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=3B2FB35363423ED60C8FBF15FC8680BD -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_bbc7f7665c24db80\cdrom.sys
[2009/04/11 06:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\SysNative\drivers\cdrom.sys
[2009/04/11 06:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_bdb370725946a6cc\cdrom.sys

< MD5 for: CMD.EXE >
[2008/01/21 03:50:37 | 000,363,008 | ---- | M] (Microsoft Corporation) MD5=72A73B43C20902760022FBC91B3EC948 -- C:\Windows\SysNative\cmd.exe
[2008/01/21 03:50:37 | 000,363,008 | ---- | M] (Microsoft Corporation) MD5=72A73B43C20902760022FBC91B3EC948 -- C:\Windows\winsxs\amd64_microsoft-windows-commandprompt_31bf3856ad364e35_6.0.6001.18000_none_e72b6240d2b9faa5\cmd.exe
[2008/01/21 03:48:06 | 000,318,976 | ---- | M] (Microsoft Corporation) MD5=74F26FC01B180D4A99A168ED69C30A53 -- C:\Windows\SysWOW64\cmd.exe
[2008/01/21 03:48:06 | 000,318,976 | ---- | M] (Microsoft Corporation) MD5=74F26FC01B180D4A99A168ED69C30A53 -- C:\Windows\winsxs\wow64_microsoft-windows-commandprompt_31bf3856ad364e35_6.0.6001.18000_none_f1800c93071abca0\cmd.exe

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 12:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\SysNative\cngaudit.dll
[2006/11/02 12:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2013/10/03 14:16:48 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=165E9D93A84A7F55EBEEB1B554110680 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23235_none_78542a95b127239a\cryptsvc.dll
[2009/04/11 08:11:14 | 000,166,912 | ---- | M] (Microsoft Corporation) MD5=18918613E63F387CDE4D95CA7D49DCF7 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_d409adf4504e8a6b\cryptsvc.dll
[2013/04/24 05:09:48 | 000,174,592 | ---- | M] (Microsoft Corporation) MD5=1B22BC0B71F65001479DAB792C3F626C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18831_none_d3e54c38506a621a\cryptsvc.dll
[2013/04/24 05:00:30 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=3EDE4C1F9672C972479201544969ADCB -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18831_none_77c6b0b4980cf0e4\cryptsvc.dll
[2008/01/21 03:49:08 | 000,165,376 | ---- | M] (Microsoft Corporation) MD5=4374F784121D8B3BB466B03F5E5EBD33 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_d21e34e8532cbf1f\cryptsvc.dll
[2013/04/17 13:30:06 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=58CEF2D243575512657452B9E89A2E1F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18827_none_77d7825c97ff6cfd\cryptsvc.dll
[2013/07/08 05:12:34 | 000,174,592 | ---- | M] (Microsoft Corporation) MD5=5AAC48EAF8EACF247DB44FB61B900D89 -- C:\Windows\SysNative\cryptsvc.dll
[2013/07/08 05:12:34 | 000,174,592 | ---- | M] (Microsoft Corporation) MD5=5AAC48EAF8EACF247DB44FB61B900D89 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18881_none_d3af3c9c5092edcf\cryptsvc.dll
[2013/10/03 15:10:11 | 000,177,664 | ---- | M] (Microsoft Corporation) MD5=66C5431A70C1EA482819DA8AB5B7D274 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23235_none_d472c619698494d0\cryptsvc.dll
[2013/07/08 05:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=684C130BBC6DB681BAD4920A4C944AA5 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013/07/08 05:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=684C130BBC6DB681BAD4920A4C944AA5 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18881_none_7790a11898357c99\cryptsvc.dll
[2013/04/17 14:04:03 | 000,174,592 | ---- | M] (Microsoft Corporation) MD5=6D151DA5731286E52FD2D40DCB8623DB -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18827_none_d3f61de0505cde33\cryptsvc.dll
[2008/01/21 03:49:56 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2013/07/08 03:50:53 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=828805E2E7F529B24849AD52740288DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23154_none_783d888db13844fe\cryptsvc.dll
[2013/07/08 04:31:51 | 000,177,664 | ---- | M] (Microsoft Corporation) MD5=C848E7E63A1A56F092AF5C6032048BD6 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23154_none_d45c24116995b634\cryptsvc.dll
[2013/04/17 12:28:51 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=CC8E2C87016A07892B5448D764BF8A30 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23097_none_781547d5b15603a0\cryptsvc.dll
[2013/04/24 04:38:16 | 000,177,664 | ---- | M] (Microsoft Corporation) MD5=F47B316D81160CB2A0BC5F87046B6EFE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23101_none_d48f32cf696fde7a\cryptsvc.dll
[2013/04/17 13:32:53 | 000,177,664 | ---- | M] (Microsoft Corporation) MD5=F4F2EB4634C783874EFA0516BF3D088F -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23097_none_d433e35969b374d6\cryptsvc.dll
[2009/04/11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
[2013/04/24 04:46:45 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=FBE051C07C3D2B9011ECB1C7A73120C1 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23101_none_7870974bb1126d44\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2008/01/21 03:49:57 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=B4ABE68596B173FF2AB2076BC7C35EB4 -- C:\Windows\SysNative\csrss.exe
[2008/01/21 03:49:57 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=B4ABE68596B173FF2AB2076BC7C35EB4 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_b5027f5b9c731f82\csrss.exe

< MD5 for: EXPLORER.EXE >
[2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2008/10/29 07:15:50 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2008/10/30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2009/04/11 08:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\explorer.exe
[2009/04/11 08:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[2008/10/28 03:30:12 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2008/10/29 07:49:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe
[2008/10/30 06:30:07 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2008/10/28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2008/01/21 03:48:44 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
[2008/01/21 03:49:23 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe

< MD5 for: FASTFAT.SYS >
[2009/04/11 05:54:10 | 000,198,144 | ---- | M] (Microsoft Corporation) MD5=1A4BEE34277784619DDAF0422C0C6E23 -- C:\Windows\SysNative\drivers\fastfat.sys
[2009/04/11 05:54:10 | 000,198,144 | ---- | M] (Microsoft Corporation) MD5=1A4BEE34277784619DDAF0422C0C6E23 -- C:\Windows\winsxs\amd64_microsoft-windows-fat_31bf3856ad364e35_6.0.6002.18005_none_0cbd40100ce36561\fastfat.sys
[2008/01/21 03:48:14 | 000,198,656 | ---- | M] (Microsoft Corporation) MD5=FE731D345ED9EEABBC72A59B35941834 -- C:\Windows\winsxs\amd64_microsoft-windows-fat_31bf3856ad364e35_6.0.6001.18000_none_0ad1c7040fc19a15\fastfat.sys

< MD5 for: FICHIER_ENCODE[1].VBE >
[2013/11/16 14:27:35 | 000,073,064 | ---- | M] () MD5=6579C780A6DA259752877F56171C3AAF -- C:\_OTL\MovedFiles\11192013_172355\C_Users\Zilo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6MDIKBP9\fichier_encode[1].vbe

< MD5 for: HAL.DLL >
[2009/04/11 08:15:31 | 000,233,448 | ---- | M] (Microsoft Corporation) MD5=822EA80D8E91D1BD5F31954348842AAA -- C:\Windows\SysNative\hal.dll
[2009/04/11 08:15:31 | 000,233,448 | ---- | M] (Microsoft Corporation) MD5=822EA80D8E91D1BD5F31954348842AAA -- C:\Windows\winsxs\amd64_hal.inf_31bf3856ad364e35_6.0.6002.18005_none_612624babd6ea012\hal.dll
[2008/01/21 03:46:51 | 000,233,528 | ---- | M] (Microsoft Corporation) MD5=D63C785A6EF1A3DE684781698A0CC9AF -- C:\Windows\winsxs\amd64_hal.inf_31bf3856ad364e35_6.0.6001.18000_none_5f3aabaec04cd4c6\hal.dll

< MD5 for: I8042PRT.SYS >
[2008/01/21 03:24:52 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=4D19BBA55832D905D8F50E1F4510A4C1 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6000.20734_none_f1f3f8e5ad6225bc\i8042prt.sys
[2008/01/21 03:24:52 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=4D19BBA55832D905D8F50E1F4510A4C1 -- C:\Windows\winsxs\amd64_msmouse.inf_31bf3856ad364e35_6.0.6000.20734_none_a8d99689a6c46c90\i8042prt.sys
[2008/01/21 03:24:52 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=51363D487CA91F1704742B989642C6B3 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6000.16609_none_f18fcd509427b0d2\i8042prt.sys
[2008/01/21 03:24:52 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=51363D487CA91F1704742B989642C6B3 -- C:\Windows\winsxs\amd64_msmouse.inf_31bf3856ad364e35_6.0.6000.16609_none_a8756af48d89f7a6\i8042prt.sys
[2008/01/21 03:46:59 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=CBB597659A2713CE0C9CC20C88C7591F -- C:\Windows\SysNative\drivers\i8042prt.sys
[2008/01/21 03:47:27 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=CBB597659A2713CE0C9CC20C88C7591F -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_f36d095c91565db4\i8042prt.sys
[2008/01/21 03:47:27 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=CBB597659A2713CE0C9CC20C88C7591F -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6002.18005_none_f55882688e782900\i8042prt.sys
[2008/01/21 03:46:59 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=CBB597659A2713CE0C9CC20C88C7591F -- C:\Windows\winsxs\amd64_msmouse.inf_31bf3856ad364e35_6.0.6001.18000_none_aa52a7008ab8a488\i8042prt.sys

< MD5 for: IASTORV.SYS >
[2008/01/21 03:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2008/01/21 03:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2008/01/21 03:46:51 | 000,023,608 | ---- | M] (Microsoft Corporation) MD5=0672BFCEDC6FC468A2B0500D81437F4F -- C:\Windows\SysNative\drivers\isapnp.sys
[2008/01/21 03:46:51 | 000,023,608 | ---- | M] (Microsoft Corporation) MD5=0672BFCEDC6FC468A2B0500D81437F4F -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\isapnp.sys
[2008/01/21 03:46:51 | 000,023,608 | ---- | M] (Microsoft Corporation) MD5=0672BFCEDC6FC468A2B0500D81437F4F -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\isapnp.sys

< MD5 for: KBDCLASS.SYS >
[2008/01/21 03:47:27 | 000,042,040 | ---- | M] (Microsoft Corporation) MD5=423696F3BA6472DD17699209B933BC26 -- C:\Windows\SysNative\drivers\kbdclass.sys
[2008/01/21 03:47:27 | 000,042,040 | ---- | M] (Microsoft Corporation) MD5=423696F3BA6472DD17699209B933BC26 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_f36d095c91565db4\kbdclass.sys
[2008/01/21 03:47:27 | 000,042,040 | ---- | M] (Microsoft Corporation) MD5=423696F3BA6472DD17699209B933BC26 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6002.18005_none_f55882688e782900\kbdclass.sys
[2008/01/21 03:24:52 | 000,042,040 | ---- | M] (Microsoft Corporation) MD5=88EE8513158979334FEEBFD777DFF390 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6000.20734_none_f1f3f8e5ad6225bc\kbdclass.sys
[2008/01/21 03:24:52 | 000,042,040 | ---- | M] (Microsoft Corporation) MD5=AC1BA7446D5343DFD4267A6E0D4FC0AF -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.0.6000.16609_none_f18fcd509427b0d2\kbdclass.sys

< MD5 for: LSASS.EXE >
[2009/06/15 14:21:28 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=02474FBCB00AA5C622E92F620DB9A041 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_02bcb9272e6ecc60\lsass.exe
[2012/06/01 23:14:33 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=0688C6F0E5B1E0ADB1E10BF6A9023063 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22869_none_04a16b072b950d95\lsass.exe
[2009/09/10 16:22:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=1104B18819392FEA12FB5F9E170E66B3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_00fbc3d9312b9991\lsass.exe
[2009/02/13 09:52:40 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1979F94B28107233315DD6220F2304DD -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_02ad19252e799f25\lsass.exe
[2008/01/21 03:48:17 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_026926461528a96c\lsass.exe
[2008/01/21 03:48:17 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_02635b98152c3e5e\lsass.exe
[2008/01/21 03:48:17 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_04549f52124a74b8\lsass.exe
[2009/06/15 14:34:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=1E766E4C5BF9E230AD37A56BF7DB6C94 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_00d282d7314a3edc\lsass.exe
[2011/11/16 15:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=260BF9C43EE12C6898A9F5AAB0FB0E5D -- C:\Windows\SysNative\lsass.exe
[2011/11/16 15:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=260BF9C43EE12C6898A9F5AAB0FB0E5D -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_042567f8126e70e3\lsass.exe
[2011/11/16 15:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=260BF9C43EE12C6898A9F5AAB0FB0E5D -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_04276a72126ca0b8\lsass.exe
[2009/06/15 14:32:30 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=306E4503E083A498AE797FF59FA72839 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_00373bf8183ad660\lsass.exe
[2009/06/15 14:15:02 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=40348DCEC0712ED42231C5F90A69A690 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_041a8e8e12769b11\lsass.exe
[2009/09/09 12:32:36 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=41FB90DF49F203672F459122EF1F13B1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_02effd0d2e47247b\lsass.exe
[2011/11/16 15:08:48 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=54BC2124F6BCF2050D7C3057C0611AD4 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_04b006f32b8b272b\lsass.exe
[2009/02/13 06:14:46 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=563B71CEF1D46A24C5980FA2988DB67F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_0101906d312801c6\lsass.exe
[2009/06/15 14:26:45 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=80F4593E92FF960E4763380D3168E498 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_021f7b32155f99ff\lsass.exe
[2009/09/10 15:57:16 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=BBBCE2DACDCCD5EA60A50D0023AE2DE9 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_04c69d972b7a16dd\lsass.exe
[2009/02/13 08:46:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=E231BDBD7D69857EEFFDEB3A48A53824 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_006d4b9418124aab\lsass.exe
[2009/06/15 14:12:52 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=EBDAEE60E442BEA413E5D7CEDFB09463 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_04a52ba32b935432\lsass.exe

< MD5 for: NDIS.SYS >
[2008/01/21 03:50:38 | 000,739,384 | ---- | M] (Microsoft Corporation) MD5=2A2EE457AF36C5C9A6808C768BD3A12B -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_03e5c74ad46c7e4e\ndis.sys
[2009/04/11 08:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\Windows\SysNative\drivers\ndis.sys
[2009/04/11 08:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_05d14056d18e499a\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008/01/21 03:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009/04/11 08:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\SysNative\netlogon.dll
[2009/04/11 08:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[2008/01/21 03:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll

< MD5 for: NTFS.SYS >
[2013/03/03 20:13:14 | 001,513,320 | ---- | M] (Microsoft Corporation) MD5=2ACCAA3C3C55370A32F17B3595E1A217 -- C:\Windows\SysNative\drivers\ntfs.sys
[2013/03/03 20:13:14 | 001,513,320 | ---- | M] (Microsoft Corporation) MD5=2ACCAA3C3C55370A32F17B3595E1A217 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18799_none_041dfd72d2b022fb\ntfs.sys
[2013/03/03 20:13:14 | 001,501,032 | ---- | M] (Microsoft Corporation) MD5=AED552361D97B9C49D51902B70CE713D -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.23070_none_04b41183ebc5d73d\ntfs.sys
[2009/04/11 08:15:34 | 001,515,496 | ---- | M] (Microsoft Corporation) MD5=BAC869DFB98E499BA4D9BB1FB43270E1 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_047b3e4cd26ad615\ntfs.sys
[2008/01/21 03:50:39 | 001,540,152 | ---- | M] (Microsoft Corporation) MD5=FE86BA5AC3B50E2CA911E9C60C07B638 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_028fc540d5490ac9\ntfs.sys

< MD5 for: NTOSKRNL.EXE >
[2009/04/11 08:15:36 | 004,699,608 | ---- | M] (Microsoft Corporation) MD5=1B60CCC70788044404EEFBBB389FC111 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_ca3a763069a24eea\ntoskrnl.exe
[2009/02/23 16:07:28 | 004,694,584 | ---- | M] (Microsoft Corporation) MD5=247A2AAF7E5189716192EE19EC6EC6FB -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18145_none_c828c0cc6c9c6f3c\ntoskrnl.exe
[2010/10/15 15:02:22 | 004,689,808 | ---- | M] (Microsoft Corporation) MD5=255A6D981139EFEF605A88E003D1B2A2 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22505_none_cac41a9382bfe350\ntoskrnl.exe
[2009/02/23 16:09:40 | 004,694,584 | ---- | M] (Microsoft Corporation) MD5=2850680962ECC6C6D26EEE9F2FA58BE6 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22258_none_c8aa8e8985bf76fc\ntoskrnl.exe
[2009/02/23 16:07:28 | 004,429,368 | ---- | M] (Microsoft Corporation) MD5=2A87B3D380E3800BF247D82E58F0FCBA -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16754_none_c636b1f06f7ee0e5\ntoskrnl.exe
[2010/10/15 15:02:22 | 004,678,032 | ---- | M] (Microsoft Corporation) MD5=3A22B135BC4341025E19B9ADFB26C02A -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22777_none_c893f7e585d0874a\ntoskrnl.exe
[2010/10/15 15:02:22 | 004,699,024 | ---- | M] (Microsoft Corporation) MD5=4065E920FB6ED05B5F62A1FB6908C6C5 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18327_none_ca26dc9e69b0b0ef\ntoskrnl.exe
[2009/02/23 16:07:28 | 004,694,584 | ---- | M] (Microsoft Corporation) MD5=5E31190EF331709EAB9FB66C3683540B -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22269_none_c8a0bee785c6ac44\ntoskrnl.exe
[2009/03/03 06:04:30 | 004,691,424 | ---- | M] (Microsoft Corporation) MD5=65252FED486E5BF1E384CA65C16148C7 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22389_none_c88b20f585d6e14d\ntoskrnl.exe
[2008/01/21 03:49:27 | 004,694,072 | ---- | M] (Microsoft Corporation) MD5=6760643D6400CA78640E9DD3824115B1 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18000_none_c84efd246c80839e\ntoskrnl.exe
[2009/02/23 15:49:45 | 004,694,584 | ---- | M] (Microsoft Corporation) MD5=6DEA6827709FC6F047580111651DFF02 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18063_none_c8111e7a6cae7749\ntoskrnl.exe
[2012/04/03 09:22:15 | 004,699,520 | ---- | M] (Microsoft Corporation) MD5=7180984A68411B9D2F2495E03561B47E -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18607_none_ca3c822869a07082\ntoskrnl.exe
[2010/10/15 15:02:22 | 004,692,368 | ---- | M] (Microsoft Corporation) MD5=760A67A51D409EB396D1942D5555435C -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18538_none_c836992e6c9193ec\ntoskrnl.exe
[2013/07/08 05:51:57 | 004,691,904 | ---- | M] (Microsoft Corporation) MD5=82272D72710ED6A40E9A2A2286A9BBF4 -- C:\Windows\SysNative\ntoskrnl.exe
[2013/07/08 05:51:57 | 004,691,904 | ---- | M] (Microsoft Corporation) MD5=82272D72710ED6A40E9A2A2286A9BBF4 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18881_none_c9e004d869e6b24e\ntoskrnl.exe
[2009/03/03 05:44:15 | 004,427,232 | ---- | M] (Microsoft Corporation) MD5=8B3095B00E832ABFC7047A04E681CCDE -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16830_none_c64852866f7240ce\ntoskrnl.exe
[2009/02/23 15:49:45 | 004,694,584 | ---- | M] (Microsoft Corporation) MD5=A1DC0EFF401FE35688F1046F10BEE5BF -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22167_none_c89ebc6d85c87c6f\ntoskrnl.exe
[2013/07/08 05:08:19 | 004,664,256 | ---- | M] (Microsoft Corporation) MD5=B1AAE884320029A58F72B7CE0ABBDDB2 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23154_none_ca8cec4d82e97ab3\ntoskrnl.exe
[2012/04/03 09:22:16 | 004,687,232 | ---- | M] (Microsoft Corporation) MD5=B59E026F49BF06B435795F867AD46009 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22831_none_ca9faf5982dbc93c\ntoskrnl.exe
[2009/03/03 05:38:29 | 004,413,936 | ---- | M] (Microsoft Corporation) MD5=CC172711FF2FCE0673321A951B02C379 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21023_none_c6df983d888543ee\ntoskrnl.exe
[2009/03/03 06:02:29 | 004,692,448 | ---- | M] (Microsoft Corporation) MD5=ED97E8551F0B1844250ED1B07393B10D -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18226_none_c83f62d46c8b4dd8\ntoskrnl.exe
[2009/02/23 16:07:28 | 004,416,056 | ---- | M] (Microsoft Corporation) MD5=EFAAC7A874B65DF3F26B5092291D4859 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20921_none_c6ddbf878886ddfe\ntoskrnl.exe

< MD5 for: NVRAID.SYS >
[2008/01/21 03:46:54 | 000,128,056 | ---- | M] (NVIDIA Corporation) MD5=2C040B7ADA5B06F6FACADAC8514AA034 -- C:\Windows\SysNative\drivers\nvraid.sys
[2008/01/21 03:46:54 | 000,128,056 | ---- | M] (NVIDIA Corporation) MD5=2C040B7ADA5B06F6FACADAC8514AA034 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2008/01/21 03:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\SysNative\drivers\nvstor.sys
[2008/01/21 03:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys

< MD5 for: PXICKBLAYS.VBE >
[2013/11/16 14:27:35 | 000,073,064 | ---- | M] () MD5=6579C780A6DA259752877F56171C3AAF -- C:\_OTL\MovedFiles\11192013_172355\C_Users\Zilo\AppData\Local\Temp\pxickblays.vbe
[2013/11/16 14:27:35 | 000,073,064 | ---- | M] () MD5=6579C780A6DA259752877F56171C3AAF -- C:\_OTL\MovedFiles\11192013_172355\C_Users\Zilo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pxickblays.vbe
[2013/11/16 14:27:35 | 000,073,064 | ---- | M] () MD5=6579C780A6DA259752877F56171C3AAF -- C:\_OTL\MovedFiles\11192013_172355\C_Users\Zilo\AppData\Roaming\pxickblays.vbe
[2013/11/16 14:27:35 | 000,073,064 | ---- | M] () MD5=6579C780A6DA259752877F56171C3AAF -- C:\Users\Zilo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pxickblays.vbe
[2013/11/16 14:27:35 | 000,073,064 | ---- | M] () Unable to obtain MD5 -- C:\Users\Zilo\AppData\Roaming\pxickblays.vbe

< MD5 for: REGEDIT.EXE >
[2008/01/21 03:49:53 | 000,161,792 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\regedit.exe
[2008/01/21 03:50:29 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\SysWOW64\regedit.exe
[2008/01/21 03:50:29 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_5aa1fb3ac896d9c8\regedit.exe
[2008/01/21 03:49:53 | 000,161,792 | ---- | M] (Microsoft Corporation) MD5=5DFBCE56E689D90AE9E2FB278F80058E -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_504d50e8943617cd\regedit.exe

< MD5 for: SCECLI.DLL >
[2008/01/21 03:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2008/01/21 03:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009/04/11 08:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\SysNative\scecli.dll
[2009/04/11 08:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll

< MD5 for: SERVICES.EXE >
[2008/01/21 03:50:34 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009/04/11 08:10:50 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=934E0B7D77FF78C18D9F8891221B6DE3 -- C:\Windows\SysNative\services.exe
[2009/04/11 08:10:50 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=934E0B7D77FF78C18D9F8891221B6DE3 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.exe
[2009/04/11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\SysWOW64\services.exe
[2009/04/11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[2008/01/21 03:49:44 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=DFAC660F0F139276CC9299812DE42719 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.exe

< MD5 for: SMSS.EXE >
[2013/03/09 02:48:36 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=34B7B826716B166778ED454B7628EF5E -- C:\Windows\SysNative\smss.exe
[2013/03/09 02:48:36 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=34B7B826716B166778ED454B7628EF5E -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18805_none_0a44cbbcceb0c574\smss.exe
[2013/07/08 02:52:33 | 000,075,776 | ---- | M] (Microsoft Corporation) MD5=731772AD357CBCEE7B560A44AA7EAD47 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23154_none_0a9732a9e7f80805\smss.exe
[2008/01/21 03:50:36 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=9FC8E8C0F344EAE043740B72794DA3CC -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_08594380d18f10f0\smss.exe
[2009/04/11 08:10:54 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=C17704EA5B0F83D78F1377075FFE1C89 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_0a44bc8cceb0dc3c\smss.exe

< MD5 for: SPOOLSV.EXE >
[2010/08/17 15:54:44 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=439017BE66398AB809D81B3AE8393883 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_34a17b8490538c82\spoolsv.exe
[2010/08/17 15:02:18 | 000,270,848 | ---- | M] (Microsoft Corporation) MD5=7F59AA690212241B398D6DBE4071EE3C -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_32cba802932180c9\spoolsv.exe
[2010/08/17 15:04:48 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=92E6738D25C2123BE9515C0EAC0776CD -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_3260788179ed5d57\spoolsv.exe
[2008/01/21 03:49:35 | 000,267,264 | ---- | M] (Microsoft Corporation) MD5=E6519A9E756D74DC51C697BA62162F51 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_326a3ea579e6364c\spoolsv.exe
[2009/04/11 08:10:56 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=EADA445EAEDD1D7DF4C5EB42B3612729 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_3455b7b177080198\spoolsv.exe
[2010/08/17 15:54:20 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=F66FF751E7EFC816D266977939EF5DC3 -- C:\Windows\SysNative\spoolsv.exe
[2010/08/17 15:54:20 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=F66FF751E7EFC816D266977939EF5DC3 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_33f36be77751de08\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2008/01/21 03:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\SysWOW64\svchost.exe
[2008/01/21 03:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2008/01/21 03:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\SysNative\svchost.exe
[2008/01/21 03:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_11d9f524bdab2f1b\svchost.exe

< MD5 for: TCPIP.SYS >
[2010/06/16 18:14:29 | 001,424,264 | ---- | M] (Microsoft Corporation) MD5=0011810B5211FDACD784DE585262ECFE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_119c298735134c99\tcpip.sys
[2010/02/18 16:01:57 | 001,420,688 | ---- | M] (Microsoft Corporation) MD5=30C4ABC8075DEA44D7E775D434AF1753 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_0f2e179c1ecd900b\tcpip.sys
[2009/08/14 15:44:27 | 001,200,640 | ---- | M] (Microsoft Corporation) MD5=34B30202AECCB530FDDC6C6CCFA2FB46 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_bbc5fabc4a894d2a\tcpip.sys
[2010/02/18 13:25:21 | 001,200,640 | ---- | M] (Microsoft Corporation) MD5=396CF3FD8D2A4FDF55570C01894DB9DF -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_bba931004aa006ed\tcpip.sys
[2009/08/14 19:05:16 | 001,418,840 | ---- | M] (Microsoft Corporation) MD5=3BCD46BE9988B09D3510A0EF54F0D65B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_0f32e3e61ecadee9\tcpip.sys
[2010/02/18 16:04:06 | 001,414,032 | ---- | M] (Microsoft Corporation) MD5=4680D08A2E8A2509CD9B751D7AF59606 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys
[2010/02/18 15:22:15 | 001,423,752 | ---- | M] (Microsoft Corporation) MD5=4AD4600DF1F09EE7462152C061B683C8 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_118286a1352721f8\tcpip.sys
[2009/08/14 17:42:31 | 001,413,208 | ---- | M] (Microsoft Corporation) MD5=74B776CA1B328095FE23A3306B1613A3 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_0f6c030d3823f645\tcpip.sys
[2008/01/21 03:51:16 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=7A1183FBB802F5ABAD7FA18BC67E0858 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_0f3cadd61ec3b22c\tcpip.sys
[2010/02/18 13:27:40 | 001,198,080 | ---- | M] (Microsoft Corporation) MD5=7B0B928E318CADC23C87226BE0A1097D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_bc37d12363b92291\tcpip.sys
[2010/06/16 17:40:37 | 001,420,176 | ---- | M] (Microsoft Corporation) MD5=7D86275FB640011B372FD566C0EAFA8D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_0ede67001f09ee46\tcpip.sys
[2009/02/23 15:49:45 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=8E041924441FF8755E5B4F135C8C3767 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_0efecf2c1ef1a5d7\tcpip.sys
[2010/06/16 18:11:35 | 001,426,816 | ---- | M] (Microsoft Corporation) MD5=973658A2EA9C06B2976884B9046DFC6C -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_10d97a5c1c20ef58\tcpip.sys
[2009/04/11 08:15:48 | 001,426,408 | ---- | M] (Microsoft Corporation) MD5=99D07AD0EF2C535610F6573C29BC045E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_112826e21be57d78\tcpip.sys
[2009/08/14 17:39:38 | 001,425,992 | ---- | M] (Microsoft Corporation) MD5=A7BFF59C2F610F62E6C292074FF36A1E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_10c2d66e1c321395\tcpip.sys
[2010/02/18 15:28:06 | 001,427,336 | ---- | M] (Microsoft Corporation) MD5=B4B7B375FDD672AF79B0CBE9B9A48B47 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_112c2bd61be1dd22\tcpip.sys
[2013/07/05 05:45:27 | 001,423,808 | ---- | M] (Microsoft Corporation) MD5=C2CB949645C299E23FBFD26CAD3FC96E -- C:\Windows\SysNative\drivers\tcpip.sys
[2013/07/05 05:45:27 | 001,423,808 | ---- | M] (Microsoft Corporation) MD5=C2CB949645C299E23FBFD26CAD3FC96E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18880_none_10ccb5401c2ac785\tcpip.sys
[2010/06/17 00:28:33 | 001,414,544 | ---- | M] (Microsoft Corporation) MD5=D43D5336BE9DD93E02EE124297295713 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys
[2009/08/14 17:32:21 | 001,424,952 | ---- | M] (Microsoft Corporation) MD5=D45D67A18C9FD4CC637BC9D4585C0646 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_11acc42135079bb6\tcpip.sys
[2009/08/15 23:55:23 | 001,196,032 | ---- | M] (Microsoft Corporation) MD5=D4E30E6BADFF21865C3A075457CF9C00 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_bc4f6fa963a72036\tcpip.sys
[2013/07/05 04:58:11 | 001,417,664 | ---- | M] (Microsoft Corporation) MD5=EA8623BDD511A1ACD18DA4883860ADDE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23152_none_11789c6b352e7693\tcpip.sys
[2009/02/23 15:49:45 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=F10A60005FB50698E33A1940C6EBB010 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_0f8c6d1f380baafd\tcpip.sys

< MD5 for: TDX.SYS >
[2009/04/11 06:43:00 | 000,094,720 | ---- | M] (Microsoft Corporation) MD5=458919C8C42E398DC4802178D5FFEE27 -- C:\Windows\SysNative\drivers\tdx.sys
[2009/04/11 06:43:00 | 000,094,720 | ---- | M] (Microsoft Corporation) MD5=458919C8C42E398DC4802178D5FFEE27 -- C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_4847dcdb9194e539\tdx.sys
[2008/01/21 03:49:53 | 000,094,208 | ---- | M] (Microsoft Corporation) MD5=8C39C72E0E853DE04748C0337D9B9216 -- C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6001.18000_none_465c63cf947319ed\tdx.sys

< MD5 for: USER32.DLL >
[2008/01/21 03:48:29 | 000,820,224 | ---- | M] (Microsoft Corporation) MD5=32B87D215905F648EBE36A621978442C -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_295707c525b9f068\user32.dll
[2008/01/21 03:49:14 | 000,648,192 | ---- | M] (Microsoft Corporation) MD5=3D691030DBD3BD75DE1501BE54F0D425 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_33abb2175a1ab263\user32.dll
[2009/04/11 07:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\SysWOW64\user32.dll
[2009/04/11 07:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_35972b23573c7daf\user32.dll
[2009/04/11 08:11:27 | 000,820,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysNative\user32.dll
[2009/04/11 08:11:27 | 000,820,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_2b4280d122dbbbb4\user32.dll

< MD5 for: USERINIT.EXE >
[2008/01/21 03:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008/01/21 03:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008/01/21 03:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe
[2008/01/21 03:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe

< MD5 for: WDF01000.SYS >
[2008/01/21 03:24:55 | 000,869,432 | ---- | M] (Microsoft Corporation) MD5=2545296D7CA1F72E3769FE5510919EE9 -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.0.6000.16609_none_d09477b1d91add3e\Wdf01000.sys
[2013/06/26 23:58:36 | 000,785,624 | ---- | M] (Microsoft Corporation) MD5=37CE6867FC4A6827009A713A9737262C -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.0.6002.23153_none_d4aea29cecb367de\Wdf01000.sys
[2012/07/26 05:55:47 | 000,785,512 | ---- | M] (Microsoft Corporation) MD5=442783E2CB0DA19873B7A63833FF4CB4 -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.0.6001.18703_none_d274c1e5d646c236\Wdf01000.sys
[2012/07/26 05:55:47 | 000,785,512 | ---- | M] (Microsoft Corporation) MD5=442783E2CB0DA19873B7A63833FF4CB4 -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.0.6001.23004_none_d2ff3902ef63abc0\Wdf01000.sys
[2012/07/26 05:55:47 | 000,785,512 | ---- | M] (Microsoft Corporation) MD5=442783E2CB0DA19873B7A63833FF4CB4 -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.0.6002.18574_none_d4108689d3a4f16f\Wdf01000.sys
[2012/07/26 05:55:47 | 000,785,512 | ---- | M] (Microsoft Corporation) MD5=442783E2CB0DA19873B7A63833FF4CB4 -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.0.6002.22806_none_d4e7d728ec87fa9e\Wdf01000.sys
[2008/01/21 03:24:55 | 000,869,432 | ---- | M] (Microsoft Corporation) MD5=7595779E5FEDAA2C192B4081712F358C -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.0.6000.20734_none_d0f8a346f2555228\Wdf01000.sys
[2008/01/21 03:50:39 | 000,881,720 | ---- | M] (Microsoft Corporation) MD5=D02E7E4567DA1E7582FBF6A91144B0DF -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.0.6001.18000_none_d271b3bdd6498a20\Wdf01000.sys
[2013/06/27 00:00:44 | 000,785,624 | ---- | M] (Microsoft Corporation) MD5=E2C933EDBC389386EBE6D2BA953F43D8 -- C:\Windows\SysNative\drivers\Wdf01000.sys
[2013/06/27 00:00:44 | 000,785,624 | ---- | M] (Microsoft Corporation) MD5=E2C933EDBC389386EBE6D2BA953F43D8 -- C:\Windows\winsxs\amd64_microsoft-windows-wdf-kernellibrary_31bf3856ad364e35_6.0.6002.18880_none_d401bb27d3b09f79\Wdf01000.sys

< MD5 for: WIN32K.SYS >
[2009/02/23 15:55:20 | 002,742,784 | ---- | M] (Microsoft Corporation) MD5=02AB35687E6319BA807553C65C8BE9B6 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22271_none_155104c56c39b4d5\win32k.sys
[2008/01/21 03:49:08 | 002,740,736 | ---- | M] (Microsoft Corporation) MD5=051A537773FEF04102580798E5539346 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18000_none_1512153e52e43af6\win32k.sys
[2012/04/02 14:59:51 | 002,766,848 | ---- | M] (Microsoft Corporation) MD5=1B2FA55699E457E67EF9981E538DB3BD -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18607_none_16ff9a42500427da\win32k.sys
[2009/02/23 15:30:06 | 002,741,760 | ---- | M] (Microsoft Corporation) MD5=341DC0239C5B7B49142A1E945B8739BC -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22125_none_158b13a36c0d9155\win32k.sys
[2011/06/02 14:50:04 | 002,764,288 | ---- | M] (Microsoft Corporation) MD5=3F74EBF3BE34531BB8E50A72FB8D8FCF -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18475_none_16b1e66e503ebe75\win32k.sys
[2013/08/29 08:48:37 | 002,775,552 | ---- | M] (Microsoft Corporation) MD5=43BD97E12433A7B630536F1E9F645D44 -- C:\Windows\SysNative\win32k.sys
[2013/08/29 08:48:37 | 002,775,552 | ---- | M] (Microsoft Corporation) MD5=43BD97E12433A7B630536F1E9F645D44 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18927_none_16ea001c50145731\win32k.sys
[2012/04/02 15:01:50 | 002,768,896 | ---- | M] (Microsoft Corporation) MD5=4479A29ED324DB322B09C471520BAAE2 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22831_none_1762c773693f8094\win32k.sys
[2013/08/29 08:46:35 | 002,778,624 | ---- | M] (Microsoft Corporation) MD5=583DC902435896ED66C4E324441864B1 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.23204_none_178615e96924a37d\win32k.sys
[2011/06/02 14:36:25 | 002,767,360 | ---- | M] (Microsoft Corporation) MD5=5C1199E33D879C11BBA6D494AABA2FA4 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22653_none_174f2463694df0d6\win32k.sys
[2011/06/02 14:20:03 | 002,762,752 | ---- | M] (Microsoft Corporation) MD5=65B58F5FE00AA4600C933822061C61CD -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22927_none_158d23676c0bad3b\win32k.sys
[2009/02/23 15:30:06 | 002,749,440 | ---- | M] (Microsoft Corporation) MD5=8683708DC6C4D294821739E199252317 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16646_none_130698a455d8b1d3\win32k.sys
[2009/02/23 15:30:06 | 002,741,760 | ---- | M] (Microsoft Corporation) MD5=8A85511E2ECBE099B214E7CA2C618D8F -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18027_none_1503776c52ee2439\win32k.sys
[2009/02/23 15:30:06 | 002,750,976 | ---- | M] (Microsoft Corporation) MD5=90BCE6FE4A3CD91F7E3B64CB31331BAE -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.20782_none_1360f4976f1a5c05\win32k.sys
[2009/02/23 15:55:20 | 002,752,000 | ---- | M] (Microsoft Corporation) MD5=C08D2DA903501DBED4A9C69C8285824B -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.20922_none_13a1d7eb6ee9aead\win32k.sys
[2009/04/11 06:11:52 | 002,745,344 | ---- | M] (Microsoft Corporation) MD5=CE583F63B4ED60A6819AD64C172D9860 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18005_none_16fd8e4a50060642\win32k.sys
[2009/02/23 15:55:20 | 002,750,976 | ---- | M] (Microsoft Corporation) MD5=D213407F31E705AAEDB5260F54C0D35A -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16754_none_12f9ca0a55e2983d\win32k.sys
[2009/02/23 15:55:20 | 002,742,272 | ---- | M] (Microsoft Corporation) MD5=FA3641B32902CA21AC0CF1B979CD3A46 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18145_none_14ebd8e653002694\win32k.sys
[2011/06/02 14:22:31 | 002,762,240 | ---- | M] (Microsoft Corporation) MD5=FB8476A6367B3BC667303BB48614F7BB -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18653_none_14df11e4530a019a\win32k.sys

< MD5 for: WINLOGON.EXE >
[2009/04/11 08:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe
[2009/04/11 08:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008/01/21 03:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/21 03:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WINSRV.DLL >
[2011/04/20 16:16:49 | 000,450,048 | ---- | M] (Microsoft Corporation) MD5=2D94E4CE322F12061D3FA7DBE65E9AC5 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6001.18638_none_1284d01654c3b456\winsrv.dll
[2011/04/20 16:38:31 | 000,450,560 | ---- | M] (Microsoft Corporation) MD5=33353C4E98C0CCF7E2A817536EB58985 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.22628_none_14ffb2816aff87a1\winsrv.dll
[2009/04/11 08:11:28 | 000,450,560 | ---- | M] (Microsoft Corporation) MD5=36F234FD1AA7BAE559BB1C483FC76286 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.18005_none_1488ab3251d4722d\winsrv.dll
[2013/03/08 04:53:03 | 000,451,072 | ---- | M] (Microsoft Corporation) MD5=5B42F82BBFB9DE6BD9DB818B95AB6EF6 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.23075_none_14c67fdb6b2af208\winsrv.dll
[2008/01/21 03:49:09 | 000,450,048 | ---- | M] (Microsoft Corporation) MD5=A9C654098A5CA39618DA9D022A6691B8 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6001.18000_none_129d322654b2a6e1\winsrv.dll
[2011/04/20 15:59:09 | 000,450,048 | ---- | M] (Microsoft Corporation) MD5=CCCFC223E76D14E622D8F2BB5E90B58D -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6001.22904_none_132adf496dcc953f\winsrv.dll
[2013/03/08 05:18:52 | 000,451,072 | ---- | M] (Microsoft Corporation) MD5=D665D594B7E11133D29D726BDDC7A5B0 -- C:\Windows\SysNative\winsrv.dll
[2013/03/08 05:18:52 | 000,451,072 | ---- | M] (Microsoft Corporation) MD5=D665D594B7E11133D29D726BDDC7A5B0 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.18804_none_1487ba1851d5420e\winsrv.dll
[2011/04/20 17:03:39 | 000,451,072 | ---- | M] (Microsoft Corporation) MD5=E5E5E593D4850B0AA24CF58B552147F3 -- C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.18456_none_1453a37851fc0bd5\winsrv.dll

< MD5 for: WS2_32.DLL >
[2008/01/21 03:49:45 | 000,265,216 | ---- | M] (Microsoft Corporation) MD5=63944ECFE4878C1C4889689324CABFAB -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_4ed64c4686b376fa\ws2_32.dll
[2008/01/21 03:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\SysWOW64\ws2_32.dll
[2008/01/21 03:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
[2008/01/21 03:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_f4a329cecb77d110\ws2_32.dll
[2009/04/11 08:11:31 | 000,264,704 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysNative\ws2_32.dll
[2009/04/11 08:11:31 | 000,264,704 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_50c1c55283d54246\ws2_32.dll

< MD5 for: WSCRIPT.EXE >
[2009/04/11 07:28:17 | 000,155,648 | ---- | M] (Microsoft Corporation) MD5=1259E03DCD5F265B23DB738FB075DF8C -- C:\Windows\SysWOW64\wscript.exe
[2009/04/11 07:28:17 | 000,155,648 | ---- | M] (Microsoft Corporation) MD5=1259E03DCD5F265B23DB738FB075DF8C -- C:\Windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6002.18005_none_4a53cc21fd7bbcc7\wscript.exe
[2008/01/21 03:48:02 | 000,155,648 | ---- | M] (Microsoft Corporation) MD5=518466BED4F50B1BAD32475E756CA748 -- C:\Windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.18000_none_486853160059f17b\wscript.exe
[2009/02/23 15:48:27 | 000,155,648 | ---- | M] (Microsoft Corporation) MD5=549FA98184D34DA75D84F9914BE2DEFB -- C:\Windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.18068_none_482f75de008363d9\wscript.exe
[2009/02/23 15:48:27 | 000,166,912 | ---- | M] (Microsoft Corporation) MD5=8008128D00DEEAD87F755D1D0BDC83FF -- C:\Windows\winsxs\amd64_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.18068_none_a44e1161b8e0d50f\wscript.exe
[2009/02/23 15:48:26 | 000,166,912 | ---- | M] (Microsoft Corporation) MD5=B7CA108AF48AA7546176EB0C068984F5 -- C:\Windows\winsxs\amd64_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.22175_none_a4c9dd62d20944c5\wscript.exe
[2008/01/21 03:50:21 | 000,167,424 | ---- | M] (Microsoft Corporation) MD5=C6F370369775AC1486F431152BAE675D -- C:\Windows\winsxs\amd64_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.18000_none_a486ee99b8b762b1\wscript.exe
[2009/02/23 15:48:26 | 000,155,648 | ---- | M] (Microsoft Corporation) MD5=DF89C42EBCAE106EAD8657344FF9119D -- C:\Windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.22175_none_48ab41df19abd38f\wscript.exe
[2009/04/11 08:11:12 | 000,166,912 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysNative\wscript.exe
[2009/04/11 08:11:12 | 000,166,912 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-scripting_31bf3856ad364e35_6.0.6002.18005_none_a67267a5b5d92dfd\wscript.exe

< >

< %systemroot%\system32\logevent.dll /md5 >

< %systemroot%\system32\sceclt.dll /md5 >

< %systemroot%\system32\ntelogon.dll /md5 >

< %systemroot%\system32\consrv.dll /md5 >

< >

< %systemroot%\system32\logevent.dll /md5 /64 >

< %systemroot%\system32\sceclt.dll /md5 /64 >

< %systemroot%\system32\ntelogon.dll /md5 /64 >

< %systemroot%\system32\consrv.dll /md5 /64 >

< >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013/11/19 17:47:53 | 000,000,512 | ---- | M] () MD5=F6D85E36C06986069831D72260FF4CBB -- C:\PhysicalMBR.bin

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013/11/16 14:36:13 | 000,275,568 | ---- | M] (Mozilla Corporation) MD5=077D59BA0FD4007E841B6C670862B065 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013/10/13 11:49:16 | 000,757,488 | ---- | M] (Microsoft Corporation) MD5=06085B62BC7E0C8E2605CEA38774D956 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2013/11/14 12:29:33 | 000,863,184 | ---- | M] (Google Inc.) MD5=636D97B3BAF854511FF3F4093E895FED -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %systemroot%\system32\Spool\prtprocs\*.* /s >
[2012/02/01 16:30:34 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\x64\jnwppr.dll
[2009/02/23 15:20:18 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\system32\Spool\prtprocs\x64\cs-CZ\LMPRTPRC.DLL.mui
[2006/11/02 16:13:03 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\system32\Spool\prtprocs\x64\en-US\LMPRTPRC.DLL.mui

< %systemroot%\system32\drivers\*.sys /10 >

< %systemroot%\system32\drivers\*.sys /X >
[2013/10/31 15:34:15 | 000,000,000 | RHS- | M] () -- C:\Windows\system32\drivers\103C_HP_cNB_Pavilion dv7 Notebook PC_Y5335KV_0U_QCNF92320Y7_E510510-221_4A_I3624_SHP_V18.51_F.46_T110825_WV3-1_L41B_M3069_J320_7Intel_867A_92.10_#131031_N10EC8168;14E44315_(NZ834EA#AKB)_XMOBILE_CN10_Z_2Rev 1.MRK
[2006/09/18 22:26:46 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2006/09/18 22:26:46 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /10 >
[2013/11/13 11:25:58 | 000,000,052 | ---- | M] () -- C:\Windows\system32\DOErrors.log
[2013/11/13 10:06:14 | 000,000,056 | -H-- | M] () -- C:\Windows\system32\ezsidmv.dat
[2013/11/19 17:32:45 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2013/11/19 17:32:45 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\*.* /lockedfiles >
[2008/01/21 03:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msscript.ocx
[2006/11/02 08:29:16 | 000,016,896 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\stdole2.tlb

< %systemroot%\system32\config\*.sav >

< >

< c:\$Recycle.Bin|L,N,U,@;true;true;true /FN >

< c:\Windows\Installer|L,N,U,@;true;true;true /FN >

< >

< %systemroot%\Tasks\*.job >
[2013/11/19 18:16:00 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013/11/19 17:28:52 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/11/19 18:13:22 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\*.* /U /s >
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[12 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]

< %systemroot%\*. /rp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Nabídka Start\*.lnk /x >

< %ALLUSERSPROFILE%\Data Aplikácií\*.* >

< %ALLUSERSPROFILE%\Data Aplikácií\*.exe /s >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %APPDATA%\*. >
[2013/11/01 01:58:07 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\Adobe
[2013/11/15 14:19:57 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\Apple Computer
[2013/10/31 15:56:09 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\ATI
[2013/11/01 01:57:04 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\Auslogics
[2013/11/01 17:41:26 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\Autodesk
[2013/10/31 22:02:38 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\CyberLink
[2013/11/01 11:12:10 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\DAEMON Tools Lite
[2013/10/31 15:56:15 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\DigitalPersona
[2013/10/31 21:21:41 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\ESET
[2013/11/01 02:18:41 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\GHISLER
[2013/10/31 15:44:58 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\HP TCS
[2013/11/06 12:13:39 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\hpqLog
[2013/10/31 15:55:20 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\Identities
[2013/11/06 11:56:15 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\InstallShield
[2013/10/31 16:22:05 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\Macromedia
[2013/10/31 15:57:21 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\Macrovision
[2006/11/02 16:07:25 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\Media Center Programs
[2013/11/13 14:52:44 | 000,000,000 | --SD | M] -- C:\Users\Zilo\AppData\Roaming\Microsoft
[2013/10/31 21:00:55 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\Mozilla
[2013/11/19 00:50:55 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\vlc
[2013/11/01 02:11:05 | 000,000,000 | ---D | M] -- C:\Users\Zilo\AppData\Roaming\WinRAR

< %APPDATA%\*.* >
[2013/11/16 14:27:35 | 000,073,064 | ---- | M] () -- C:\Users\Zilo\AppData\Roaming\pxickblays.vbe

< %APPDATA%\*.exe /s >

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\system32|bak;true;false;false /fp >

< %PROGRAMFILES%|bak;true;false;false /fp >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"pxickblays" = wscript.exe //B "C:\Users\Zilo\AppData\Roaming\pxickblays.vbe" -- [2009/04/11 07:28:17 | 000,155,648 | ---- | M] (Microsoft Corporation)

========== Files - Unicode (All) ==========
[2013/11/14 22:38:37 | 000,980,486 | ---- | C] ()(C:\Users\Zilo\Desktop\000664 (????????, ???????, 3d ???).jpg) -- C:\Users\Zilo\Desktop\000664 (Фантазия, рисунок, 3d мир).jpg
[2013/11/14 22:38:20 | 000,275,580 | ---- | C] ()(C:\Users\Zilo\Desktop\003197 (?????, ??????????, ???????).jpg) -- C:\Users\Zilo\Desktop\003197 (Взрыв, катастрофа, планета).jpg
[2013/11/14 22:38:04 | 000,434,009 | ---- | C] ()(C:\Users\Zilo\Desktop\004377 (??????, ????, ????????).jpg) -- C:\Users\Zilo\Desktop\004377 (Монстр, воин, пистолет).jpg
[2011/01/17 23:46:06 | 000,275,580 | ---- | M] ()(C:\Users\Zilo\Desktop\003197 (?????, ??????????, ???????).jpg) -- C:\Users\Zilo\Desktop\003197 (Взрыв, катастрофа, планета).jpg
[2011/01/17 21:44:22 | 000,434,009 | ---- | M] ()(C:\Users\Zilo\Desktop\004377 (??????, ????, ????????).jpg) -- C:\Users\Zilo\Desktop\004377 (Монстр, воин, пистолет).jpg
[2011/01/17 21:40:04 | 000,980,486 | ---- | M] ()(C:\Users\Zilo\Desktop\000664 (????????, ???????, 3d ???).jpg) -- C:\Users\Zilo\Desktop\000664 (Фантазия, рисунок, 3d мир).jpg

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\System32\config\systemprofile\AppData\Local\Data aplikací] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\Windows\System32\config\systemprofile\AppData\Local\Historie] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\Windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\Windows\System32\config\systemprofile\Data aplikací] -> C:\Windows\system32\config\systemprofile\AppData\Roaming -> Junction
[C:\Windows\System32\config\systemprofile\Local Settings] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\Windows\System32\config\systemprofile\Soubory cookie] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies -> Junction
[C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Data aplikací] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Historie] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Data aplikací] -> C:\Windows\system32\config\systemprofile\AppData\Roaming -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Local Settings] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Soubory cookie] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies -> Junction

< End of report >

[zilo9]

############################## | UsbFix V 7.134 | [Deletion]

User: Zilo (Administrator) # ZILO9
Updated 06/09/2013 by El Desaparecido
Started at 18:53:20 | 19/11/2013

Website: http://www.sosvirus.net/
Upload Malware: http://www.sosvirus.net/upload_malware.php
Contact: eldesaparecido@sosvirus.net

PC: Hewlett-Packard (HP Pavilion dv7 Notebook PC) (x64-based PC)
CPU: Intel(R) Core(TM)2 Duo CPU T6500 @ 2.10GHz (2100)
RAM -> [Total : 3068 | Free : 979]
BIOS: Default System BIOS
BOOT: Normal boot

OS: Microsoft® Windows Vista™ Home Premium (6.0.6002 64-Bit) # Service Pack 2
WB: Windows Internet Explorer 9.0.8112.16421

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: ESET Endpoint Security 5.0 [(!) Disabled | Updated]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 288 Gb (111 Mb free - 39%) [] # NTFS
D:\ -> Fixed drive # 10 Gb (2 Mb free - 17%) [RECOVERY] # NTFS
E:\ -> CD-ROM
F:\ -> Fixed drive # 466 Gb (50 Mb free - 11%) [FreeAgent GoFlex Drive] # NTFS
G:\ -> CD-ROM
H:\ -> Removable drive # 4 Gb (4 Mb free - 100%) [ZILO USB] # FAT32
I:\ -> Removable drive # 4 Gb (4 Mb free - 100%) [XKR-S] # FAT32

################## | El Desaparecido Section |

HKLM\SOFTWARE | Run : [DpAgent] - C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe
HKLM\SOFTWARE | Run : [QlbCtrl.exe] - "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
HKLM\SOFTWARE | Run : [HP Health Check Scheduler] - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
HKLM\SOFTWARE | Run : [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
HKLM\SOFTWARE | Run : [WirelessAssistant] - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE | Run : [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
HKLM\SOFTWARE | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
HKLM\SOFTWARE | Run : [pxickblays] - wscript.exe //B "C:\Users\Zilo\AppData\Roaming\pxickblays.vbe"
HKLM\SOFTWARE\wow6432Node | Run : [DpAgent] - C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe
HKLM\SOFTWARE\wow6432Node | Run : [QlbCtrl.exe] - "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
HKLM\SOFTWARE\wow6432Node | Run : [HP Health Check Scheduler] - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
HKLM\SOFTWARE\wow6432Node | Run : [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
HKLM\SOFTWARE\wow6432Node | Run : [WirelessAssistant] - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
HKLM\SOFTWARE\wow6432Node | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE\wow6432Node | Run : [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM\SOFTWARE\wow6432Node | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE\wow6432Node | Run : [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
HKLM\SOFTWARE\wow6432Node | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE\wow6432Node | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
HKLM\SOFTWARE\wow6432Node | Run : [pxickblays] - wscript.exe //B "C:\Users\Zilo\AppData\Roaming\pxickblays.vbe"
HKLM\SOFTWARE | RunOnce : [] -
HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
HKU\S-1-5-19\SOFTWARE | Run : [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
HKU\S-1-5-20\SOFTWARE | Run : [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-4116362256-3208974170-2117722004-1000\SOFTWARE | Run : [pxickblays] - wscript.exe //B "C:\Users\Zilo\AppData\Roaming\pxickblays.vbe"

################## | Stopped processes |

Stopped! C:\Windows\system32\atiesrxx.exe (200)
Stopped! C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_c7d6edb7\STacSV64.exe (584)
Stopped! C:\Windows\system32\SLsvc.exe (1032)
Stopped! C:\Windows\system32\Hpservice.exe (1168)
Stopped! C:\Windows\System32\WUDFHost.exe (1220)
Stopped! C:\Windows\system32\atieclxx.exe (1436)
Stopped! C:\Windows\Explorer.EXE (1688)
Stopped! C:\Windows\system32\vfsFPService.exe (1788)
Stopped! C:\Windows\system32\WLANExt.exe (1984)
Stopped! C:\Windows\system32\taskeng.exe (1292)
Stopped! C:\Windows\System32\spoolsv.exe (1448)
Stopped! C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe (872)
Stopped! C:\Windows\system32\taskeng.exe (2064)
Stopped! C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe (2424)
Stopped! C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_c7d6edb7\AESTSr64.exe (2584)
Stopped! C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (2620)
Stopped! C:\Program Files\Bonjour\mDNSResponder.exe (2636)
Stopped! C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe (2668)
Stopped! C:\Windows\SysWOW64\srvany.exe (2812)
Stopped! C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (2844)
Stopped! C:\Windows\KMService.exe (2860)
Stopped! C:\Program Files (x86)\SMINST\BLService.exe (2940)
Stopped! C:\Windows\system32\SearchIndexer.exe (2116)
Stopped! C:\Windows\System32\WUDFHost.exe (1316)
Stopped! C:\Windows\notepad.exe (1312)
Stopped! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3240)
Stopped! C:\Program Files\Windows Defender\MSASCui.exe (3248)
Stopped! C:\Program Files\ESET\ESET Endpoint Security\egui.exe (3256)
Stopped! C:\Program Files\IDT\WDM\sttray64.exe (3300)
Stopped! C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (3456)
Stopped! C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe (3492)
Stopped! C:\Program Files\DigitalPersona\Bin\DPAgent.exe (3576)
Stopped! C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe (3632)
Stopped! C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe (3656)
Stopped! C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (3664)
Stopped! C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (3672)
Stopped! C:\Program Files (x86)\iTunes\iTunesHelper.exe (3788)
Stopped! C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (3972)
Stopped! C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (3180)
Stopped! C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (3804)
Stopped! C:\Program Files\iPod\bin\iPodService.exe (2520)
Stopped! C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (4212)
Stopped! C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe (4380)
Stopped! C:\Windows\System32\wscript.exe (4544)
Stopped! C:\Program Files (x86)\Mozilla Firefox\firefox.exe (4720)
Stopped! C:\Windows\system32\SearchProtocolHost.exe (4952)
Stopped! C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (5108)
Stopped! C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (4436)
Stopped! c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe (1900)
Stopped! C:\Windows\system32\wuauclt.exe (5532)
Stopped! C:\Users\Zilo\Desktop\OTL.exe (4804)
Stopped! C:\Windows\splwow64.exe (3284)
Stopped! C:\Windows\notepad.exe (5964)
Stopped! C:\Program Files\VideoLAN\VLC\vlc.exe (2216)

################## | Files # Infected Folders |

Deleted ! C:\Users\Zilo\AppData\Roaming\pxickblays.vbe
Deleted ! H:\pxickblays.vbe
Deleted ! I:\pxickblays.vbe
Deleted ! C:\Users\Zilo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pxickblays.vbe
Deleted ! D:\desktop.ini
Not deleted ! I:\AUTORUN.INF
Deleted ! C:\_OTL\MovedFiles\11192013_172355\C_Users\Zilo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6MDIKBP9\fichier_encode[1].vbe
Deleted ! C:\_OTL\MovedFiles\11192013_172355\C_Users\Zilo\AppData\Local\Temp\pxickblays.vbe
Deleted ! C:\_OTL\MovedFiles\11192013_172355\C_Users\Zilo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pxickblays.vbe
Deleted ! C:\_OTL\MovedFiles\11192013_172355\C_Users\Zilo\AppData\Roaming\pxickblays.vbe

(!) Temporary files deleted.

################## | Registry |

Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|pxickblays
Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|pxickblays

################## | Mountpoints2 |


################## | Listing |

[31/10/2013 - 15:55:59 | SD ] C:\$RECYCLE.BIN
[06/11/2013 - 23:06:37 | D ] C:\AMD
[01/11/2013 - 16:09:16 | D ] C:\Autodesk
[03/11/2013 - 12:09:52 | SD ] C:\boot
[11/04/2009 - 07:36:36 | RASH | 333257] C:\bootmgr
[02/11/2006 - 16:42:17 | SHD ] C:\Documents and Settings
[19/11/2013 - 17:28:40 | ASH | 3218276352] C:\hiberfil.sys
[31/10/2013 - 14:52:56 | D ] C:\HP
[31/10/2013 - 17:03:19 | D ] C:\Intel
[01/12/2006 - 23:37:14 | N | 904704] C:\msdia80.dll
[01/11/2013 - 23:23:33 | RHD ] C:\MSOCache
[19/11/2013 - 17:28:39 | ASH | 3531984896] C:\pagefile.sys
[21/01/2008 - 04:04:13 | D ] C:\PerfLogs
[19/11/2013 - 17:47:53 | N | 512] C:\PhysicalMBR.bin
[19/11/2013 - 13:26:07 | D ] C:\Program Files
[19/11/2013 - 17:30:36 | D ] C:\Program Files (x86)
[19/11/2013 - 17:29:26 | HD ] C:\ProgramData
[19/11/2013 - 13:26:29 | D ] C:\rsit
[06/11/2013 - 12:05:57 | D ] C:\SWSetup
[19/11/2013 - 17:47:31 | SHD ] C:\System Volume Information
[31/10/2013 - 15:42:24 | D ] C:\System.sav
[01/11/2013 - 02:18:20 | D ] C:\totalcmd
[19/11/2013 - 18:56:42 | D ] C:\UsbFix
[19/11/2013 - 18:57:04 | A | 10399] C:\UsbFix [Clean 1] ZILO9.txt
[31/10/2013 - 15:32:29 | D ] C:\Users
[19/11/2013 - 17:29:52 | D ] C:\Windows
[19/11/2013 - 17:23:55 | D ] C:\_OTL
[31/10/2013 - 15:56:00 | SD ] D:\$RECYCLE.BIN
[31/10/2013 - 14:12:35 | SD ] D:\autorun.inf
[31/10/2013 - 15:33:50 | N | 13] D:\BLOCK.RIN
[31/10/2013 - 14:12:35 | SD ] D:\boot
[03/10/2006 - 22:02:44 | S | 438328] D:\bootmgr
[31/10/2013 - 14:12:10 | N | 0] D:\DRECOVERY
[10/09/2002 - 15:14:28 | N | 8134] D:\Folder.htt
[31/10/2013 - 14:12:35 | D ] D:\HP
[15/11/2010 - 21:48:22 | S | 22] D:\HPCD.sys
[19/11/2013 - 17:29:11 | N | 269] D:\MASTER.LOG
[31/10/2013 - 14:12:35 | SD ] D:\PRELOAD
[12/09/2008 - 16:17:38 | S | 381873] D:\protect.arabic
[15/09/2008 - 14:57:58 | N | 182624] D:\protect.bulgarian
[16/09/2002 - 13:37:48 | S | 181898] D:\protect.chinese hong kong
[16/09/2002 - 13:37:40 | S | 181916] D:\protect.chinese simplified
[16/09/2002 - 13:37:48 | S | 181898] D:\protect.chinese traditional
[27/04/2006 - 15:19:40 | S | 181865] D:\protect.czech
[03/11/2005 - 14:21:26 | S | 181726] D:\protect.danish
[10/09/2002 - 12:56:12 | S | 181605] D:\protect.dutch
[10/09/2002 - 12:50:18 | N | 181651] D:\protect.ed
[22/11/2004 - 14:28:30 | S | 181648] D:\protect.english
[03/11/2005 - 14:20:20 | S | 181673] D:\protect.finnish
[03/11/2005 - 14:19:52 | S | 181736] D:\protect.french
[03/11/2005 - 14:18:10 | S | 181669] D:\protect.german
[23/11/2005 - 14:56:46 | S | 182689] D:\protect.greek
[23/01/2006 - 08:18:00 | S | 182605] D:\protect.hebrew
[28/08/2007 - 13:58:08 | N | 181696] D:\protect.hungarian
[03/11/2005 - 14:17:00 | S | 181554] D:\protect.italian
[19/06/2007 - 14:22:10 | S | 182351] D:\protect.japanese
[24/11/2005 - 10:24:44 | S | 218295] D:\protect.korean
[03/11/2005 - 14:15:12 | S | 181578] D:\protect.norwegian
[25/04/2006 - 13:44:10 | S | 181789] D:\protect.polish
[03/11/2005 - 14:13:12 | S | 181624] D:\protect.portuguese
[27/10/2005 - 18:24:10 | S | 181882] D:\protect.portuguese brazilian
[15/09/2008 - 14:57:54 | N | 181735] D:\protect.romanian
[28/06/2004 - 07:52:46 | S | 211936] D:\protect.russian
[04/07/2007 - 10:46:44 | S | 181954] D:\protect.slovak
[03/11/2005 - 14:11:46 | S | 181586] D:\protect.spanish
[10/09/2002 - 13:15:06 | S | 181602] D:\protect.swedish
[12/08/2003 - 09:37:30 | S | 181783] D:\protect.turkish
[22/07/2009 - 21:23:12 | S | 26] D:\RCBoot.sys
[31/10/2013 - 14:12:35 | RD ] D:\RECOVERY
[31/10/2013 - 14:12:35 | SD ] D:\SOURCES
[31/10/2013 - 20:45:59 | SD ] D:\System Volume Information
[31/10/2013 - 14:12:35 | D ] D:\Tools
[31/10/2013 - 14:12:35 | D ] D:\WINDOWS
[06/04/2010 - 08:32:04 | D ] E:\G.1 KOMUNIKACIE A SPEVNENE PLOCHY SO 50
[06/04/2010 - 08:32:04 | D ] E:\G.2 VONKAJSIE POVRCHOVE OBJEKTY SO 70
[06/04/2010 - 08:32:04 | D ] E:\A SPRIEV. SPRAVA
[06/04/2010 - 08:32:04 | D ] E:\C CELK. SIT. STAVBY
[06/04/2010 - 08:32:04 | D ] E:\E STAV. VYK. STAVBY
[06/04/2010 - 08:32:06 | D ] E:\F STAT. POSUDENIE
[16/11/2013 - 20:23:36 | SHD ] F:\$RECYCLE.BIN
[02/11/2013 - 00:46:29 | D ] F:\Dokumenty
[23/08/2011 - 13:28:23 | D ] F:\Fotky
[18/03/2010 - 08:49:00 | N | 65643] F:\GoFlex.ico
[13/05/2010 - 02:49:08 | N | 35310222] F:\Mac Installer.dmg
[04/12/2011 - 13:40:35 | N | 528] F:\MediaID.bin
[02/11/2013 - 10:43:27 | D ] F:\Music
[31/10/2013 - 10:29:29 | N | 161232] F:\pracovna plocha 2.jpg
[31/10/2013 - 10:29:50 | N | 171498] F:\pracovna plocha 3.jpg
[31/10/2013 - 10:30:10 | N | 151335] F:\pracovna plocha 4.jpg
[31/10/2013 - 10:30:43 | N | 210429] F:\pracovna plocha 5.jpg
[31/10/2013 - 10:31:01 | N | 214502] F:\pracovna plocha 6.jpg
[31/10/2013 - 10:45:54 | N | 232043] F:\pracovna plocha 7.jpg
[01/11/2013 - 23:37:44 | D ] F:\pracovna plocha zlozky
[31/10/2013 - 10:29:00 | N | 176170] F:\pracovna plocha.jpg
[10/11/2013 - 13:12:31 | N | 24053] F:\PROJEKT ORGANIZÁCIE VÝSTAVBY.docx
[13/03/2011 - 11:30:04 | N | 54009584] F:\se-setup-ngt.exe
[21/10/2013 - 17:44:58 | D ] F:\Seagate
[16/01/2009 - 09:14:08 | N | 156312] F:\Setup.exe
[28/10/2013 - 11:33:23 | D ] F:\Skola
[14/01/2011 - 11:23:20 | SHD ] F:\System Volume Information
[22/10/2010 - 01:47:05 | D ] F:\USB 3.0 PC Card Adapter
[02/11/2013 - 00:18:02 | D ] F:\Zaloha školske veci
[01/09/2010 - 22:10:20 | N | 24576] F:\Čestné prehlásenie o.doc
[23/11/2011 - 21:53:03 | D ] F:\Žilo- dokumenty
[21/10/2013 - 07:03:52 | H | 16] I:\AUTORUN.INF

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
H:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | E.O.F | http://www.sosvirus.net |

[zilo9]

ahoj, prepac, ze som sa neozyval, ale bol som mimo PC dva dni...zda sa, ze problem je vyrieseny, vsetko slape ani eset nic nenasiel...dakujem velmi za pomoc a za venovany cas, vsetci radcovia, ste borci, ze takto ludom pomahate, velmi pekne dakujem .
chcem sa este na zaver opytat, mozno hlupu vec: ak som si dobre vsimol, tak usbfix vytvoril asi nejaky falosny priecinok s nazvom autoran.inf, mal by zabranit opatovnemu nakazeniu touto havedou? pytam sa lebo som na nakazenom usb daval nejake veci frajerke a ak sa nakazil aj jej pocitac, tak ci sa teraz vyliecene usb moze znovu nakazit?

[zilo9]

takze tu su zlozky otl

[zilo9]

a toto je z usbfixu