Prosim o kontrolu.

Zpráva

#16 Příspěvek od **Márty84** » 10 led 2014 22:46

Zkuste jeste jednou RogueKiller

NeoFan · #17 Příspěvek od **NeoFan** » 10 led 2014 22:58

to iste,padne aj v safe mode

#18 Příspěvek od **Márty84** » 10 led 2014 23:04

Postupujte podle navodu kolegy

vyosek píše: Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/
Ulozte nejlepe na Plochu a rozbalte

Spustte kliknutim na mbar

Nyni postupne kliknete na Next a Update

Po dokonceni update (aktualizace) databaze kliknete opet na Next

Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC

Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko

Tez zkontrolujte, jetsli je zatrzitko u Create Restore point

Nyni kliknete na CleanUp cimz nalezenou infekci odstranime

PC bude restartovan

Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

NeoFan · #19 Příspěvek od **NeoFan** » 10 led 2014 23:14

zdravim,nic nenaslo teda som ani nic nezaciarkoval a ani nedoslo k restartu.

#20 Příspěvek od **Márty84** » 10 led 2014 23:23

OK

Dejte novy log z RSIT

NeoFan · #21 Příspěvek od **NeoFan** » 10 led 2014 23:27

Logfile of random's system information tool 1.09 (written by random/random)
Run by miso at 2014-01-10 23:26:55
Microsoft Windows 7 Professional N Service Pack 1
System drive C: has 4 GB (13%) free of 30 GB
Total RAM: 7679 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:26:58 PM, on 1/10/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
D:\Program Files\AVAST Software\Avast\AvastUI.exe
D:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\miso\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\miso\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
D:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
D:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
D:\PROGRA~1\MICROS~1\Office14\WINWORD.EXE
C:\Program Files\trend micro\miso.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "D:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - Startup: Dropbox.lnk = C:\Users\miso\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Facebook Messenger.lnk = C:\Users\miso\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
O9 - Extra button: Odoslat do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslat do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - D:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 7324 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"D:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"taskhost.exe"
taskeng.exe {2ABC2E2A-BD8E-4050-8998-929198D5EB44}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"D:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"D:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\miso\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Users\miso\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\sppsvc.exe
"C:\Windows\system32\wuauclt.exe"
"D:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3092.13f74e00.1735555163 "C:\Users\miso\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll" -greomni "D:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "D:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "D:\Program Files (x86)\Mozilla Firefox\browser" 260915DCF3A62DA7 3092 "\\.\pipe\gecko-crash-server-pipe.3092" plugin
"D:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3092.17087d00.1058693589 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll" -greomni "D:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "D:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "D:\Program Files (x86)\Mozilla Firefox\browser" 260915DCF3A62DA7 3092 "\\.\pipe\gecko-crash-server-pipe.3092" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe" --proxy-stub-channel=Flash2976.69ADB990.7754 --host-broker-channel=Flash2976.69ADB990.32630 --host-pid=2976 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe" --channel=3636.003FF5FC.1058863498 --proxy-stub-channel=Flash2976.69ADB990.7754 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll" --host-npapi-version=27 --type=renderer
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\prevhost.exe {914FEED8-267A-4BAA-B8AA-21E233792679} -Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
D:\PROGRA~1\MICROS~1\Office14\WINWORD.EXE -Embedding
C:\Windows\splwow64.exe 8192
"E:\download\RSITx64(1).exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

=========Mozilla firefox=========

ProfilePath - C:\Users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=D:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default\extensions\
jid1-4P0kohSJxU1qGg@jetpack

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-12-21 1372864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-21 1138536]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - D:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-12-21 1372864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-21 1138536]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=D:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-12-21 3764024]

C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\miso\AppData\Roaming\Dropbox\bin\Dropbox.exe
Facebook Messenger.lnk - C:\Users\miso\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-01-10 23:08:10 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-10 23:08:09 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-01-10 23:07:42 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-01-10 22:56:00 ----A---- C:\Windows\ntbtlog.txt
2014-01-10 22:43:04 ----A---- C:\ComboFix.txt
2014-01-10 22:41:17 ----D---- C:\$RECYCLE.BIN
2014-01-10 22:39:36 ----D---- C:\Windows\temp
2014-01-10 16:43:51 ----A---- C:\Windows\system32\FNTCACHE.DAT
2014-01-10 11:45:03 ----A---- C:\Windows\zip.exe
2014-01-10 11:45:03 ----A---- C:\Windows\SWSC.exe
2014-01-10 11:45:03 ----A---- C:\Windows\SWREG.exe
2014-01-10 11:45:03 ----A---- C:\Windows\sed.exe
2014-01-10 11:45:03 ----A---- C:\Windows\PEV.exe
2014-01-10 11:45:03 ----A---- C:\Windows\NIRCMD.exe
2014-01-10 11:45:03 ----A---- C:\Windows\MBR.exe
2014-01-10 11:45:03 ----A---- C:\Windows\grep.exe
2014-01-10 11:44:58 ----D---- C:\Qoobox
2014-01-10 11:44:43 ----D---- C:\Windows\erdnt
2014-01-08 18:30:55 ----D---- C:\ProgramData\Astroburn Lite
2014-01-08 18:30:55 ----D---- C:\Program Files (x86)\Astroburn Lite
2014-01-08 01:19:07 ----D---- C:\AdwCleaner
2014-01-07 19:07:11 ----D---- C:\Users\miso\AppData\Roaming\e-academy Inc
2014-01-06 22:30:05 ----D---- C:\Users\miso\AppData\Roaming\Malwarebytes
2014-01-06 22:30:02 ----D---- C:\ProgramData\Malwarebytes
2014-01-06 10:29:42 ----ASH---- C:\pagefile.sys
2014-01-05 22:19:16 ----D---- C:\rsit
2014-01-05 22:19:16 ----D---- C:\Program Files\trend micro
2013-12-31 01:22:44 ----D---- C:\Users\miso\AppData\Roaming\dvdcss
2013-12-29 18:33:12 ----D---- C:\Windows\rescache
2013-12-29 00:12:25 ----A---- C:\sleep.bat
2013-12-28 19:09:45 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-12-28 19:09:45 ----D---- C:\Program Files (x86)\AGEIA Technologies
2013-12-28 19:09:44 ----D---- C:\Program Files (x86)\OpenAL
2013-12-28 19:09:44 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2013-12-28 19:09:44 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2013-12-28 19:09:44 ----A---- C:\Windows\system32\wrap_oal.dll
2013-12-28 19:09:44 ----A---- C:\Windows\system32\OpenAL32.dll
2013-12-28 19:09:18 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2013-12-28 19:09:18 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2013-12-28 19:09:18 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2013-12-28 19:09:18 ----A---- C:\Windows\system32\XAudio2_7.dll
2013-12-28 19:09:18 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2013-12-28 19:09:18 ----A---- C:\Windows\system32\xactengine3_7.dll
2013-12-28 19:09:17 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2013-12-28 19:09:17 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2013-12-28 19:09:16 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2013-12-28 19:09:16 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2013-12-28 19:09:16 ----A---- C:\Windows\system32\d3dx11_43.dll
2013-12-28 19:09:16 ----A---- C:\Windows\system32\d3dcsx_43.dll
2013-12-28 19:09:15 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2013-12-28 19:09:15 ----A---- C:\Windows\system32\d3dx10_43.dll
2013-12-28 19:09:14 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2013-12-28 19:09:14 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2013-12-28 19:09:14 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2013-12-28 19:09:14 ----A---- C:\Windows\system32\XAudio2_6.dll
2013-12-28 19:09:14 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2013-12-28 19:09:14 ----A---- C:\Windows\system32\D3DX9_43.dll
2013-12-28 19:09:13 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2013-12-28 19:09:13 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2013-12-28 19:09:13 ----A---- C:\Windows\system32\xactengine3_6.dll
2013-12-28 19:09:13 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2013-12-28 19:09:12 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2013-12-28 19:09:12 ----A---- C:\Windows\system32\XAudio2_5.dll
2013-12-28 19:09:09 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2013-12-28 19:09:09 ----A---- C:\Windows\system32\xactengine3_5.dll
2013-12-28 19:09:08 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2013-12-28 19:09:08 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2013-12-28 19:09:05 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2013-12-28 19:09:05 ----A---- C:\Windows\system32\d3dcsx_42.dll
2013-12-28 19:09:04 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2013-12-28 19:09:04 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2013-12-28 19:09:04 ----A---- C:\Windows\system32\d3dx11_42.dll
2013-12-28 19:09:04 ----A---- C:\Windows\system32\d3dx10_42.dll
2013-12-28 19:09:03 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2013-12-28 19:09:03 ----A---- C:\Windows\system32\D3DX9_42.dll
2013-12-28 19:09:02 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2013-12-28 19:09:02 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2013-12-28 19:09:02 ----A---- C:\Windows\system32\d3dx10_41.dll
2013-12-28 19:09:02 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2013-12-28 19:09:01 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2013-12-28 19:09:01 ----A---- C:\Windows\system32\D3DX9_41.dll
2013-12-28 19:09:00 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2013-12-28 19:09:00 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2013-12-28 19:09:00 ----A---- C:\Windows\system32\XAudio2_4.dll
2013-12-28 19:09:00 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2013-12-28 19:08:59 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2013-12-28 19:08:59 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2013-12-28 19:08:59 ----A---- C:\Windows\system32\xactengine3_4.dll
2013-12-28 19:08:59 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2013-12-28 19:08:58 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2013-12-28 19:08:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2013-12-28 19:08:58 ----A---- C:\Windows\system32\d3dx10_40.dll
2013-12-28 19:08:58 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2013-12-28 19:08:54 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2013-12-28 19:08:54 ----A---- C:\Windows\system32\D3DX9_40.dll
2013-12-28 19:08:52 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2013-12-28 19:08:52 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2013-12-28 19:08:52 ----A---- C:\Windows\system32\XAudio2_3.dll
2013-12-28 19:08:52 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2013-12-28 19:08:51 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2013-12-28 19:08:51 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2013-12-28 19:08:51 ----A---- C:\Windows\system32\xactengine3_3.dll
2013-12-28 19:08:51 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2013-12-28 19:08:50 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2013-12-28 19:08:50 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2013-12-28 19:08:50 ----A---- C:\Windows\system32\XAudio2_2.dll
2013-12-28 19:08:50 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2013-12-28 19:08:49 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2013-12-28 19:08:49 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2013-12-28 19:08:49 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2013-12-28 19:08:49 ----A---- C:\Windows\system32\xactengine3_2.dll
2013-12-28 19:08:49 ----A---- C:\Windows\system32\d3dx10_39.dll
2013-12-28 19:08:49 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2013-12-28 19:08:48 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2013-12-28 19:08:48 ----A---- C:\Windows\system32\D3DX9_39.dll
2013-12-28 19:08:47 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2013-12-28 19:08:47 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2013-12-28 19:08:47 ----A---- C:\Windows\system32\XAudio2_1.dll
2013-12-28 19:08:47 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2013-12-28 19:08:46 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2013-12-28 19:08:46 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2013-12-28 19:08:46 ----A---- C:\Windows\system32\xactengine3_1.dll
2013-12-28 19:08:46 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2013-12-28 19:08:44 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2013-12-28 19:08:44 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2013-12-28 19:08:44 ----A---- C:\Windows\system32\d3dx10_38.dll
2013-12-28 19:08:44 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2013-12-28 19:08:40 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2013-12-28 19:08:40 ----A---- C:\Windows\system32\D3DX9_38.dll
2013-12-28 19:08:38 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2013-12-28 19:08:38 ----A---- C:\Windows\system32\XAudio2_0.dll
2013-12-28 19:08:37 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2013-12-28 19:08:37 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2013-12-28 19:08:37 ----A---- C:\Windows\system32\xactengine3_0.dll
2013-12-28 19:08:37 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2013-12-28 19:08:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2013-12-28 19:08:36 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2013-12-28 19:08:35 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2013-12-28 19:08:35 ----A---- C:\Windows\system32\d3dx10_37.dll
2013-12-28 19:08:32 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2013-12-28 19:08:32 ----A---- C:\Windows\system32\D3DX9_37.dll
2013-12-28 19:08:31 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2013-12-28 19:08:31 ----A---- C:\Windows\system32\xactengine2_10.dll
2013-12-28 19:08:29 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2013-12-28 19:08:29 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2013-12-28 19:08:29 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2013-12-28 19:08:29 ----A---- C:\Windows\system32\d3dx9_36.dll
2013-12-28 19:08:29 ----A---- C:\Windows\system32\d3dx10_36.dll
2013-12-28 19:08:29 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2013-12-28 19:08:28 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2013-12-28 19:08:28 ----A---- C:\Windows\system32\xactengine2_9.dll
2013-12-28 19:08:27 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2013-12-28 19:08:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2013-12-28 19:08:27 ----A---- C:\Windows\system32\d3dx10_35.dll
2013-12-28 19:08:27 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2013-12-28 19:08:26 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2013-12-28 19:08:26 ----A---- C:\Windows\system32\d3dx9_35.dll
2013-12-28 19:08:25 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2013-12-28 19:08:25 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2013-12-28 19:08:25 ----A---- C:\Windows\system32\xactengine2_8.dll
2013-12-28 19:08:25 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2013-12-28 19:08:24 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2013-12-28 19:08:24 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2013-12-28 19:08:24 ----A---- C:\Windows\system32\d3dx10_34.dll
2013-12-28 19:08:24 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2013-12-28 19:08:22 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2013-12-28 19:08:22 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2013-12-28 19:08:22 ----A---- C:\Windows\system32\xinput1_3.dll
2013-12-28 19:08:22 ----A---- C:\Windows\system32\d3dx9_34.dll
2013-12-28 19:08:21 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2013-12-28 19:08:21 ----A---- C:\Windows\system32\xactengine2_7.dll
2013-12-28 19:08:20 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2013-12-28 19:08:20 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2013-12-28 19:08:20 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2013-12-28 19:08:20 ----A---- C:\Windows\system32\d3dx9_33.dll
2013-12-28 19:08:20 ----A---- C:\Windows\system32\d3dx10_33.dll
2013-12-28 19:08:20 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2013-12-28 19:08:18 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2013-12-28 19:08:18 ----A---- C:\Windows\system32\xactengine2_6.dll
2013-12-28 19:08:17 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2013-12-28 19:08:17 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2013-12-28 19:08:17 ----A---- C:\Windows\system32\xactengine2_5.dll
2013-12-28 19:08:17 ----A---- C:\Windows\system32\d3dx10.dll
2013-12-28 19:08:16 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2013-12-28 19:08:16 ----A---- C:\Windows\system32\d3dx9_32.dll
2013-12-28 19:08:15 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2013-12-28 19:08:15 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2013-12-28 19:08:15 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2013-12-28 19:08:15 ----A---- C:\Windows\system32\xactengine2_4.dll
2013-12-28 19:08:15 ----A---- C:\Windows\system32\x3daudio1_1.dll
2013-12-28 19:08:15 ----A---- C:\Windows\system32\d3dx9_31.dll
2013-12-28 19:08:14 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2013-12-28 19:08:14 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2013-12-28 19:08:14 ----A---- C:\Windows\system32\xinput1_2.dll
2013-12-28 19:08:14 ----A---- C:\Windows\system32\xactengine2_3.dll
2013-12-28 19:08:10 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2013-12-28 19:08:10 ----A---- C:\Windows\system32\xactengine2_2.dll
2013-12-28 19:08:09 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2013-12-28 19:08:09 ----A---- C:\Windows\system32\xinput1_1.dll
2013-12-28 19:08:05 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2013-12-28 19:08:05 ----A---- C:\Windows\system32\xactengine2_1.dll
2013-12-28 19:07:53 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2013-12-28 19:07:53 ----A---- C:\Windows\system32\d3dx9_30.dll
2013-12-28 19:07:50 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2013-12-28 19:07:50 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2013-12-28 19:07:50 ----A---- C:\Windows\system32\xactengine2_0.dll
2013-12-28 19:07:50 ----A---- C:\Windows\system32\x3daudio1_0.dll
2013-12-28 19:07:48 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2013-12-28 19:07:48 ----A---- C:\Windows\system32\d3dx9_29.dll
2013-12-28 19:07:47 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2013-12-28 19:07:47 ----A---- C:\Windows\system32\d3dx9_28.dll
2013-12-28 19:07:45 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2013-12-28 19:07:45 ----A---- C:\Windows\system32\d3dx9_27.dll
2013-12-28 19:07:44 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2013-12-28 19:07:44 ----A---- C:\Windows\system32\d3dx9_26.dll
2013-12-28 19:07:39 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2013-12-28 19:07:39 ----A---- C:\Windows\system32\d3dx9_25.dll
2013-12-28 19:07:36 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2013-12-28 19:07:36 ----A---- C:\Windows\system32\d3dx9_24.dll
2013-12-28 01:44:38 ----D---- C:\Users\miso\AppData\Roaming\TeamViewer
2013-12-28 01:44:05 ----D---- C:\Program Files (x86)\TeamViewer
2013-12-26 23:53:34 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2013-12-26 23:53:31 ----D---- C:\Users\miso\AppData\Roaming\DAEMON Tools Lite
2013-12-26 23:52:17 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-12-26 18:15:22 ----D---- C:\Program Files (x86)\Adobe
2013-12-26 18:15:05 ----D---- C:\ProgramData\Adobe
2013-12-26 00:31:15 ----D---- C:\Users\miso\AppData\Roaming\Opera Software
2013-12-26 00:28:43 ----A---- C:\Windows\Sandboxie.ini
2013-12-24 02:32:41 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-12-24 02:32:41 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-12-24 02:32:41 ----A---- C:\Windows\system32\drivers\usbohci.sys
2013-12-24 02:32:41 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-12-24 02:32:41 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-12-24 02:32:41 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-12-24 02:32:41 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-12-24 00:40:10 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2013-12-24 00:39:46 ----D---- C:\Windows\PCHEALTH
2013-12-24 00:39:46 ----D---- C:\Program Files (x86)\Microsoft Sync Framework
2013-12-24 00:39:46 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-12-24 00:38:03 ----D---- C:\Program Files\Microsoft Office
2013-12-23 03:01:10 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-23 03:01:09 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-23 03:01:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-23 03:01:09 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-23 03:01:09 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-23 03:01:09 ----A---- C:\Windows\system32\ieui.dll
2013-12-23 03:01:08 ----A---- C:\Windows\system32\iesetup.dll
2013-12-23 03:01:08 ----A---- C:\Windows\system32\iernonce.dll
2013-12-23 03:01:08 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-23 03:01:07 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-12-23 03:01:07 ----A---- C:\Windows\system32\mshtml.dll
2013-12-23 03:01:07 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-23 03:01:07 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-23 03:01:07 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-23 03:01:07 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-23 03:01:06 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-12-23 03:01:06 ----A---- C:\Windows\system32\iertutil.dll
2013-12-23 03:01:05 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-23 03:01:05 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-23 03:01:05 ----A---- C:\Windows\system32\wininet.dll
2013-12-23 03:01:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-23 03:01:04 ----A---- C:\Windows\system32\urlmon.dll
2013-12-23 03:01:04 ----A---- C:\Windows\system32\ieframe.dll
2013-12-23 03:01:03 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-23 03:01:02 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-23 03:01:02 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-23 03:01:01 ----A---- C:\Windows\system32\jscript9.dll
2013-12-22 16:36:31 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-12-22 16:36:31 ----A---- C:\Windows\SYSWOW64\explorer.exe
2013-12-22 16:36:31 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-22 16:36:31 ----A---- C:\Windows\explorer.exe
2013-12-22 16:36:29 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2013-12-22 16:36:29 ----A---- C:\Windows\system32\drivers\bthport.sys
2013-12-22 16:36:25 ----A---- C:\Windows\SYSWOW64\esent.dll
2013-12-22 16:36:25 ----A---- C:\Windows\system32\fsutil.exe
2013-12-22 16:36:25 ----A---- C:\Windows\system32\esent.dll
2013-12-22 16:36:25 ----A---- C:\Windows\system32\drivers\amdxata.sys
2013-12-22 16:36:24 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2013-12-22 16:36:24 ----A---- C:\Windows\system32\drivers\storport.sys
2013-12-22 16:36:24 ----A---- C:\Windows\system32\drivers\nvstor.sys
2013-12-22 16:36:24 ----A---- C:\Windows\system32\drivers\nvraid.sys
2013-12-22 16:36:24 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2013-12-22 16:36:24 ----A---- C:\Windows\system32\drivers\amdsata.sys
2013-12-22 16:36:22 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2013-12-22 16:36:19 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-12-22 16:36:19 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-12-22 16:36:18 ----A---- C:\Windows\system32\spoolsv.exe
2013-12-22 16:36:18 ----A---- C:\Windows\splwow64.exe
2013-12-22 14:43:37 ----D---- C:\Users\miso\AppData\Roaming\OpenOffice
2013-12-22 14:29:43 ----D---- C:\Program Files (x86)\Google
2013-12-22 07:03:32 ----D---- C:\Windows\Prefetch
2013-12-22 07:03:25 ----SHD---- C:\System Volume Information
2013-12-22 07:03:25 ----ASH---- C:\hiberfil.sys
2013-12-22 07:02:27 ----D---- C:\Windows\Panther
2013-12-22 02:33:13 ----A---- C:\Windows\system32\drivers\VBoxDrv.sys
2013-12-22 02:33:04 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2013-12-22 02:33:03 ----DC---- C:\Windows\system32\DRVSTORE
2013-12-22 02:27:48 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-12-22 02:25:01 ----D---- C:\Windows\Migration
2013-12-22 02:21:34 ----A---- C:\Windows\system32\IEUDINIT.EXE
2013-12-22 02:18:53 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-12-22 02:18:53 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\url.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-12-22 02:18:51 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\wextract.exe
2013-12-22 02:18:51 ----A---- C:\Windows\system32\webcheck.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\vbscript.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\url.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-12-22 02:18:51 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-22 02:18:51 ----A---- C:\Windows\system32\pngfilt.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\occache.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\msrating.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\msls31.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\mshtmler.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\mshtmled.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\MshtmlDac.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\mshta.exe
2013-12-22 02:18:51 ----A---- C:\Windows\system32\msfeedssync.exe
2013-12-22 02:18:51 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\msfeeds.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\licmgr10.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\jsIntl.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\jscript.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\inseng.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\imgutil.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\iexpress.exe
2013-12-22 02:18:51 ----A---- C:\Windows\system32\iesysprep.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\iepeers.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\iedkcs32.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\ieapfltr.dat
2013-12-22 02:18:51 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\icardie.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\elshyph.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\dxtrans.dll
2013-12-22 02:18:51 ----A---- C:\Windows\system32\dxtmsft.dll
2013-12-22 02:09:30 ----D---- C:\Users\miso\AppData\Roaming\uTorrent
2013-12-22 00:50:17 ----D---- C:\Program Files (x86)\Microsoft.NET
2013-12-22 00:30:28 ----D---- C:\Windows\SYSWOW64\Wat
2013-12-22 00:30:28 ----D---- C:\Windows\system32\Wat
2013-12-21 23:56:07 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2013-12-21 23:55:37 ----D---- C:\Program Files\Microsoft Analysis Services
2013-12-21 23:55:37 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2013-12-21 23:55:28 ----D---- C:\Program Files (x86)\Microsoft Office
2013-12-21 23:55:24 ----D---- C:\ProgramData\Microsoft Help
2013-12-21 23:43:30 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-12-21 23:43:30 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-12-21 23:43:30 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-12-21 23:43:28 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys
2013-12-21 23:43:28 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2013-12-21 23:43:28 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2013-12-21 23:43:26 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2013-12-21 23:43:26 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-12-21 23:43:26 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2013-12-21 23:43:26 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2013-12-21 23:43:26 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2013-12-21 23:43:26 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-12-21 23:43:26 ----A---- C:\Windows\system32\wksprtPS.dll
2013-12-21 23:43:26 ----A---- C:\Windows\system32\wksprt.exe
2013-12-21 23:43:26 ----A---- C:\Windows\system32\TSWbPrxy.exe
2013-12-21 23:43:26 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-12-21 23:43:26 ----A---- C:\Windows\system32\tsgqec.dll
2013-12-21 23:43:26 ----A---- C:\Windows\system32\rdpudd.dll
2013-12-21 23:43:26 ----A---- C:\Windows\system32\rdpendp_winip.dll
2013-12-21 23:43:26 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2013-12-21 23:43:26 ----A---- C:\Windows\system32\aaclient.dll
2013-12-21 23:43:25 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-12-21 23:43:25 ----A---- C:\Windows\system32\rdpcorets.dll
2013-12-21 23:43:25 ----A---- C:\Windows\system32\mstscax.dll
2013-12-21 23:43:25 ----A---- C:\Windows\system32\mstsc.exe
2013-12-21 23:35:42 ----A---- C:\Windows\system32\browserchoice.exe
2013-12-21 23:18:55 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2013-12-21 23:18:54 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-12-21 23:18:54 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-12-21 23:18:54 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2013-12-21 23:18:53 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-12-21 23:18:52 ----A---- C:\Windows\system32\WUDFx.dll
2013-12-21 23:18:52 ----A---- C:\Windows\system32\WUDFHost.exe
2013-12-21 23:11:47 ----D---- C:\Windows\system32\MRT
2013-12-21 23:11:44 ----A---- C:\Windows\system32\MRT.exe
2013-12-21 23:10:50 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-12-21 23:10:49 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-12-21 23:10:49 ----A---- C:\Windows\system32\UIAnimation.dll
2013-12-21 23:10:49 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-12-21 23:10:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-12-21 23:10:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-12-21 23:10:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-12-21 23:10:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-12-21 23:10:43 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-12-21 23:10:43 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-12-21 23:10:43 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-12-21 23:10:43 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-12-21 23:10:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-12-21 23:10:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-12-21 23:10:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-12-21 23:10:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-12-21 23:10:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-12-21 23:10:42 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-12-21 23:10:42 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-12-21 23:10:42 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-12-21 23:10:42 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-12-21 23:10:42 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-12-21 23:10:42 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-12-21 23:10:42 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-12-21 23:10:42 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-12-21 23:10:42 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-12-21 23:10:42 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-12-21 23:10:42 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-12-21 23:10:42 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-12-21 23:10:42 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-12-21 23:10:42 ----A---- C:\Windows\system32\dxgi.dll
2013-12-21 23:10:42 ----A---- C:\Windows\system32\d3d10warp.dll
2013-12-21 23:10:42 ----A---- C:\Windows\system32\d3d10level9.dll
2013-12-21 23:10:42 ----A---- C:\Windows\system32\d3d10core.dll
2013-12-21 23:10:42 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-12-21 23:10:42 ----A---- C:\Windows\system32\d3d10_1.dll
2013-12-21 23:10:41 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-12-21 23:10:41 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-12-21 23:10:41 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-12-21 23:10:41 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-12-21 23:10:41 ----A---- C:\Windows\system32\XpsPrint.dll
2013-12-21 23:10:41 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-12-21 23:10:41 ----A---- C:\Windows\system32\FntCache.dll
2013-12-21 23:10:41 ----A---- C:\Windows\system32\DWrite.dll
2013-12-21 23:10:41 ----A---- C:\Windows\system32\d3d10.dll
2013-12-21 23:10:40 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-12-21 23:10:40 ----A---- C:\Windows\system32\d2d1.dll
2013-12-21 23:10:17 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2013-12-21 23:10:16 ----A---- C:\Windows\SYSWOW64\wmi.dll
2013-12-21 23:10:16 ----A---- C:\Windows\system32\wmi.dll
2013-12-21 23:07:40 ----A---- C:\Windows\SYSWOW64\certutil.exe
2013-12-21 23:07:40 ----A---- C:\Windows\SYSWOW64\certenc.dll
2013-12-21 23:07:40 ----A---- C:\Windows\system32\certutil.exe
2013-12-21 23:07:40 ----A---- C:\Windows\system32\certenc.dll
2013-12-21 23:07:19 ----A---- C:\Windows\system32\wow64win.dll
2013-12-21 23:07:18 ----A---- C:\Windows\system32\ntvdm64.dll
2013-12-21 23:07:17 ----A---- C:\Windows\system32\wow64cpu.dll
2013-12-21 23:06:49 ----A---- C:\Windows\system32\consent.exe
2013-12-21 23:06:49 ----A---- C:\Windows\system32\appinfo.dll
2013-12-21 23:06:40 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2013-12-21 23:06:40 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2013-12-21 23:06:40 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2013-12-21 23:06:40 ----A---- C:\Windows\system32\dhcpcore6.dll
2013-12-21 23:06:37 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2013-12-21 23:06:37 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2013-12-21 23:06:37 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2013-12-21 23:06:34 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-21 23:06:34 ----A---- C:\Windows\system32\tzres.dll
2013-12-21 23:06:30 ----A---- C:\Windows\SYSWOW64\sbe.dll
2013-12-21 23:06:30 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2013-12-21 23:06:30 ----A---- C:\Windows\system32\sbe.dll
2013-12-21 23:06:30 ----A---- C:\Windows\system32\CPFilters.dll
2013-12-21 23:06:27 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-12-21 23:06:27 ----A---- C:\Windows\system32\wintrust.dll
2013-12-21 23:06:11 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2013-12-21 23:06:11 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-12-21 23:06:11 ----A---- C:\Windows\system32\xmllite.dll
2013-12-21 23:06:11 ----A---- C:\Windows\system32\comctl32.dll
2013-12-21 23:06:09 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2013-12-21 23:06:09 ----A---- C:\Windows\system32\qdvd.dll
2013-12-21 23:06:07 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2013-12-21 23:05:35 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-12-21 23:05:35 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-12-21 23:05:35 ----A---- C:\Windows\system32\winsrv.dll
2013-12-21 23:05:35 ----A---- C:\Windows\system32\KernelBase.dll
2013-12-21 23:05:35 ----A---- C:\Windows\system32\kernel32.dll
2013-12-21 23:05:35 ----A---- C:\Windows\system32\conhost.exe
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-12-21 23:05:34 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-12-21 23:05:34 ----A---- C:\Windows\system32\smss.exe
2013-12-21 23:05:34 ----A---- C:\Windows\system32\csrsrv.dll
2013-12-21 23:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-12-21 23:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-12-21 23:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-12-21 23:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-12-21 23:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-12-21 23:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-12-21 23:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-12-21 23:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-12-21 23:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-12-21 23:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-12-21 23:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-12-21 23:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-12-21 23:05:33 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-12-21 23:05:33 ----A---- C:\Windows\system32\apisetschema.dll
2013-12-21 23:05:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-12-21 23:05:27 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-12-21 23:05:27 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-12-21 23:05:27 ----A---- C:\Windows\system32\advapi32.dll
2013-12-21 23:05:26 ----A---- C:\Windows\SYSWOW64\tdh.dll
2013-12-21 23:05:26 ----A---- C:\Windows\system32\tdh.dll
2013-12-21 23:05:26 ----A---- C:\Windows\system32\ntdll.dll
2013-12-21 23:05:25 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-12-21 23:05:25 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-12-21 23:05:25 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-12-21 23:05:25 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-12-21 23:05:25 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-12-21 23:05:25 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2013-12-21 23:05:25 ----A---- C:\Windows\system32\wow64.dll
2013-12-21 23:05:24 ----A---- C:\Windows\SYSWOW64\user.exe
2013-12-21 23:05:03 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-12-21 23:05:01 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2013-12-21 23:05:01 ----A---- C:\Windows\system32\cdosys.dll
2013-12-21 23:05:00 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2013-12-21 23:05:00 ----A---- C:\Windows\system32\drivers\ndis.sys
2013-12-21 23:04:56 ----A---- C:\Windows\system32\drivers\bowser.sys
2013-12-21 23:04:52 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2013-12-21 23:04:52 ----A---- C:\Windows\system32\netcorehc.dll
2013-12-21 23:04:52 ----A---- C:\Windows\system32\ncsi.dll
2013-12-21 23:04:51 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2013-12-21 23:04:51 ----A---- C:\Windows\SYSWOW64\netevent.dll
2013-12-21 23:04:51 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2013-12-21 23:04:51 ----A---- C:\Windows\system32\nlasvc.dll
2013-12-21 23:04:51 ----A---- C:\Windows\system32\nlaapi.dll
2013-12-21 23:04:51 ----A---- C:\Windows\system32\netevent.dll
2013-12-21 23:04:51 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-12-21 23:04:51 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-12-21 23:04:47 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-12-21 23:04:47 ----A---- C:\Windows\system32\rpcrt4.dll
2013-12-21 23:04:42 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-12-21 23:04:42 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-12-21 23:04:42 ----A---- C:\Windows\system32\Wpc.dll
2013-12-21 23:04:42 ----A---- C:\Windows\system32\gameux.dll
2013-12-21 23:04:35 ----A---- C:\Windows\system32\d3d11.dll
2013-12-21 23:04:34 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-12-21 23:04:23 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2013-12-21 23:04:23 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2013-12-21 23:04:23 ----A---- C:\Windows\system32\mfc42u.dll
2013-12-21 23:04:23 ----A---- C:\Windows\system32\mfc42.dll
2013-12-21 23:04:21 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2013-12-21 23:04:21 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2013-12-21 23:04:21 ----A---- C:\Windows\system32\oleaut32.dll
2013-12-21 23:04:21 ----A---- C:\Windows\system32\oleacc.dll
2013-12-21 23:04:11 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-12-21 23:04:11 ----A---- C:\Windows\system32\win32spl.dll
2013-12-21 23:04:09 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2013-12-21 23:04:09 ----A---- C:\Windows\system32\ntshrui.dll
2013-12-21 23:04:06 ----A---- C:\Windows\system32\OxpsConverter.exe
2013-12-21 23:03:57 ----A---- C:\Windows\system32\win32k.sys
2013-12-21 23:03:56 ----A---- C:\Windows\system32\wwansvc.dll
2013-12-21 23:03:56 ----A---- C:\Windows\system32\wwanprotdim.dll
2013-12-21 23:03:52 ----A---- C:\Windows\system32\tquery.dll
2013-12-21 23:03:51 ----A---- C:\Windows\SYSWOW64\tquery.dll
2013-12-21 23:03:51 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2013-12-21 23:03:51 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2013-12-21 23:03:51 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2013-12-21 23:03:51 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2013-12-21 23:03:51 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2013-12-21 23:03:51 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2013-12-21 23:03:51 ----A---- C:\Windows\SYSWOW64\mssph.dll
2013-12-21 23:03:51 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2013-12-21 23:03:51 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2013-12-21 23:03:51 ----A---- C:\Windows\system32\SearchIndexer.exe
2013-12-21 23:03:51 ----A---- C:\Windows\system32\SearchFilterHost.exe
2013-12-21 23:03:51 ----A---- C:\Windows\system32\mssvp.dll
2013-12-21 23:03:51 ----A---- C:\Windows\system32\mssrch.dll
2013-12-21 23:03:51 ----A---- C:\Windows\system32\mssphtb.dll
2013-12-21 23:03:51 ----A---- C:\Windows\system32\mssph.dll
2013-12-21 23:03:51 ----A---- C:\Windows\system32\msscntrs.dll
2013-12-21 23:03:46 ----A---- C:\Windows\system32\shell32.dll
2013-12-21 23:03:45 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-12-21 23:03:45 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-12-21 23:03:45 ----A---- C:\Windows\system32\shdocvw.dll
2013-12-21 23:03:37 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-12-21 23:03:37 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-12-21 23:03:37 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-12-21 23:03:37 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-12-21 23:03:37 ----A---- C:\Windows\system32\sspisrv.dll
2013-12-21 23:03:37 ----A---- C:\Windows\system32\sspicli.dll
2013-12-21 23:03:37 ----A---- C:\Windows\system32\secur32.dll
2013-12-21 23:03:37 ----A---- C:\Windows\system32\schannel.dll
2013-12-21 23:03:37 ----A---- C:\Windows\system32\ncrypt.dll
2013-12-21 23:03:37 ----A---- C:\Windows\system32\lsass.exe
2013-12-21 23:03:37 ----A---- C:\Windows\system32\lsasrv.dll
2013-12-21 23:03:37 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-12-21 23:03:37 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-12-21 23:03:37 ----A---- C:\Windows\system32\drivers\cng.sys
2013-12-21 23:03:32 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2013-12-21 23:03:32 ----A---- C:\Windows\SYSWOW64\credui.dll
2013-12-21 23:03:32 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-12-21 23:03:32 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2013-12-21 23:03:32 ----A---- C:\Windows\system32\credui.dll
2013-12-21 23:03:32 ----A---- C:\Windows\system32\authui.dll
2013-12-21 23:03:29 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-12-21 23:03:29 ----A---- C:\Windows\system32\qedit.dll
2013-12-21 23:03:29 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-12-21 23:03:28 ----A---- C:\Windows\SYSWOW64\srclient.dll
2013-12-21 23:03:28 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-12-21 23:03:28 ----A---- C:\Windows\system32\srcore.dll
2013-12-21 23:03:28 ----A---- C:\Windows\system32\msxml6.dll
2013-12-21 23:03:28 ----A---- C:\Windows\system32\msxml3.dll
2013-12-21 23:03:27 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2013-12-21 23:03:27 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-12-21 23:03:27 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2013-12-21 23:03:27 ----A---- C:\Windows\system32\msxml3r.dll
2013-12-21 23:03:27 ----A---- C:\Windows\system32\EncDec.dll
2013-12-21 23:03:22 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-12-21 23:03:22 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-12-21 23:03:22 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-12-21 23:03:22 ----A---- C:\Windows\system32\cryptsvc.dll
2013-12-21 23:03:22 ----A---- C:\Windows\system32\cryptnet.dll
2013-12-21 23:03:22 ----A---- C:\Windows\system32\crypt32.dll
2013-12-21 23:03:15 ----A---- C:\Windows\system32\poqexec.exe
2013-12-21 23:03:14 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2013-12-21 23:03:11 ----A---- C:\Windows\system32\drivers\netio.sys
2013-12-21 23:03:11 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-12-21 23:03:09 ----A---- C:\Windows\system32\mswsock.dll
2013-12-21 23:03:09 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-12-21 23:03:08 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-12-21 23:03:05 ----A---- C:\Windows\system32\scavengeui.dll
2013-12-21 23:02:54 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2013-12-21 23:02:54 ----A---- C:\Windows\system32\cryptdlg.dll
2013-12-21 23:02:49 ----A---- C:\Windows\system32\Wdfres.dll
2013-12-21 23:02:49 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-12-21 23:02:49 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-12-21 23:02:46 ----A---- C:\Windows\SYSWOW64\webio.dll
2013-12-21 23:02:46 ----A---- C:\Windows\system32\webio.dll
2013-12-21 23:02:45 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-21 23:02:45 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-21 23:02:45 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-12-21 23:02:43 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-21 23:02:43 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-21 23:02:43 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-21 23:02:43 ----A---- C:\Windows\system32\wscript.exe
2013-12-21 23:02:43 ----A---- C:\Windows\system32\scrrun.dll
2013-12-21 23:02:43 ----A---- C:\Windows\system32\cscript.exe
2013-12-21 23:02:41 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-12-21 23:02:41 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2013-12-21 23:02:41 ----A---- C:\Windows\system32\usp10.dll
2013-12-21 23:02:41 ----A---- C:\Windows\system32\msvcrt.dll
2013-12-21 23:02:40 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-12-21 23:02:40 ----A---- C:\Windows\system32\atmfd.dll
2013-12-21 23:02:39 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-12-21 23:02:39 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-12-21 23:02:39 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-12-21 23:02:39 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-12-21 23:02:39 ----A---- C:\Windows\system32\lpk.dll
2013-12-21 23:02:39 ----A---- C:\Windows\system32\fontsub.dll
2013-12-21 23:02:39 ----A---- C:\Windows\system32\dciman32.dll
2013-12-21 23:02:39 ----A---- C:\Windows\system32\atmlib.dll
2013-12-21 23:02:37 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-12-21 23:02:37 ----A---- C:\Windows\SYSWOW64\quartz.dll
2013-12-21 23:02:37 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-12-21 23:02:37 ----A---- C:\Windows\system32\WebClnt.dll
2013-12-21 23:02:37 ----A---- C:\Windows\system32\quartz.dll
2013-12-21 23:02:37 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-12-21 23:02:37 ----A---- C:\Windows\system32\davclnt.dll
2013-12-21 23:02:36 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2013-12-21 23:02:36 ----A---- C:\Windows\system32\taskhost.exe
2013-12-21 23:02:36 ----A---- C:\Windows\system32\gdi32.dll
2013-12-21 23:02:23 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2013-12-21 23:02:23 ----A---- C:\Windows\system32\psisdecd.dll
2013-12-21 23:02:19 ----A---- C:\Windows\SYSWOW64\msi.dll
2013-12-21 23:02:19 ----A---- C:\Windows\system32\msi.dll
2013-12-21 23:02:19 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-12-21 23:02:18 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-12-21 23:02:17 ----A---- C:\Windows\system32\drivers\partmgr.sys
2013-12-21 23:02:15 ----A---- C:\Windows\system32\localspl.dll
2013-12-21 23:02:12 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2013-12-21 23:02:12 ----A---- C:\Windows\SYSWOW64\browcli.dll
2013-12-21 23:02:12 ----A---- C:\Windows\system32\netapi32.dll
2013-12-21 23:02:12 ----A---- C:\Windows\system32\browser.dll
2013-12-21 23:02:12 ----A---- C:\Windows\system32\browcli.dll
2013-12-21 23:02:11 ----A---- C:\Windows\system32\drivers\srvnet.sys
2013-12-21 23:02:11 ----A---- C:\Windows\system32\drivers\srv2.sys
2013-12-21 23:02:11 ----A---- C:\Windows\system32\drivers\srv.sys
2013-12-21 23:02:11 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-12-21 23:02:11 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-12-21 23:02:11 ----A---- C:\Windows\system32\cdd.dll
2013-12-21 23:02:10 ----A---- C:\Windows\system32\drivers\afd.sys
2013-12-21 23:02:09 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2013-12-21 23:02:09 ----A---- C:\Windows\system32\profsvc.dll
2013-12-21 23:02:09 ----A---- C:\Windows\system32\prevhost.exe
2013-12-21 23:02:07 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2013-12-21 23:02:07 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2013-12-21 23:02:07 ----A---- C:\Windows\system32\dnsrslvr.dll
2013-12-21 23:02:07 ----A---- C:\Windows\system32\dnscacheugc.exe
2013-12-21 23:02:07 ----A---- C:\Windows\system32\dnsapi.dll
2013-12-21 23:02:06 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2013-12-21 23:02:06 ----A---- C:\Windows\system32\kerberos.dll
2013-12-21 23:02:05 ----A---- C:\Windows\system32\winresume.exe
2013-12-21 23:02:05 ----A---- C:\Windows\system32\winload.exe
2013-12-21 23:02:05 ----A---- C:\Windows\system32\kdusb.dll
2013-12-21 23:02:05 ----A---- C:\Windows\system32\kdcom.dll
2013-12-21 23:02:05 ----A---- C:\Windows\system32\kd1394.dll
2013-12-21 23:02:03 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-21 23:02:03 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-21 23:02:01 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2013-12-21 23:02:01 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2013-12-21 23:02:01 ----A---- C:\Windows\SYSWOW64\devobj.dll
2013-12-21 23:02:01 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2013-12-21 23:02:01 ----A---- C:\Windows\system32\umpnpmgr.dll
2013-12-21 23:02:00 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-12-21 23:02:00 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-12-21 23:02:00 ----A---- C:\Windows\system32\FXSCOVER.exe
2013-12-21 23:01:59 ----A---- C:\Windows\system32\odbccu32.dll
2013-12-21 23:01:59 ----A---- C:\Windows\system32\odbccr32.dll
2013-12-21 23:01:59 ----A---- C:\Windows\system32\odbccp32.dll
2013-12-21 23:01:58 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2013-12-21 23:01:58 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2013-12-21 23:01:58 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2013-12-21 23:01:58 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2013-12-21 23:01:58 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2013-12-21 23:01:58 ----A---- C:\Windows\system32\odbctrac.dll
2013-12-21 23:01:57 ----A---- C:\Windows\SYSWOW64\synceng.dll
2013-12-21 23:01:57 ----A---- C:\Windows\system32\synceng.dll
2013-12-21 23:01:53 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2013-12-21 23:01:53 ----A---- C:\Windows\system32\inetcomm.dll
2013-12-21 23:01:51 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-12-21 23:01:49 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-21 23:01:49 ----A---- C:\Windows\system32\rdrmemptylst.exe
2013-12-21 23:01:49 ----A---- C:\Windows\system32\rdpwsx.dll
2013-12-21 23:01:49 ----A---- C:\Windows\system32\rdpcorekmts.dll
2013-12-21 23:01:49 ----A---- C:\Windows\system32\msieftp.dll
2013-12-21 23:01:49 ----A---- C:\Windows\system32\dpnet.dll
2013-12-21 23:01:48 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2013-12-21 23:01:48 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-12-21 23:01:48 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-12-21 23:01:47 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-12-21 23:01:45 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2013-12-21 22:59:38 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2013-12-21 22:59:38 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2013-12-21 22:59:38 ----A---- C:\Windows\system32\nshwfp.dll
2013-12-21 22:59:38 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-12-21 22:59:38 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-12-21 22:53:38 ----D---- C:\avast! sandbox
2013-12-21 22:49:33 ----A---- C:\Windows\SYSWOW64\packager.dll
2013-12-21 22:49:33 ----A---- C:\Windows\system32\packager.dll
2013-12-21 22:33:10 ----D---- C:\Users\miso\AppData\Roaming\Dropbox
2013-12-21 22:26:52 ----D---- C:\Users\miso\AppData\Roaming\Skype
2013-12-21 22:26:40 ----D---- C:\Users\miso\AppData\Roaming\Macromedia
2013-12-21 22:26:40 ----D---- C:\Users\miso\AppData\Roaming\Adobe
2013-12-21 22:26:28 ----D---- C:\ProgramData\Skype
2013-12-21 22:26:08 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-12-21 22:26:07 ----D---- C:\Windows\SYSWOW64\Macromed
2013-12-21 22:26:03 ----D---- C:\Windows\system32\Macromed
2013-12-21 22:24:21 ----D---- C:\Users\miso\AppData\Roaming\vlc
2013-12-21 22:21:03 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2013-12-21 22:20:59 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys
2013-12-21 22:16:41 ----D---- C:\Users\miso\AppData\Roaming\AVAST Software
2013-12-21 22:16:20 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-12-21 22:16:20 ----A---- C:\Windows\system32\drivers\aswstm.sys
2013-12-21 22:16:17 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-12-21 22:16:14 ----A---- C:\Windows\system32\drivers\aswSP.sys
2013-12-21 22:16:14 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2013-12-21 22:16:14 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2013-12-21 22:16:14 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2013-12-21 22:16:14 ----A---- C:\Windows\system32\aswBoot.exe
2013-12-21 22:16:13 ----A---- C:\Windows\avastSS.scr
2013-12-21 22:15:20 ----D---- C:\ProgramData\AVAST Software
2013-12-21 22:14:41 ----D---- C:\Users\miso\AppData\Roaming\Mozilla
2013-12-21 22:14:34 ----D---- C:\ProgramData\Mozilla
2013-12-21 22:14:34 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-21 22:13:40 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2013-12-21 22:13:40 ----A---- C:\Windows\system32\rdpcore.dll
2013-12-21 22:13:40 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2013-12-21 22:12:21 ----SHD---- C:\Windows\Installer
2013-12-21 22:09:57 ----D---- C:\Users\miso\AppData\Roaming\Identities
2013-12-21 22:09:54 ----A---- C:\Windows\system32\wups2.dll
2013-12-21 22:09:54 ----A---- C:\Windows\system32\wucltux.dll
2013-12-21 22:09:54 ----A---- C:\Windows\system32\wuaueng.dll
2013-12-21 22:09:54 ----A---- C:\Windows\system32\wuauclt.exe
2013-12-21 22:09:52 ----A---- C:\Windows\system32\wups.dll
2013-12-21 22:09:52 ----A---- C:\Windows\system32\wudriver.dll
2013-12-21 22:09:52 ----A---- C:\Windows\system32\wuapi.dll
2013-12-21 22:09:50 ----A---- C:\Windows\system32\wuwebv.dll
2013-12-21 22:09:50 ----A---- C:\Windows\system32\wuapp.exe
2013-12-21 22:09:48 ----SD---- C:\Users\miso\AppData\Roaming\Microsoft
2013-12-21 22:09:35 ----D---- C:\Recovery
2013-12-21 22:09:32 ----D---- C:\Windows\SoftwareDistribution
2013-12-18 17:16:44 ----A---- C:\Windows\system32\drivers\VBoxUSB.sys
2013-12-18 17:16:44 ----A---- C:\Windows\system32\drivers\VBoxNetFlt.sys
2013-12-18 17:16:44 ----A---- C:\Windows\system32\drivers\VBoxNetAdp.sys
2013-12-18 17:13:30 ----A---- C:\Windows\system32\VBoxNetFltNobj.dll

======List of files/folders modified in the last 1 month======

2014-01-10 23:08:10 ----D---- C:\ProgramData
2014-01-10 23:08:09 ----D---- C:\Windows\system32\drivers
2014-01-10 23:03:51 ----D---- C:\Windows\System32
2014-01-10 23:03:51 ----D---- C:\Windows\inf
2014-01-10 23:03:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-10 22:56:00 ----D---- C:\Windows
2014-01-10 22:55:01 ----D---- C:\Windows\system32\config
2014-01-10 22:41:20 ----A---- C:\Windows\system.ini
2014-01-10 22:41:16 ----D---- C:\Windows\system32\drivers\etc
2014-01-10 22:39:18 ----D---- C:\Windows\Tasks
2014-01-10 22:37:32 ----D---- C:\Windows\SYSWOW64\drivers
2014-01-10 22:37:32 ----D---- C:\Windows\SysWOW64
2014-01-10 22:37:32 ----D---- C:\Windows\AppPatch
2014-01-10 22:37:31 ----D---- C:\Program Files (x86)\Common Files
2014-01-09 16:00:00 ----D---- C:\Windows\system32\LogFiles
2014-01-09 01:11:12 ----D---- C:\Windows\ModemLogs
2014-01-08 18:30:55 ----RD---- C:\Program Files (x86)
2014-01-07 19:48:23 ----D---- C:\Windows\system32\DriverStore
2014-01-07 19:48:23 ----D---- C:\Windows\system32\catroot
2014-01-05 23:28:59 ----D---- C:\Windows\Logs
2014-01-05 23:28:59 ----D---- C:\Windows\debug
2014-01-05 22:19:16 ----RD---- C:\Program Files
2014-01-05 22:05:16 ----D---- C:\Windows\system32\Tasks
2014-01-05 14:44:59 ----D---- C:\Windows\system32\wdi
2014-01-04 20:18:31 ----RSD---- C:\Windows\assembly
2013-12-28 19:07:55 ----D---- C:\Windows\Microsoft.NET
2013-12-28 19:07:01 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-12-28 14:32:45 ----D---- C:\Windows\winsxs
2013-12-28 14:31:45 ----D---- C:\Program Files\Internet Explorer
2013-12-28 14:31:45 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-28 14:22:19 ----D---- C:\Windows\system32\catroot2
2013-12-28 14:11:33 ----D---- C:\Windows\SYSWOW64\migration
2013-12-28 14:11:33 ----D---- C:\Windows\SYSWOW64\en-US
2013-12-28 14:11:33 ----D---- C:\Windows\system32\migration
2013-12-28 14:11:33 ----D---- C:\Windows\system32\en-US
2013-12-28 14:11:33 ----D---- C:\Windows\PolicyDefinitions
2013-12-28 14:10:22 ----D---- C:\Windows\servicing
2013-12-28 01:44:13 ----RSD---- C:\Windows\Fonts
2013-12-24 00:40:47 ----D---- C:\Windows\ShellNew
2013-12-24 00:40:33 ----D---- C:\Program Files (x86)\MSBuild
2013-12-24 00:39:46 ----SD---- C:\ProgramData\Microsoft
2013-12-24 00:38:02 ----A---- C:\Windows\win.ini
2013-12-22 07:05:45 ----D---- C:\Windows\system32\sysprep
2013-12-22 07:03:37 ----D---- C:\Windows\CSC
2013-12-22 03:17:46 ----D---- C:\Program Files\Common Files\System
2013-12-22 00:30:34 ----D---- C:\Windows\system32\drivers\en-US
2013-12-22 00:30:34 ----D---- C:\Program Files\Windows Defender
2013-12-22 00:30:34 ----D---- C:\Program Files (x86)\Windows Defender
2013-12-22 00:30:32 ----D---- C:\Windows\SYSWOW64\wbem
2013-12-22 00:30:32 ----D---- C:\Windows\system32\wbem
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\it-IT
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\es-ES
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\el-GR
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\de-DE
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\da-DK
2013-12-22 00:30:21 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-12-22 00:30:21 ----D---- C:\Windows\system32\zh-HK
2013-12-22 00:30:21 ----D---- C:\Windows\system32\tr-TR
2013-12-22 00:30:21 ----D---- C:\Windows\system32\sv-SE
2013-12-22 00:30:21 ----D---- C:\Windows\system32\pt-PT
2013-12-22 00:30:21 ----D---- C:\Windows\system32\pt-BR
2013-12-22 00:30:21 ----D---- C:\Windows\system32\pl-PL
2013-12-22 00:30:21 ----D---- C:\Windows\system32\nl-NL
2013-12-22 00:30:21 ----D---- C:\Windows\system32\ko-KR
2013-12-22 00:30:21 ----D---- C:\Windows\system32\it-IT
2013-12-22 00:30:21 ----D---- C:\Windows\system32\hu-HU
2013-12-22 00:30:21 ----D---- C:\Windows\system32\fr-FR
2013-12-22 00:30:21 ----D---- C:\Windows\system32\fi-FI
2013-12-22 00:30:21 ----D---- C:\Windows\system32\es-ES
2013-12-22 00:30:21 ----D---- C:\Windows\system32\el-GR
2013-12-22 00:30:21 ----D---- C:\Windows\system32\Boot
2013-12-22 00:30:20 ----D---- C:\Windows\system32\zh-TW
2013-12-22 00:30:20 ----D---- C:\Windows\system32\zh-CN
2013-12-22 00:30:20 ----D---- C:\Windows\system32\ru-RU
2013-12-22 00:30:20 ----D---- C:\Windows\system32\nb-NO
2013-12-22 00:30:20 ----D---- C:\Windows\system32\ja-JP
2013-12-22 00:30:20 ----D---- C:\Windows\system32\de-DE
2013-12-22 00:30:20 ----D---- C:\Windows\system32\da-DK
2013-12-22 00:30:20 ----D---- C:\Windows\system32\cs-CZ
2013-12-22 00:30:20 ----D---- C:\Program Files\Windows Journal
2013-12-21 22:16:37 ----D---- C:\Windows\system32\CodeIntegrity
2013-12-21 22:09:45 ----RD---- C:\Users
2013-12-21 22:09:41 ----D---- C:\Windows\system32\restore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-12-21 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-12-21 207904]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; \??\C:\Windows\system32\drivers\aswKbd.sys [2013-12-21 28184]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-12-21 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-12-21 1034464]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2013-12-21 422216]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-12-26 283064]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2013-12-18 252688]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2013-12-18 126736]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-12-21 78648]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-20 9319936]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-04-20 306176]
R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2013-12-21 79672]
R3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-09-15 1061888]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2013-12-18 140560]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2013-12-18 154896]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-20 9319936]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2013-12-18 113936]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-05 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-04-20 203776]
R2 avast! Antivirus;avast! Antivirus; D:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-21 50344]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-22 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-21 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-22 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; D:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-05 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-01-07 569768]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-12-21 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#22 Příspěvek od **Márty84** » 11 led 2014 00:03

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

NeoFan · #23 Příspěvek od **NeoFan** » 11 led 2014 00:44

OTL Extras logfile created on: 1/11/2014 12:39:55 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\miso\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.50 Gb Total Physical Memory | 5.11 Gb Available Physical Memory | 68.12% Memory free
15.00 Gb Paging File | 12.42 Gb Available in Paging File | 82.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 29.72 Gb Total Space | 3.44 Gb Free Space | 11.57% Space Free | Partition Type: NTFS
Drive D: | 244.85 Gb Total Space | 211.39 Gb Free Space | 86.33% Space Free | Partition Type: NTFS
Drive E: | 1618.16 Gb Total Space | 544.69 Gb Free Space | 33.66% Space Free | Partition Type: NTFS

Computer Name: MISO-PC | User Name: miso | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = OperaStable] -- D:\Program Files (x86)\Opera\Launcher.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = OperaStable] -- D:\Program Files (x86)\Opera\Launcher.exe (Opera Software)

[HKEY_USERS\S-1-5-21-2811220215-2768408660-1131186198-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "D:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "D:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 61 01 DA 5A 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A35713B-4AE4-474B-B80D-F2704E88914D}" = lport=6004 | protocol=17 | dir=in | app=d:\program files (x86)\microsoft office\office14\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{059EB64B-2733-453F-9F49-D3A0A221AFE3}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{1217E005-B6DD-41A8-A1F1-6206FB231A91}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{14EA9FE9-BF52-48E8-8908-79F4BD3E3AE9}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{23145BE3-1959-4DFD-9EB5-B137F2F5B3B2}" = protocol=6 | dir=in | app=d:\program files (x86)\microsoft office\office14\groove.exe |
"{35376043-E521-4EBB-B06B-30F477BFF679}" = protocol=6 | dir=in | app=c:\users\miso\appdata\roaming\dropbox\bin\dropbox.exe |
"{51C7848D-149C-48AE-BC4F-729610C15AFE}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{554A565C-06A3-49FD-A500-B9610068F56F}" = protocol=17 | dir=in | app=d:\program files (x86)\microsoft office\office14\groove.exe |
"{751B8416-7569-496C-B8FF-2CBA5CC34CF6}" = protocol=6 | dir=in | app=d:\program files (x86)\microsoft office\office14\onenote.exe |
"{7DE43C72-2C9D-4D4E-AF9C-5EE4F39A11C3}" = protocol=17 | dir=in | app=c:\users\miso\appdata\roaming\dropbox\bin\dropbox.exe |
"{7DF45938-C509-48C3-ACA1-6C38021155D6}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{80AA8792-49A2-4BCA-871D-6C406FDA7C3E}" = protocol=17 | dir=in | app=d:\program files (x86)\microsoft office\office14\onenote.exe |
"{82887F60-6450-4FB3-A32B-D1CE9B315366}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{8B0448D6-F422-48CC-AC6E-F53CD9B4A002}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{8FD25009-4637-456B-93DA-FC54CB4E25DB}" = dir=in | app=d:\program files (x86)\skype\phone\skype.exe |
"{903A54EB-7203-4F62-BE54-3749280F40C0}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{90416044-92E9-44FA-BF46-4B581AA259E8}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{9E5750AF-72A6-4311-ACC9-003648765439}" = protocol=17 | dir=in | app=c:\users\miso\appdata\roaming\utorrent\utorrent.exe |
"{A50FF91A-597A-47AE-8E62-70643DD36AC1}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{AA345145-B618-4ED8-92B9-EA74B8B6C6A4}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{CEDA6BC3-6BCA-47E0-BDA6-624D38F1E77A}" = protocol=6 | dir=in | app=c:\users\miso\appdata\roaming\utorrent\utorrent.exe |
"{E198BF0C-82FA-48A5-9A62-CDFDABFF6403}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{90140000-0015-041B-1000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2010
"{90140000-0016-041B-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2010
"{90140000-0018-041B-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2010
"{90140000-0019-041B-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2010
"{90140000-001A-041B-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2010
"{90140000-001B-041B-1000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2010
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040E-1000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2010
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2010
"{90140000-002C-041B-1000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2010
"{90140000-0043-041B-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Slovak) 2010
"{90140000-0044-041B-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2010
"{90140000-006E-041B-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2010
"{90140000-00A1-041B-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2010
"{90140000-00BA-041B-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{DC65DFD8-E175-4A85-948A-42965853B2E8}" = Oracle VM VirtualBox 4.3.6
"CCleaner" = CCleaner

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{7204BDEE-1A48-4D95-A964-44A9250B439E}" = Facebook Messenger 2.1.4814.0
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{90140000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2010
"{90140000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2010
"{90140000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2010
"{90140000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2010
"{90140000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2010
"{90140000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2010
"{90140000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2010
"{90140000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2010
"{90140000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2010
"{90140000-00BA-041B-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A00F439C-600D-4220-96CF-C6F1F8C32633}" = OpenOffice 4.0.1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1051-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) - Slovak
"{E86B07AE-9F94-44D5-AD47-DC2716EA90D2}" = Secure Download Manager
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Astroburn Lite" = Astroburn Lite
"Avast" = avast! Pro Antivirus
"DAEMON Tools Lite" = DAEMON Tools Lite
"Google Chrome" = Google Chrome
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"Opera 18.0.1284.68" = Opera Stable 18.0.1284.68
"Steam" = Steam
"Steam App 570" = Dota 2
"TeamViewer 9" = TeamViewer 9
"VLC media player" = VLC media player 2.1.2

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2811220215-2768408660-1131186198-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/10/2014 5:42:40 PM | Computer Name = miso-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/10/2014 5:43:33 PM | Computer Name = miso-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 11.0.9600.16428,
time stamp: 0x525b66f7 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x00000000042b0000 Faulting process
id: 0xf00 Faulting application start time: 0x01cf0e4d01172ee9 Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: unknown
Report
Id: 3ff469ec-7a40-11e3-bd22-0015830cbfeb

Error - 1/10/2014 5:46:02 PM | Computer Name = miso-PC | Source = Application Error | ID = 1000
Description = Faulting application name: RogueKiller.exe, version: 8.8.0.0, time
stamp: 0x52bd594d Faulting module name: RogueKiller.exe, version: 8.8.0.0, time
stamp: 0x52bd594d Exception code: 0x40000015 Fault offset: 0x001549f0 Faulting process
id: 0x7c Faulting application start time: 0x01cf0e4d495153e8 Faulting application
path: C:\Users\miso\Desktop\RogueKiller.exe Faulting module path: C:\Users\miso\Desktop\RogueKiller.exe
Report
Id: 99428f5b-7a40-11e3-bd22-0015830cbfeb

Error - 1/10/2014 5:56:57 PM | Computer Name = miso-PC | Source = Application Error | ID = 1000
Description = Faulting application name: RogueKiller.exe, version: 8.8.0.0, time
stamp: 0x52bd594d Faulting module name: RogueKiller.exe, version: 8.8.0.0, time
stamp: 0x52bd594d Exception code: 0x40000015 Fault offset: 0x001549f0 Faulting process
id: 0x658 Faulting application start time: 0x01cf0e4ec6703ed0 Faulting application
path: C:\Users\miso\Desktop\RogueKiller.exe Faulting module path: C:\Users\miso\Desktop\RogueKiller.exe
Report
Id: 1f6991cf-7a42-11e3-835e-d43d7e33f829

Error - 1/10/2014 5:59:00 PM | Computer Name = miso-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 11.0.9600.16428,
time stamp: 0x525b66f7 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x0000000004360078 Faulting process
id: 0xfd0 Faulting application start time: 0x01cf0e4f2a30074e Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: unknown
Report
Id: 68fdf493-7a42-11e3-b9da-d43d7e33f829

Error - 1/10/2014 5:59:33 PM | Computer Name = miso-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/10/2014 6:00:01 PM | Computer Name = miso-PC | Source = Application Error | ID = 1000
Description = Faulting application name: RogueKiller.exe, version: 8.8.0.0, time
stamp: 0x52bd594d Faulting module name: RogueKiller.exe, version: 8.8.0.0, time
stamp: 0x52bd594d Exception code: 0x40000015 Fault offset: 0x001549f0 Faulting process
id: 0x2f4 Faulting application start time: 0x01cf0e4f3ab899d7 Faulting application
path: C:\Users\miso\Desktop\RogueKiller.exe Faulting module path: C:\Users\miso\Desktop\RogueKiller.exe
Report
Id: 8cf41c00-7a42-11e3-b9da-d43d7e33f829

Error - 1/10/2014 6:00:28 PM | Computer Name = miso-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 11.0.9600.16428,
time stamp: 0x525b66f7 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x0000000004820000 Faulting process
id: 0xef4 Faulting application start time: 0x01cf0e4f5ca66686 Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: unknown
Report
Id: 9d596e96-7a42-11e3-b9da-d43d7e33f829

Error - 1/10/2014 6:17:01 PM | Computer Name = miso-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 11.0.9600.16428,
time stamp: 0x525b66f7 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x00000000059b0000 Faulting process
id: 0x127c Faulting application start time: 0x01cf0e51ae56ef56 Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: unknown
Report
Id: ed1f6365-7a44-11e3-b9da-d43d7e33f829

Error - 1/10/2014 6:21:14 PM | Computer Name = miso-PC | Source = Application Error | ID = 1000
Description = Faulting application name: RogueKiller.exe, version: 8.8.0.0, time
stamp: 0x52bd594d Faulting module name: RogueKiller.exe, version: 8.8.0.0, time
stamp: 0x52bd594d Exception code: 0x40000015 Fault offset: 0x001549f0 Faulting process
id: 0x1198 Faulting application start time: 0x01cf0e5229ab5198 Faulting application
path: C:\Users\miso\Desktop\RogueKiller.exe Faulting module path: C:\Users\miso\Desktop\RogueKiller.exe
Report
Id: 841b603b-7a45-11e3-b9da-d43d7e33f829

[ System Events ]
Error - 1/10/2014 5:39:40 PM | Computer Name = miso-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 1/10/2014 5:39:50 PM | Computer Name = miso-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 1/10/2014 5:40:00 PM | Computer Name = miso-PC | Source = DCOM | ID = 10010
Description =

Error - 1/10/2014 5:54:59 PM | Computer Name = miso-PC | Source = DCOM | ID = 10010
Description =

Error - 1/10/2014 5:56:01 PM | Computer Name = miso-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
aswKbd aswRvrt aswSnx aswSP aswVmm discache spldr VBoxDrv VBoxUSBMon Wanarpv6

Error - 1/10/2014 5:56:07 PM | Computer Name = miso-PC | Source = DCOM | ID = 10005
Description =

Error - 1/10/2014 5:56:12 PM | Computer Name = miso-PC | Source = DCOM | ID = 10005
Description =

Error - 1/10/2014 5:56:13 PM | Computer Name = miso-PC | Source = DCOM | ID = 10005
Description =

Error - 1/10/2014 6:00:24 PM | Computer Name = miso-PC | Source = DCOM | ID = 10016
Description =

Error - 1/10/2014 6:24:26 PM | Computer Name = miso-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

< End of report >

NeoFan · #24 Příspěvek od **NeoFan** » 11 led 2014 00:46

OTL logfile created on: 1/11/2014 12:39:55 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\miso\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.50 Gb Total Physical Memory | 5.11 Gb Available Physical Memory | 68.12% Memory free
15.00 Gb Paging File | 12.42 Gb Available in Paging File | 82.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 29.72 Gb Total Space | 3.44 Gb Free Space | 11.57% Space Free | Partition Type: NTFS
Drive D: | 244.85 Gb Total Space | 211.39 Gb Free Space | 86.33% Space Free | Partition Type: NTFS
Drive E: | 1618.16 Gb Total Space | 544.69 Gb Free Space | 33.66% Space Free | Partition Type: NTFS

Computer Name: MISO-PC | User Name: miso | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/11 00:22:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\miso\Desktop\OTL.exe
PRC - [2013/12/21 22:26:08 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
PRC - [2013/12/21 22:16:13 | 003,764,024 | ---- | M] (AVAST Software) -- D:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/12/21 22:16:13 | 000,050,344 | ---- | M] (AVAST Software) -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/12/18 02:02:36 | 030,714,312 | ---- | M] (Dropbox, Inc.) -- C:\Users\miso\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/12/17 11:38:33 | 005,341,536 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2013/12/05 20:34:42 | 000,275,568 | ---- | M] (Mozilla Corporation) -- D:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/09/05 15:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/03/07 21:32:38 | 000,248,240 | ---- | M] (Facebook) -- C:\Users\miso\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe

========== Modules (No Company Name) ==========

MOD - [2013/12/22 03:20:27 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\764054efc88f51b54c8d7e44df26b671\System.Data.ni.dll
MOD - [2013/12/22 03:20:09 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/12/22 03:20:04 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/12/22 03:20:00 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/12/22 03:19:58 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013/12/22 03:19:43 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/12/22 00:37:11 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/12/21 22:26:07 | 016,242,056 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2013/12/21 22:16:13 | 019,336,120 | ---- | M] () -- D:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/12/18 02:01:12 | 003,558,400 | ---- | M] () -- C:\Users\miso\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013/12/05 20:36:56 | 003,559,024 | ---- | M] () -- D:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/08/23 20:01:44 | 025,100,288 | ---- | M] () -- C:\Users\miso\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013/03/07 21:32:40 | 021,014,960 | ---- | M] () -- C:\Users\miso\AppData\Local\Facebook\Messenger\2.1.4814.0\libcef.dll
MOD - [2013/03/07 21:32:38 | 000,292,272 | ---- | M] () -- C:\Users\miso\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.dll
MOD - [2013/03/07 21:32:38 | 000,179,632 | ---- | M] () -- C:\Users\miso\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.WinForms.dll
MOD - [2010/11/21 04:24:32 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/01/30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

========== Services (SafeList) ==========

SRV:64bit: - [2013/11/26 10:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/04/20 02:04:20 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/01/07 22:00:22 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/12/21 22:26:08 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/21 22:16:13 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/12/17 11:38:33 | 005,341,536 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2013/12/05 20:36:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/09/05 15:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/03/25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/12/26 23:53:34 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/12/21 22:21:01 | 000,028,184 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013/12/21 22:16:26 | 000,079,672 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2013/12/21 22:16:13 | 001,034,464 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/12/21 22:16:13 | 000,422,216 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/12/21 22:16:13 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/12/21 22:16:13 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/12/21 22:16:13 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/12/21 22:16:13 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/12/18 17:16:44 | 000,140,560 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/20 02:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011/04/20 02:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/04/20 01:22:34 | 000,306,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/21 04:24:15 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 04:24:15 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2009/09/15 04:36:48 | 001,061,888 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009/08/13 08:38:24 | 000,029,184 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcp.sys -- (BthAvrcp)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2811220215-2768408660-1131186198-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-2811220215-2768408660-1131186198-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2811220215-2768408660-1131186198-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2811220215-2768408660-1131186198-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7BF632A5EA-F825-4AE7-94B5-233CFBA9F423%7D:0.3.7.9.18
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2011.70
FF - prefs.js..extensions.enabledAddons: %7B1f91cde0-c040-11da-a94d-0800200c9a66%7D:14
FF - prefs.js..extensions.enabledAddons: %7B139a120b-c2ea-41d2-bf70-542d9f063dfd%7D:2.04.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\miso\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: D:\Program Files\AVAST Software\Avast\WebRep\FF [2014/01/05 22:05:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins

[2013/12/21 22:15:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\miso\AppData\Roaming\Mozilla\Extensions
[2014/01/06 21:59:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default\extensions
[2014/01/04 13:52:07 | 000,000,000 | ---D | M] (Hola Unblocker) -- C:\Users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default\extensions\jid1-4P0kohSJxU1qGg@jetpack
[2014/01/06 21:58:31 | 000,184,519 | ---- | M] () (No name found) -- C:\Users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default\extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi
[2014/01/05 21:21:08 | 000,833,482 | ---- | M] () (No name found) -- C:\Users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default\extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi
[2014/01/05 21:35:08 | 000,006,516 | ---- | M] () (No name found) -- C:\Users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default\extensions\kitsuneymg@gmail.com.xpi
[2014/01/06 21:59:51 | 000,132,344 | ---- | M] () (No name found) -- C:\Users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default\extensions\{139a120b-c2ea-41d2-bf70-542d9f063dfd}.xpi
[2014/01/06 00:00:28 | 000,067,831 | ---- | M] () (No name found) -- C:\Users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default\extensions\{1f91cde0-c040-11da-a94d-0800200c9a66}.xpi
[2013/12/29 23:39:03 | 000,091,653 | ---- | M] () (No name found) -- C:\Users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default\extensions\{F632A5EA-F825-4AE7-94B5-233CFBA9F423}.xpi
[2014/01/05 22:05:14 | 000,000,000 | ---D | M] (avast! Online Security) -- D:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: Google Docs = C:\Users\miso\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\miso\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\miso\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\miso\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Hola Better Internet = C:\Users\miso\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio\1.2.290_0\
CHR - Extension: avast! Online Security = C:\Users\miso\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2011.70_0\
CHR - Extension: Google Wallet = C:\Users\miso\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\miso\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014/01/10 22:41:16 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4 - HKLM..\Run: [AvastUI.exe] D:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - Startup: C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\miso\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\miso\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2811220215-2768408660-1131186198-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2811220215-2768408660-1131186198-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4 92.60.48.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{40F25369-1902-430F-819F-851046AB2536}: DhcpNameServer = 8.8.8.8 8.8.4.4 92.60.48.2
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/11 00:22:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\miso\Desktop\OTL.exe
[2014/01/10 23:08:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014/01/10 23:08:09 | 000,117,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/01/10 23:07:42 | 000,089,304 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/01/10 23:07:40 | 000,000,000 | ---D | C] -- C:\Users\miso\Desktop\mbar
[2014/01/10 23:07:18 | 012,582,688 | ---- | C] (Malwarebytes Corp.) -- C:\Users\miso\Desktop\mbar-1.07.0.1008.exe
[2014/01/10 22:41:17 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2014/01/10 22:39:36 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014/01/10 11:45:03 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014/01/10 11:45:03 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014/01/10 11:45:03 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014/01/10 11:44:58 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/01/10 11:44:43 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014/01/10 11:42:20 | 005,162,489 | R--- | C] (Swearware) -- C:\Users\miso\Desktop\ComboFix.exe
[2014/01/08 18:30:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Astroburn Lite
[2014/01/08 18:30:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Astroburn Lite
[2014/01/08 18:30:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Astroburn Lite
[2014/01/08 13:50:46 | 000,000,000 | ---D | C] -- C:\Users\miso\Desktop\RK_Quarantine
[2014/01/08 01:19:07 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/08 00:11:24 | 000,000,000 | ---D | C] -- C:\Users\miso\Desktop\New folder
[2014/01/07 19:07:11 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\e-academy Inc
[2014/01/06 22:30:05 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\Malwarebytes
[2014/01/06 22:30:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/01/06 22:29:31 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Local\Programs
[2014/01/05 23:15:21 | 000,000,000 | ---D | C] -- C:\Users\miso\Documents\cgminer-3.7.2-windows
[2014/01/05 22:19:16 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/01/05 22:19:16 | 000,000,000 | ---D | C] -- C:\rsit
[2014/01/04 11:31:40 | 000,000,000 | ---D | C] -- C:\Users\miso\Desktop\_SKUSKA 2009_chocholata
[2013/12/31 01:22:44 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\dvdcss
[2013/12/30 21:24:20 | 000,000,000 | ---D | C] -- C:\Users\miso\Documents\Pamela
[2013/12/29 18:33:12 | 000,000,000 | ---D | C] -- C:\Windows\rescache
[2013/12/28 19:09:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013/12/28 19:09:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013/12/28 19:09:44 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2013/12/28 19:09:44 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2013/12/28 19:09:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2013/12/28 14:27:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/12/28 01:44:38 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\TeamViewer
[2013/12/28 01:44:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2013/12/26 23:54:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2013/12/26 23:53:34 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013/12/26 23:53:31 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\DAEMON Tools Lite
[2013/12/26 23:52:17 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2013/12/26 23:46:53 | 000,000,000 | ---D | C] -- C:\Users\miso\VirtualBox VMs
[2013/12/26 18:15:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013/12/26 18:15:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013/12/26 18:15:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013/12/26 02:10:56 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2013/12/26 02:04:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2013/12/26 02:04:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013/12/26 00:31:16 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Local\Opera Software
[2013/12/26 00:31:15 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\Opera Software
[2013/12/24 00:41:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2013/12/24 00:41:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/12/24 00:40:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2013/12/24 00:40:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013/12/24 00:39:46 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013/12/24 00:39:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2013/12/24 00:39:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2013/12/24 00:38:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/12/23 23:45:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013/12/22 14:43:37 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\OpenOffice
[2013/12/22 14:41:15 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
[2013/12/22 14:30:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/12/22 14:29:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/12/22 14:29:39 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Local\Google
[2013/12/22 07:03:32 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013/12/22 07:03:25 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013/12/22 07:02:27 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013/12/22 02:34:19 | 000,000,000 | ---D | C] -- C:\Users\miso\.VirtualBox
[2013/12/22 02:33:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
[2013/12/22 02:33:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013/12/22 02:25:01 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2013/12/22 02:09:30 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\uTorrent
[2013/12/22 00:50:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2013/12/22 00:30:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2013/12/22 00:30:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2013/12/21 23:56:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2013/12/21 23:55:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2013/12/21 23:55:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013/12/21 23:55:29 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Local\Microsoft Help
[2013/12/21 23:55:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013/12/21 23:55:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013/12/21 23:11:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/12/21 22:53:38 | 000,000,000 | ---D | C] -- C:\avast! sandbox
[2013/12/21 22:34:06 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2013/12/21 22:33:10 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\Dropbox
[2013/12/21 22:26:52 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\Skype
[2013/12/21 22:26:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/12/21 22:26:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/12/21 22:26:40 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\Macromedia
[2013/12/21 22:26:40 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Local\Macromedia
[2013/12/21 22:26:40 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\Adobe
[2013/12/21 22:26:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013/12/21 22:26:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2013/12/21 22:26:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2013/12/21 22:24:21 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\vlc
[2013/12/21 22:23:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/12/21 22:21:03 | 000,028,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2013/12/21 22:20:59 | 000,439,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdisFlt.sys
[2013/12/21 22:16:49 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Local\Adobe
[2013/12/21 22:16:41 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\AVAST Software
[2013/12/21 22:16:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2013/12/21 22:16:20 | 000,082,744 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys.1387660586
[2013/12/21 22:16:20 | 000,079,672 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2013/12/21 22:16:14 | 001,034,464 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013/12/21 22:16:14 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013/12/21 22:16:14 | 000,334,136 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013/12/21 22:16:14 | 000,092,544 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013/12/21 22:16:14 | 000,078,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013/12/21 22:16:13 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/12/21 22:15:20 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/12/21 22:14:41 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\Mozilla
[2013/12/21 22:14:41 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Local\Mozilla
[2013/12/21 22:14:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/12/21 22:14:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/12/21 22:12:22 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
[2013/12/21 22:12:21 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013/12/21 22:12:08 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Local\Facebook
[2013/12/21 22:10:02 | 000,000,000 | R--D | C] -- C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/12/21 22:10:02 | 000,000,000 | R--D | C] -- C:\Users\miso\Searches
[2013/12/21 22:10:02 | 000,000,000 | R--D | C] -- C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/12/21 22:10:02 | 000,000,000 | -H-D | C] -- C:\Users\miso\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/12/21 22:09:57 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\Identities
[2013/12/21 22:09:54 | 000,000,000 | R--D | C] -- C:\Users\miso\Contacts
[2013/12/21 22:09:53 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Local\VirtualStore
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\AppData\Local\Temporary Internet Files
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\Templates
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\Start Menu
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\SendTo
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\Recent
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\PrintHood
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\NetHood
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\Documents\My Videos
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\Documents\My Pictures
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\Documents\My Music
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\My Documents
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\Local Settings
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\AppData\Local\History
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\Cookies
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\Application Data
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\AppData\Local\Application Data
[2013/12/21 22:09:48 | 000,000,000 | --SD | C] -- C:\Users\miso\AppData\Roaming\Microsoft
[2013/12/21 22:09:48 | 000,000,000 | R--D | C] -- C:\Users\miso\Videos
[2013/12/21 22:09:48 | 000,000,000 | R--D | C] -- C:\Users\miso\Saved Games
[2013/12/21 22:09:48 | 000,000,000 | R--D | C] -- C:\Users\miso\Pictures
[2013/12/21 22:09:48 | 000,000,000 | R--D | C] -- C:\Users\miso\Music
[2013/12/21 22:09:48 | 000,000,000 | R--D | C] -- C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/12/21 22:09:48 | 000,000,000 | R--D | C] -- C:\Users\miso\Links
[2013/12/21 22:09:48 | 000,000,000 | R--D | C] -- C:\Users\miso\Favorites
[2013/12/21 22:09:48 | 000,000,000 | R--D | C] -- C:\Users\miso\Downloads
[2013/12/21 22:09:48 | 000,000,000 | R--D | C] -- C:\Users\miso\Documents
[2013/12/21 22:09:48 | 000,000,000 | R--D | C] -- C:\Users\miso\Desktop
[2013/12/21 22:09:48 | 000,000,000 | R--D | C] -- C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/12/21 22:09:48 | 000,000,000 | -H-D | C] -- C:\Users\miso\AppData
[2013/12/21 22:09:48 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Local\Temp
[2013/12/21 22:09:48 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Local\Microsoft
[2013/12/21 22:09:35 | 000,000,000 | ---D | C] -- C:\Recovery
[2013/12/21 22:09:32 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

========== Files - Modified Within 30 Days ==========

[2014/01/11 00:30:03 | 000,027,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/11 00:30:03 | 000,027,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/11 00:25:56 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/01/11 00:22:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\miso\Desktop\OTL.exe
[2014/01/10 23:08:09 | 000,117,464 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/01/10 23:07:42 | 000,089,304 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/01/10 23:07:07 | 012,582,688 | ---- | M] (Malwarebytes Corp.) -- C:\Users\miso\Desktop\mbar-1.07.0.1008.exe
[2014/01/10 23:03:51 | 000,781,298 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/10 23:03:51 | 000,661,656 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/10 23:03:51 | 000,121,524 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/10 22:57:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/10 22:57:52 | 4026,101,760 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/10 22:41:16 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/01/10 16:43:56 | 000,436,584 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/10 11:42:26 | 005,162,489 | R--- | M] (Swearware) -- C:\Users\miso\Desktop\ComboFix.exe
[2014/01/09 19:41:08 | 000,407,244 | ---- | M] () -- C:\Users\miso\Desktop\IMG_09012014_194035.png
[2014/01/09 00:38:39 | 000,068,420 | ---- | M] () -- C:\Users\miso\Desktop\749f321628cf2d93d6980f5266092044.jpg
[2014/01/08 18:30:57 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\Astroburn Lite.lnk
[2014/01/08 13:50:27 | 003,810,304 | ---- | M] () -- C:\Users\miso\Desktop\RogueKiller.exe
[2014/01/07 23:52:10 | 000,007,334 | ---- | M] () -- C:\Users\miso\Desktop\New OpenDocument Text.odt
[2014/01/07 21:57:37 | 000,407,189 | ---- | M] () -- C:\Users\miso\Desktop\IMG_07012014_213846.png
[2014/01/07 19:07:11 | 000,003,133 | ---- | M] () -- C:\Users\miso\Desktop\Shortcut to SecureDownloadManager.exe.lnk
[2014/01/03 22:18:07 | 000,001,744 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2013/12/28 19:09:44 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2013/12/28 19:09:44 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2013/12/27 20:50:41 | 000,007,605 | ---- | M] () -- C:\Users\miso\AppData\Local\Resmon.ResmonCfg
[2013/12/26 23:53:34 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013/12/26 18:35:12 | 000,042,674 | ---- | M] () -- C:\Users\miso\Desktop\stvorce-color.png
[2013/12/23 20:51:17 | 000,002,283 | ---- | M] () -- C:\Users\miso\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/12/22 07:06:06 | 000,109,935 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013/12/22 07:06:06 | 000,109,935 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013/12/22 07:04:24 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2013/12/22 02:33:14 | 000,000,843 | ---- | M] () -- C:\Users\miso\Application Data\Microsoft\Internet Explorer\Quick Launch\Oracle VM VirtualBox.lnk
[2013/12/22 02:27:48 | 000,770,088 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/12/22 02:18:51 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/12/22 02:18:51 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/12/22 02:11:40 | 000,000,792 | ---- | M] () -- C:\Users\miso\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2013/12/22 00:12:06 | 000,023,104 | ---- | M] () -- C:\Users\miso\Desktop\Minolta-PagePro_1350W-min12xxw.ppd
[2013/12/21 22:34:17 | 000,001,010 | ---- | M] () -- C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/12/21 22:21:01 | 000,028,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2013/12/21 22:20:59 | 000,439,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdisFlt.sys
[2013/12/21 22:16:26 | 000,079,672 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2013/12/21 22:16:13 | 001,034,464 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013/12/21 22:16:13 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013/12/21 22:16:13 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013/12/21 22:16:13 | 000,207,904 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013/12/21 22:16:13 | 000,092,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013/12/21 22:16:13 | 000,082,744 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys.1387660586
[2013/12/21 22:16:13 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013/12/21 22:16:13 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013/12/21 22:16:13 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/12/21 22:12:26 | 000,001,281 | ---- | M] () -- C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
[2013/12/21 22:11:26 | 000,001,441 | ---- | M] () -- C:\Users\miso\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

========== Files Created - No Company Name ==========

[2014/01/11 00:25:56 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/01/10 16:43:51 | 000,436,584 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/10 11:45:03 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/01/10 11:45:03 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/01/10 11:45:03 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/01/10 11:45:03 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/01/10 11:45:03 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/01/09 19:41:03 | 000,407,244 | ---- | C] () -- C:\Users\miso\Desktop\IMG_09012014_194035.png
[2014/01/09 00:38:39 | 000,068,420 | ---- | C] () -- C:\Users\miso\Desktop\749f321628cf2d93d6980f5266092044.jpg
[2014/01/08 18:30:57 | 000,001,078 | ---- | C] () -- C:\Users\Public\Desktop\Astroburn Lite.lnk
[2014/01/08 13:50:26 | 003,810,304 | ---- | C] () -- C:\Users\miso\Desktop\RogueKiller.exe
[2014/01/07 23:52:10 | 000,007,334 | ---- | C] () -- C:\Users\miso\Desktop\New OpenDocument Text.odt
[2014/01/07 21:57:18 | 000,407,189 | ---- | C] () -- C:\Users\miso\Desktop\IMG_07012014_213846.png
[2014/01/07 19:07:11 | 000,003,133 | ---- | C] () -- C:\Users\miso\Desktop\Shortcut to SecureDownloadManager.exe.lnk
[2013/12/28 01:44:09 | 000,001,178 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
[2013/12/27 20:50:34 | 000,007,605 | ---- | C] () -- C:\Users\miso\AppData\Local\Resmon.ResmonCfg
[2013/12/26 18:35:12 | 000,042,674 | ---- | C] () -- C:\Users\miso\Desktop\stvorce-color.png
[2013/12/26 18:15:28 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/12/26 00:31:13 | 000,000,822 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2013/12/26 00:28:43 | 000,001,744 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2013/12/22 14:30:04 | 000,002,283 | ---- | C] () -- C:\Users\miso\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/12/22 07:04:24 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/12/22 07:03:25 | 4026,101,760 | -HS- | C] () -- C:\hiberfil.sys
[2013/12/22 02:33:14 | 000,000,843 | ---- | C] () -- C:\Users\miso\Application Data\Microsoft\Internet Explorer\Quick Launch\Oracle VM VirtualBox.lnk
[2013/12/22 02:27:48 | 000,770,088 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/12/22 02:18:51 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/12/22 02:18:51 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/12/22 02:11:40 | 000,000,792 | ---- | C] () -- C:\Users\miso\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2013/12/22 00:12:15 | 000,023,104 | ---- | C] () -- C:\Users\miso\Desktop\Minolta-PagePro_1350W-min12xxw.ppd
[2013/12/21 23:18:52 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/12/21 23:02:49 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/12/21 22:34:17 | 000,001,010 | ---- | C] () -- C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/12/21 22:16:20 | 000,207,904 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013/12/21 22:16:17 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013/12/21 22:14:34 | 000,000,812 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/12/21 22:12:22 | 000,001,281 | ---- | C] () -- C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
[2013/12/21 22:11:26 | 000,001,441 | ---- | C] () -- C:\Users\miso\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/12/21 22:10:02 | 000,001,417 | ---- | C] () -- C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/12/21 22:09:49 | 000,000,290 | ---- | C] () -- C:\Users\miso\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/12/21 22:09:49 | 000,000,272 | ---- | C] () -- C:\Users\miso\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

========== ZeroAccess Check ==========

[2009/07/14 06:00:09 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:46 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/12/21 22:16:41 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\AVAST Software
[2014/01/09 01:11:21 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\DAEMON Tools Lite
[2014/01/10 22:58:15 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\Dropbox
[2014/01/07 19:07:11 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\e-academy Inc
[2013/12/22 14:43:37 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\OpenOffice
[2013/12/26 00:31:15 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\Opera Software
[2013/12/28 01:54:55 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\TeamViewer
[2014/01/10 22:33:47 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\uTorrent

========== Purity Check ==========

< End of report >

#25 Příspěvek od **Márty84** » 11 led 2014 09:24

Zkopiroval jste do OTL ten skript?

NeoFan · #26 Příspěvek od **NeoFan** » 11 led 2014 11:28

pardon,moja chyba..

OTL logfile created on: 1/11/2014 10:44:54 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\miso\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.50 Gb Total Physical Memory | 4.62 Gb Available Physical Memory | 61.58% Memory free
15.00 Gb Paging File | 11.60 Gb Available in Paging File | 77.36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 29.72 Gb Total Space | 3.22 Gb Free Space | 10.83% Space Free | Partition Type: NTFS
Drive D: | 244.85 Gb Total Space | 211.38 Gb Free Space | 86.33% Space Free | Partition Type: NTFS
Drive E: | 1618.16 Gb Total Space | 544.69 Gb Free Space | 33.66% Space Free | Partition Type: NTFS

Computer Name: MISO-PC | User Name: miso | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/11 00:22:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\miso\Desktop\OTL.exe
PRC - [2013/12/21 22:26:08 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
PRC - [2013/12/21 22:16:13 | 003,764,024 | ---- | M] (AVAST Software) -- D:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/12/21 22:16:13 | 000,050,344 | ---- | M] (AVAST Software) -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/12/18 02:02:36 | 030,714,312 | ---- | M] (Dropbox, Inc.) -- C:\Users\miso\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/12/17 11:38:33 | 005,341,536 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2013/12/05 20:34:42 | 000,275,568 | ---- | M] (Mozilla Corporation) -- D:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/09/20 15:17:54 | 000,103,936 | ---- | M] (Apache Software Foundation) -- D:\Program Files (x86)\OpenOffice 4\program\simpress.exe
PRC - [2013/09/20 15:17:50 | 009,837,056 | ---- | M] (Apache Software Foundation) -- D:\Program Files (x86)\OpenOffice 4\program\soffice.exe
PRC - [2013/09/20 15:17:50 | 009,828,864 | ---- | M] (Apache Software Foundation) -- D:\Program Files (x86)\OpenOffice 4\program\soffice.bin
PRC - [2013/09/05 15:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/03/07 21:32:38 | 000,248,240 | ---- | M] (Facebook) -- C:\Users\miso\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
PRC - [2010/03/27 08:38:44 | 001,422,168 | ---- | M] (Microsoft Corporation) -- D:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
PRC - [2010/03/09 09:57:40 | 002,162,024 | ---- | M] (Microsoft Corporation) -- D:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE

========== Modules (No Company Name) ==========

MOD - [2013/12/22 03:20:27 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\764054efc88f51b54c8d7e44df26b671\System.Data.ni.dll
MOD - [2013/12/22 03:20:09 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/12/22 03:20:04 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/12/22 03:20:00 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/12/22 03:19:58 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013/12/22 03:19:43 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/12/22 00:37:11 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/12/21 22:26:07 | 016,242,056 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2013/12/21 22:16:13 | 019,336,120 | ---- | M] () -- D:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/12/18 02:01:12 | 003,558,400 | ---- | M] () -- C:\Users\miso\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013/12/05 20:36:56 | 003,559,024 | ---- | M] () -- D:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/09/20 13:50:06 | 000,988,160 | ---- | M] () -- D:\Program Files (x86)\OpenOffice 4\program\libxml2.dll
MOD - [2013/09/17 04:54:38 | 000,170,496 | ---- | M] () -- D:\Program Files (x86)\OpenOffice 4\program\libxslt.dll
MOD - [2013/08/23 20:01:44 | 025,100,288 | ---- | M] () -- C:\Users\miso\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013/03/07 21:32:40 | 021,014,960 | ---- | M] () -- C:\Users\miso\AppData\Local\Facebook\Messenger\2.1.4814.0\libcef.dll
MOD - [2013/03/07 21:32:38 | 000,292,272 | ---- | M] () -- C:\Users\miso\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.dll
MOD - [2013/03/07 21:32:38 | 000,179,632 | ---- | M] () -- C:\Users\miso\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.WinForms.dll
MOD - [2010/11/21 04:24:32 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/01/30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

========== Services (SafeList) ==========

SRV:64bit: - [2013/11/26 10:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/04/20 02:04:20 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/01/07 22:00:22 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/12/21 22:26:08 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/21 22:16:13 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/12/17 11:38:33 | 005,341,536 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2013/12/05 20:36:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/09/05 15:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/03/25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/12/26 23:53:34 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/12/21 22:21:01 | 000,028,184 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013/12/21 22:16:26 | 000,079,672 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2013/12/21 22:16:13 | 001,034,464 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/12/21 22:16:13 | 000,422,216 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/12/21 22:16:13 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/12/21 22:16:13 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/12/21 22:16:13 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/12/21 22:16:13 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/12/18 17:16:44 | 000,140,560 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/20 02:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011/04/20 02:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/04/20 01:22:34 | 000,306,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/21 04:24:15 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 04:24:15 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2009/09/15 04:36:48 | 001,061,888 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009/08/13 08:38:24 | 000,029,184 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcp.sys -- (BthAvrcp)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/ ... chcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2811220215-2768408660-1131186198-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-2811220215-2768408660-1131186198-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-21-2811220215-2768408660-1131186198-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKU\S-1-5-21-2811220215-2768408660-1131186198-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-2811220215-2768408660-1131186198-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-2811220215-2768408660-1131186198-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2811220215-2768408660-1131186198-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2811220215-2768408660-1131186198-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7BF632A5EA-F825-4AE7-94B5-233CFBA9F423%7D:0.3.7.9.18
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2011.70
FF - prefs.js..extensions.enabledAddons: %7B1f91cde0-c040-11da-a94d-0800200c9a66%7D:14
FF - prefs.js..extensions.enabledAddons: %7B139a120b-c2ea-41d2-bf70-542d9f063dfd%7D:2.04.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\miso\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: D:\Program Files\AVAST Software\Avast\WebRep\FF [2014/01/05 22:05:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins

[2013/12/21 22:15:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\miso\AppData\Roaming\Mozilla\Extensions
[2014/01/06 21:59:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default\extensions
[2014/01/04 13:52:07 | 000,000,000 | ---D | M] (Hola Unblocker) -- C:\Users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default\extensions\jid1-4P0kohSJxU1qGg@jetpack
[2014/01/06 21:58:31 | 000,184,519 | ---- | M] () (No name found) -- C:\Users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default\extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi
[2014/01/05 21:21:08 | 000,833,482 | ---- | M] () (No name found) -- C:\Users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default\extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi
[2014/01/05 21:35:08 | 000,006,516 | ---- | M] () (No name found) -- C:\Users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default\extensions\kitsuneymg@gmail.com.xpi
[2014/01/06 21:59:51 | 000,132,344 | ---- | M] () (No name found) -- C:\Users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default\extensions\{139a120b-c2ea-41d2-bf70-542d9f063dfd}.xpi
[2014/01/06 00:00:28 | 000,067,831 | ---- | M] () (No name found) -- C:\Users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default\extensions\{1f91cde0-c040-11da-a94d-0800200c9a66}.xpi
[2013/12/29 23:39:03 | 000,091,653 | ---- | M] () (No name found) -- C:\Users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default\extensions\{F632A5EA-F825-4AE7-94B5-233CFBA9F423}.xpi
[2014/01/05 22:05:14 | 000,000,000 | ---D | M] (avast! Online Security) -- D:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: Google Docs = C:\Users\miso\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\miso\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\miso\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\miso\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Hola Better Internet = C:\Users\miso\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio\1.2.290_0\
CHR - Extension: avast! Online Security = C:\Users\miso\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2011.70_0\
CHR - Extension: Google Wallet = C:\Users\miso\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\miso\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014/01/10 22:41:16 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4 - HKLM..\Run: [AvastUI.exe] D:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - Startup: C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\miso\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\miso\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2811220215-2768408660-1131186198-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2811220215-2768408660-1131186198-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra Button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4 92.60.48.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{40F25369-1902-430F-819F-851046AB2536}: DhcpNameServer = 8.8.8.8 8.8.4.4 92.60.48.2
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/11 00:22:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\miso\Desktop\OTL.exe
[2014/01/10 23:08:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014/01/10 23:08:09 | 000,117,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/01/10 23:07:42 | 000,089,304 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/01/10 23:07:40 | 000,000,000 | ---D | C] -- C:\Users\miso\Desktop\mbar
[2014/01/10 23:07:18 | 012,582,688 | ---- | C] (Malwarebytes Corp.) -- C:\Users\miso\Desktop\mbar-1.07.0.1008.exe
[2014/01/10 22:41:17 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2014/01/10 22:39:36 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014/01/10 11:45:03 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014/01/10 11:45:03 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014/01/10 11:45:03 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014/01/10 11:44:58 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/01/10 11:44:43 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014/01/10 11:42:20 | 005,162,489 | R--- | C] (Swearware) -- C:\Users\miso\Desktop\ComboFix.exe
[2014/01/08 18:30:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Astroburn Lite
[2014/01/08 18:30:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Astroburn Lite
[2014/01/08 18:30:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Astroburn Lite
[2014/01/08 13:50:46 | 000,000,000 | ---D | C] -- C:\Users\miso\Desktop\RK_Quarantine
[2014/01/08 01:19:07 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/08 00:11:24 | 000,000,000 | ---D | C] -- C:\Users\miso\Desktop\New folder
[2014/01/07 19:07:11 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\e-academy Inc
[2014/01/06 22:30:05 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\Malwarebytes
[2014/01/06 22:30:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/01/06 22:29:31 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Local\Programs
[2014/01/05 23:15:21 | 000,000,000 | ---D | C] -- C:\Users\miso\Documents\cgminer-3.7.2-windows
[2014/01/05 22:19:16 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/01/05 22:19:16 | 000,000,000 | ---D | C] -- C:\rsit
[2014/01/04 11:31:40 | 000,000,000 | ---D | C] -- C:\Users\miso\Desktop\_SKUSKA 2009_chocholata
[2013/12/31 01:22:44 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\dvdcss
[2013/12/30 21:24:20 | 000,000,000 | ---D | C] -- C:\Users\miso\Documents\Pamela
[2013/12/29 18:33:12 | 000,000,000 | ---D | C] -- C:\Windows\rescache
[2013/12/28 19:09:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013/12/28 19:09:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013/12/28 19:09:44 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2013/12/28 19:09:44 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2013/12/28 19:09:44 | 000,122,904 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2013/12/28 19:09:44 | 000,109,080 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2013/12/28 19:09:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2013/12/28 19:09:18 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2013/12/28 19:09:18 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2013/12/28 19:09:18 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2013/12/28 19:09:18 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2013/12/28 19:09:18 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2013/12/28 19:09:18 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2013/12/28 19:09:17 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2013/12/28 19:09:17 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2013/12/28 19:09:16 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2013/12/28 19:09:16 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2013/12/28 19:09:16 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2013/12/28 19:09:16 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2013/12/28 19:09:15 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2013/12/28 19:09:15 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2013/12/28 19:09:14 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2013/12/28 19:09:14 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2013/12/28 19:09:14 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2013/12/28 19:09:14 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2013/12/28 19:09:14 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2013/12/28 19:09:14 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2013/12/28 19:09:13 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2013/12/28 19:09:13 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2013/12/28 19:09:13 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2013/12/28 19:09:13 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2013/12/28 19:09:12 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2013/12/28 19:09:12 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2013/12/28 19:09:09 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2013/12/28 19:09:09 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2013/12/28 19:09:08 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2013/12/28 19:09:08 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2013/12/28 19:09:05 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2013/12/28 19:09:05 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2013/12/28 19:09:04 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2013/12/28 19:09:04 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2013/12/28 19:09:04 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2013/12/28 19:09:04 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2013/12/28 19:09:03 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2013/12/28 19:09:03 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2013/12/28 19:09:02 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2013/12/28 19:09:02 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2013/12/28 19:09:02 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2013/12/28 19:09:02 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2013/12/28 19:09:01 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2013/12/28 19:09:01 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2013/12/28 19:09:00 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2013/12/28 19:09:00 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2013/12/28 19:09:00 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2013/12/28 19:09:00 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2013/12/28 19:08:59 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2013/12/28 19:08:59 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2013/12/28 19:08:59 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2013/12/28 19:08:59 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2013/12/28 19:08:58 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2013/12/28 19:08:58 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2013/12/28 19:08:58 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2013/12/28 19:08:58 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2013/12/28 19:08:54 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2013/12/28 19:08:54 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2013/12/28 19:08:52 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2013/12/28 19:08:52 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2013/12/28 19:08:52 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2013/12/28 19:08:52 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2013/12/28 19:08:51 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2013/12/28 19:08:51 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2013/12/28 19:08:51 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2013/12/28 19:08:51 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2013/12/28 19:08:50 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2013/12/28 19:08:50 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2013/12/28 19:08:50 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2013/12/28 19:08:50 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2013/12/28 19:08:49 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2013/12/28 19:08:49 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2013/12/28 19:08:49 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2013/12/28 19:08:49 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2013/12/28 19:08:49 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2013/12/28 19:08:49 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2013/12/28 19:08:48 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2013/12/28 19:08:48 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2013/12/28 19:08:47 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2013/12/28 19:08:47 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2013/12/28 19:08:47 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2013/12/28 19:08:47 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2013/12/28 19:08:46 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2013/12/28 19:08:46 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2013/12/28 19:08:46 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2013/12/28 19:08:46 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2013/12/28 19:08:44 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2013/12/28 19:08:44 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2013/12/28 19:08:44 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2013/12/28 19:08:44 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2013/12/28 19:08:40 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2013/12/28 19:08:40 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2013/12/28 19:08:38 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2013/12/28 19:08:38 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2013/12/28 19:08:37 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2013/12/28 19:08:37 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2013/12/28 19:08:37 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2013/12/28 19:08:37 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2013/12/28 19:08:36 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2013/12/28 19:08:36 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2013/12/28 19:08:35 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2013/12/28 19:08:35 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2013/12/28 19:08:32 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2013/12/28 19:08:32 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2013/12/28 19:08:31 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2013/12/28 19:08:31 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2013/12/28 19:08:29 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2013/12/28 19:08:29 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2013/12/28 19:08:29 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2013/12/28 19:08:29 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2013/12/28 19:08:29 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2013/12/28 19:08:29 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2013/12/28 19:08:28 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2013/12/28 19:08:28 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2013/12/28 19:08:27 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2013/12/28 19:08:27 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2013/12/28 19:08:27 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2013/12/28 19:08:27 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2013/12/28 19:08:26 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2013/12/28 19:08:26 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2013/12/28 19:08:25 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2013/12/28 19:08:25 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2013/12/28 19:08:25 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2013/12/28 19:08:25 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2013/12/28 19:08:24 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2013/12/28 19:08:24 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2013/12/28 19:08:24 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2013/12/28 19:08:24 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2013/12/28 19:08:22 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2013/12/28 19:08:22 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2013/12/28 19:08:22 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2013/12/28 19:08:22 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2013/12/28 19:08:21 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2013/12/28 19:08:21 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2013/12/28 19:08:20 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2013/12/28 19:08:20 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2013/12/28 19:08:20 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2013/12/28 19:08:20 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2013/12/28 19:08:20 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2013/12/28 19:08:20 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2013/12/28 19:08:18 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2013/12/28 19:08:18 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2013/12/28 19:08:17 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2013/12/28 19:08:17 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2013/12/28 19:08:17 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2013/12/28 19:08:17 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2013/12/28 19:08:16 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2013/12/28 19:08:16 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2013/12/28 19:08:15 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2013/12/28 19:08:15 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2013/12/28 19:08:15 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2013/12/28 19:08:15 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2013/12/28 19:08:15 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2013/12/28 19:08:15 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2013/12/28 19:08:14 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2013/12/28 19:08:14 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2013/12/28 19:08:14 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2013/12/28 19:08:14 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2013/12/28 19:08:10 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2013/12/28 19:08:10 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2013/12/28 19:08:09 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2013/12/28 19:08:09 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2013/12/28 19:08:05 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2013/12/28 19:08:05 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2013/12/28 19:07:53 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2013/12/28 19:07:53 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2013/12/28 19:07:50 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2013/12/28 19:07:50 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2013/12/28 19:07:50 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2013/12/28 19:07:50 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2013/12/28 19:07:48 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2013/12/28 19:07:48 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2013/12/28 19:07:47 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2013/12/28 19:07:47 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2013/12/28 19:07:45 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2013/12/28 19:07:45 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2013/12/28 19:07:44 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2013/12/28 19:07:44 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2013/12/28 19:07:39 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2013/12/28 19:07:39 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2013/12/28 19:07:36 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2013/12/28 19:07:36 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll

NeoFan · #27 Příspěvek od **NeoFan** » 11 led 2014 11:28

[2013/12/28 14:27:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/12/28 01:44:38 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\TeamViewer
[2013/12/28 01:44:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2013/12/26 23:54:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2013/12/26 23:53:34 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013/12/26 23:53:31 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\DAEMON Tools Lite
[2013/12/26 23:52:17 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2013/12/26 23:46:53 | 000,000,000 | ---D | C] -- C:\Users\miso\VirtualBox VMs
[2013/12/26 18:15:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013/12/26 18:15:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013/12/26 18:15:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013/12/26 02:10:56 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2013/12/26 02:04:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2013/12/26 02:04:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013/12/26 00:31:16 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Local\Opera Software
[2013/12/26 00:31:15 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\Opera Software
[2013/12/24 02:32:41 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2013/12/24 02:32:41 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2013/12/24 00:41:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2013/12/24 00:41:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/12/24 00:40:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2013/12/24 00:40:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013/12/24 00:39:46 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013/12/24 00:39:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2013/12/24 00:39:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2013/12/24 00:38:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/12/23 23:45:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013/12/23 03:01:10 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2013/12/23 03:01:09 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/12/23 03:01:09 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/12/23 03:01:09 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/12/23 03:01:08 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/12/23 03:01:08 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/12/23 03:01:08 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/12/23 03:01:07 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/12/23 03:01:07 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013/12/23 03:01:07 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013/12/23 03:01:07 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013/12/23 03:01:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2013/12/23 03:01:06 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/12/23 03:01:04 | 001,995,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/12/23 03:01:04 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/12/23 03:01:01 | 005,769,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/12/22 16:36:31 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2013/12/22 16:36:31 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2013/12/22 16:36:31 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/12/22 16:36:31 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/12/22 16:36:25 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2013/12/22 16:36:25 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2013/12/22 16:36:25 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2013/12/22 16:36:25 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2013/12/22 16:36:24 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2013/12/22 16:36:24 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2013/12/22 16:36:24 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2013/12/22 16:36:19 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/12/22 16:36:18 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2013/12/22 14:43:37 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\OpenOffice
[2013/12/22 14:41:15 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
[2013/12/22 14:30:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/12/22 14:29:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/12/22 14:29:39 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Local\Google
[2013/12/22 07:03:32 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013/12/22 07:03:25 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013/12/22 07:02:27 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013/12/22 02:34:19 | 000,000,000 | ---D | C] -- C:\Users\miso\.VirtualBox
[2013/12/22 02:33:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
[2013/12/22 02:33:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013/12/22 02:25:01 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2013/12/22 02:21:34 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2013/12/22 02:18:53 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/12/22 02:18:53 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/12/22 02:18:51 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/12/22 02:18:51 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/12/22 02:18:51 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2013/12/22 02:18:51 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/12/22 02:18:51 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2013/12/22 02:18:51 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/12/22 02:18:51 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/12/22 02:18:51 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/12/22 02:18:51 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/12/22 02:18:51 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/12/22 02:18:51 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/12/22 02:18:51 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/12/22 02:18:51 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/12/22 02:18:51 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/12/22 02:18:51 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/12/22 02:18:51 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/12/22 02:18:51 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/12/22 02:18:51 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/12/22 02:18:51 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/12/22 02:18:51 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/12/22 02:18:51 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/12/22 02:18:51 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/12/22 02:18:51 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/12/22 02:18:51 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/12/22 02:18:51 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/12/22 02:18:51 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/12/22 02:18:51 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/12/22 02:18:51 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/12/22 02:18:51 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/12/22 02:18:51 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/12/22 02:18:51 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/12/22 02:18:51 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/12/22 02:18:51 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/12/22 02:18:51 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/12/22 02:18:51 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/12/22 02:18:51 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/12/22 02:18:51 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/12/22 02:18:51 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2013/12/22 02:18:51 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/12/22 02:18:51 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/12/22 02:18:51 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/12/22 02:18:51 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/12/22 02:18:51 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/12/22 02:18:51 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/12/22 02:18:51 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/12/22 02:18:51 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/12/22 02:18:51 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/12/22 02:18:51 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2013/12/22 02:18:51 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/12/22 02:18:51 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/12/22 02:18:51 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2013/12/22 02:18:51 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/12/22 02:18:51 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/12/22 02:18:51 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/12/22 02:18:51 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2013/12/22 02:18:51 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2013/12/22 02:18:51 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/12/22 02:18:51 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/12/22 02:18:51 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/12/22 02:18:51 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/12/22 02:18:51 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/12/22 02:18:51 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/12/22 02:09:30 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\uTorrent
[2013/12/22 00:50:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2013/12/22 00:30:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2013/12/22 00:30:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2013/12/21 23:56:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2013/12/21 23:55:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2013/12/21 23:55:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013/12/21 23:55:29 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Local\Microsoft Help
[2013/12/21 23:55:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013/12/21 23:55:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013/12/21 23:43:30 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013/12/21 23:43:30 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013/12/21 23:43:30 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013/12/21 23:43:28 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013/12/21 23:43:28 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2013/12/21 23:43:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013/12/21 23:43:26 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013/12/21 23:43:26 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013/12/21 23:43:26 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013/12/21 23:43:26 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013/12/21 23:43:26 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013/12/21 23:43:26 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013/12/21 23:43:26 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013/12/21 23:43:26 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013/12/21 23:43:26 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013/12/21 23:43:26 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013/12/21 23:43:26 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013/12/21 23:43:26 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013/12/21 23:43:26 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013/12/21 23:43:26 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013/12/21 23:43:26 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013/12/21 23:43:25 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/12/21 23:43:25 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/12/21 23:43:25 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013/12/21 23:43:25 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013/12/21 23:35:42 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2013/12/21 23:18:54 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2013/12/21 23:18:53 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2013/12/21 23:18:52 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2013/12/21 23:18:52 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2013/12/21 23:11:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/12/21 23:10:50 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/12/21 23:10:49 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/12/21 23:10:49 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/12/21 23:10:49 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/12/21 23:10:43 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/12/21 23:10:43 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/12/21 23:10:43 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/12/21 23:10:43 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/12/21 23:10:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/12/21 23:10:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/12/21 23:10:43 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/12/21 23:10:43 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/12/21 23:10:42 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/12/21 23:10:42 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/12/21 23:10:42 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/12/21 23:10:42 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/12/21 23:10:42 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/12/21 23:10:42 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/12/21 23:10:42 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/12/21 23:10:42 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/12/21 23:10:42 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/12/21 23:10:42 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/12/21 23:10:42 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/12/21 23:10:42 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/12/21 23:10:42 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/12/21 23:10:42 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/12/21 23:10:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/12/21 23:10:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/12/21 23:10:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/12/21 23:10:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/12/21 23:10:41 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/12/21 23:10:41 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/12/21 23:10:41 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/12/21 23:10:41 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/12/21 23:10:41 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/12/21 23:10:40 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/12/21 23:10:17 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2013/12/21 23:07:40 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013/12/21 23:07:40 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013/12/21 23:07:40 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013/12/21 23:07:40 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013/12/21 23:07:19 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013/12/21 23:07:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013/12/21 23:07:17 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013/12/21 23:06:49 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013/12/21 23:06:40 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2013/12/21 23:06:40 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2013/12/21 23:06:40 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2013/12/21 23:06:30 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2013/12/21 23:06:30 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2013/12/21 23:06:30 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2013/12/21 23:06:30 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2013/12/21 23:06:30 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2013/12/21 23:06:30 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2013/12/21 23:06:27 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013/12/21 23:06:11 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2013/12/21 23:06:11 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2013/12/21 23:06:09 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013/12/21 23:06:09 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013/12/21 23:05:35 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013/12/21 23:05:35 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013/12/21 23:05:35 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013/12/21 23:05:35 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013/12/21 23:05:34 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013/12/21 23:05:34 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013/12/21 23:05:34 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/12/21 23:05:34 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/12/21 23:05:34 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/12/21 23:05:34 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/12/21 23:05:34 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/12/21 23:05:34 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/12/21 23:05:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/12/21 23:05:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/12/21 23:05:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/12/21 23:05:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/12/21 23:05:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/12/21 23:05:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/12/21 23:05:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/12/21 23:05:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/12/21 23:05:33 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013/12/21 23:05:33 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2013/12/21 23:05:33 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/12/21 23:05:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/12/21 23:05:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/12/21 23:05:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/12/21 23:05:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/12/21 23:05:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/12/21 23:05:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/12/21 23:05:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/12/21 23:05:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/12/21 23:05:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/12/21 23:05:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/12/21 23:05:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/12/21 23:05:31 | 005,549,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/12/21 23:05:27 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/12/21 23:05:27 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/12/21 23:05:27 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2013/12/21 23:05:26 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/12/21 23:05:26 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2013/12/21 23:05:26 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2013/12/21 23:05:25 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/12/21 23:05:25 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/12/21 23:05:25 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/12/21 23:05:25 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/12/21 23:05:25 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/12/21 23:05:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/12/21 23:05:01 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2013/12/21 23:05:01 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2013/12/21 23:05:00 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2013/12/21 23:04:52 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2013/12/21 23:04:52 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2013/12/21 23:04:52 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2013/12/21 23:04:51 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2013/12/21 23:04:51 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2013/12/21 23:04:51 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2013/12/21 23:04:47 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2013/12/21 23:04:45 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013/12/21 23:04:45 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013/12/21 23:04:45 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013/12/21 23:04:43 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013/12/21 23:04:43 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013/12/21 23:04:43 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013/12/21 23:04:43 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013/12/21 23:04:43 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013/12/21 23:04:43 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013/12/21 23:04:43 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013/12/21 23:04:43 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013/12/21 23:04:43 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013/12/21 23:04:43 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013/12/21 23:04:43 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013/12/21 23:04:43 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013/12/21 23:04:43 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013/12/21 23:04:42 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013/12/21 23:04:42 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013/12/21 23:04:42 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013/12/21 23:04:42 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013/12/21 23:04:42 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013/12/21 23:04:42 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013/12/21 23:04:42 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013/12/21 23:04:42 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013/12/21 23:04:41 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013/12/21 23:04:41 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013/12/21 23:04:41 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013/12/21 23:04:41 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013/12/21 23:04:41 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013/12/21 23:04:41 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013/12/21 23:04:41 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013/12/21 23:04:41 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013/12/21 23:04:35 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/12/21 23:04:34 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/12/21 23:04:23 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2013/12/21 23:04:23 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2013/12/21 23:04:23 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2013/12/21 23:04:23 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2013/12/21 23:04:21 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2013/12/21 23:04:21 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2013/12/21 23:04:11 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013/12/21 23:04:11 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013/12/21 23:04:09 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2013/12/21 23:04:06 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2013/12/21 23:03:56 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2013/12/21 23:03:52 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2013/12/21 23:03:51 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2013/12/21 23:03:51 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2013/12/21 23:03:51 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2013/12/21 23:03:51 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2013/12/21 23:03:51 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2013/12/21 23:03:51 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2013/12/21 23:03:51 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2013/12/21 23:03:51 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2013/12/21 23:03:51 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2013/12/21 23:03:51 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2013/12/21 23:03:51 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2013/12/21 23:03:51 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2013/12/21 23:03:45 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013/12/21 23:03:37 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013/12/21 23:03:37 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/12/21 23:03:37 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2013/12/21 23:03:37 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2013/12/21 23:03:37 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013/12/21 23:03:32 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013/12/21 23:03:32 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013/12/21 23:03:32 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2013/12/21 23:03:32 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2013/12/21 23:03:32 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2013/12/21 23:03:29 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2013/12/21 23:03:29 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2013/12/21 23:03:28 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2013/12/21 23:03:27 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2013/12/21 23:03:27 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2013/12/21 23:03:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2013/12/21 23:03:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2013/12/21 23:03:22 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/12/21 23:03:22 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013/12/21 23:03:15 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2013/12/21 23:03:14 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2013/12/21 23:03:11 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2013/12/21 23:03:11 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013/12/21 23:03:05 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
[2013/12/21 23:02:54 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2013/12/21 23:02:54 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2013/12/21 23:02:49 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2013/12/21 23:02:49 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2013/12/21 23:02:46 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2013/12/21 23:02:46 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2013/12/21 23:02:45 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2013/12/21 23:02:45 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013/12/21 23:02:43 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2013/12/21 23:02:43 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2013/12/21 23:02:43 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2013/12/21 23:02:43 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2013/12/21 23:02:43 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2013/12/21 23:02:43 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2013/12/21 23:02:41 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013/12/21 23:02:41 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2013/12/21 23:02:40 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013/12/21 23:02:40 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013/12/21 23:02:39 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2013/12/21 23:02:39 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2013/12/21 23:02:39 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013/12/21 23:02:39 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2013/12/21 23:02:39 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013/12/21 23:02:39 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2013/12/21 23:02:37 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2013/12/21 23:02:37 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2013/12/21 23:02:37 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2013/12/21 23:02:36 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2013/12/21 23:02:36 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013/12/21 23:02:23 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2013/12/21 23:02:23 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2013/12/21 23:02:23 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2013/12/21 23:02:23 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2013/12/21 23:02:19 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2013/12/21 23:02:19 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2013/12/21 23:02:18 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2013/12/21 23:02:15 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2013/12/21 23:02:12 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2013/12/21 23:02:12 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2013/12/21 23:02:12 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2013/12/21 23:02:11 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013/12/21 23:02:11 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013/12/21 23:02:09 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2013/12/21 23:02:09 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2013/12/21 23:02:07 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2013/12/21 23:02:07 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2013/12/21 23:02:07 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2013/12/21 23:02:05 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2013/12/21 23:02:05 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2013/12/21 23:02:05 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2013/12/21 23:02:05 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2013/12/21 23:02:05 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2013/12/21 23:02:05 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2013/12/21 23:02:05 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2013/12/21 23:02:03 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2013/12/21 23:02:03 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2013/12/21 23:02:01 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2013/12/21 23:02:01 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2013/12/21 23:02:00 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2013/12/21 23:02:00 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2013/12/21 23:02:00 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2013/12/21 23:01:59 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2013/12/21 23:01:59 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2013/12/21 23:01:59 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2013/12/21 23:01:58 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2013/12/21 23:01:58 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2013/12/21 23:01:58 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2013/12/21 23:01:58 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2013/12/21 23:01:58 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2013/12/21 23:01:58 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2013/12/21 23:01:58 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2013/12/21 23:01:58 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2013/12/21 23:01:57 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2013/12/21 23:01:57 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2013/12/21 23:01:51 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013/12/21 23:01:49 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2013/12/21 23:01:49 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2013/12/21 23:01:49 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2013/12/21 23:01:49 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2013/12/21 23:01:49 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2013/12/21 23:01:49 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2013/12/21 23:01:48 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2013/12/21 23:01:45 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2013/12/21 22:59:38 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2013/12/21 22:59:38 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2013/12/21 22:59:38 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2013/12/21 22:59:38 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2013/12/21 22:53:38 | 000,000,000 | ---D | C] -- C:\avast! sandbox
[2013/12/21 22:49:33 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2013/12/21 22:49:33 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2013/12/21 22:34:06 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2013/12/21 22:33:10 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\Dropbox
[2013/12/21 22:26:52 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\Skype
[2013/12/21 22:26:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/12/21 22:26:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/12/21 22:26:40 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\Macromedia
[2013/12/21 22:26:40 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Local\Macromedia
[2013/12/21 22:26:40 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\Adobe
[2013/12/21 22:26:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013/12/21 22:26:08 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/12/21 22:26:08 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/12/21 22:26:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2013/12/21 22:26:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2013/12/21 22:24:21 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\vlc
[2013/12/21 22:23:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/12/21 22:21:03 | 000,028,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2013/12/21 22:20:59 | 000,439,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdisFlt.sys
[2013/12/21 22:16:49 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Local\Adobe
[2013/12/21 22:16:41 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\AVAST Software
[2013/12/21 22:16:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2013/12/21 22:16:20 | 000,082,744 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys.1387660586
[2013/12/21 22:16:20 | 000,079,672 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2013/12/21 22:16:14 | 001,034,464 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013/12/21 22:16:14 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013/12/21 22:16:14 | 000,334,136 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013/12/21 22:16:14 | 000,092,544 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013/12/21 22:16:14 | 000,078,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013/12/21 22:16:13 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/12/21 22:15:20 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/12/21 22:14:41 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\Mozilla
[2013/12/21 22:14:41 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Local\Mozilla
[2013/12/21 22:14:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/12/21 22:14:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/12/21 22:13:40 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2013/12/21 22:13:40 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2013/12/21 22:12:22 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
[2013/12/21 22:12:21 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013/12/21 22:12:08 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Local\Facebook
[2013/12/21 22:10:02 | 000,000,000 | R--D | C] -- C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/12/21 22:10:02 | 000,000,000 | R--D | C] -- C:\Users\miso\Searches
[2013/12/21 22:10:02 | 000,000,000 | R--D | C] -- C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/12/21 22:10:02 | 000,000,000 | -H-D | C] -- C:\Users\miso\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/12/21 22:09:57 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Roaming\Identities
[2013/12/21 22:09:54 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2013/12/21 22:09:54 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2013/12/21 22:09:54 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2013/12/21 22:09:54 | 000,000,000 | R--D | C] -- C:\Users\miso\Contacts
[2013/12/21 22:09:53 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Local\VirtualStore
[2013/12/21 22:09:52 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2013/12/21 22:09:52 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2013/12/21 22:09:52 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2013/12/21 22:09:50 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2013/12/21 22:09:50 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\AppData\Local\Temporary Internet Files
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\Templates
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\Start Menu
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\SendTo
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\Recent
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\PrintHood
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\NetHood
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\Documents\My Videos
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\Documents\My Pictures
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\Documents\My Music
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\My Documents
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\Local Settings
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\AppData\Local\History
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\Cookies
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\Application Data
[2013/12/21 22:09:50 | 000,000,000 | -HSD | C] -- C:\Users\miso\AppData\Local\Application Data
[2013/12/21 22:09:48 | 000,000,000 | --SD | C] -- C:\Users\miso\AppData\Roaming\Microsoft
[2013/12/21 22:09:48 | 000,000,000 | R--D | C] -- C:\Users\miso\Videos
[2013/12/21 22:09:48 | 000,000,000 | R--D | C] -- C:\Users\miso\Saved Games
[2013/12/21 22:09:48 | 000,000,000 | R--D | C] -- C:\Users\miso\Pictures
[2013/12/21 22:09:48 | 000,000,000 | R--D | C] -- C:\Users\miso\Music
[2013/12/21 22:09:48 | 000,000,000 | R--D | C] -- C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/12/21 22:09:48 | 000,000,000 | R--D | C] -- C:\Users\miso\Links
[2013/12/21 22:09:48 | 000,000,000 | R--D | C] -- C:\Users\miso\Favorites
[2013/12/21 22:09:48 | 000,000,000 | R--D | C] -- C:\Users\miso\Downloads
[2013/12/21 22:09:48 | 000,000,000 | R--D | C] -- C:\Users\miso\Documents
[2013/12/21 22:09:48 | 000,000,000 | R--D | C] -- C:\Users\miso\Desktop
[2013/12/21 22:09:48 | 000,000,000 | R--D | C] -- C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/12/21 22:09:48 | 000,000,000 | -H-D | C] -- C:\Users\miso\AppData
[2013/12/21 22:09:48 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Local\Temp
[2013/12/21 22:09:48 | 000,000,000 | ---D | C] -- C:\Users\miso\AppData\Local\Microsoft
[2013/12/21 22:09:35 | 000,000,000 | ---D | C] -- C:\Recovery
[2013/12/21 22:09:32 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/12/18 17:16:44 | 000,140,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys
[2013/12/18 17:13:30 | 000,204,048 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\VBoxNetFltNobj.dll

========== Files - Modified Within 30 Days ==========

[2014/01/11 10:29:57 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/01/11 10:15:15 | 000,781,298 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/11 10:15:15 | 000,661,656 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/11 10:15:15 | 000,121,524 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/11 10:09:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/11 10:09:16 | 4026,101,760 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/11 01:05:36 | 000,027,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/11 01:05:36 | 000,027,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/11 00:22:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\miso\Desktop\OTL.exe
[2014/01/10 23:08:09 | 000,117,464 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/01/10 23:07:42 | 000,089,304 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/01/10 23:07:07 | 012,582,688 | ---- | M] (Malwarebytes Corp.) -- C:\Users\miso\Desktop\mbar-1.07.0.1008.exe
[2014/01/10 22:41:16 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/01/10 16:43:56 | 000,436,584 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/10 11:42:26 | 005,162,489 | R--- | M] (Swearware) -- C:\Users\miso\Desktop\ComboFix.exe
[2014/01/09 19:41:08 | 000,407,244 | ---- | M] () -- C:\Users\miso\Desktop\IMG_09012014_194035.png
[2014/01/09 00:38:39 | 000,068,420 | ---- | M] () -- C:\Users\miso\Desktop\749f321628cf2d93d6980f5266092044.jpg
[2014/01/08 18:30:57 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\Astroburn Lite.lnk
[2014/01/08 13:50:27 | 003,810,304 | ---- | M] () -- C:\Users\miso\Desktop\RogueKiller.exe
[2014/01/07 23:52:10 | 000,007,334 | ---- | M] () -- C:\Users\miso\Desktop\New OpenDocument Text.odt
[2014/01/07 21:57:37 | 000,407,189 | ---- | M] () -- C:\Users\miso\Desktop\IMG_07012014_213846.png
[2014/01/07 19:07:11 | 000,003,133 | ---- | M] () -- C:\Users\miso\Desktop\Shortcut to SecureDownloadManager.exe.lnk
[2014/01/03 22:18:07 | 000,001,744 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2013/12/28 19:09:44 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2013/12/28 19:09:44 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2013/12/28 19:09:44 | 000,122,904 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2013/12/28 19:09:44 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2013/12/27 20:50:41 | 000,007,605 | ---- | M] () -- C:\Users\miso\AppData\Local\Resmon.ResmonCfg
[2013/12/26 23:53:34 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013/12/26 18:35:12 | 000,042,674 | ---- | M] () -- C:\Users\miso\Desktop\stvorce-color.png
[2013/12/23 20:51:17 | 000,002,283 | ---- | M] () -- C:\Users\miso\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/12/22 07:06:06 | 000,109,935 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013/12/22 07:06:06 | 000,109,935 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013/12/22 07:04:24 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2013/12/22 02:33:14 | 000,000,843 | ---- | M] () -- C:\Users\miso\Application Data\Microsoft\Internet Explorer\Quick Launch\Oracle VM VirtualBox.lnk
[2013/12/22 02:27:48 | 000,770,088 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/12/22 02:18:53 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/12/22 02:18:53 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/12/22 02:18:51 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/12/22 02:18:51 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/12/22 02:18:51 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2013/12/22 02:18:51 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/12/22 02:18:51 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2013/12/22 02:18:51 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/12/22 02:18:51 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/12/22 02:18:51 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/12/22 02:18:51 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/12/22 02:18:51 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/12/22 02:18:51 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/12/22 02:18:51 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/12/22 02:18:51 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/12/22 02:18:51 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/12/22 02:18:51 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/12/22 02:18:51 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/12/22 02:18:51 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/12/22 02:18:51 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/12/22 02:18:51 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/12/22 02:18:51 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/12/22 02:18:51 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/12/22 02:18:51 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/12/22 02:18:51 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/12/22 02:18:51 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/12/22 02:18:51 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/12/22 02:18:51 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/12/22 02:18:51 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/12/22 02:18:51 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/12/22 02:18:51 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/12/22 02:18:51 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/12/22 02:18:51 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/12/22 02:18:51 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/12/22 02:18:51 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/12/22 02:18:51 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/12/22 02:18:51 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/12/22 02:18:51 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/12/22 02:18:51 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/12/22 02:18:51 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2013/12/22 02:18:51 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/12/22 02:18:51 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/12/22 02:18:51 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/12/22 02:18:51 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/12/22 02:18:51 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/12/22 02:18:51 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/12/22 02:18:51 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/12/22 02:18:51 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/12/22 02:18:51 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/12/22 02:18:51 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2013/12/22 02:18:51 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/12/22 02:18:51 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/12/22 02:18:51 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2013/12/22 02:18:51 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/12/22 02:18:51 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/12/22 02:18:51 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/12/22 02:18:51 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2013/12/22 02:18:51 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2013/12/22 02:18:51 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/12/22 02:18:51 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/12/22 02:18:51 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/12/22 02:18:51 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/12/22 02:18:51 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/12/22 02:18:51 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/12/22 02:18:51 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/12/22 02:18:51 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/12/22 02:11:40 | 000,000,792 | ---- | M] () -- C:\Users\miso\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2013/12/22 00:12:06 | 000,023,104 | ---- | M] () -- C:\Users\miso\Desktop\Minolta-PagePro_1350W-min12xxw.ppd
[2013/12/21 22:34:17 | 000,001,010 | ---- | M] () -- C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/12/21 22:26:08 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/12/21 22:26:08 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/12/21 22:21:01 | 000,028,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2013/12/21 22:20:59 | 000,439,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdisFlt.sys
[2013/12/21 22:16:26 | 000,079,672 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2013/12/21 22:16:13 | 001,034,464 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013/12/21 22:16:13 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013/12/21 22:16:13 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013/12/21 22:16:13 | 000,207,904 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013/12/21 22:16:13 | 000,092,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013/12/21 22:16:13 | 000,082,744 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys.1387660586
[2013/12/21 22:16:13 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013/12/21 22:16:13 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013/12/21 22:16:13 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/12/21 22:12:26 | 000,001,281 | ---- | M] () -- C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
[2013/12/21 22:11:26 | 000,001,441 | ---- | M] () -- C:\Users\miso\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/12/18 17:16:44 | 000,140,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys
[2013/12/18 17:13:30 | 000,204,048 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\VBoxNetFltNobj.dll

========== Files Created - No Company Name ==========

[2014/01/11 00:25:56 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/01/10 16:43:51 | 000,436,584 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/10 11:45:03 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/01/10 11:45:03 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/01/10 11:45:03 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/01/10 11:45:03 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/01/10 11:45:03 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/01/09 19:41:03 | 000,407,244 | ---- | C] () -- C:\Users\miso\Desktop\IMG_09012014_194035.png
[2014/01/09 00:38:39 | 000,068,420 | ---- | C] () -- C:\Users\miso\Desktop\749f321628cf2d93d6980f5266092044.jpg
[2014/01/08 18:30:57 | 000,001,078 | ---- | C] () -- C:\Users\Public\Desktop\Astroburn Lite.lnk
[2014/01/08 13:50:26 | 003,810,304 | ---- | C] () -- C:\Users\miso\Desktop\RogueKiller.exe
[2014/01/07 23:52:10 | 000,007,334 | ---- | C] () -- C:\Users\miso\Desktop\New OpenDocument Text.odt
[2014/01/07 21:57:18 | 000,407,189 | ---- | C] () -- C:\Users\miso\Desktop\IMG_07012014_213846.png
[2014/01/07 19:07:11 | 000,003,133 | ---- | C] () -- C:\Users\miso\Desktop\Shortcut to SecureDownloadManager.exe.lnk
[2013/12/28 01:44:09 | 000,001,178 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
[2013/12/27 20:50:34 | 000,007,605 | ---- | C] () -- C:\Users\miso\AppData\Local\Resmon.ResmonCfg
[2013/12/26 18:35:12 | 000,042,674 | ---- | C] () -- C:\Users\miso\Desktop\stvorce-color.png
[2013/12/26 18:15:28 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/12/26 00:31:13 | 000,000,822 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2013/12/26 00:28:43 | 000,001,744 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2013/12/22 14:30:04 | 000,002,283 | ---- | C] () -- C:\Users\miso\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/12/22 07:04:24 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/12/22 07:03:25 | 4026,101,760 | -HS- | C] () -- C:\hiberfil.sys
[2013/12/22 02:33:14 | 000,000,843 | ---- | C] () -- C:\Users\miso\Application Data\Microsoft\Internet Explorer\Quick Launch\Oracle VM VirtualBox.lnk
[2013/12/22 02:27:48 | 000,770,088 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/12/22 02:18:51 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/12/22 02:18:51 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/12/22 02:11:40 | 000,000,792 | ---- | C] () -- C:\Users\miso\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2013/12/22 00:12:15 | 000,023,104 | ---- | C] () -- C:\Users\miso\Desktop\Minolta-PagePro_1350W-min12xxw.ppd
[2013/12/21 23:18:52 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/12/21 23:02:49 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/12/21 22:34:17 | 000,001,010 | ---- | C] () -- C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/12/21 22:16:20 | 000,207,904 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013/12/21 22:16:17 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013/12/21 22:14:34 | 000,000,812 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/12/21 22:12:22 | 000,001,281 | ---- | C] () -- C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
[2013/12/21 22:11:26 | 000,001,441 | ---- | C] () -- C:\Users\miso\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/12/21 22:10:02 | 000,001,417 | ---- | C] () -- C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/12/21 22:09:49 | 000,000,290 | ---- | C] () -- C:\Users\miso\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/12/21 22:09:49 | 000,000,272 | ---- | C] () -- C:\Users\miso\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

NeoFan · #28 Příspěvek od **NeoFan** » 11 led 2014 11:29

========== ZeroAccess Check ==========

[2009/07/14 06:00:09 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:46 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/12/21 22:16:41 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\AVAST Software
[2014/01/09 01:11:21 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\DAEMON Tools Lite
[2014/01/11 10:22:02 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\Dropbox
[2014/01/07 19:07:11 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\e-academy Inc
[2013/12/22 14:43:37 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\OpenOffice
[2013/12/26 00:31:15 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\Opera Software
[2013/12/28 01:54:55 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\TeamViewer
[2014/01/10 22:33:47 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\uTorrent

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009/07/14 06:08:02 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 06:08:02 | 000,009,422 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT

< >

< MD5 for: AGP440.SYS >
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/21 04:24:48 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/21 04:24:48 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010/11/21 04:24:20 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/21 04:24:20 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010/11/21 04:24:15 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/21 04:24:15 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/21 04:24:15 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\erdnt\cache86\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\erdnt\cache64\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2010/11/21 04:24:43 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2013/05/10 05:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013/05/13 05:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013/07/09 15:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2013/10/05 03:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2013/07/09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\erdnt\cache64\cryptsvc.dll
[2013/07/09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\SysNative\cryptsvc.dll
[2013/07/09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013/07/09 14:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013/07/09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\erdnt\cache86\cryptsvc.dll
[2013/07/09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013/07/09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2013/05/10 06:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013/05/11 06:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2010/11/21 04:24:57 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013/05/11 05:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2013/05/10 06:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013/05/13 06:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013/05/10 06:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2013/10/05 02:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 04:24:46 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 04:24:35 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/21 04:24:32 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/21 04:24:32 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTORV.SYS >
[2010/11/21 04:24:15 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/21 04:24:15 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011/11/17 07:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2013/09/25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\erdnt\cache64\lsass.exe
[2013/09/25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\SysNative\lsass.exe
[2013/09/25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_042b9307739f26ed\lsass.exe
[2012/08/24 18:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012/06/04 08:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2011/11/17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011/11/17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011/11/17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2013/09/25 02:08:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=F021DAFB1F87616FCEBA159C2ED7042F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_04c503168cb026a0\lsass.exe

< MD5 for: NDIS.SYS >
[2012/08/22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012/08/22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\erdnt\cache64\ndis.sys
[2012/08/22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012/08/22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010/11/21 04:24:21 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010/11/21 04:24:27 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\erdnt\cache64\netlogon.dll
[2010/11/21 04:24:27 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/21 04:24:27 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/21 04:24:34 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\erdnt\cache86\netlogon.dll
[2010/11/21 04:24:34 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/21 04:24:34 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011/03/11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011/03/11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011/03/11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010/11/21 04:24:15 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010/11/21 04:24:15 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011/03/11 07:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011/03/11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/21 04:24:15 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/21 04:24:15 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010/11/21 04:24:20 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010/11/21 04:24:20 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/21 04:24:20 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/21 04:24:57 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010/11/21 04:24:57 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/21 04:24:57 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009/07/14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2013/08/29 02:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2013/08/02 06:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013/03/19 04:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013/08/02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\SysNative\smss.exe
[2013/08/02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012/10/03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013/09/08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\erdnt\cache64\tcpip.sys
[2013/09/08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013/09/08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2010/11/21 04:24:34 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013/09/07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2013/07/06 06:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2012/10/03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013/07/06 07:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/21 04:24:20 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010/11/21 04:24:20 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 04:24:20 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 04:24:50 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010/11/21 04:24:50 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 04:24:50 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 04:24:50 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010/11/21 04:24:50 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 04:24:50 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010/11/21 04:24:50 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\erdnt\cache64\ws2_32.dll
[2010/11/21 04:24:50 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010/11/21 04:24:50 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010/11/21 04:24:20 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\erdnt\cache86\ws2_32.dll
[2010/11/21 04:24:20 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010/11/21 04:24:20 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013/12/26 18:19:54 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\Adobe
[2013/12/21 22:16:41 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\AVAST Software
[2014/01/09 01:11:21 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\DAEMON Tools Lite
[2014/01/11 10:53:29 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\Dropbox
[2013/12/31 11:37:53 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\dvdcss
[2014/01/07 19:07:11 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\e-academy Inc
[2013/12/21 22:09:57 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\Identities
[2013/12/21 22:26:40 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\Macromedia
[2014/01/06 22:30:05 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\Malwarebytes
[2013/12/29 20:16:10 | 000,000,000 | --SD | M] -- C:\Users\miso\AppData\Roaming\Microsoft
[2013/12/21 22:15:00 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\Mozilla
[2013/12/22 14:43:37 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\OpenOffice
[2013/12/26 00:31:15 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\Opera Software
[2014/01/10 22:20:45 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\Skype
[2013/12/28 01:54:55 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\TeamViewer
[2014/01/10 22:33:47 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\uTorrent
[2014/01/10 20:55:18 | 000,000,000 | ---D | M] -- C:\Users\miso\AppData\Roaming\vlc

< %APPDATA%\*.exe /s >
[2013/12/18 02:02:36 | 030,714,312 | ---- | M] (Dropbox, Inc.) -- C:\Users\miso\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2013/12/18 02:02:54 | 000,229,288 | ---- | M] (Dropbox, Inc.) -- C:\Users\miso\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2013/12/18 02:02:40 | 000,919,072 | ---- | M] (Dropbox, Inc.) -- C:\Users\miso\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2014/01/07 19:07:11 | 000,009,662 | R--- | M] () -- C:\Users\miso\AppData\Roaming\Microsoft\Installer\{E86B07AE-9F94-44D5-AD47-DC2716EA90D2}\_112D608FD02CD87FDC7735.exe
[2014/01/07 19:07:11 | 000,009,662 | R--- | M] () -- C:\Users\miso\AppData\Roaming\Microsoft\Installer\{E86B07AE-9F94-44D5-AD47-DC2716EA90D2}\_79D2A80A4D5E408F6C77D2.exe
[2014/01/07 19:07:11 | 000,009,662 | R--- | M] () -- C:\Users\miso\AppData\Roaming\Microsoft\Installer\{E86B07AE-9F94-44D5-AD47-DC2716EA90D2}\_853F67D554F05449430E7E.exe
[2013/12/22 02:11:39 | 001,142,864 | ---- | M] (BitTorrent Inc.) -- C:\Users\miso\AppData\Roaming\uTorrent\uTorrent.exe
[2013/12/22 02:11:39 | 001,142,864 | ---- | M] (BitTorrent Inc.) -- C:\Users\miso\AppData\Roaming\uTorrent\updates\3.3.2_30416.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014/01/11 10:29:57 | 000,000,512 | ---- | M] () MD5=BBE4088DB675EB6DE96D48E8E5DE3E62 -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2013/12/21 22:11:45 | 000,003,061 | ---- | M] () -- \avast! sandbox\S-1-5-21-2811220215-2768408660-1131186198-1000\webStorage\C\Users\miso\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QLDTRY9L\rmsloaderdelayeddiv[1].js
[2010/03/24 20:12:34 | 000,249,680 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010/03/24 20:12:34 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012/11/01 09:32:14 | 000,057,224 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012/11/01 09:32:44 | 000,065,416 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2012/09/04 23:34:12 | 000,083,848 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2012/09/04 23:34:12 | 000,088,968 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2010/03/24 20:35:48 | 000,370,512 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010/03/24 20:35:48 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013/11/11 14:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013/11/11 14:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013/11/11 14:39:40 | 000,006,012 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_15fps.gif
[2013/11/11 14:39:40 | 000,021,956 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_30fps.gif
[2013/11/11 14:39:40 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013/11/11 14:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013/11/11 14:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013/11/11 14:39:40 | 000,006,012 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_15fps.gif
[2013/11/11 14:39:40 | 000,021,956 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_30fps.gif
[2013/11/11 14:39:40 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2014/01/09 13:57:10 | 000,001,537 | ---- | M] () -- \Users\miso\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0M0M9O4U\AdLoader[1].htm
[2014/01/09 13:57:10 | 000,110,991 | ---- | M] () -- \Users\miso\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GLCKHS89\AdLoader-7b857a7be889bd57f92da60a9b6146bb.min[1].js
[2013/06/10 13:19:38 | 000,006,418 | ---- | M] () -- \Users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default\extensions\jid1-4P0kohSJxU1qGg@jetpack\resources\addon-sdk\lib\sdk\content\loader.js
[2013/06/10 13:19:38 | 000,002,446 | ---- | M] () -- \Users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default\extensions\jid1-4P0kohSJxU1qGg@jetpack\resources\addon-sdk\lib\sdk\l10n\loader.js
[2013/06/10 13:19:38 | 000,003,942 | ---- | M] () -- \Users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default\extensions\jid1-4P0kohSJxU1qGg@jetpack\resources\addon-sdk\lib\sdk\windows\loader.js
[2013/06/10 13:19:38 | 000,017,838 | ---- | M] () -- \Users\miso\AppData\Roaming\Mozilla\Firefox\Profiles\kuftyee1.default\extensions\jid1-4P0kohSJxU1qGg@jetpack\resources\addon-sdk\lib\toolkit\loader.js
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009/07/14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/12/21 23:50:46 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/12/21 23:52:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/12/21 23:50:46 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/12/21 23:52:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 07:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 03:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/04/12 08:34:15 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2011/04/12 08:34:15 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2011/04/12 08:34:15 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2011/04/12 08:34:15 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2011/04/12 08:34:15 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2013/12/21 23:14:58 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013/12/21 23:14:58 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2013/12/21 23:14:58 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2013/12/21 23:14:58 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2013/12/21 23:14:58 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011/04/12 08:33:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2010/11/21 04:17:59 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/12/21 23:50:46 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/12/21 23:52:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/12/21 23:50:46 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/12/21 23:52:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 02:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2012/10/05 11:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/12/22 03:20:09 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d462f459c4353e2c628e6def1430aed7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/12/22 03:20:48 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
[2013/12/22 03:22:00 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\845e04461d3d879b24c5b0d30947050a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/12/22 03:23:27 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\dbfc784cc4bde7b16fb471e14563569d\System.Runtime.Serialization.ni.dll
[2013/12/22 02:29:37 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\a281f3909e9182522777315b3a25ec5a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/12/22 02:29:37 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\a281f3909e9182522777315b3a25ec5a\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2013/12/22 02:29:55 | 002,825,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\66ce786a0b16af8c3f5c480cd6e84376\System.Runtime.Serialization.ni.dll
[2013/12/22 02:29:55 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\66ce786a0b16af8c3f5c480cd6e84376\System.Runtime.Serialization.ni.dll.aux
[2013/12/22 04:13:43 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\6b054c1a64987a9caa2a1c98b070f47f\System.Xml.Serialization.ni.dll
[2013/12/22 04:13:43 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\6b054c1a64987a9caa2a1c98b070f47f\System.Xml.Serialization.ni.dll.aux
[2013/12/22 04:07:01 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\be004a953afb5efce4024c709ba7530b\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/12/22 04:07:01 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\be004a953afb5efce4024c709ba7530b\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2013/12/22 04:08:21 | 003,640,320 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\8d4b7607099258e7d99570bdccb896ee\System.Runtime.Serialization.ni.dll
[2013/12/22 04:08:21 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\8d4b7607099258e7d99570bdccb896ee\System.Runtime.Serialization.ni.dll.aux
[2013/12/22 04:10:28 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\e296a5b243715614b9ab338b4a60f8b0\System.Xml.Serialization.ni.dll
[2013/12/22 04:10:28 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\e296a5b243715614b9ab338b4a60f8b0\System.Xml.Serialization.ni.dll.aux
[2013/09/11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013/09/11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013/09/11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/09/11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013/09/11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/09/11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013/09/11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/09/11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/09/11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013/09/11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2009/06/10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/09/11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013/09/11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/09/11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/09/11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013/09/11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009/07/14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009/06/10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2011/04/12 08:33:45 | 000,005,120 | ---- | M] () -- \Windows\System32\en-US\serialui.dll.mui
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2011/04/12 08:33:45 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\en-US\serialui.dll.mui
[2011/04/12 08:33:50 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_edb61e94e4562781\serialui.dll.mui
[2009/07/14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2011/04/12 08:33:51 | 000,010,240 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_64015f894ce7c72a\serial.sys.mui
[2009/07/14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009/06/10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010/11/21 04:25:21 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012/10/05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012/10/05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010/11/21 04:25:21 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012/10/05 11:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012/10/05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2013/12/21 23:14:58 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2013/12/21 23:14:58 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011/04/12 08:34:15 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_edb61e94e4562781_serialui.dll.mui_7d29d2a3
[2009/07/14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011/04/12 08:34:15 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b_serialui.dll.mui_7d29d2a3
[2009/07/14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011/02/05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/02/05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009/07/14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010/11/21 04:18:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012/10/05 19:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012/10/05 19:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010/11/21 04:18:51 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012/10/05 19:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012/10/05 19:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010/11/21 04:18:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012/10/05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012/10/05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2011/04/12 08:33:23 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012/10/05 19:09:41 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2012/10/05 18:57:17 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2010/11/21 04:18:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012/10/05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012/10/05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010/11/21 04:19:13 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012/10/05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012/10/05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/21 04:25:21 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012/10/05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012/10/05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2010/11/21 04:25:21 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012/10/05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2011/04/12 08:33:45 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b\serialui.dll.mui
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010/11/21 04:25:28 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012/10/05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

NeoFan · #29 Příspěvek od **NeoFan** » 11 led 2014 11:34

OTL Extras logfile created on: 1/11/2014 12:39:55 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\miso\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.50 Gb Total Physical Memory | 5.11 Gb Available Physical Memory | 68.12% Memory free
15.00 Gb Paging File | 12.42 Gb Available in Paging File | 82.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 29.72 Gb Total Space | 3.44 Gb Free Space | 11.57% Space Free | Partition Type: NTFS
Drive D: | 244.85 Gb Total Space | 211.39 Gb Free Space | 86.33% Space Free | Partition Type: NTFS
Drive E: | 1618.16 Gb Total Space | 544.69 Gb Free Space | 33.66% Space Free | Partition Type: NTFS

Computer Name: MISO-PC | User Name: miso | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = OperaStable] -- D:\Program Files (x86)\Opera\Launcher.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = OperaStable] -- D:\Program Files (x86)\Opera\Launcher.exe (Opera Software)

[HKEY_USERS\S-1-5-21-2811220215-2768408660-1131186198-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "D:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "D:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 61 01 DA 5A 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A35713B-4AE4-474B-B80D-F2704E88914D}" = lport=6004 | protocol=17 | dir=in | app=d:\program files (x86)\microsoft office\office14\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{059EB64B-2733-453F-9F49-D3A0A221AFE3}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{1217E005-B6DD-41A8-A1F1-6206FB231A91}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{14EA9FE9-BF52-48E8-8908-79F4BD3E3AE9}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{23145BE3-1959-4DFD-9EB5-B137F2F5B3B2}" = protocol=6 | dir=in | app=d:\program files (x86)\microsoft office\office14\groove.exe |
"{35376043-E521-4EBB-B06B-30F477BFF679}" = protocol=6 | dir=in | app=c:\users\miso\appdata\roaming\dropbox\bin\dropbox.exe |
"{51C7848D-149C-48AE-BC4F-729610C15AFE}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{554A565C-06A3-49FD-A500-B9610068F56F}" = protocol=17 | dir=in | app=d:\program files (x86)\microsoft office\office14\groove.exe |
"{751B8416-7569-496C-B8FF-2CBA5CC34CF6}" = protocol=6 | dir=in | app=d:\program files (x86)\microsoft office\office14\onenote.exe |
"{7DE43C72-2C9D-4D4E-AF9C-5EE4F39A11C3}" = protocol=17 | dir=in | app=c:\users\miso\appdata\roaming\dropbox\bin\dropbox.exe |
"{7DF45938-C509-48C3-ACA1-6C38021155D6}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{80AA8792-49A2-4BCA-871D-6C406FDA7C3E}" = protocol=17 | dir=in | app=d:\program files (x86)\microsoft office\office14\onenote.exe |
"{82887F60-6450-4FB3-A32B-D1CE9B315366}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{8B0448D6-F422-48CC-AC6E-F53CD9B4A002}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{8FD25009-4637-456B-93DA-FC54CB4E25DB}" = dir=in | app=d:\program files (x86)\skype\phone\skype.exe |
"{903A54EB-7203-4F62-BE54-3749280F40C0}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{90416044-92E9-44FA-BF46-4B581AA259E8}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{9E5750AF-72A6-4311-ACC9-003648765439}" = protocol=17 | dir=in | app=c:\users\miso\appdata\roaming\utorrent\utorrent.exe |
"{A50FF91A-597A-47AE-8E62-70643DD36AC1}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{AA345145-B618-4ED8-92B9-EA74B8B6C6A4}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{CEDA6BC3-6BCA-47E0-BDA6-624D38F1E77A}" = protocol=6 | dir=in | app=c:\users\miso\appdata\roaming\utorrent\utorrent.exe |
"{E198BF0C-82FA-48A5-9A62-CDFDABFF6403}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{90140000-0015-041B-1000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2010
"{90140000-0016-041B-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2010
"{90140000-0018-041B-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2010
"{90140000-0019-041B-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2010
"{90140000-001A-041B-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2010
"{90140000-001B-041B-1000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2010
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040E-1000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2010
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2010
"{90140000-002C-041B-1000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2010
"{90140000-0043-041B-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Slovak) 2010
"{90140000-0044-041B-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2010
"{90140000-006E-041B-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2010
"{90140000-00A1-041B-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2010
"{90140000-00BA-041B-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{DC65DFD8-E175-4A85-948A-42965853B2E8}" = Oracle VM VirtualBox 4.3.6
"CCleaner" = CCleaner

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{7204BDEE-1A48-4D95-A964-44A9250B439E}" = Facebook Messenger 2.1.4814.0
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{90140000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2010
"{90140000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2010
"{90140000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2010
"{90140000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2010
"{90140000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2010
"{90140000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2010
"{90140000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2010
"{90140000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2010
"{90140000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2010
"{90140000-00BA-041B-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A00F439C-600D-4220-96CF-C6F1F8C32633}" = OpenOffice 4.0.1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1051-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) - Slovak
"{E86B07AE-9F94-44D5-AD47-DC2716EA90D2}" = Secure Download Manager
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Astroburn Lite" = Astroburn Lite
"Avast" = avast! Pro Antivirus
"DAEMON Tools Lite" = DAEMON Tools Lite
"Google Chrome" = Google Chrome
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"Opera 18.0.1284.68" = Opera Stable 18.0.1284.68
"Steam" = Steam
"Steam App 570" = Dota 2
"TeamViewer 9" = TeamViewer 9
"VLC media player" = VLC media player 2.1.2

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2811220215-2768408660-1131186198-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/10/2014 5:42:40 PM | Computer Name = miso-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/10/2014 5:43:33 PM | Computer Name = miso-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 11.0.9600.16428,
time stamp: 0x525b66f7 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x00000000042b0000 Faulting process
id: 0xf00 Faulting application start time: 0x01cf0e4d01172ee9 Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: unknown
Report
Id: 3ff469ec-7a40-11e3-bd22-0015830cbfeb

Error - 1/10/2014 5:46:02 PM | Computer Name = miso-PC | Source = Application Error | ID = 1000
Description = Faulting application name: RogueKiller.exe, version: 8.8.0.0, time
stamp: 0x52bd594d Faulting module name: RogueKiller.exe, version: 8.8.0.0, time
stamp: 0x52bd594d Exception code: 0x40000015 Fault offset: 0x001549f0 Faulting process
id: 0x7c Faulting application start time: 0x01cf0e4d495153e8 Faulting application
path: C:\Users\miso\Desktop\RogueKiller.exe Faulting module path: C:\Users\miso\Desktop\RogueKiller.exe
Report
Id: 99428f5b-7a40-11e3-bd22-0015830cbfeb

Error - 1/10/2014 5:56:57 PM | Computer Name = miso-PC | Source = Application Error | ID = 1000
Description = Faulting application name: RogueKiller.exe, version: 8.8.0.0, time
stamp: 0x52bd594d Faulting module name: RogueKiller.exe, version: 8.8.0.0, time
stamp: 0x52bd594d Exception code: 0x40000015 Fault offset: 0x001549f0 Faulting process
id: 0x658 Faulting application start time: 0x01cf0e4ec6703ed0 Faulting application
path: C:\Users\miso\Desktop\RogueKiller.exe Faulting module path: C:\Users\miso\Desktop\RogueKiller.exe
Report
Id: 1f6991cf-7a42-11e3-835e-d43d7e33f829

Error - 1/10/2014 5:59:00 PM | Computer Name = miso-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 11.0.9600.16428,
time stamp: 0x525b66f7 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x0000000004360078 Faulting process
id: 0xfd0 Faulting application start time: 0x01cf0e4f2a30074e Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: unknown
Report
Id: 68fdf493-7a42-11e3-b9da-d43d7e33f829

Error - 1/10/2014 5:59:33 PM | Computer Name = miso-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/10/2014 6:00:01 PM | Computer Name = miso-PC | Source = Application Error | ID = 1000
Description = Faulting application name: RogueKiller.exe, version: 8.8.0.0, time
stamp: 0x52bd594d Faulting module name: RogueKiller.exe, version: 8.8.0.0, time
stamp: 0x52bd594d Exception code: 0x40000015 Fault offset: 0x001549f0 Faulting process
id: 0x2f4 Faulting application start time: 0x01cf0e4f3ab899d7 Faulting application
path: C:\Users\miso\Desktop\RogueKiller.exe Faulting module path: C:\Users\miso\Desktop\RogueKiller.exe
Report
Id: 8cf41c00-7a42-11e3-b9da-d43d7e33f829

Error - 1/10/2014 6:00:28 PM | Computer Name = miso-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 11.0.9600.16428,
time stamp: 0x525b66f7 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x0000000004820000 Faulting process
id: 0xef4 Faulting application start time: 0x01cf0e4f5ca66686 Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: unknown
Report
Id: 9d596e96-7a42-11e3-b9da-d43d7e33f829

Error - 1/10/2014 6:17:01 PM | Computer Name = miso-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 11.0.9600.16428,
time stamp: 0x525b66f7 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x00000000059b0000 Faulting process
id: 0x127c Faulting application start time: 0x01cf0e51ae56ef56 Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: unknown
Report
Id: ed1f6365-7a44-11e3-b9da-d43d7e33f829

Error - 1/10/2014 6:21:14 PM | Computer Name = miso-PC | Source = Application Error | ID = 1000
Description = Faulting application name: RogueKiller.exe, version: 8.8.0.0, time
stamp: 0x52bd594d Faulting module name: RogueKiller.exe, version: 8.8.0.0, time
stamp: 0x52bd594d Exception code: 0x40000015 Fault offset: 0x001549f0 Faulting process
id: 0x1198 Faulting application start time: 0x01cf0e5229ab5198 Faulting application
path: C:\Users\miso\Desktop\RogueKiller.exe Faulting module path: C:\Users\miso\Desktop\RogueKiller.exe
Report
Id: 841b603b-7a45-11e3-b9da-d43d7e33f829

[ System Events ]
Error - 1/10/2014 5:39:40 PM | Computer Name = miso-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 1/10/2014 5:39:50 PM | Computer Name = miso-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 1/10/2014 5:40:00 PM | Computer Name = miso-PC | Source = DCOM | ID = 10010
Description =

Error - 1/10/2014 5:54:59 PM | Computer Name = miso-PC | Source = DCOM | ID = 10010
Description =

Error - 1/10/2014 5:56:01 PM | Computer Name = miso-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
aswKbd aswRvrt aswSnx aswSP aswVmm discache spldr VBoxDrv VBoxUSBMon Wanarpv6

Error - 1/10/2014 5:56:07 PM | Computer Name = miso-PC | Source = DCOM | ID = 10005
Description =

Error - 1/10/2014 5:56:12 PM | Computer Name = miso-PC | Source = DCOM | ID = 10005
Description =

Error - 1/10/2014 5:56:13 PM | Computer Name = miso-PC | Source = DCOM | ID = 10005
Description =

Error - 1/10/2014 6:00:24 PM | Computer Name = miso-PC | Source = DCOM | ID = 10016
Description =

Error - 1/10/2014 6:24:26 PM | Computer Name = miso-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

< End of report >

#30 Příspěvek od **Márty84** » 11 led 2014 18:30

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]

:services
AdobeARMservice
gupdate
AdobeFlashPlayerUpdateSvc
gupdatem

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Users\miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk

:otl
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2811220215-2768408660-1131186198-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

VIRY.CZ

Prosim o kontrolu.

Re: Prosim o kontrolu.

Re: Prosim o kontrolu.

Re: Prosim o kontrolu.

Re: Prosim o kontrolu.

Re: Prosim o kontrolu.

Re: Prosim o kontrolu.

Re: Prosim o kontrolu.

Re: Prosim o kontrolu.

Re: Prosim o kontrolu.

Re: Prosim o kontrolu.

Re: Prosim o kontrolu.

Re: Prosim o kontrolu.

Re: Prosim o kontrolu.

Re: Prosim o kontrolu.

Re: Prosim o kontrolu.