Nově přeinstalovaný windows, ale... Prosím o kontrolu logu

[Perda]

Dobrý den, včera jsem dělal úplnou reinstalaci systému windows na mém počítači, ale už večer jsem v nabídce start objevil zvláštní složku (jakousi filesfrog update checker). To mi bylo divné, tak jsem si stáhl malwarebytes a ten mi nalezl ještě jakési další dvě infiltrace, které smazal (appshat a ještě jednu). Přitom jsem během včerejška instaloval snad jen asi 5 dalších programů, jako ccleaner, adobe reader, firefox, splash lite (na který mám podezření, že to byl on). Při instalaci jsem musel přeskočit dvě ujednání, kde jsem souhlasil s podmínkami (a mám dojem, že tam jsem právě ten appshat viděl) - Ale ještě před instalkací jsem jej zavřel a splash lite instaloval z jiného než oficiálního zdroje, kde tyto podmínky už nebyly. Ráno, při konfiguraci aktualizací, mi vyskočila modrá obrazovka a počítač se restartoval, což mi přijde na nový windows docela brzo... Rád bych vás proto poprosil o kontrolu logu, zda ještě něco v pc zůstalo, či není třeba lepší ještě jednou přeinstalovat windows, což by bylo rychlejší a bylo by po problému. Děkuji

log z HiJackThis

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 8:49:39, on 20.4.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.17267)

FIREFOX: 28.0 (cs)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Trajda\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O17 - HKLM\System\CCS\Services\Tcpip\..\{CAD2E8DF-8FC8-4839-83D7-327A398442F2}: NameServer = 62.129.50.20,85.135.32.100
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6395 bytes

[Márty84]

Zdravim

HJT je uz nekolik let nedostacujici. Takze dejte log z RSITx64 http://forum.viry.cz/viewtopic.php?f=13&t=130786

Spustte MBAM a v zalozce protokoly najdete vysledek toho testu a zkopirujte mi ho, abych vedel, co presne nasel.

Podivejte se do slozky C:\Windows\Minidump . Jestli tam budou nejake soubory, hodte je treba na leteckou postu http://leteckaposta.cz/ a dejte mi sem odkaz.

[Perda]

Dobře, tady je log

Logfile of random's system information tool 1.09 (written by random/random)
Run by Trajda at 2014-04-20 10:05:21
Microsoft Windows 7 Ultimate
System drive C: has 467 GB (93%) free of 500 GB
Total RAM: 4094 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:05:23, on 20.4.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.17267)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\trend micro\Trajda.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O17 - HKLM\System\CCS\Services\Tcpip\..\{CAD2E8DF-8FC8-4839-83D7-327A398442F2}: NameServer = 62.129.50.20,85.135.32.100
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6382 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss d5835bf9-2958-44b5-b87c-41f282c9ac2f 1
\??\C:\Windows\system32\conhost.exe "688150396-577393117-121010071246950317-171181101-1218944720-1961942081-1602780194
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8c8a0e57-5e20-46a9-8b98-faec4b890c12 -SystemEventPortName:HostProcess-b0703dee-5881-4447-bcff-2674478e8e6d -IoCancelEventPortName:HostProcess-38b6e119-30b1-4b53-9497-fd6274fa823a -NonStateChangingEventPortName:HostProcess-752a6a11-9ae5-4886-a040-3f2d9df9a005 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3e069ced-6c32-4721-bd6c-ebc044e5da2c -DeviceGroupId:WpdFsGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"taskhost.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-2112985970331956374846211674-1343733193962019006-1946789128265982688450137328
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Trajda\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Trajda\AppData\Roaming\Mozilla\Firefox\Profiles\fy4epjwy.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.182 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.182 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-04-19 581824]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-04-19 436600]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-04-02 2201032]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-04-02 1225920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeznamInstall-uninstall:2eb8fb7f23860901d6e91499249abc7c]
C:\Users\Trajda\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [2014-04-20 534528]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-04-19 3873704]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-04-20 10:05:21 ----D---- C:\rsit
2014-04-20 10:05:21 ----D---- C:\Program Files\trend micro
2014-04-20 08:37:53 ----D---- C:\Windows\Minidump
2014-04-20 08:35:05 ----D---- C:\Windows\SYSWOW64\Wat
2014-04-20 08:35:05 ----D---- C:\Windows\system32\Wat
2014-04-20 01:26:44 ----A---- C:\Windows\system32\browserchoice.exe
2014-04-20 00:50:26 ----D---- C:\Program Files (x86)\Adobe
2014-04-20 00:50:04 ----D---- C:\ProgramData\Adobe
2014-04-20 00:46:12 ----D---- C:\AdwCleaner
2014-04-20 00:39:20 ----D---- C:\Program Files (x86)\Mirillis
2014-04-20 00:29:43 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-04-20 00:29:25 ----D---- C:\ProgramData\Malwarebytes
2014-04-20 00:29:25 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-20 00:29:25 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-04-20 00:29:25 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-04-20 00:29:25 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-04-20 00:18:44 ----D---- C:\Program Files\CCleaner
2014-04-19 23:51:17 ----D---- C:\Program Files (x86)\Seznam.cz
2014-04-19 23:51:05 ----D---- C:\Users\Trajda\AppData\Roaming\Seznam.cz
2014-04-19 23:02:09 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2014-04-19 23:02:09 ----A---- C:\Windows\system32\wcncsvc.dll
2014-04-19 22:28:23 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-04-19 22:28:23 ----A---- C:\Windows\system32\msv1_0.dll
2014-04-19 22:09:02 ----A---- C:\Windows\system32\Wdfres.dll
2014-04-19 22:09:02 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2014-04-19 22:09:02 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2014-04-19 21:19:20 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2014-04-19 21:19:20 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2014-04-19 21:19:20 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2014-04-19 21:19:20 ----A---- C:\Windows\system32\fontsub.dll
2014-04-19 21:19:20 ----A---- C:\Windows\system32\atmlib.dll
2014-04-19 21:19:20 ----A---- C:\Windows\system32\atmfd.dll
2014-04-19 21:17:41 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2014-04-19 21:17:41 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2014-04-19 21:17:40 ----A---- C:\Windows\system32\WUDFSvc.dll
2014-04-19 21:17:40 ----A---- C:\Windows\system32\WUDFPlatform.dll
2014-04-19 21:17:39 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2014-04-19 21:17:38 ----A---- C:\Windows\system32\WUDFx.dll
2014-04-19 21:17:38 ----A---- C:\Windows\system32\WUDFHost.exe
2014-04-19 21:08:11 ----D---- C:\Windows\system32\MRT
2014-04-19 21:08:08 ----A---- C:\Windows\system32\MRT.exe
2014-04-19 20:57:31 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2014-04-19 20:57:31 ----A---- C:\Windows\system32\imagehlp.dll
2014-04-19 20:57:31 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2014-04-19 20:57:30 ----A---- C:\Windows\SYSWOW64\wmi.dll
2014-04-19 20:57:30 ----A---- C:\Windows\system32\wmi.dll
2014-04-19 20:48:02 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2014-04-19 20:48:02 ----A---- C:\Windows\system32\drivers\ks.sys
2014-04-19 20:45:38 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-04-19 20:45:38 ----A---- C:\Windows\system32\mstscax.dll
2014-04-19 20:45:37 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2014-04-19 20:45:37 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-04-19 20:45:37 ----A---- C:\Windows\system32\tsgqec.dll
2014-04-19 20:45:37 ----A---- C:\Windows\system32\aaclient.dll
2014-04-19 20:44:21 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-04-19 20:44:21 ----A---- C:\Windows\system32\mf.dll
2014-04-19 20:44:20 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-04-19 20:44:20 ----A---- C:\Windows\system32\FntCache.dll
2014-04-19 20:44:18 ----A---- C:\Windows\system32\ExplorerFrame.dll
2014-04-19 20:44:17 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2014-04-19 20:44:17 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2014-04-19 20:44:17 ----A---- C:\Windows\system32\mfreadwrite.dll
2014-04-19 20:44:17 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-04-19 20:44:17 ----A---- C:\Windows\system32\cdd.dll
2014-04-19 20:44:16 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2014-04-19 20:44:16 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2014-04-19 20:44:16 ----A---- C:\Windows\system32\XpsRasterService.dll
2014-04-19 20:44:16 ----A---- C:\Windows\system32\mfps.dll
2014-04-19 20:44:16 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-04-19 20:44:06 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2014-04-19 20:44:06 ----A---- C:\Windows\system32\poqexec.exe
2014-04-19 20:44:00 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2014-04-19 20:44:00 ----A---- C:\Windows\system32\CertEnroll.dll
2014-04-19 20:43:56 ----A---- C:\Windows\system32\d3d10warp.dll
2014-04-19 20:43:55 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-04-19 20:43:55 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-04-19 20:43:55 ----A---- C:\Windows\system32\DWrite.dll
2014-04-19 20:43:55 ----A---- C:\Windows\system32\d2d1.dll
2014-04-19 20:43:54 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2014-04-19 20:43:54 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2014-04-19 20:43:54 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2014-04-19 20:43:54 ----A---- C:\Windows\system32\d3d10_1core.dll
2014-04-19 20:43:54 ----A---- C:\Windows\system32\d3d10_1.dll
2014-04-19 20:43:51 ----A---- C:\Windows\system32\msdri.dll
2014-04-19 20:43:47 ----A---- C:\Windows\system32\win32k.sys
2014-04-19 20:43:42 ----A---- C:\Windows\system32\shell32.dll
2014-04-19 20:43:41 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-04-19 20:43:36 ----A---- C:\Windows\SYSWOW64\upnp.dll
2014-04-19 20:43:36 ----A---- C:\Windows\system32\upnp.dll
2014-04-19 20:43:35 ----A---- C:\Windows\system32\winhttp.dll
2014-04-19 20:43:34 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2014-04-19 20:43:34 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2014-04-19 20:43:34 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2014-04-19 20:43:34 ----A---- C:\Windows\SYSWOW64\slwga.dll
2014-04-19 20:43:34 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2014-04-19 20:43:34 ----A---- C:\Windows\system32\wscapi.dll
2014-04-19 20:43:34 ----A---- C:\Windows\system32\WebClnt.dll
2014-04-19 20:43:34 ----A---- C:\Windows\system32\slwga.dll
2014-04-19 20:43:34 ----A---- C:\Windows\system32\davclnt.dll
2014-04-19 20:43:33 ----A---- C:\Windows\system32\wscsvc.dll
2014-04-19 20:43:25 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2014-04-19 20:43:25 ----A---- C:\Windows\system32\ntshrui.dll
2014-04-19 20:43:23 ----A---- C:\Windows\system32\webio.dll
2014-04-19 20:43:22 ----A---- C:\Windows\SYSWOW64\webio.dll
2014-04-19 20:43:21 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2014-04-19 20:43:20 ----A---- C:\Windows\system32\win32spl.dll
2014-04-19 20:43:19 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2014-04-19 20:43:19 ----A---- C:\Windows\system32\CPFilters.dll
2014-04-19 20:43:18 ----A---- C:\Windows\system32\sbe.dll
2014-04-19 20:43:17 ----A---- C:\Windows\SYSWOW64\sbe.dll
2014-04-19 20:43:14 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2014-04-19 20:43:14 ----A---- C:\Windows\system32\asycfilt.dll
2014-04-19 20:43:08 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-04-19 20:43:08 ----A---- C:\Windows\system32\tzres.dll
2014-04-19 20:42:56 ----A---- C:\Windows\system32\taskschd.dll
2014-04-19 20:42:56 ----A---- C:\Windows\system32\taskeng.exe
2014-04-19 20:42:56 ----A---- C:\Windows\system32\schedsvc.dll
2014-04-19 20:42:55 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2014-04-19 20:42:55 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2014-04-19 20:42:55 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2014-04-19 20:42:55 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2014-04-19 20:42:55 ----A---- C:\Windows\system32\wmicmiplugin.dll
2014-04-19 20:42:55 ----A---- C:\Windows\system32\taskcomp.dll
2014-04-19 20:42:55 ----A---- C:\Windows\system32\schtasks.exe
2014-04-19 20:42:38 ----A---- C:\Windows\system32\ole32.dll
2014-04-19 20:42:37 ----A---- C:\Windows\SYSWOW64\ole32.dll
2014-04-19 20:42:29 ----A---- C:\Windows\system32\comctl32.dll
2014-04-19 20:42:28 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2014-04-19 20:42:22 ----A---- C:\Windows\system32\xmllite.dll
2014-04-19 20:42:21 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2014-04-19 20:42:20 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-04-19 20:42:13 ----A---- C:\Windows\system32\schannel.dll
2014-04-19 20:42:12 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-04-19 20:42:12 ----A---- C:\Windows\system32\lsasrv.dll
2014-04-19 20:42:12 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-04-19 20:42:12 ----A---- C:\Windows\system32\drivers\cng.sys
2014-04-19 20:42:11 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-04-19 20:42:11 ----A---- C:\Windows\system32\sspisrv.dll
2014-04-19 20:42:11 ----A---- C:\Windows\system32\sspicli.dll
2014-04-19 20:42:11 ----A---- C:\Windows\system32\secur32.dll
2014-04-19 20:42:11 ----A---- C:\Windows\system32\lsass.exe
2014-04-19 20:42:11 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-04-19 20:42:10 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-04-19 20:42:08 ----A---- C:\Windows\system32\mssrch.dll
2014-04-19 20:42:07 ----A---- C:\Windows\SYSWOW64\tquery.dll
2014-04-19 20:42:07 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2014-04-19 20:42:07 ----A---- C:\Windows\system32\tquery.dll
2014-04-19 20:42:06 ----A---- C:\Windows\system32\SearchIndexer.exe
2014-04-19 20:42:06 ----A---- C:\Windows\system32\mssph.dll
2014-04-19 20:42:05 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2014-04-19 20:42:04 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2014-04-19 20:42:04 ----A---- C:\Windows\SYSWOW64\mssph.dll
2014-04-19 20:42:04 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2014-04-19 20:42:04 ----A---- C:\Windows\system32\mssvp.dll
2014-04-19 20:42:03 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2014-04-19 20:42:03 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2014-04-19 20:42:03 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2014-04-19 20:42:03 ----A---- C:\Windows\system32\SearchFilterHost.exe
2014-04-19 20:42:03 ----A---- C:\Windows\system32\mssphtb.dll
2014-04-19 20:42:03 ----A---- C:\Windows\system32\msscntrs.dll
2014-04-19 20:42:02 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2014-04-19 20:42:01 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-04-19 20:42:01 ----A---- C:\Windows\system32\quartz.dll
2014-04-19 20:42:00 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2014-04-19 20:42:00 ----A---- C:\Windows\system32\qdvd.dll
2014-04-19 20:41:56 ----A---- C:\Windows\system32\msxml6.dll
2014-04-19 20:41:55 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-04-19 20:41:55 ----A---- C:\Windows\system32\msxml3.dll
2014-04-19 20:41:54 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-04-19 20:41:53 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2014-04-19 20:41:53 ----A---- C:\Windows\system32\XpsPrint.dll
2014-04-19 20:41:51 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2014-04-19 20:41:51 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2014-04-19 20:41:50 ----A---- C:\Windows\explorer.exe
2014-04-19 20:41:49 ----A---- C:\Windows\SYSWOW64\explorer.exe
2014-04-19 20:41:48 ----A---- C:\Windows\system32\winlogon.exe
2014-04-19 20:41:47 ----A---- C:\Windows\system32\mfc42u.dll
2014-04-19 20:41:47 ----A---- C:\Windows\system32\mfc42.dll
2014-04-19 20:41:46 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2014-04-19 20:41:46 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2014-04-19 20:41:45 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2014-04-19 20:41:45 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2014-04-19 20:41:45 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2014-04-19 20:41:42 ----A---- C:\Windows\system32\d3d10level9.dll
2014-04-19 20:41:41 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2014-04-19 20:41:39 ----A---- C:\Windows\system32\odbccu32.dll
2014-04-19 20:41:39 ----A---- C:\Windows\system32\odbccr32.dll
2014-04-19 20:41:38 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2014-04-19 20:41:38 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2014-04-19 20:41:38 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2014-04-19 20:41:38 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2014-04-19 20:41:38 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2014-04-19 20:41:38 ----A---- C:\Windows\system32\odbctrac.dll
2014-04-19 20:41:38 ----A---- C:\Windows\system32\odbccp32.dll
2014-04-19 20:41:36 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-04-19 20:41:36 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-04-19 20:41:36 ----A---- C:\Windows\system32\secproc_isv.dll
2014-04-19 20:41:36 ----A---- C:\Windows\system32\secproc.dll
2014-04-19 20:41:36 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-04-19 20:41:36 ----A---- C:\Windows\system32\RMActivate.exe
2014-04-19 20:41:35 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-04-19 20:41:35 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-04-19 20:41:35 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-04-19 20:41:35 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-04-19 20:41:35 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-04-19 20:41:35 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-04-19 20:41:35 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-04-19 20:41:35 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-04-19 20:41:35 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-04-19 20:41:35 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-04-19 20:41:31 ----A---- C:\Windows\system32\rdrmemptylst.exe
2014-04-19 20:41:31 ----A---- C:\Windows\system32\rdpwsx.dll
2014-04-19 20:41:31 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-04-19 20:41:30 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2014-04-19 20:41:30 ----A---- C:\Windows\system32\t2embed.dll
2014-04-19 20:41:28 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2014-04-19 20:41:28 ----A---- C:\Windows\system32\StructuredQuery.dll
2014-04-19 20:41:27 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2014-04-19 20:41:27 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2014-04-19 20:41:27 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-04-19 20:41:27 ----A---- C:\Windows\system32\dnscacheugc.exe
2014-04-19 20:41:27 ----A---- C:\Windows\system32\dnsapi.dll
2014-04-19 20:41:26 ----A---- C:\Windows\system32\drivers\dfsc.sys
2014-04-19 20:41:22 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2014-04-19 20:41:22 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2014-04-19 20:41:22 ----A---- C:\Windows\system32\rtutils.dll
2014-04-19 20:41:20 ----A---- C:\Windows\system32\drivers\usb8023.sys
2014-04-19 20:41:17 ----A---- C:\Windows\system32\spoolsv.exe
2014-04-19 20:41:17 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-04-19 20:41:16 ----A---- C:\Windows\system32\profsvc.dll
2014-04-19 20:41:14 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2014-04-19 20:41:14 ----A---- C:\Windows\system32\dpnet.dll
2014-04-19 20:41:13 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-04-19 20:41:13 ----A---- C:\Windows\system32\ncrypt.dll
2014-04-19 20:41:12 ----A---- C:\Windows\system32\wmpmde.dll
2014-04-19 20:41:11 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2014-04-19 20:28:15 ----A---- C:\Windows\system32\mshtml.dll
2014-04-19 20:28:13 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-04-19 20:28:12 ----A---- C:\Windows\system32\ieframe.dll
2014-04-19 20:28:11 ----A---- C:\Windows\system32\iertutil.dll
2014-04-19 20:28:10 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-04-19 20:28:09 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-04-19 20:28:08 ----A---- C:\Windows\system32\urlmon.dll
2014-04-19 20:28:08 ----A---- C:\Windows\system32\mstime.dll
2014-04-19 20:28:08 ----A---- C:\Windows\system32\msfeeds.dll
2014-04-19 20:28:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-04-19 20:28:06 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-04-19 20:28:06 ----A---- C:\Windows\SYSWOW64\mstime.dll
2014-04-19 20:28:06 ----A---- C:\Windows\system32\wininet.dll
2014-04-19 20:28:05 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-04-19 20:28:04 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-04-19 20:28:04 ----A---- C:\Windows\system32\iedkcs32.dll
2014-04-19 20:28:03 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-04-19 20:28:03 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2014-04-19 20:28:03 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2014-04-19 20:28:03 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2014-04-19 20:28:03 ----A---- C:\Windows\system32\mshtmled.dll
2014-04-19 20:28:03 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-04-19 20:28:03 ----A---- C:\Windows\system32\licmgr10.dll
2014-04-19 20:28:03 ----A---- C:\Windows\system32\iepeers.dll
2014-04-19 20:28:02 ----A---- C:\Windows\SYSWOW64\url.dll
2014-04-19 20:28:02 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-04-19 20:28:02 ----A---- C:\Windows\system32\url.dll
2014-04-19 20:28:02 ----A---- C:\Windows\system32\ieui.dll
2014-04-19 20:28:01 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2014-04-19 20:28:01 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-04-19 20:28:01 ----A---- C:\Windows\system32\msfeedssync.exe
2014-04-19 20:28:01 ----A---- C:\Windows\system32\jsproxy.dll
2014-04-19 20:27:54 ----A---- C:\Windows\system32\Wpc.dll
2014-04-19 20:27:53 ----A---- C:\Windows\system32\gameux.dll
2014-04-19 20:27:52 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2014-04-19 20:27:52 ----A---- C:\Windows\SYSWOW64\gameux.dll
2014-04-19 20:26:57 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-04-19 20:26:56 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-04-19 20:26:55 ----A---- C:\Windows\system32\msi.dll
2014-04-19 20:26:54 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-04-19 20:26:48 ----A---- C:\Windows\system32\drivers\srvnet.sys
2014-04-19 20:26:48 ----A---- C:\Windows\system32\drivers\srv2.sys
2014-04-19 20:26:48 ----A---- C:\Windows\system32\drivers\srv.sys
2014-04-19 20:26:46 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2014-04-19 20:26:46 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2014-04-19 20:26:44 ----A---- C:\Windows\system32\wow64win.dll
2014-04-19 20:26:44 ----A---- C:\Windows\system32\winsrv.dll
2014-04-19 20:26:44 ----A---- C:\Windows\system32\KernelBase.dll
2014-04-19 20:26:44 ----A---- C:\Windows\system32\kernel32.dll
2014-04-19 20:26:43 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-04-19 20:26:43 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-04-19 20:26:43 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-04-19 20:26:43 ----A---- C:\Windows\system32\wow64.dll
2014-04-19 20:26:43 ----A---- C:\Windows\system32\conhost.exe
2014-04-19 20:26:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-04-19 20:26:42 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-04-19 20:26:42 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-04-19 20:26:42 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-04-19 20:26:42 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-04-19 20:26:42 ----A---- C:\Windows\system32\ntvdm64.dll
2014-04-19 20:26:41 ----A---- C:\Windows\system32\wow64cpu.dll
2014-04-19 20:26:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-04-19 20:26:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-04-19 20:26:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2014-04-19 20:26:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-04-19 20:26:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-04-19 20:26:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-04-19 20:26:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2014-04-19 20:26:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-04-19 20:26:40 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-04-19 20:26:40 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-04-19 20:26:40 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-04-19 20:26:40 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-04-19 20:26:40 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-04-19 20:26:40 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-04-19 20:26:40 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-04-19 20:26:40 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-04-19 20:26:40 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-04-19 20:26:40 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-04-19 20:26:40 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-04-19 20:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-04-19 20:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-04-19 20:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-04-19 20:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-04-19 20:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-04-19 20:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2014-04-19 20:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-04-19 20:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-04-19 20:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-04-19 20:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-04-19 20:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-04-19 20:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-04-19 20:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-04-19 20:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-04-19 20:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-04-19 20:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-04-19 20:26:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2014-04-19 20:26:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-04-19 20:26:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2014-04-19 20:26:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-04-19 20:26:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-04-19 20:26:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-04-19 20:26:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-04-19 20:26:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-04-19 20:26:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-04-19 20:26:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-04-19 20:26:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2014-04-19 20:26:38 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-04-19 20:26:38 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-04-19 20:26:38 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-04-19 20:26:38 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-04-19 20:26:38 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-04-19 20:26:38 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-04-19 20:26:38 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-04-19 20:26:37 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-04-19 20:26:37 ----A---- C:\Windows\SYSWOW64\user.exe
2014-04-19 20:26:35 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-04-19 20:26:35 ----A---- C:\Windows\system32\vbscript.dll
2014-04-19 20:26:35 ----A---- C:\Windows\system32\jscript.dll
2014-04-19 20:26:34 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-04-19 20:26:32 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-04-19 20:26:28 ----A---- C:\Windows\system32\winresume.exe
2014-04-19 20:26:28 ----A---- C:\Windows\system32\winload.exe
2014-04-19 20:26:27 ----A---- C:\Windows\system32\kdusb.dll
2014-04-19 20:26:27 ----A---- C:\Windows\system32\kdcom.dll
2014-04-19 20:26:27 ----A---- C:\Windows\system32\kd1394.dll
2014-04-19 20:26:22 ----A---- C:\Windows\system32\drivers\afd.sys
2014-04-19 20:26:20 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-04-19 20:26:20 ----A---- C:\Windows\system32\usp10.dll
2014-04-19 20:26:18 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-04-19 20:26:18 ----A---- C:\Windows\system32\kerberos.dll
2014-04-19 20:26:15 ----A---- C:\Windows\system32\psisdecd.dll
2014-04-19 20:26:14 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2014-04-19 20:26:12 ----A---- C:\Windows\SYSWOW64\msvidc32.dll
2014-04-19 20:26:12 ----A---- C:\Windows\SYSWOW64\mciavi32.dll
2014-04-19 20:26:12 ----A---- C:\Windows\SYSWOW64\avifil32.dll
2014-04-19 20:26:12 ----A---- C:\Windows\system32\tsbyuv.dll
2014-04-19 20:26:12 ----A---- C:\Windows\system32\msyuv.dll
2014-04-19 20:26:12 ----A---- C:\Windows\system32\msvidc32.dll
2014-04-19 20:26:12 ----A---- C:\Windows\system32\msrle32.dll
2014-04-19 20:26:12 ----A---- C:\Windows\system32\iyuv_32.dll
2014-04-19 20:26:11 ----A---- C:\Windows\SYSWOW64\tsbyuv.dll
2014-04-19 20:26:11 ----A---- C:\Windows\SYSWOW64\msyuv.dll
2014-04-19 20:26:11 ----A---- C:\Windows\SYSWOW64\msrle32.dll
2014-04-19 20:26:11 ----A---- C:\Windows\SYSWOW64\iyuv_32.dll
2014-04-19 20:26:10 ----A---- C:\Windows\system32\drivers\volsnap.sys
2014-04-19 20:26:09 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-04-19 20:26:09 ----A---- C:\Windows\system32\wintrust.dll
2014-04-19 20:26:07 ----A---- C:\Windows\system32\drivers\partmgr.sys
2014-04-19 20:26:04 ----A---- C:\Windows\SYSWOW64\synceng.dll
2014-04-19 20:26:04 ----A---- C:\Windows\system32\synceng.dll
2014-04-19 20:26:00 ----A---- C:\Windows\SYSWOW64\msasn1.dll
2014-04-19 20:26:00 ----A---- C:\Windows\system32\msasn1.dll
2014-04-19 20:25:44 ----A---- C:\Windows\system32\wmp.dll
2014-04-19 20:25:42 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-04-19 20:25:40 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-04-19 20:25:40 ----A---- C:\Windows\system32\wmploc.DLL
2014-04-19 20:25:38 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2014-04-19 20:25:38 ----A---- C:\Windows\SYSWOW64\browcli.dll
2014-04-19 20:25:38 ----A---- C:\Windows\system32\netapi32.dll
2014-04-19 20:25:38 ----A---- C:\Windows\system32\browser.dll
2014-04-19 20:25:38 ----A---- C:\Windows\system32\browcli.dll
2014-04-19 20:25:36 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2014-04-19 20:25:36 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2014-04-19 20:25:36 ----A---- C:\Windows\SYSWOW64\devobj.dll
2014-04-19 20:25:36 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2014-04-19 20:25:36 ----A---- C:\Windows\system32\umpnpmgr.dll
2014-04-19 20:25:26 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-04-19 20:25:26 ----A---- C:\Windows\system32\mstsc.exe
2014-04-19 20:25:25 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2014-04-19 20:25:25 ----A---- C:\Windows\system32\prevhost.exe
2014-04-19 20:25:24 ----A---- C:\Windows\system32\drivers\fvevol.sys
2014-04-19 20:25:00 ----A---- C:\Windows\system32\srcore.dll
2014-04-19 20:24:59 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-04-19 20:24:59 ----A---- C:\Windows\system32\FXSCOVER.exe
2014-04-19 20:24:57 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2014-04-19 20:24:57 ----A---- C:\Windows\system32\inetcomm.dll
2014-04-19 20:24:56 ----A---- C:\Windows\system32\msvcrt.dll
2014-04-19 20:24:55 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2014-04-19 20:24:54 ----A---- C:\Windows\system32\consent.exe
2014-04-19 20:24:51 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-04-19 20:24:49 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-04-19 20:24:49 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-04-19 20:24:48 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2014-04-19 20:24:48 ----A---- C:\Windows\system32\smss.exe
2014-04-19 20:24:48 ----A---- C:\Windows\system32\csrsrv.dll
2014-04-19 20:24:29 ----A---- C:\Windows\system32\crypt32.dll
2014-04-19 20:24:28 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-04-19 20:24:28 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2014-04-19 20:24:28 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-04-19 20:24:28 ----A---- C:\Windows\system32\cryptsvc.dll
2014-04-19 20:24:28 ----A---- C:\Windows\system32\cryptnet.dll
2014-04-19 20:24:19 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2014-04-19 20:24:19 ----A---- C:\Windows\system32\odbc32.dll
2014-04-19 20:24:15 ----A---- C:\Windows\system32\ntdll.dll
2014-04-19 20:24:14 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-04-19 20:24:13 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2014-04-19 20:24:13 ----A---- C:\Windows\system32\EncDec.dll
2014-04-19 20:23:57 ----A---- C:\Windows\system32\drivers\bowser.sys
2014-04-19 20:23:46 ----A---- C:\Windows\SYSWOW64\sscore.dll
2014-04-19 20:23:46 ----A---- C:\Windows\system32\srvsvc.dll
2014-04-19 20:23:44 ----A---- C:\Windows\system32\localspl.dll
2014-04-19 20:23:29 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-04-19 20:23:29 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2014-04-19 20:23:29 ----A---- C:\Windows\system32\oleaut32.dll
2014-04-19 20:23:29 ----A---- C:\Windows\system32\oleacc.dll
2014-04-19 20:14:32 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-04-19 20:14:32 ----A---- C:\Windows\system32\packager.dll
2014-04-19 20:13:31 ----A---- C:\Windows\system32\rdpcore.dll
2014-04-19 20:13:30 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2014-04-19 20:13:30 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2014-04-19 20:13:29 ----A---- C:\Windows\SYSWOW64\cabview.dll
2014-04-19 20:13:29 ----A---- C:\Windows\system32\cabview.dll
2014-04-19 20:08:09 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2014-04-19 20:08:09 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2014-04-19 20:08:09 ----A---- C:\Windows\system32\XAudio2_7.dll
2014-04-19 20:08:09 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2014-04-19 20:08:08 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2014-04-19 20:08:08 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2014-04-19 20:08:08 ----A---- C:\Windows\system32\xactengine3_7.dll
2014-04-19 20:08:08 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2014-04-19 20:08:07 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2014-04-19 20:08:07 ----A---- C:\Windows\system32\d3dcsx_43.dll
2014-04-19 20:08:06 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2014-04-19 20:08:06 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2014-04-19 20:08:06 ----A---- C:\Windows\system32\XAudio2_6.dll
2014-04-19 20:08:06 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2014-04-19 20:08:05 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2014-04-19 20:08:05 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2014-04-19 20:08:05 ----A---- C:\Windows\system32\xactengine3_6.dll
2014-04-19 20:08:05 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2014-04-19 20:08:03 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2014-04-19 20:08:03 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2014-04-19 20:08:03 ----A---- C:\Windows\system32\XAudio2_5.dll
2014-04-19 20:08:03 ----A---- C:\Windows\system32\xactengine3_5.dll
2014-04-19 20:08:02 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2014-04-19 20:08:02 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2014-04-19 20:08:01 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2014-04-19 20:08:01 ----A---- C:\Windows\system32\d3dcsx_42.dll
2014-04-19 20:08:00 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2014-04-19 20:08:00 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2014-04-19 20:08:00 ----A---- C:\Windows\system32\d3dx11_42.dll
2014-04-19 20:08:00 ----A---- C:\Windows\system32\d3dx10_42.dll
2014-04-19 20:07:59 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2014-04-19 20:07:59 ----A---- C:\Windows\system32\D3DX9_42.dll
2014-04-19 20:07:58 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2014-04-19 20:07:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2014-04-19 20:07:58 ----A---- C:\Windows\system32\d3dx10_41.dll
2014-04-19 20:07:58 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2014-04-19 20:07:57 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2014-04-19 20:07:57 ----A---- C:\Windows\system32\D3DX9_41.dll
2014-04-19 20:07:56 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2014-04-19 20:07:56 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2014-04-19 20:07:56 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2014-04-19 20:07:56 ----A---- C:\Windows\system32\XAudio2_4.dll
2014-04-19 20:07:56 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2014-04-19 20:07:56 ----A---- C:\Windows\system32\xactengine3_4.dll
2014-04-19 20:07:55 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2014-04-19 20:07:55 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2014-04-19 20:07:54 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2014-04-19 20:07:54 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2014-04-19 20:07:54 ----A---- C:\Windows\system32\d3dx10_40.dll
2014-04-19 20:07:54 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2014-04-19 20:07:53 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2014-04-19 20:07:53 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2014-04-19 20:07:53 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2014-04-19 20:07:53 ----A---- C:\Windows\system32\XAudio2_3.dll
2014-04-19 20:07:53 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2014-04-19 20:07:53 ----A---- C:\Windows\system32\D3DX9_40.dll
2014-04-19 20:07:51 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2014-04-19 20:07:51 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2014-04-19 20:07:51 ----A---- C:\Windows\system32\xactengine3_3.dll
2014-04-19 20:07:51 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2014-04-19 20:07:50 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2014-04-19 20:07:50 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2014-04-19 20:07:50 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2014-04-19 20:07:50 ----A---- C:\Windows\system32\XAudio2_2.dll
2014-04-19 20:07:50 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2014-04-19 20:07:50 ----A---- C:\Windows\system32\xactengine3_2.dll
2014-04-19 20:07:49 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2014-04-19 20:07:49 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2014-04-19 20:07:49 ----A---- C:\Windows\system32\d3dx10_39.dll
2014-04-19 20:07:49 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2014-04-19 20:07:48 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2014-04-19 20:07:48 ----A---- C:\Windows\system32\D3DX9_39.dll
2014-04-19 20:07:47 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2014-04-19 20:07:47 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2014-04-19 20:07:47 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2014-04-19 20:07:47 ----A---- C:\Windows\system32\XAudio2_1.dll
2014-04-19 20:07:47 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2014-04-19 20:07:47 ----A---- C:\Windows\system32\xactengine3_1.dll
2014-04-19 20:07:46 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2014-04-19 20:07:46 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2014-04-19 20:07:45 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2014-04-19 20:07:45 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2014-04-19 20:07:45 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2014-04-19 20:07:45 ----A---- C:\Windows\system32\D3DX9_38.dll
2014-04-19 20:07:45 ----A---- C:\Windows\system32\d3dx10_38.dll
2014-04-19 20:07:45 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2014-04-19 20:07:44 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2014-04-19 20:07:44 ----A---- C:\Windows\system32\XAudio2_0.dll
2014-04-19 20:07:43 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2014-04-19 20:07:43 ----A---- C:\Windows\system32\xactengine3_0.dll
2014-04-19 20:07:41 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2014-04-19 20:07:41 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2014-04-19 20:07:41 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2014-04-19 20:07:41 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2014-04-19 20:07:41 ----A---- C:\Windows\system32\d3dx10_37.dll
2014-04-19 20:07:41 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2014-04-19 20:07:40 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2014-04-19 20:07:40 ----A---- C:\Windows\system32\D3DX9_37.dll
2014-04-19 20:07:38 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2014-04-19 20:07:38 ----A---- C:\Windows\system32\xactengine2_10.dll
2014-04-19 20:07:37 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2014-04-19 20:07:37 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2014-04-19 20:07:37 ----A---- C:\Windows\system32\d3dx10_36.dll
2014-04-19 20:07:37 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2014-04-19 20:07:36 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2014-04-19 20:07:36 ----A---- C:\Windows\system32\d3dx9_36.dll
2014-04-19 20:07:35 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2014-04-19 20:07:35 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2014-04-19 20:07:35 ----A---- C:\Windows\system32\xactengine2_9.dll
2014-04-19 20:07:35 ----A---- C:\Windows\system32\d3dx10_35.dll
2014-04-19 20:07:34 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2014-04-19 20:07:34 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2014-04-19 20:07:33 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2014-04-19 20:07:33 ----A---- C:\Windows\system32\d3dx9_35.dll
2014-04-19 20:07:32 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2014-04-19 20:07:32 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2014-04-19 20:07:32 ----A---- C:\Windows\system32\xactengine2_8.dll
2014-04-19 20:07:32 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2014-04-19 20:07:31 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2014-04-19 20:07:31 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2014-04-19 20:07:31 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2014-04-19 20:07:31 ----A---- C:\Windows\system32\d3dx9_34.dll
2014-04-19 20:07:31 ----A---- C:\Windows\system32\d3dx10_34.dll
2014-04-19 20:07:31 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2014-04-19 20:07:30 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2014-04-19 20:07:30 ----A---- C:\Windows\system32\xinput1_3.dll
2014-04-19 20:07:29 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2014-04-19 20:07:29 ----A---- C:\Windows\system32\xactengine2_7.dll
2014-04-19 20:07:27 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2014-04-19 20:07:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2014-04-19 20:07:27 ----A---- C:\Windows\system32\d3dx10_33.dll
2014-04-19 20:07:27 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2014-04-19 20:07:26 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2014-04-19 20:07:26 ----A---- C:\Windows\system32\d3dx9_33.dll
2014-04-19 20:07:25 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2014-04-19 20:07:25 ----A---- C:\Windows\system32\xactengine2_6.dll
2014-04-19 20:07:24 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2014-04-19 20:07:24 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2014-04-19 20:07:24 ----A---- C:\Windows\system32\xactengine2_5.dll
2014-04-19 20:07:24 ----A---- C:\Windows\system32\d3dx10.dll
2014-04-19 20:07:23 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2014-04-19 20:07:23 ----A---- C:\Windows\system32\d3dx9_32.dll
2014-04-19 20:07:22 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2014-04-19 20:07:22 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2014-04-19 20:07:22 ----A---- C:\Windows\system32\xactengine2_4.dll
2014-04-19 20:07:22 ----A---- C:\Windows\system32\x3daudio1_1.dll
2014-04-19 20:07:21 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2014-04-19 20:07:21 ----A---- C:\Windows\system32\d3dx9_31.dll
2014-04-19 20:07:20 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2014-04-19 20:07:20 ----A---- C:\Windows\system32\xactengine2_3.dll
2014-04-19 20:07:19 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2014-04-19 20:07:19 ----A---- C:\Windows\system32\xinput1_2.dll
2014-04-19 20:07:18 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2014-04-19 20:07:18 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2014-04-19 20:07:18 ----A---- C:\Windows\system32\xinput1_1.dll
2014-04-19 20:07:18 ----A---- C:\Windows\system32\xactengine2_2.dll
2014-04-19 20:07:17 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2014-04-19 20:07:17 ----A---- C:\Windows\system32\xactengine2_1.dll
2014-04-19 20:07:12 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2014-04-19 20:07:12 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2014-04-19 20:07:12 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2014-04-19 20:07:12 ----A---- C:\Windows\system32\xactengine2_0.dll
2014-04-19 20:07:12 ----A---- C:\Windows\system32\x3daudio1_0.dll
2014-04-19 20:07:12 ----A---- C:\Windows\system32\d3dx9_30.dll
2014-04-19 20:07:11 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2014-04-19 20:07:11 ----A---- C:\Windows\system32\d3dx9_29.dll
2014-04-19 20:07:10 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2014-04-19 20:07:10 ----A---- C:\Windows\system32\d3dx9_28.dll
2014-04-19 20:07:09 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2014-04-19 20:07:09 ----A---- C:\Windows\system32\d3dx9_27.dll
2014-04-19 20:07:08 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2014-04-19 20:07:08 ----A---- C:\Windows\system32\d3dx9_26.dll
2014-04-19 20:07:07 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2014-04-19 20:07:07 ----A---- C:\Windows\system32\d3dx9_25.dll
2014-04-19 20:07:06 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2014-04-19 20:07:06 ----A---- C:\Windows\system32\d3dx9_24.dll
2014-04-19 20:05:36 ----HD---- C:\Windows\msdownld.tmp
2014-04-19 20:05:30 ----A---- C:\Windows\system32\wups2.dll
2014-04-19 20:05:30 ----A---- C:\Windows\system32\wucltux.dll
2014-04-19 20:05:30 ----A---- C:\Windows\system32\wuaueng.dll
2014-04-19 20:05:30 ----A---- C:\Windows\system32\wuauclt.exe
2014-04-19 20:05:23 ----D---- C:\Windows\SYSWOW64\directx
2014-04-19 20:05:07 ----A---- C:\Windows\system32\wuwebv.dll
2014-04-19 20:05:07 ----A---- C:\Windows\system32\wuapp.exe
2014-04-19 19:13:24 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2014-04-19 19:13:24 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2014-04-19 19:13:24 ----A---- C:\Windows\system32\d3dx11_43.dll
2014-04-19 19:13:24 ----A---- C:\Windows\system32\d3dx10_43.dll
2014-04-19 19:13:23 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2014-04-19 19:13:23 ----A---- C:\Windows\system32\D3DX9_43.dll
2014-04-19 19:13:01 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2014-04-19 19:13:01 ----A---- C:\Windows\system32\nvspcap64.dll
2014-04-19 19:12:00 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-04-19 19:12:00 ----A---- C:\Windows\system32\nvaudcap64v.dll
2014-04-19 19:12:00 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-04-19 18:55:48 ----D---- C:\Windows\Panther
2014-04-19 18:55:43 ----RASH---- C:\BOOTSECT.BAK
2014-04-19 18:55:42 ----SHD---- C:\Boot
2014-04-19 18:55:21 ----D---- C:\Program Files (x86)\AGEIA Technologies
2014-04-19 18:54:50 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2014-04-19 18:54:37 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-04-19 18:54:33 ----D---- C:\ProgramData\NVIDIA
2014-04-19 18:54:25 ----A---- C:\Windows\system32\nvvsvc.exe
2014-04-19 18:54:25 ----A---- C:\Windows\system32\nvsvc64.dll
2014-04-19 18:54:25 ----A---- C:\Windows\system32\nvshext.dll
2014-04-19 18:54:25 ----A---- C:\Windows\system32\nvmctray.dll
2014-04-19 18:54:25 ----A---- C:\Windows\system32\nvcpl.dll
2014-04-19 18:54:05 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2014-04-19 18:54:05 ----A---- C:\Windows\system32\OpenCL.dll
2014-04-19 18:53:48 ----D---- C:\ProgramData\NVIDIA Corporation
2014-04-19 18:48:45 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-04-19 18:46:20 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-04-19 18:45:59 ----SHD---- C:\Windows\Installer
2014-04-19 18:45:35 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2014-04-19 18:45:35 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2014-04-19 18:45:35 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2014-04-19 18:45:35 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2014-04-19 18:45:35 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-04-19 18:45:35 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2014-04-19 18:45:35 ----A---- C:\Windows\system32\PresentationHost.exe
2014-04-19 18:45:35 ----A---- C:\Windows\system32\netfxperf.dll
2014-04-19 18:45:35 ----A---- C:\Windows\system32\dfshim.dll
2014-04-19 18:45:34 ----A---- C:\Windows\system32\mscoree.dll
2014-04-19 18:44:30 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-04-19 18:44:30 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-04-19 18:44:30 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-04-19 18:44:30 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-04-19 18:44:30 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-04-19 18:44:30 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-04-19 18:44:30 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-04-19 18:44:30 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2014-04-19 18:44:30 ----A---- C:\Windows\system32\nvopencl.dll
2014-04-19 18:44:30 ----A---- C:\Windows\system32\nvoglv64.dll
2014-04-19 18:44:30 ----A---- C:\Windows\system32\NvIFR64.dll
2014-04-19 18:44:30 ----A---- C:\Windows\system32\NvFBC64.dll
2014-04-19 18:44:30 ----A---- C:\Windows\system32\nvdispgenco6433523.dll
2014-04-19 18:44:30 ----A---- C:\Windows\system32\nvdispco6433523.dll
2014-04-19 18:44:30 ----A---- C:\Windows\system32\nvcuvid.dll
2014-04-19 18:44:30 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-04-19 18:44:30 ----A---- C:\Windows\system32\nvcuda.dll
2014-04-19 18:44:30 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-04-19 18:44:29 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-04-19 18:44:29 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-04-19 18:44:29 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-04-19 18:44:29 ----A---- C:\Windows\system32\nvcompiler.dll
2014-04-19 18:44:29 ----A---- C:\Windows\system32\nvapi64.dll
2014-04-19 18:33:09 ----D---- C:\Program Files\NVIDIA Corporation
2014-04-19 18:29:11 ----D---- C:\Users\Trajda\AppData\Roaming\Macromedia
2014-04-19 18:29:11 ----D---- C:\Users\Trajda\AppData\Roaming\Adobe
2014-04-19 18:29:04 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-04-19 18:29:02 ----D---- C:\Windows\SYSWOW64\Macromed
2014-04-19 18:29:00 ----D---- C:\Windows\system32\Macromed
2014-04-19 18:23:34 ----N---- C:\Windows\system32\MpSigStub.exe
2014-04-19 18:17:56 ----D---- C:\Users\Trajda\AppData\Roaming\AVAST Software
2014-04-19 18:17:39 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-04-19 18:17:38 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-04-19 18:17:38 ----A---- C:\Windows\system32\drivers\aswSP.sys
2014-04-19 18:17:38 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2014-04-19 18:17:38 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-04-19 18:17:37 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-04-19 18:17:37 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-04-19 18:17:36 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-04-19 18:17:35 ----A---- C:\Windows\system32\aswBoot.exe
2014-04-19 18:17:33 ----A---- C:\Windows\avastSS.scr
2014-04-19 18:15:27 ----D---- C:\Program Files\AVAST Software
2014-04-19 18:13:25 ----D---- C:\ProgramData\AVAST Software
2014-04-19 18:12:03 ----D---- C:\Users\Trajda\AppData\Roaming\Mozilla
2014-04-19 18:11:59 ----D---- C:\ProgramData\Mozilla
2014-04-19 18:11:59 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-19 18:11:58 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-04-19 18:06:03 ----D---- C:\Users\Trajda\AppData\Roaming\Identities
2014-04-19 18:05:49 ----SD---- C:\Users\Trajda\AppData\Roaming\Microsoft
2014-04-19 18:05:49 ----D---- C:\Users\Trajda\AppData\Roaming\Media Center Programs
2014-04-19 18:04:11 ----SHD---- C:\Recovery
2014-04-19 18:04:11 ----SHD---- C:\ProgramData\Šablony
2014-04-19 18:04:11 ----SHD---- C:\ProgramData\Nabídka Start
2014-04-19 18:04:10 ----SHD---- C:\ProgramData\Plocha
2014-04-19 18:04:10 ----SHD---- C:\ProgramData\Oblíbené položky
2014-04-19 18:04:10 ----SHD---- C:\ProgramData\Dokumenty
2014-04-19 18:04:10 ----SHD---- C:\ProgramData\Data aplikací
2014-04-19 18:03:38 ----D---- C:\Windows\SoftwareDistribution
2014-04-19 17:57:12 ----D---- C:\Windows\Prefetch
2014-04-19 17:56:58 ----ASH---- C:\pagefile.sys
2014-04-19 17:56:57 ----SHD---- C:\System Volume Information
2014-04-19 17:56:57 ----ASH---- C:\hiberfil.sys

======List of files/folders modified in the last 1 month======

2014-04-20 10:05:22 ----D---- C:\Windows\Temp
2014-04-20 10:05:21 ----RD---- C:\Program Files
2014-04-20 09:58:12 ----D---- C:\Windows\Microsoft.NET
2014-04-20 09:58:11 ----RSD---- C:\Windows\assembly
2014-04-20 08:52:17 ----D---- C:\Windows\system32\config
2014-04-20 08:52:06 ----D---- C:\Windows\winsxs
2014-04-20 08:45:11 ----D---- C:\Windows\System32
2014-04-20 08:45:11 ----D---- C:\Windows\inf
2014-04-20 08:45:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-20 08:37:53 ----D---- C:\Windows
2014-04-20 08:35:17 ----D---- C:\Windows\SysWOW64
2014-04-20 08:35:16 ----D---- C:\Windows\system32\drivers
2014-04-20 08:35:16 ----D---- C:\Program Files\Common Files\System
2014-04-20 08:35:15 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-04-20 08:35:15 ----D---- C:\Windows\system32\cs-CZ
2014-04-20 08:35:14 ----D---- C:\Windows\ehome
2014-04-20 08:35:11 ----D---- C:\Program Files\Windows Mail
2014-04-20 08:35:11 ----D---- C:\Program Files (x86)\Windows Mail
2014-04-20 08:35:10 ----RSD---- C:\Windows\Fonts
2014-04-20 08:35:10 ----D---- C:\Windows\system32\wbem
2014-04-20 08:35:10 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-04-20 08:35:04 ----D---- C:\Windows\AppPatch
2014-04-20 08:34:50 ----D---- C:\Windows\system32\Boot
2014-04-20 08:34:49 ----D---- C:\Windows\SYSWOW64\migration
2014-04-20 08:34:49 ----D---- C:\Windows\system32\migration
2014-04-20 08:34:49 ----D---- C:\Program Files\Internet Explorer
2014-04-20 08:34:49 ----D---- C:\Program Files (x86)\Internet Explorer
2014-04-20 08:34:46 ----D---- C:\Program Files (x86)\Windows Media Player
2014-04-20 08:34:45 ----D---- C:\Program Files\Windows Media Player
2014-04-20 08:34:43 ----D---- C:\Program Files\Windows Journal
2014-04-20 08:34:25 ----D---- C:\Windows\system32\DriverStore
2014-04-20 08:33:46 ----D---- C:\Windows\cs-CZ
2014-04-20 01:21:39 ----D---- C:\Windows\system32\catroot
2014-04-20 00:50:26 ----RD---- C:\Program Files (x86)
2014-04-20 00:50:26 ----D---- C:\Program Files (x86)\Common Files
2014-04-20 00:50:04 ----HD---- C:\ProgramData
2014-04-20 00:25:58 ----D---- C:\Windows\Logs
2014-04-20 00:25:58 ----D---- C:\Windows\debug
2014-04-20 00:18:47 ----D---- C:\Windows\system32\Tasks
2014-04-19 23:04:17 ----SD---- C:\ProgramData\Microsoft
2014-04-19 23:04:13 ----D---- C:\Windows\system32\drivers\UMDF
2014-04-19 22:09:41 ----D---- C:\Windows\system32\catroot2
2014-04-19 18:55:27 ----D---- C:\Windows\Setup
2014-04-19 18:54:22 ----D---- C:\Windows\Help
2014-04-19 18:46:22 ----D---- C:\Windows\SYSWOW64\en-US
2014-04-19 18:46:22 ----D---- C:\Windows\system32\en-US
2014-04-19 18:29:04 ----D---- C:\Windows\Tasks
2014-04-19 18:15:37 ----D---- C:\Windows\system32\CodeIntegrity
2014-04-19 18:15:17 ----D---- C:\Windows\system32\restore
2014-04-19 18:07:26 ----D---- C:\Windows\system32\wdi
2014-04-19 18:06:01 ----SHD---- C:\$Recycle.Bin
2014-04-19 18:05:49 ----RD---- C:\Users
2014-04-19 18:04:11 ----D---- C:\Program Files\Windows NT
2014-04-19 18:03:02 ----D---- C:\Windows\rescache
2014-04-19 17:59:20 ----D---- C:\Windows\system32\sysprep
2014-04-19 17:57:28 ----D---- C:\Windows\CSC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-04-19 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-04-19 208416]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-04-19 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-04-19 1039096]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-04-19 423240]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-04-19 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-04-19 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-04-19 85328]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-04-20 119512]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-21 40392]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-04-19 50344]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-04-02 1615192]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-04-02 20541216]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-03-04 922968]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-19 257712]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-15 119408]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-04-20 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Ve složce byl jeden soubor

Kód: Vybrat vše

http://leteckaposta.cz/134556794

[Márty84]

Modrou obrazovku zpusobil wudfrd.sys , coz je systemovy ovladac http://translate.google.cz/translate?hl ... 6bih%3D770 . Mohla to byt nahoda, pokud se to nebude opakovat, neresil bych to.


Co ty vysledky testu MBAM?


Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[Perda]

Zdravím, omlouvám se, mbam jsem musel přehlédnout, tady přikládám logy, jsou dva, jelikož poprvé jsem jej včera musel předčasně vypnout, tak mi nenalezl vše.

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 20.4.2014
Čas skenování: 0:38:22
Protokol: mbamlog2.txt
Správce: Ano

Verze: 2.00.1.1004
Databáze malwaru: v2014.04.19.11
Databáze rootkitů: v2014.03.27.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Chameleon: Vypnuto

OS: Windows 7
CPU: x64
Souborový systém: NTFS
Uživatel: Trajda

Typ skenu: Sken hrozeb
Výsledek: Zrušeno
Prohledaných objektů: 36071
Uplynulý čas: 6 min, 46 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Shuriken: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 0
(No malicious items detected)

Hodnoty registru: 0
(No malicious items detected)

Data registru: 0
(No malicious items detected)

Složky: 0
(No malicious items detected)

Soubory: 1
PUP.Optional.Somoto.A, C:\Users\Trajda\AppData\Local\Temp\appshat_generic.exe, Do karantény, [e05789a34239ab8bca51929089775ea2],

Fyzické sektory: 0
(No malicious items detected)


(end)


Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 20.4.2014
Čas skenování: 1:00:16
Protokol: mbamlog1.txt
Správce: Ano

Verze: 2.00.1.1004
Databáze malwaru: v2014.04.19.11
Databáze rootkitů: v2014.03.27.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Chameleon: Vypnuto

OS: Windows 7
CPU: x64
Souborový systém: NTFS
Uživatel: Trajda

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 235924
Uplynulý čas: 8 min, 8 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Shuriken: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 0
(No malicious items detected)

Hodnoty registru: 0
(No malicious items detected)

Data registru: 0
(No malicious items detected)

Složky: 0
(No malicious items detected)

Soubory: 2
PUP.Optional.SmartTweak, C:\Users\Trajda\AppData\Local\Temp\SpeedUpMyComputer.exe, Do karantény, [2a0de24a2a51ea4c877424d93ec5d927],
PUP.Optional.Somoto, C:\Users\Trajda\AppData\Local\Temp\UpdateCheckerSetup.exe, Do karantény, [bf78dd4ffa8147ef30bc2afc33cd56aa],

Fyzické sektory: 0
(No malicious items detected)


(end)

Tady výsledek z OTL:

OTL Extras logfile created on: 20.4.2014 21:18:06 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Trajda\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,14 Gb Available Physical Memory | 53,43% Memory free
8,00 Gb Paging File | 5,97 Gb Available in Paging File | 74,72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 488,28 Gb Total Space | 454,91 Gb Free Space | 93,17% Space Free | Partition Type: NTFS
Drive D: | 443,23 Gb Total Space | 258,77 Gb Free Space | 58,38% Space Free | Partition Type: NTFS
Drive F: | 100,00 Mb Total Space | 84,74 Mb Free Space | 84,75% Space Free | Partition Type: NTFS
Drive G: | 48,73 Gb Total Space | 34,92 Gb Free Space | 71,66% Space Free | Partition Type: NTFS
Drive H: | 249,26 Gb Total Space | 41,29 Gb Free Space | 16,56% Space Free | Partition Type: NTFS

Computer Name: TRAJDA-PC | User Name: Trajda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-888568147-2282851591-2422205204-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1FB9A3AE-30E3-4E29-8B6C-1A96B8A9F831}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{436F609C-3FD1-4F0A-9251-EA511699BE80}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{4A445CE9-EA8F-46D7-A215-BF42B89CB230}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{6121119F-6DE9-4F84-BEF0-60AEDA99B811}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{924FBC1E-49E1-46F1-9C8E-D0E9DBB30ACC}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{F2B8F786-0CE2-479A-9620-0B6C8F84D46A}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 335.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 12.4.55
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 12.4.55
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.22
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}" = Splash Lite
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI - Czech
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Avast" = avast! Free Antivirus
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.0.1.1004
"Mozilla Firefox 28.0 (x86 cs)" = Mozilla Firefox 28.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 19.4.2014 13:27:52 | Computer Name = Trajda-PC | Source = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe | ID = 131073
Description =

Error - 19.4.2014 18:04:39 | Computer Name = Trajda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: update_checker.exe, verze: 4.3.0.0, časové
razítko: 0x525d9c67 Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385,
časové razítko: 0x4a5bdb3b Kód výjimky: 0xc0000005 Posun chyby: 0x00033100 ID chybujícího
procesu: 0x13cc Čas spuštění chybující aplikace: 0x01cf5c1975a38ef7 Cesta k chybující
aplikaci: C:\Users\Trajda\AppData\Local\FilesFrog Update Checker\update_checker.exe
Cesta
k chybujícímu modulu: C:\Windows\SysWOW64\ntdll.dll ID zprávy: 99b2aa2c-c80e-11e3-b7ab-001fd09510a2

Error - 19.4.2014 18:39:15 | Computer Name = Trajda-PC | Source = MsiInstaller | ID = 11704
Description =

Error - 19.4.2014 19:01:29 | Computer Name = Trajda-PC | Source = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe | ID = 131073
Description =

Error - 20.4.2014 5:10:42 | Computer Name = Trajda-PC | Source = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe | ID = 131073
Description =

[ System Events ]
Error - 19.4.2014 18:18:25 | Computer Name = Trajda-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalace se nezdařila: Instalování následující aktualizace se nezdařilo
z důvodu chyby (0x800705b4): Aktualizace zabezpečení systému Windows 7 pro systémy
na platformě x64 (KB2813170).

Error - 19.4.2014 18:18:25 | Computer Name = Trajda-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalace se nezdařila: Instalování následující aktualizace se nezdařilo
z důvodu chyby (0x800705b4): Aktualizace zabezpečení systému Windows 7 pro systémy
s procesorem x64 (KB2698365).

Error - 19.4.2014 18:18:25 | Computer Name = Trajda-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalace se nezdařila: Instalování následující aktualizace se nezdařilo
z důvodu chyby (0x800705b4): Aktualizace zabezpečení systému Windows 7 pro systémy
na platformě x64 (KB2419640).

Error - 19.4.2014 18:18:25 | Computer Name = Trajda-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalace se nezdařila: Instalování následující aktualizace se nezdařilo
z důvodu chyby (0x800705b4): Aktualizace zabezpečení systému Windows 7 pro systémy
na platformě x64 (KB2644615).

Error - 19.4.2014 18:18:25 | Computer Name = Trajda-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalace se nezdařila: Instalování následující aktualizace se nezdařilo
z důvodu chyby (0x800705b4): Aktualizace systému Windows 7 pro systémy platformy
x64 (KB2345886).

Error - 19.4.2014 18:28:53 | Computer Name = Trajda-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalace se nezdařila: Instalování následující aktualizace se nezdařilo
z důvodu chyby (0x800705b4): Aktualizace systému Windows 7 pro systémy platformy
x64 (KB979538).

Error - 19.4.2014 18:28:53 | Computer Name = Trajda-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalace se nezdařila: Instalování následující aktualizace se nezdařilo
z důvodu chyby (0x800705b4): Aktualizace zabezpečení pro rozhraní Microsoft .NET
Framework 3.5.1 v systémech Windows 7 a Windows Server 2008 R2 platformy x64 (KB2742598).

Error - 19.4.2014 18:28:53 | Computer Name = Trajda-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalace se nezdařila: Instalování následující aktualizace se nezdařilo
z důvodu chyby (0x800705b4): Aktualizace systému Windows 7 pro systémy s procesorem
x64 (KB2661254).

Error - 20.4.2014 2:37:56 | Computer Name = Trajda-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (8:35:47, ?20.?4.?2014) bylo neočekávané.

Error - 20.4.2014 2:37:59 | Computer Name = Trajda-PC | Source = BugCheck | ID = 1001
Description =


< End of report >


OTL logfile created on: 20.4.2014 21:18:06 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Trajda\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,14 Gb Available Physical Memory | 53,43% Memory free
8,00 Gb Paging File | 5,97 Gb Available in Paging File | 74,72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 488,28 Gb Total Space | 454,91 Gb Free Space | 93,17% Space Free | Partition Type: NTFS
Drive D: | 443,23 Gb Total Space | 258,77 Gb Free Space | 58,38% Space Free | Partition Type: NTFS
Drive F: | 100,00 Mb Total Space | 84,74 Mb Free Space | 84,75% Space Free | Partition Type: NTFS
Drive G: | 48,73 Gb Total Space | 34,92 Gb Free Space | 71,66% Space Free | Partition Type: NTFS
Drive H: | 249,26 Gb Total Space | 41,29 Gb Free Space | 16,56% Space Free | Partition Type: NTFS

Computer Name: TRAJDA-PC | User Name: Trajda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.04.20 21:16:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Trajda\Desktop\OTL.exe
PRC - [2014.04.19 18:17:32 | 003,873,704 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014.04.19 18:17:32 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014.04.02 15:29:05 | 002,201,032 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014.04.02 15:28:46 | 001,615,192 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014.03.04 13:32:56 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe


========== Modules (No Company Name) ==========

MOD - [2014.04.19 18:17:33 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014.04.19 18:17:32 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014.04.02 15:28:36 | 020,541,216 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014.04.19 19:56:32 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.04.02 15:28:46 | 001,615,192 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014.03.15 10:40:31 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.03.04 13:32:56 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.04.19 18:17:34 | 001,039,096 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014.04.19 18:17:34 | 000,423,240 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014.04.19 18:17:34 | 000,208,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014.04.19 18:17:34 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014.04.19 18:17:34 | 000,085,328 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014.04.19 18:17:34 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014.04.19 18:17:34 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014.04.19 18:17:34 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014.03.21 21:43:52 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-888568147-2282851591-2422205204-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-888568147-2282851591-2422205204-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-888568147-2282851591-2422205204-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2018.95
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014.04.19 18:17:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2014.04.19 18:12:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Trajda\AppData\Roaming\Mozilla\Extensions
[2014.04.20 00:23:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Trajda\AppData\Roaming\Mozilla\Firefox\Profiles\fy4epjwy.default\extensions
[2014.04.19 19:53:44 | 000,957,290 | ---- | M] () (No name found) -- C:\Users\Trajda\AppData\Roaming\Mozilla\Firefox\Profiles\fy4epjwy.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.04.19 18:11:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.04.19 18:11:58 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014.04.19 18:17:34 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CAD2E8DF-8FC8-4839-83D7-327A398442F2}: NameServer = 62.129.50.20,85.135.32.100
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.04.20 21:16:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Trajda\Desktop\OTL.exe
[2014.04.20 21:13:57 | 000,000,000 | ---D | C] -- C:\Users\Trajda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2014.04.20 21:13:56 | 000,000,000 | ---D | C] -- C:\totalcmd
[2014.04.20 21:13:56 | 000,000,000 | ---D | C] -- C:\Users\Trajda\AppData\Roaming\GHISLER
[2014.04.20 21:13:22 | 006,344,480 | ---- | C] (Ghisler Software GmbH) -- C:\Users\Trajda\Desktop\tcm850x32_64.exe
[2014.04.20 10:05:21 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.04.20 10:05:21 | 000,000,000 | ---D | C] -- C:\rsit
[2014.04.20 08:48:09 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Trajda\Desktop\HijackThis.exe
[2014.04.20 08:37:53 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2014.04.20 08:35:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2014.04.20 08:35:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2014.04.20 01:26:44 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2014.04.20 00:50:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2014.04.20 00:50:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2014.04.20 00:50:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2014.04.20 00:46:12 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.04.20 00:39:21 | 000,000,000 | ---D | C] -- C:\Users\Trajda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mirillis
[2014.04.20 00:39:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mirillis
[2014.04.20 00:29:43 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.04.20 00:29:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014.04.20 00:29:25 | 000,088,280 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014.04.20 00:29:25 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014.04.20 00:29:25 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014.04.20 00:29:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014.04.20 00:29:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.04.20 00:29:09 | 000,000,000 | ---D | C] -- C:\Users\Trajda\AppData\Local\Programs
[2014.04.20 00:18:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014.04.20 00:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014.04.19 23:51:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seznam.cz
[2014.04.19 23:51:05 | 000,000,000 | ---D | C] -- C:\Users\Trajda\AppData\Roaming\Seznam.cz
[2014.04.19 22:09:02 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2014.04.19 22:09:02 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2014.04.19 21:19:20 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2014.04.19 21:19:20 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2014.04.19 21:19:20 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2014.04.19 21:19:20 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2014.04.19 21:19:20 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2014.04.19 21:19:20 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2014.04.19 21:17:40 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2014.04.19 21:17:39 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2014.04.19 21:17:38 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2014.04.19 21:17:38 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2014.04.19 21:08:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014.04.19 20:57:31 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2014.04.19 20:57:31 | 000,022,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2014.04.19 20:45:38 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014.04.19 20:45:38 | 002,691,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014.04.19 20:45:37 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2014.04.19 20:45:37 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2014.04.19 20:45:37 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2014.04.19 20:45:37 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2014.04.19 20:44:21 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2014.04.19 20:44:21 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2014.04.19 20:44:20 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2014.04.19 20:44:18 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2014.04.19 20:44:17 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2014.04.19 20:44:17 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2014.04.19 20:44:17 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2014.04.19 20:44:17 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2014.04.19 20:44:16 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2014.04.19 20:44:16 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2014.04.19 20:44:16 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2014.04.19 20:44:16 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2014.04.19 20:44:16 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2014.04.19 20:44:06 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2014.04.19 20:44:06 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2014.04.19 20:44:00 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2014.04.19 20:44:00 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2014.04.19 20:43:56 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014.04.19 20:43:55 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014.04.19 20:43:55 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014.04.19 20:43:54 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2014.04.19 20:43:54 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2014.04.19 20:43:51 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2014.04.19 20:43:36 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2014.04.19 20:43:36 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2014.04.19 20:43:34 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2014.04.19 20:43:34 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2014.04.19 20:43:34 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2014.04.19 20:43:34 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2014.04.19 20:43:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2014.04.19 20:43:25 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2014.04.19 20:43:23 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2014.04.19 20:43:22 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2014.04.19 20:43:21 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2014.04.19 20:43:20 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2014.04.19 20:43:19 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2014.04.19 20:43:19 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2014.04.19 20:43:18 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2014.04.19 20:43:18 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2014.04.19 20:43:17 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2014.04.19 20:43:17 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2014.04.19 20:42:56 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2014.04.19 20:42:56 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2014.04.19 20:42:55 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2014.04.19 20:42:55 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2014.04.19 20:42:55 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2014.04.19 20:42:55 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2014.04.19 20:42:55 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
[2014.04.19 20:42:55 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2014.04.19 20:42:38 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2014.04.19 20:42:29 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2014.04.19 20:42:22 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2014.04.19 20:42:12 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014.04.19 20:42:11 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014.04.19 20:42:11 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014.04.19 20:42:11 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2014.04.19 20:42:08 | 002,228,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2014.04.19 20:42:07 | 002,326,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2014.04.19 20:42:07 | 001,553,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2014.04.19 20:42:07 | 001,401,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2014.04.19 20:42:06 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2014.04.19 20:42:04 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2014.04.19 20:42:04 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2014.04.19 20:42:04 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2014.04.19 20:42:04 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2014.04.19 20:42:03 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2014.04.19 20:42:03 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2014.04.19 20:42:03 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2014.04.19 20:42:02 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2014.04.19 20:42:01 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2014.04.19 20:42:01 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2014.04.19 20:42:00 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2014.04.19 20:42:00 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2014.04.19 20:41:53 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2014.04.19 20:41:53 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2014.04.19 20:41:51 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014.04.19 20:41:51 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014.04.19 20:41:50 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2014.04.19 20:41:49 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2014.04.19 20:41:48 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014.04.19 20:41:47 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2014.04.19 20:41:47 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2014.04.19 20:41:46 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2014.04.19 20:41:46 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2014.04.19 20:41:42 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2014.04.19 20:41:39 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2014.04.19 20:41:39 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2014.04.19 20:41:38 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2014.04.19 20:41:38 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2014.04.19 20:41:38 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2014.04.19 20:41:38 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2014.04.19 20:41:38 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2014.04.19 20:41:38 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2014.04.19 20:41:38 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2014.04.19 20:41:36 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014.04.19 20:41:36 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014.04.19 20:41:36 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014.04.19 20:41:36 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014.04.19 20:41:36 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014.04.19 20:41:36 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014.04.19 20:41:35 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014.04.19 20:41:35 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014.04.19 20:41:35 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014.04.19 20:41:35 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014.04.19 20:41:35 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014.04.19 20:41:35 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014.04.19 20:41:35 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014.04.19 20:41:35 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014.04.19 20:41:35 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014.04.19 20:41:35 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014.04.19 20:41:31 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2014.04.19 20:41:31 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2014.04.19 20:41:31 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2014.04.19 20:41:30 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2014.04.19 20:41:30 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2014.04.19 20:41:29 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2014.04.19 20:41:29 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2014.04.19 20:41:28 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2014.04.19 20:41:27 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2014.04.19 20:41:27 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2014.04.19 20:41:27 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2014.04.19 20:41:22 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2014.04.19 20:41:22 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2014.04.19 20:41:20 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2014.04.19 20:41:17 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014.04.19 20:41:14 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2014.04.19 20:41:14 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2014.04.19 20:41:13 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014.04.19 20:41:12 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2014.04.19 20:41:11 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2014.04.19 20:28:08 | 000,735,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.04.19 20:28:03 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014.04.19 20:28:03 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014.04.19 20:28:03 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014.04.19 20:28:03 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014.04.19 20:28:03 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014.04.19 20:28:03 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014.04.19 20:28:02 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014.04.19 20:28:02 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014.04.19 20:28:02 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.04.19 20:28:02 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.04.19 20:28:02 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014.04.19 20:28:02 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014.04.19 20:28:01 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014.04.19 20:28:01 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014.04.19 20:27:56 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2014.04.19 20:27:55 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2014.04.19 20:27:55 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2014.04.19 20:27:55 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2014.04.19 20:27:55 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2014.04.19 20:27:55 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2014.04.19 20:27:55 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2014.04.19 20:27:55 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2014.04.19 20:27:55 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2014.04.19 20:27:55 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2014.04.19 20:27:55 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2014.04.19 20:27:55 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2014.04.19 20:27:55 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2014.04.19 20:27:55 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2014.04.19 20:27:54 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2014.04.19 20:27:54 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2014.04.19 20:27:54 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2014.04.19 20:27:54 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2014.04.19 20:27:54 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2014.04.19 20:27:54 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2014.04.19 20:27:54 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2014.04.19 20:27:53 | 002,745,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2014.04.19 20:27:52 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2014.04.19 20:27:52 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2014.04.19 20:27:50 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2014.04.19 20:27:50 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2014.04.19 20:27:49 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2014.04.19 20:27:49 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2014.04.19 20:27:49 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2014.04.19 20:27:49 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2014.04.19 20:27:49 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2014.04.19 20:27:49 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2014.04.19 20:26:56 | 000,287,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014.04.19 20:26:55 | 003,213,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014.04.19 20:26:46 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2014.04.19 20:26:46 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2014.04.19 20:26:44 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014.04.19 20:26:44 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014.04.19 20:26:44 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014.04.19 20:26:44 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2014.04.19 20:26:43 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2014.04.19 20:26:43 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014.04.19 20:26:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.19 20:26:42 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014.04.19 20:26:42 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014.04.19 20:26:42 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014.04.19 20:26:42 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014.04.19 20:26:42 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014.04.19 20:26:42 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.19 20:26:41 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014.04.19 20:26:40 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2014.04.19 20:26:40 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2014.04.19 20:26:40 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2014.04.19 20:26:40 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2014.04.19 20:26:40 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2014.04.19 20:26:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2014.04.19 20:26:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2014.04.19 20:26:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2014.04.19 20:26:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2014.04.19 20:26:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014.04.19 20:26:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2014.04.19 20:26:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2014.04.19 20:26:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2014.04.19 20:26:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2014.04.19 20:26:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014.04.19 20:26:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2014.04.19 20:26:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2014.04.19 20:26:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2014.04.19 20:26:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2014.04.19 20:26:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2014.04.19 20:26:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2014.04.19 20:26:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2014.04.19 20:26:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2014.04.19 20:26:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2014.04.19 20:26:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2014.04.19 20:26:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2014.04.19 20:26:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2014.04.19 20:26:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2014.04.19 20:26:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2014.04.19 20:26:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2014.04.19 20:26:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2014.04.19 20:26:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2014.04.19 20:26:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2014.04.19 20:26:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2014.04.19 20:26:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2014.04.19 20:26:38 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2014.04.19 20:26:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2014.04.19 20:26:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2014.04.19 20:26:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2014.04.19 20:26:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2014.04.19 20:26:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2014.04.19 20:26:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2014.04.19 20:26:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2014.04.19 20:26:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2014.04.19 20:26:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2014.04.19 20:26:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2014.04.19 20:26:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2014.04.19 20:26:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2014.04.19 20:26:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2014.04.19 20:26:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2014.04.19 20:26:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2014.04.19 20:26:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2014.04.19 20:26:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2014.04.19 20:26:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2014.04.19 20:26:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014.04.19 20:26:35 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014.04.19 20:26:35 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014.04.19 20:26:35 | 000,609,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.04.19 20:26:28 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2014.04.19 20:26:28 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2014.04.19 20:26:28 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2014.04.19 20:26:27 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2014.04.19 20:26:27 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2014.04.19 20:26:27 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2014.04.19 20:26:27 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2014.04.19 20:26:20 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2014.04.19 20:26:15 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2014.04.19 20:26:15 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2014.04.19 20:26:15 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2014.04.19 20:26:14 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2014.04.19 20:26:14 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2014.04.19 20:26:14 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax
[2014.04.19 20:26:14 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2014.04.19 20:26:14 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax
[2014.04.19 20:26:14 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2014.04.19 20:26:13 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
[2014.04.19 20:26:12 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2014.04.19 20:26:12 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2014.04.19 20:26:09 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2014.04.19 20:26:04 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2014.04.19 20:26:04 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2014.04.19 20:26:00 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2014.04.19 20:25:44 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2014.04.19 20:25:42 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2014.04.19 20:25:40 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2014.04.19 20:25:40 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2014.04.19 20:25:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2014.04.19 20:25:38 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2014.04.19 20:25:38 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2014.04.19 20:25:36 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2014.04.19 20:25:36 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2014.04.19 20:25:26 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2014.04.19 20:25:26 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2014.04.19 20:25:25 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2014.04.19 20:25:25 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2014.04.19 20:25:00 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2014.04.19 20:24:59 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2014.04.19 20:24:56 | 000,634,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2014.04.19 20:24:54 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2014.04.19 20:24:51 | 005,497,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014.04.19 20:24:49 | 003,958,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014.04.19 20:24:49 | 003,902,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014.04.19 20:24:48 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2014.04.19 20:24:48 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2014.04.19 20:24:48 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2014.04.19 20:24:29 | 001,462,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2014.04.19 20:24:28 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2014.04.19 20:24:19 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2014.04.19 20:24:19 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2014.04.19 20:24:15 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2014.04.19 20:24:13 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2014.04.19 20:24:13 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2014.04.19 20:23:46 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2014.04.19 20:23:44 | 000,956,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2014.04.19 20:23:29 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2014.04.19 20:23:29 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2014.04.19 20:14:32 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014.04.19 20:14:32 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014.04.19 20:13:31 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2014.04.19 20:13:30 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2014.04.19 20:13:29 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2014.04.19 20:13:29 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2014.04.19 20:08:09 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2014.04.19 20:08:09 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2014.04.19 20:08:09 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2014.04.19 20:08:09 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2014.04.19 20:08:08 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2014.04.19 20:08:08 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2014.04.19 20:08:08 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2014.04.19 20:08:08 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2014.04.19 20:08:07 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2014.04.19 20:08:07 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2014.04.19 20:08:06 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2014.04.19 20:08:06 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2014.04.19 20:08:06 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2014.04.19 20:08:06 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2014.04.19 20:08:05 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2014.04.19 20:08:05 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2014.04.19 20:08:05 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2014.04.19 20:08:05 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2014.04.19 20:08:03 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2014.04.19 20:08:03 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2014.04.19 20:08:03 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2014.04.19 20:08:03 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2014.04.19 20:08:02 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2014.04.19 20:08:02 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2014.04.19 20:08:01 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2014.04.19 20:08:01 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2014.04.19 20:08:00 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2014.04.19 20:08:00 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2014.04.19 20:08:00 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2014.04.19 20:08:00 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2014.04.19 20:07:59 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2014.04.19 20:07:59 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2014.04.19 20:07:58 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2014.04.19 20:07:58 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2014.04.19 20:07:58 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2014.04.19 20:07:58 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2014.04.19 20:07:57 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2014.04.19 20:07:57 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2014.04.19 20:07:56 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2014.04.19 20:07:56 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2014.04.19 20:07:56 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2014.04.19 20:07:56 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2014.04.19 20:07:56 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2014.04.19 20:07:56 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2014.04.19 20:07:55 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2014.04.19 20:07:55 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2014.04.19 20:07:54 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2014.04.19 20:07:54 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2014.04.19 20:07:54 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2014.04.19 20:07:54 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2014.04.19 20:07:53 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2014.04.19 20:07:53 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2014.04.19 20:07:53 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2014.04.19 20:07:53 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2014.04.19 20:07:53 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2014.04.19 20:07:53 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2014.04.19 20:07:51 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2014.04.19 20:07:51 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2014.04.19 20:07:51 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2014.04.19 20:07:51 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2014.04.19 20:07:50 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2014.04.19 20:07:50 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2014.04.19 20:07:50 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2014.04.19 20:07:50 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2014.04.19 20:07:50 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2014.04.19 20:07:50 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2014.04.19 20:07:49 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2014.04.19 20:07:49 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2014.04.19 20:07:49 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2014.04.19 20:07:49 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2014.04.19 20:07:48 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2014.04.19 20:07:48 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2014.04.19 20:07:47 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2014.04.19 20:07:47 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2014.04.19 20:07:47 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2014.04.19 20:07:47 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2014.04.19 20:07:47 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2014.04.19 20:07:47 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2014.04.19 20:07:46 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2014.04.19 20:07:46 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2014.04.19 20:07:45 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2014.04.19 20:07:45 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2014.04.19 20:07:45 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2014.04.19 20:07:45 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2014.04.19 20:07:45 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2014.04.19 20:07:45 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2014.04.19 20:07:44 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2014.04.19 20:07:44 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2014.04.19 20:07:43 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2014.04.19 20:07:43 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2014.04.19 20:07:41 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2014.04.19 20:07:41 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2014.04.19 20:07:41 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2014.04.19 20:07:41 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2014.04.19 20:07:41 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2014.04.19 20:07:41 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2014.04.19 20:07:40 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2014.04.19 20:07:40 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2014.04.19 20:07:38 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2014.04.19 20:07:38 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2014.04.19 20:07:37 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2014.04.19 20:07:37 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2014.04.19 20:07:37 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2014.04.19 20:07:37 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2014.04.19 20:07:36 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2014.04.19 20:07:36 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2014.04.19 20:07:35 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2014.04.19 20:07:35 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2014.04.19 20:07:35 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2014.04.19 20:07:35 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2014.04.19 20:07:34 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2014.04.19 20:07:34 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2014.04.19 20:07:33 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2014.04.19 20:07:33 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2014.04.19 20:07:32 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2014.04.19 20:07:32 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2014.04.19 20:07:32 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2014.04.19 20:07:32 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2014.04.19 20:07:31 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2014.04.19 20:07:31 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2014.04.19 20:07:31 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2014.04.19 20:07:31 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2014.04.19 20:07:31 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2014.04.19 20:07:31 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2014.04.19 20:07:30 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2014.04.19 20:07:30 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2014.04.19 20:07:29 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2014.04.19 20:07:29 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2014.04.19 20:07:27 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2014.04.19 20:07:27 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2014.04.19 20:07:27 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2014.04.19 20:07:27 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2014.04.19 20:07:26 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2014.04.19 20:07:26 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2014.04.19 20:07:25 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2014.04.19 20:07:25 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2014.04.19 20:07:24 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2014.04.19 20:07:24 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2014.04.19 20:07:24 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2014.04.19 20:07:24 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2014.04.19 20:07:23 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2014.04.19 20:07:23 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2014.04.19 20:07:22 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2014.04.19 20:07:22 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2014.04.19 20:07:22 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2014.04.19 20:07:22 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2014.04.19 20:07:21 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2014.04.19 20:07:21 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2014.04.19 20:07:20 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2014.04.19 20:07:20 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2014.04.19 20:07:19 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2014.04.19 20:07:19 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2014.04.19 20:07:18 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2014.04.19 20:07:18 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2014.04.19 20:07:18 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2014.04.19 20:07:18 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2014.04.19 20:07:17 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2014.04.19 20:07:17 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2014.04.19 20:07:12 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2014.04.19 20:07:12 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2014.04.19 20:07:12 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2014.04.19 20:07:12 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2014.04.19 20:07:12 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2014.04.19 20:07:12 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2014.04.19 20:07:11 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2014.04.19 20:07:11 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2014.04.19 20:07:10 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2014.04.19 20:07:10 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2014.04.19 20:07:09 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2014.04.19 20:07:09 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2014.04.19 20:07:08 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2014.04.19 20:07:08 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2014.04.19 20:07:07 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2014.04.19 20:07:07 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2014.04.19 20:07:06 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2014.04.19 20:07:06 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2014.04.19 20:06:56 | 004,787,368 | ---- | C] (Piriform Ltd) -- C:\Users\Trajda\Desktop\ccsetup412.exe
[2014.04.19 20:05:30 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014.04.19 20:05:30 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014.04.19 20:05:30 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014.04.19 20:05:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2014.04.19 20:05:07 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014.04.19 20:05:07 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014.04.19 19:56:09 | 000,000,000 | ---D | C] -- C:\Users\Trajda\AppData\Local\Adobe
[2014.04.19 19:13:24 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2014.04.19 19:13:24 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2014.04.19 19:13:24 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2014.04.19 19:13:24 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2014.04.19 19:13:23 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2014.04.19 19:13:23 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2014.04.19 19:13:01 | 001,225,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2014.04.19 19:13:01 | 001,081,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014.04.19 19:12:16 | 000,000,000 | ---D | C] -- C:\Users\Trajda\AppData\Local\NVIDIA Corporation
[2014.04.19 19:12:00 | 000,040,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014.04.19 19:12:00 | 000,037,320 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2014.04.19 19:12:00 | 000,033,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014.04.19 18:55:48 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2014.04.19 18:55:45 | 000,000,000 | ---D | C] -- C:\Users\Trajda\AppData\Local\NVIDIA
[2014.04.19 18:55:42 | 000,000,000 | -HSD | C] -- C:\Boot
[2014.04.19 18:55:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2014.04.19 18:55:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014.04.19 18:54:50 | 000,599,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2014.04.19 18:54:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2014.04.19 18:54:33 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2014.04.19 18:54:25 | 006,714,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2014.04.19 18:54:25 | 003,497,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2014.04.19 18:54:25 | 000,386,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2014.04.19 18:54:25 | 000,064,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2014.04.19 18:54:05 | 000,062,408 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2014.04.19 18:54:05 | 000,054,216 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2014.04.19 18:53:48 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2014.04.19 18:46:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2014.04.19 18:45:59 | 000,000,000 | -HSD | C] -- C:\Windows\Installer

[Perda]

[2014.04.19 18:45:35 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2014.04.19 18:45:35 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2014.04.19 18:45:35 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2014.04.19 18:45:35 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2014.04.19 18:45:35 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2014.04.19 18:45:35 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2014.04.19 18:45:35 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2014.04.19 18:45:35 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2014.04.19 18:44:30 | 031,474,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014.04.19 18:44:30 | 023,716,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014.04.19 18:44:30 | 015,783,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014.04.19 18:44:30 | 014,709,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014.04.19 18:44:30 | 011,636,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014.04.19 18:44:30 | 011,589,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014.04.19 18:44:30 | 009,690,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014.04.19 18:44:30 | 003,143,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014.04.19 18:44:30 | 002,958,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014.04.19 18:44:30 | 002,783,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014.04.19 18:44:30 | 002,411,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014.04.19 18:44:30 | 001,885,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433523.dll
[2014.04.19 18:44:30 | 001,516,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433523.dll
[2014.04.19 18:44:30 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014.04.19 18:44:30 | 000,877,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014.04.19 18:44:30 | 000,863,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014.04.19 18:44:30 | 000,846,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014.04.19 18:44:29 | 025,255,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014.04.19 18:44:29 | 017,561,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014.04.19 18:44:29 | 009,728,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014.04.19 18:44:29 | 003,093,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2014.04.19 18:44:29 | 002,715,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2014.04.19 18:33:09 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2014.04.19 18:29:11 | 000,000,000 | ---D | C] -- C:\Users\Trajda\AppData\Roaming\Macromedia
[2014.04.19 18:29:11 | 000,000,000 | ---D | C] -- C:\Users\Trajda\AppData\Local\Macromedia
[2014.04.19 18:29:11 | 000,000,000 | ---D | C] -- C:\Users\Trajda\AppData\Roaming\Adobe
[2014.04.19 18:29:04 | 000,692,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.04.19 18:29:04 | 000,070,832 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.04.19 18:29:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2014.04.19 18:29:00 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2014.04.19 18:17:56 | 000,000,000 | ---D | C] -- C:\Users\Trajda\AppData\Roaming\AVAST Software
[2014.04.19 18:17:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014.04.19 18:17:39 | 000,085,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014.04.19 18:17:38 | 001,039,096 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014.04.19 18:17:38 | 000,423,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014.04.19 18:17:37 | 000,079,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014.04.19 18:17:36 | 000,093,568 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014.04.19 18:17:35 | 000,334,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014.04.19 18:17:33 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.04.19 18:15:27 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014.04.19 18:13:25 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014.04.19 18:12:03 | 000,000,000 | ---D | C] -- C:\Users\Trajda\AppData\Roaming\Mozilla
[2014.04.19 18:12:03 | 000,000,000 | ---D | C] -- C:\Users\Trajda\AppData\Local\Mozilla
[2014.04.19 18:11:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014.04.19 18:11:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014.04.19 18:11:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014.04.19 18:06:11 | 000,000,000 | R--D | C] -- C:\Users\Trajda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014.04.19 18:06:11 | 000,000,000 | R--D | C] -- C:\Users\Trajda\Searches
[2014.04.19 18:06:11 | 000,000,000 | R--D | C] -- C:\Users\Trajda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014.04.19 18:06:03 | 000,000,000 | ---D | C] -- C:\Users\Trajda\AppData\Roaming\Identities
[2014.04.19 18:06:01 | 000,000,000 | R--D | C] -- C:\Users\Trajda\Contacts
[2014.04.19 18:06:00 | 000,000,000 | ---D | C] -- C:\Users\Trajda\AppData\Local\VirtualStore
[2014.04.19 18:05:49 | 000,000,000 | --SD | C] -- C:\Users\Trajda\AppData\Roaming\Microsoft
[2014.04.19 18:05:49 | 000,000,000 | R--D | C] -- C:\Users\Trajda\Videos
[2014.04.19 18:05:49 | 000,000,000 | R--D | C] -- C:\Users\Trajda\Saved Games
[2014.04.19 18:05:49 | 000,000,000 | R--D | C] -- C:\Users\Trajda\Pictures
[2014.04.19 18:05:49 | 000,000,000 | R--D | C] -- C:\Users\Trajda\Music
[2014.04.19 18:05:49 | 000,000,000 | R--D | C] -- C:\Users\Trajda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014.04.19 18:05:49 | 000,000,000 | R--D | C] -- C:\Users\Trajda\Links
[2014.04.19 18:05:49 | 000,000,000 | R--D | C] -- C:\Users\Trajda\Favorites
[2014.04.19 18:05:49 | 000,000,000 | R--D | C] -- C:\Users\Trajda\Downloads
[2014.04.19 18:05:49 | 000,000,000 | R--D | C] -- C:\Users\Trajda\Documents
[2014.04.19 18:05:49 | 000,000,000 | R--D | C] -- C:\Users\Trajda\Desktop
[2014.04.19 18:05:49 | 000,000,000 | R--D | C] -- C:\Users\Trajda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014.04.19 18:05:49 | 000,000,000 | -HSD | C] -- C:\Users\Trajda\AppData\Local\Temporary Internet Files
[2014.04.19 18:05:49 | 000,000,000 | -HSD | C] -- C:\Users\Trajda\Šablony
[2014.04.19 18:05:49 | 000,000,000 | -HSD | C] -- C:\Users\Trajda\Soubory cookie
[2014.04.19 18:05:49 | 000,000,000 | -HSD | C] -- C:\Users\Trajda\SendTo
[2014.04.19 18:05:49 | 000,000,000 | -HSD | C] -- C:\Users\Trajda\Poslední
[2014.04.19 18:05:49 | 000,000,000 | -HSD | C] -- C:\Users\Trajda\Okolní tiskárny
[2014.04.19 18:05:49 | 000,000,000 | -HSD | C] -- C:\Users\Trajda\Okolní síť
[2014.04.19 18:05:49 | 000,000,000 | -HSD | C] -- C:\Users\Trajda\Documents\Obrázky
[2014.04.19 18:05:49 | 000,000,000 | -HSD | C] -- C:\Users\Trajda\Nabídka Start
[2014.04.19 18:05:49 | 000,000,000 | -HSD | C] -- C:\Users\Trajda\Local Settings
[2014.04.19 18:05:49 | 000,000,000 | -HSD | C] -- C:\Users\Trajda\Documents\Hudba
[2014.04.19 18:05:49 | 000,000,000 | -HSD | C] -- C:\Users\Trajda\AppData\Local\History
[2014.04.19 18:05:49 | 000,000,000 | -HSD | C] -- C:\Users\Trajda\Documents\Filmy
[2014.04.19 18:05:49 | 000,000,000 | -HSD | C] -- C:\Users\Trajda\Dokumenty
[2014.04.19 18:05:49 | 000,000,000 | -HSD | C] -- C:\Users\Trajda\Data aplikací
[2014.04.19 18:05:49 | 000,000,000 | -HSD | C] -- C:\Users\Trajda\AppData\Local\Data aplikací
[2014.04.19 18:05:49 | 000,000,000 | -H-D | C] -- C:\Users\Trajda\AppData
[2014.04.19 18:05:49 | 000,000,000 | ---D | C] -- C:\Users\Trajda\AppData\Local\Temp
[2014.04.19 18:05:49 | 000,000,000 | ---D | C] -- C:\Users\Trajda\AppData\Local\Microsoft
[2014.04.19 18:05:49 | 000,000,000 | ---D | C] -- C:\Users\Trajda\AppData\Roaming\Media Center Programs
[2014.04.19 18:04:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Šablony
[2014.04.19 18:04:11 | 000,000,000 | -HSD | C] -- C:\Recovery
[2014.04.19 18:04:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Obrázky
[2014.04.19 18:04:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Nabídka Start
[2014.04.19 18:04:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Hudba
[2014.04.19 18:04:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Filmy
[2014.04.19 18:04:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\Plocha
[2014.04.19 18:04:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\Oblíbené položky
[2014.04.19 18:04:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2014.04.19 18:04:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\Data aplikací
[2014.04.19 18:03:38 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014.04.19 17:57:12 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014.04.19 17:56:57 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.04.20 21:20:02 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.04.20 21:18:06 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.04.20 21:16:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Trajda\Desktop\OTL.exe
[2014.04.20 21:13:58 | 000,000,646 | ---- | M] () -- C:\Users\Trajda\Desktop\Total Commander 64 bit.lnk
[2014.04.20 21:13:58 | 000,000,632 | ---- | M] () -- C:\Users\Trajda\Desktop\Total Commander.lnk
[2014.04.20 21:13:22 | 006,344,480 | ---- | M] (Ghisler Software GmbH) -- C:\Users\Trajda\Desktop\tcm850x32_64.exe
[2014.04.20 21:10:09 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.04.20 21:08:42 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.04.20 21:08:42 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.04.20 21:08:32 | 001,576,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.04.20 21:08:32 | 000,666,194 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.04.20 21:08:32 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.04.20 21:08:32 | 000,139,890 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.04.20 21:08:32 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.04.20 21:01:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.04.20 21:01:10 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2014.04.20 09:59:40 | 000,935,175 | ---- | M] () -- C:\Users\Trajda\Desktop\RSITx64.exe
[2014.04.20 08:48:09 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Trajda\Desktop\HijackThis.exe
[2014.04.20 08:37:49 | 000,276,128 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.04.20 08:37:34 | 327,396,209 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014.04.20 00:50:32 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014.04.20 00:46:01 | 001,308,369 | ---- | M] () -- C:\Users\Trajda\Desktop\adwcleaner.exe
[2014.04.20 00:39:22 | 000,002,221 | ---- | M] () -- C:\Users\Trajda\Desktop\Splash Lite.lnk
[2014.04.20 00:29:31 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.04.20 00:18:46 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.04.19 23:04:17 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014.04.19 23:01:09 | 001,554,160 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.04.19 20:06:57 | 004,787,368 | ---- | M] (Piriform Ltd) -- C:\Users\Trajda\Desktop\ccsetup412.exe
[2014.04.19 19:56:32 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.04.19 19:56:32 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.04.19 18:55:43 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2014.04.19 18:17:49 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014.04.19 18:17:34 | 001,039,096 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014.04.19 18:17:34 | 000,423,240 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014.04.19 18:17:34 | 000,334,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014.04.19 18:17:34 | 000,208,416 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014.04.19 18:17:34 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014.04.19 18:17:34 | 000,085,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014.04.19 18:17:34 | 000,079,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014.04.19 18:17:34 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014.04.19 18:17:34 | 000,029,208 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014.04.19 18:17:33 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.04.19 18:12:00 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014.04.19 18:04:15 | 000,000,012 | RHS- | M] () -- C:\win7.ld
[2014.04.19 18:04:14 | 000,203,464 | RHS- | M] () -- C:\grldr
[2014.04.19 18:00:13 | 000,061,655 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014.04.19 18:00:13 | 000,061,655 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2014.04.03 09:51:16 | 000,063,192 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014.04.03 09:51:04 | 000,088,280 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014.04.03 09:50:58 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014.04.02 15:27:17 | 001,081,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014.04.02 15:27:05 | 001,225,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2014.03.21 21:43:52 | 000,040,392 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014.03.21 21:43:50 | 000,037,320 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2014.03.21 21:43:50 | 000,033,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.04.20 21:20:02 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.04.20 21:13:58 | 000,000,646 | ---- | C] () -- C:\Users\Trajda\Desktop\Total Commander 64 bit.lnk
[2014.04.20 21:13:58 | 000,000,632 | ---- | C] () -- C:\Users\Trajda\Desktop\Total Commander.lnk
[2014.04.20 09:59:40 | 000,935,175 | ---- | C] () -- C:\Users\Trajda\Desktop\RSITx64.exe
[2014.04.20 08:37:34 | 327,396,209 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014.04.20 00:50:32 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014.04.20 00:50:32 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014.04.20 00:46:00 | 001,308,369 | ---- | C] () -- C:\Users\Trajda\Desktop\adwcleaner.exe
[2014.04.20 00:39:22 | 000,002,221 | ---- | C] () -- C:\Users\Trajda\Desktop\Splash Lite.lnk
[2014.04.20 00:29:31 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.04.20 00:18:46 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.04.19 23:04:17 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014.04.19 22:09:06 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014.04.19 21:17:38 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014.04.19 18:55:43 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2014.04.19 18:55:42 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2014.04.19 18:48:45 | 001,554,160 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.04.19 18:44:30 | 000,024,544 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2014.04.19 18:29:04 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.04.19 18:17:49 | 000,001,966 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014.04.19 18:17:38 | 000,208,416 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014.04.19 18:17:38 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014.04.19 18:17:37 | 000,029,208 | ---- | C] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014.04.19 18:12:00 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014.04.19 18:11:59 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014.04.19 18:06:17 | 000,001,409 | ---- | C] () -- C:\Users\Trajda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2014.04.19 18:06:12 | 000,001,443 | ---- | C] () -- C:\Users\Trajda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014.04.19 18:04:15 | 000,000,012 | RHS- | C] () -- C:\win7.ld
[2014.04.19 18:04:14 | 000,203,464 | RHS- | C] () -- C:\grldr
[2014.04.19 17:59:54 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2014.04.19 17:59:48 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2014.04.19 17:56:57 | 3220,037,632 | -HS- | C] () -- C:\hiberfil.sys

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.04.19 18:17:56 | 000,000,000 | ---D | M] -- C:\Users\Trajda\AppData\Roaming\AVAST Software
[2014.04.20 21:13:56 | 000,000,000 | ---D | M] -- C:\Users\Trajda\AppData\Roaming\GHISLER
[2014.04.20 00:23:50 | 000,000,000 | ---D | M] -- C:\Users\Trajda\AppData\Roaming\Seznam.cz

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,002,674 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014.04.19 18:29:04 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012.06.02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012.06.02 07:32:25 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=456107D69D4EE850A559434F19EFEE65 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_d2beeccacd6d6c07\cryptsvc.dll
[2012.06.04 09:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2012.06.02 07:25:12 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=BAF19B633933A9FB4883D27D66C39E9A -- C:\Windows\SysNative\cryptsvc.dll
[2012.06.02 07:25:12 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=BAF19B633933A9FB4883D27D66C39E9A -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_d22a7e2db457eb07\cryptsvc.dll
[2012.06.02 06:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2012.06.02 06:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\SysWOW64\cryptsvc.dll
[2012.06.02 06:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll

< MD5 for: IASTORV.SYS >
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2011.11.17 09:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\SysNative\lsass.exe
[2011.11.17 09:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe
[2011.11.17 09:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_02756f8b7653d554\lsass.exe
[2012.06.04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2012.06.02 07:30:31 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=BF63CE11A25F3509129888710D5111FC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_0309de288f695654\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 08:42:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D21BD47E528CD62E79311FB5DF0150E6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe

< MD5 for: NDIS.SYS >
[2010.11.20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\drivers\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 08:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 08:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\drivers\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2013.03.19 04:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013.03.19 05:20:12 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=7180204786A9DED8723B2D8CF3CDD388 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.21490_none_08a94e494c0cfd0a\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013.03.19 05:19:03 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=FA64733BD65F52712F0545F56FDB4BE6 -- C:\Windows\SysNative\smss.exe
[2013.03.19 05:19:03 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=FA64733BD65F52712F0545F56FDB4BE6 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.17273_none_0838504e32dc743c\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2014.04.03 09:49:02 | 000,742,200 | ---- | M] (MalwareBytes) MD5=96820649733BFB2B0499C371904B7B40 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2013.01.04 07:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.01.04 07:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2013.01.03 07:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2014.04.03 09:49:02 | 000,742,200 | ---- | M] (MalwareBytes) MD5=96820649733BFB2B0499C371904B7B40 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\SysNative\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[10 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.04.19 18:29:11 | 000,000,000 | ---D | M] -- C:\Users\Trajda\AppData\Roaming\Adobe
[2014.04.19 18:17:56 | 000,000,000 | ---D | M] -- C:\Users\Trajda\AppData\Roaming\AVAST Software
[2014.04.20 21:13:56 | 000,000,000 | ---D | M] -- C:\Users\Trajda\AppData\Roaming\GHISLER
[2014.04.19 18:06:03 | 000,000,000 | ---D | M] -- C:\Users\Trajda\AppData\Roaming\Identities
[2014.04.19 18:29:11 | 000,000,000 | ---D | M] -- C:\Users\Trajda\AppData\Roaming\Macromedia
[2009.07.14 17:36:38 | 000,000,000 | ---D | M] -- C:\Users\Trajda\AppData\Roaming\Media Center Programs
[2014.04.20 00:39:21 | 000,000,000 | --SD | M] -- C:\Users\Trajda\AppData\Roaming\Microsoft
[2014.04.19 18:12:10 | 000,000,000 | ---D | M] -- C:\Users\Trajda\AppData\Roaming\Mozilla
[2014.04.20 00:23:50 | 000,000,000 | ---D | M] -- C:\Users\Trajda\AppData\Roaming\Seznam.cz

< %APPDATA%\*.exe /s >
[2014.04.20 00:39:21 | 000,087,182 | R--- | M] () -- C:\Users\Trajda\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_1E02B3D8732010A792DC8B.exe
[2014.04.20 00:39:21 | 000,287,934 | R--- | M] () -- C:\Users\Trajda\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_21F3885A18D238E15AAE81.exe
[2014.04.20 00:39:21 | 000,009,662 | R--- | M] () -- C:\Users\Trajda\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_246B7FAFA01C01007FB902.exe
[2014.04.20 00:39:21 | 000,287,934 | R--- | M] () -- C:\Users\Trajda\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_415493353D745EEA216D94.exe
[2014.04.20 00:39:21 | 000,287,934 | R--- | M] () -- C:\Users\Trajda\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_6FEFF9B68218417F98F549.exe
[2014.04.20 00:39:21 | 000,287,934 | R--- | M] () -- C:\Users\Trajda\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_806048DC66200FE6D24FF3.exe
[2014.04.20 00:39:21 | 000,287,934 | R--- | M] () -- C:\Users\Trajda\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_85972F4A73DF7EADFBAFC2.exe
[2014.04.20 00:39:21 | 000,287,934 | R--- | M] () -- C:\Users\Trajda\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_934312A2105DE40686D86A.exe
[2014.04.20 00:39:21 | 000,287,934 | R--- | M] () -- C:\Users\Trajda\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_A753214149FB4F8721C1CB.exe
[2014.04.20 00:39:21 | 000,287,934 | R--- | M] () -- C:\Users\Trajda\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_A7A1F24988209FFD6FF84A.exe
[2014.04.20 00:39:21 | 000,287,934 | R--- | M] () -- C:\Users\Trajda\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_C7EFEC170C2E3BE8B9D183.exe
[2014.04.20 00:39:21 | 000,087,182 | R--- | M] () -- C:\Users\Trajda\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_CD4379F87D44764E06955C.exe
[2014.04.20 00:39:21 | 000,287,934 | R--- | M] () -- C:\Users\Trajda\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_CF15DB293FB3ABD44856FB.exe
[2014.04.20 00:39:21 | 000,087,182 | R--- | M] () -- C:\Users\Trajda\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_D4C7A5EF0F1F16C57632A3.exe
[2014.04.20 00:39:21 | 000,287,934 | R--- | M] () -- C:\Users\Trajda\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_D707CE1C009F1381803C2C.exe
[2014.04.20 00:39:21 | 000,087,182 | R--- | M] () -- C:\Users\Trajda\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_D85B0F2A1AA7F32C8CDCDF.exe
[2014.04.20 00:39:21 | 000,287,934 | R--- | M] () -- C:\Users\Trajda\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_FD8B6BA922FF5C34868F02.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.04.19 19:56:32 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2014.04.19 19:56:32 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2014.04.19 18:00:13 | 000,061,655 | ---- | M] () -- C:\Windows\system32\license.rtf
[2014.04.19 23:01:09 | 001,554,160 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.07.14 03:39:41 | 001,475,072 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.04.20 21:20:02 | 000,000,512 | ---- | M] () MD5=63DE4B8F0705BB48E7961043B51EB344 -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2014.04.02 15:27:35 | 001,170,376 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2013.12.20 01:37:56 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.12.20 01:37:56 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013.12.20 01:37:44 | 000,073,536 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.12.20 01:37:44 | 000,080,704 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2014.04.19 18:17:32 | 000,072,480 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2014.04.19 18:17:32 | 000,085,888 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2014.02.05 11:31:23 | 001,169,184 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{2BD51D5E-5DEA-4957-99A6-ED0BC5B8AB78}\ExtensionLoader.dll
[2014.04.02 15:27:35 | 001,170,376 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{CBE2CCB7-8B18-4858-AE66-1A844F850333}\ExtensionLoader.dll
[2014.04.20 00:49:37 | 000,000,723 | ---- | M] () -- \Users\Trajda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\20GS3WC7\downloaderror[1].js
[2014.04.20 00:49:37 | 000,001,174 | ---- | M] () -- \Users\Trajda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UCH8P2OM\downloader[1].js
[2014.04.19 23:51:56 | 011,556,240 | ---- | M] () -- \Users\Trajda\AppData\Local\Temp\SplashLite_downloader.exe
[26 \Users\Trajda\AppData\Local\Temp\*.tmp files -> \Users\Trajda\AppData\Local\Temp\*.tmp -> ]
[2014.04.02 15:27:35 | 001,170,376 | ---- | M] () -- \Users\Trajda\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\12.4.55.0\GFExperience\ExtensionLoader.dll
[2014.04.19 18:25:12 | 000,014,018 | ---- | M] () -- \Windows\Prefetch\ASWWRCIELOADER32.EXE-F211C07F.pf
[2014.04.19 18:17:46 | 000,010,754 | ---- | M] () -- \Windows\Prefetch\ASWWRCIELOADER64.EXE-49148940.pf
[2014.04.19 18:04:22 | 000,040,056 | ---- | M] () -- \Windows\Prefetch\WINDOWS7LOADER.EXE-0B42C00F.pf
[2009.07.14 14:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2010.11.20 12:09:38 | 000,004,290 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_fi-fi_73a52105efe44483.manifest
[2010.11.20 14:33:18 | 000,004,338 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_344529e2e1c53ac6.manifest
[2012.10.04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\1eeeafda1c58ef6e778ff768f9a94a6f\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\1eeeafda1c58ef6e778ff768f9a94a6f\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.02.05 15:09:50 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_9c05f879842e1792.manifest
[2011.02.05 15:05:03 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_9c6455949d6c2720.manifest
[2011.02.05 19:34:40 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_9deb553581556a27.manifest
[2011.02.05 15:10:12 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_9e73f1b69a73f09a.manifest
[2013.01.04 06:43:53 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.01.04 06:43:53 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:41:11 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:26:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 16:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2014.04.20 01:07:10 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2014.04.20 01:07:10 | 000,640,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winload.efi_75834aa0
[2014.04.20 01:07:10 | 000,603,976 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winload.exe_75835076
[2014.04.20 01:07:10 | 000,556,928 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winresume.efi_85cd069f
[2014.04.20 01:07:10 | 000,518,160 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2012.10.06 12:54:25 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012.10.06 12:53:00 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.07.14 17:17:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.06 12:54:25 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.04.19 22:48:22 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\39e53f507d9cbc5c10a2f47c4b0d09dd\System.Runtime.Serialization.ni.dll
[2014.04.20 08:47:48 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\428143857fa1c250d50ec55132dd8a2f\System.Runtime.Serialization.ni.dll
[2014.04.19 22:47:53 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d57d865568209a71d63739fa448ed6df\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.04.20 08:46:38 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\eb60d17f642ddd80e019687c1e02ba17\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.04.19 22:28:12 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\12aaff696a0c54773664b4c5407deaa2\System.Runtime.Serialization.ni.dll
[2014.04.20 08:41:25 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\b61f892f0a2316a04d2355110baa18d7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.04.20 08:48:21 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\cb489f4e0c2d28c567473c2cf7625e99\System.Runtime.Serialization.ni.dll
[2014.04.19 22:27:11 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\d0c6d3aadce1e38bbcb06905e132a503\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.04.20 00:16:58 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\77abf1693d291d374b58ffbbfe36d4dd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.04.20 00:16:22 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\910fe53ec2122cf3a2ad11c2b2f5cbfd\System.Runtime.Serialization.ni.dll
[2014.04.20 01:11:10 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\058c3947c450591cb81643529cfd5ca7\System.Xml.Serialization.ni.dll
[2014.04.20 01:15:40 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\a3a3ccd41789ba4eb01f51db6c508222\System.Runtime.Serialization.ni.dll
[2014.04.20 01:17:26 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\c79d7323e38d906c09917fe1d40b2ad7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.04.20 01:22:18 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\7711bba76f0bf9a22deaa8bb2e09bb16\System.Xml.Serialization.ni.dll
[2014.04.19 18:50:07 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.04.19 22:57:25 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2014.04.19 18:50:06 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2014.04.19 22:57:24 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.04.19 22:57:29 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 17:17:21 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.06 12:54:26 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 17:17:19 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.06 12:53:01 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2010.11.20 05:55:00 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_hu-hu_1778ab4419ab99ad.manifest
[2010.11.20 05:50:38 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_nl-nl_28520112cd09eae9.manifest
[2010.11.20 05:54:56 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_sv-se_0bbde5ad62777806.manifest
[2010.11.20 06:45:14 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_zh-cn_493a46a2345c6076.manifest
[2010.11.20 06:43:54 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\19b53483b79dbd4efbf89b4fc7b270d4\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_zh-tw_48d9179c34a52b86.manifest
[2012.10.06 22:21:19 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_ar-sa_da88077b472a2e15.manifest
[2012.10.06 22:23:12 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_da-dk_624b45bba15a625c.manifest
[2012.10.06 19:58:29 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_de-de_6290266ba1262012.manifest
[2012.10.06 22:26:12 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_el-gr_8f75741bbf791474.manifest
[2012.10.06 20:17:26 | 000,000,531 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_en-us_8f6cbf57bf7f3b35.manifest
[2012.10.06 22:21:09 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_es-es_8f71a269bf7ae778.manifest
[2012.10.06 22:25:26 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_fi-fi_bd3e9597dd22b01e.manifest
[2012.10.06 20:22:01 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_fr-fr_bce648e5dd638fa6.manifest
[2012.10.06 22:29:10 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_he-il_17efd446191e56a8.manifest
[2012.10.06 22:45:43 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_hu-hu_179e87b41958ea6a.manifest
[2012.10.06 22:43:45 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_it-it_45132e3037419298.manifest
[2012.10.06 21:09:21 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_ja-jp_72963f3c55221ed5.manifest
[2012.10.06 21:08:31 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_ko-kr_9ff97a4a731596ef.manifest
[2012.10.06 22:26:16 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_nb-no_284d6adaccd89213.manifest
[2012.10.06 22:40:36 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_nl-nl_2877dd82ccb73ba6.manifest
[2012.10.06 22:46:10 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_pl-pl_834d8b370896f692.manifest
[2012.10.06 22:24:57 | 000,001,635 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_pt-br_8314936b08c090ce.manifest
[2012.10.06 22:40:29 | 000,001,632 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_pt-pt_82ff0e2708d0a0d2.manifest
[2012.10.06 22:34:25 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_ru-ru_ddcaec3944b79106.manifest
[2012.10.06 22:49:44 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_sv-se_0be3c21d6224c8c3.manifest
[2012.10.06 22:49:51 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_tr-tr_38be08d38081ac1a.manifest
[2012.10.06 21:22:18 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_zh-cn_496023123409b133.manifest
[2012.10.06 21:08:05 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_zh-tw_48fef40c34527c43.manifest
[2012.10.06 23:30:46 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_ar-sa_c3ba49cf60d1a80d.manifest
[2012.10.06 23:30:50 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_da-dk_4b7d880fbb01dc54.manifest
[2012.10.06 20:17:45 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_de-de_4bc268bfbacd9a0a.manifest
[2012.10.06 23:30:50 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_el-gr_78a7b66fd9208e6c.manifest
[2012.10.06 20:18:44 | 000,000,531 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_en-us_789f01abd926b52d.manifest
[2012.10.06 23:28:38 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_es-es_78a3e4bdd9226170.manifest
[2012.10.06 23:30:47 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_fi-fi_a670d7ebf6ca2a16.manifest
[2012.10.06 20:02:41 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_fr-fr_a6188b39f70b099e.manifest
[2012.10.06 23:30:53 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_he-il_0122169a32c5d0a0.manifest
[2012.10.07 00:17:29 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_hu-hu_00d0ca0833006462.manifest
[2012.10.07 00:13:25 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_it-it_2e45708450e90c90.manifest
[2012.10.06 21:14:51 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_ja-jp_5bc881906ec998cd.manifest
[2012.10.06 21:00:18 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_ko-kr_892bbc9e8cbd10e7.manifest
[2012.10.06 23:29:24 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_nb-no_117fad2ee6800c0b.manifest
[2012.10.07 00:21:44 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_nl-nl_11aa1fd6e65eb59e.manifest
[2012.10.07 00:08:03 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_pl-pl_6c7fcd8b223e708a.manifest
[2012.10.06 23:27:40 | 000,001,635 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_pt-br_6c46d5bf22680ac6.manifest
[2012.10.07 00:20:45 | 000,001,632 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_pt-pt_6c31507b22781aca.manifest
[2012.10.06 23:32:55 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_ru-ru_c6fd2e8d5e5f0afe.manifest
[2012.10.07 00:09:28 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_sv-se_f51604717bcc42bb.manifest
[2012.10.07 00:05:27 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_tr-tr_21f04b279a292612.manifest
[2012.10.06 21:20:02 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_zh-cn_329265664db12b2b.manifest
[2012.10.06 21:04:52 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9c245dfc9608f41c5e42ef2fdc96e506\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_zh-tw_323136604df9f63b.manifest
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll

[Perda]

[2009.07.14 17:17:13 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.07.14 17:17:13 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009.07.14 17:17:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 03:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.14 17:17:22 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2009.07.14 17:17:25 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 22:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2012.10.06 12:53:01 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.17136_none_593e9c4e749147df\System.Runtime.Serialization.dll
[2012.10.06 12:56:09 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.21337_none_4270dea28e38c1d7\System.Runtime.Serialization.dll
[2010.11.05 03:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2009.06.10 22:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2012.10.06 12:53:00 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_9415a918c8894278\System.Runtime.Serialization.dll
[2012.10.06 12:56:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_7d47eb6ce230bc70\System.Runtime.Serialization.dll
[2010.11.05 03:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2014.04.20 01:07:10 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2014.04.20 01:07:10 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933_kdcom.dll_db5e7744
[2009.07.14 17:17:49 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009.07.14 17:17:47 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 15:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 15:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 04:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2012.10.06 20:44:48 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.17136_none_593e9c4e749147df.manifest
[2012.10.06 21:00:33 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.21337_none_4270dea28e38c1d7.manifest
[2010.11.20 06:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2009.07.14 04:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2012.10.06 20:46:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_9415a918c8894278.manifest
[2012.10.06 21:01:29 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_7d47eb6ce230bc70.manifest
[2010.11.20 06:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2009.07.14 03:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2012.10.06 20:07:20 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.17136_none_a6a4fe887487d009.manifest
[2012.10.06 20:58:54 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.21337_none_8fd740dc8e2f4a01.manifest
[2010.11.20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2009.07.14 17:16:38 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.06 22:42:01 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_cs-cz_3450454183d3f023.manifest
[2012.10.07 00:05:03 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_cs-cz_1d8287959d7b6a1b.manifest
[2009.07.14 03:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2012.10.06 20:11:48 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.17136_none_d6e834229c2ed13c.manifest
[2012.10.06 21:03:01 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.21337_none_c01a7676b5d64b34.manifest
[2010.11.20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2009.07.14 03:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2012.10.06 20:09:38 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_dbc2dfefdd056b7e.manifest
[2012.10.06 21:00:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_c4f52243f6ace576.manifest
[2010.11.20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 17:17:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2012.10.06 12:54:26 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.17136_none_a6a4fe887487d009\System.Runtime.Serialization.dll
[2012.10.06 12:57:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.21337_none_8fd740dc8e2f4a01\System.Runtime.Serialization.dll
[2010.11.05 03:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_cs-cz_3450454183d3f023\System.RunTime.Serialization.Resources.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_cs-cz_1d8287959d7b6a1b\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2012.10.06 12:54:25 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.17136_none_d6e834229c2ed13c\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.21337_none_c01a7676b5d64b34\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2009.07.14 17:17:21 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 17:17:13 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2012.10.06 12:54:25 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_dbc2dfefdd056b7e\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_c4f52243f6ace576\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll

< *w7lxe* /s >
< End of report >

[Márty84]

Ty nalezy MBAM byly v TEMPech, coz jsou docasne soubory, kvuli tomu neni treba system preinstalovavat.


Akorat by me zajimalo, jak je to s legalitou systemu, ultimate neni zrovna bezna domaci verze



11.5. pro neaktivitu http://forum.viry.cz/viewtopic.php?f=12&t=123975