preventivka

Zpráva

#16 Příspěvek od **Márty84** » 18 zář 2014 15:48

e_va píše:nemáte doufám namysli počítače, že ne

Mam

Neee, klid

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

e_va · #17 Příspěvek od **e_va** » 18 zář 2014 19:34

ufff

V návodu na mbam se mi nechtěly zobrazit obrázky, tak doufám, že jsem to provedla všecko správně. Nicméně se mi nedaří najít "exportovat záznam", takže nemám ani log, asi jsem slepá. Mbam ale konstatuje "Scan completed successfully, no malicious items were detected". Takže se můžu radovat? Jo teda ještě k té radosti - dají se nějak zkontrolovat i moje flešky, které jsem nastrkala do toho cracknutého ntb? Nebo ty jsou mimo nebezpeči?

#18 Příspěvek od **Márty84** » 19 zář 2014 01:45

I flashky se daji zkontrolovat treba pomoci MBAM

Staci je pripojit, spustit MBAM a pri volbe, ktere disky zkontrolovat, vyberete i flashky.

Jinak tedy muzete MBAM odinstalovat.

Dejte novy log z RSIT.

e_va · #19 Příspěvek od **e_va** » 19 zář 2014 17:12

edit: nějak se mi ten příspěvek, koukám, rozjel. Asi s tím nedokážu nic udělat, omlouvám se

heuréka, našla jsem log ze včerejška. Flešky proskenovány, jsou též ok. Ještě koukám, že se mi v mezičase stihlo něco objevit v karanténě. Mám to smazat?

Jo a taky mám prosím otázku: po proskenování adwcleanerem přestalo fungovat takové to "start tlačítko" dole na liště, jmenuje se to tuším "pokki start menu". To ale byla původní součást windows, nebo ne? Jsem zmatena

Když na to kliknu, tak vyskočí okno, které praví: "jednotka nebo síťové připojení, na které odkazuje zástupce Pokki start menu.ink, není k dispozici. Přesvědčte se, zda je do jednotky správně vložen disk a zda je síťový prostředek dostupný. Pak akci zopakujte."

Uf, radši to sem všecko nasypu:)

1) včerejší sken celého počítače

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Scan Date: 18. 9. 2014
Scan Time: 17:06:23
Logfile: mddd.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.09.18.04
Rootkit Database: v2014.09.18.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Eva

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 553728
Time Elapsed: 3 hr, 8 min, 41 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

2) (houby tomu rozumím, takže možná je to k ničemu) Tady to první je ten karanténovaný soubor

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Detection, 19. 9. 2014 0:27:00, SYSTEM, EVA, Protection, Malware Protection, File, PUP.Optional.Monetizer, C:\Users\Eva\AppData\Local\Temp\is-9AP0T.tmp\CBStub.exe, Quarantine, [e14016d91e5d51e55044155525dddb25]
Protection, 19. 9. 2014 0:37:24, SYSTEM, EVA, Protection, Malware Protection, Starting,
Protection, 19. 9. 2014 0:37:24, SYSTEM, EVA, Protection, Malware Protection, Started,
Protection, 19. 9. 2014 0:37:24, SYSTEM, EVA, Protection, Malicious Website Protection, Starting,
Protection, 19. 9. 2014 0:37:25, SYSTEM, EVA, Protection, Malicious Website Protection, Started,
Update, 19. 9. 2014 17:27:15, SYSTEM, EVA, Scheduler, Malware Database, 2014.9.18.9, 2014.9.19.5,
Protection, 19. 9. 2014 17:27:17, SYSTEM, EVA, Protection, Refresh, Starting,
Protection, 19. 9. 2014 17:27:17, SYSTEM, EVA, Protection, Malicious Website Protection, Stopping,
Protection, 19. 9. 2014 17:27:17, SYSTEM, EVA, Protection, Malicious Website Protection, Stopped,
Protection, 19. 9. 2014 17:27:30, SYSTEM, EVA, Protection, Refresh, Success,
Protection, 19. 9. 2014 17:27:30, SYSTEM, EVA, Protection, Malicious Website Protection, Starting,
Protection, 19. 9. 2014 17:27:30, SYSTEM, EVA, Protection, Malicious Website Protection, Started,

(end)

3) nový RSIT

Logfile of random's system information tool 1.10 (written by random/random)
Run by Eva at 2014-09-19 18:05:28
Microsoft Windows 8.1
System drive C: has 223 GB (48%) free of 462 GB
Total RAM: 3978 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:05:39, on 19. 9. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17278)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\CyberLink\Face Login\YouCamService.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Windows\SysWOW64\UMonit64.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\trend micro\Eva.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com/?pc=ACJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: EgisPBIE - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files\Acer ProShield\x86\EgisPBIE.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files (x86)\CyberLink\Face Login\YouCamService.exe" /s
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-21-1320900323-2956938217-1536712739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (User '?')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @oem10.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application (DptfParticipantAcpiProcessorService) - Unknown owner - C:\Windows\system32\DptfParticipantProcessorService.exe (file missing)
O23 - Service: @oem10.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Critical Service Application (DptfPolicyCriticalService) - Unknown owner - C:\Windows\system32\DptfPolicyCriticalService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: EgisTec eLock Service (eLockServ) - Egis Technology Inc. - C:\Program Files\Common Files\EgisTec CommonModule\eLock\eLockServ.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Quick Access Service (QASvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\QASvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Quick Access RadioMgr Service (RMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: User Experience Improvement Program (UEIPSvc) - acer - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 11546 bytes

======Listing Processes======

wininit.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
C:\Windows\system32\WLANExt.exe 522239721328
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\Windows\system32\DptfParticipantProcessorService.exe
C:\Windows\system32\DptfPolicyCriticalService.exe
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files\Common Files\EgisTec CommonModule\eLock\eLockServ.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
taskhost.exe $(Arg0)
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Acer\Acer Quick Access\QASvc.exe"
"C:\Program Files\Acer\Acer Quick Access\RMSvc.exe"
"C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe"

dashost.exe {712710f6-886b-4e24-a99f3cbe90584326}

C:\Windows\System32\WinLogon.exe -SpecialSession
-hiberboot
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {9BA05972-F6A8-11CF-A442-00A0C90A8F39} -Embedding
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
C:\Windows\Explorer.EXE
C:\Windows\System32\skydrive.exe -Embedding
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
taskhostex.exe
"C:\Program Files\EgisTec IPS\PMMUpdate.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMTray.exe"
"C:\Program Files (x86)\CyberLink\Face Login\YouCamService.exe" /s
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
C:\Windows\SysWOW64\UMonit64.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6504.0.1577092202\872522363" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17 --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3408 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_57/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="6504.2.591746528\625431982" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_57/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="6504.3.206355495\692543436" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_57/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="6504.4.440200900\811613751" /prefetch:673131151
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_57/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="6504.7.1462261346\1552975610" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="6504.8.1889382994\515344914" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Windows\system32\igfxext.exe" -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe"
"C:\Program Files\Acer ProShield\EgisTSR.exe"
"C:\Program Files\Acer\Acer Quick Access\QAEvent.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Quick Access\QAMsg.exe"
"C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe" -hide
"C:\Program Files\EgisTec IPS\EgisUpdate.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-0a83de4e-25e6-45d6-8476-d827290ce12e -SystemEventPortName:HostProcess-6cfd8f41-04d1-48e8-bc28-a22ec44b966b -IoCancelEventPortName:HostProcess-26c32c99-55b2-4e55-b3ec-eece2a60c958 -NonStateChangingEventPortName:HostProcess-07639f1e-cd1d-4e11-8202-2f64bdd0cdcf -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:01e69c8e-45fe-48c7-9bba-30bdc3ab7950 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_57/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="6504.43.949601855\1583104372" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_57/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="6504.46.905373222\1831758454" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_57/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="6504.48.518485793\2098620062" /prefetch:673131151
"C:\Program Files\totalcmd\TOTALCMD.EXE"
"C:\Users\Eva\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-09-07 218776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9}]
EgisPBIE Sign-in Helper - C:\Program Files\Acer ProShield\EgisPBIE.dll [2014-02-05 721192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-09-05 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-09-07 2335960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9}]
EgisPBIE Sign-in Helper - C:\Program Files\Acer ProShield\x86\EgisPBIE.dll [2014-02-05 532264]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-09-05 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C08DF07A-3E49-4E25-9AB0-D3882835F153}]
QUICKfind BHO Object - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll [2007-02-16 457216]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-27 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-27 771568]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-27 770544]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-03-19 13672304]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2013-11-07 7818552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2014-09-17 7763736]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"YouCam Service"=C:\Program Files (x86)\CyberLink\Face Login\YouCamService.exe [2013-11-06 241416]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-09-05 4085896]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2014-07-23 134624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-16 624640]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Acer ProShield\EgisPwdFilter.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-09-19 00:27:45 ----D---- C:\ProgramData\PDF Architect 2
2014-09-18 17:02:54 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-09-18 17:02:11 ----D---- C:\ProgramData\Malwarebytes
2014-09-18 17:02:11 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-18 17:02:11 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-09-18 17:02:11 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-09-18 17:02:11 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-09-18 15:14:47 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-09-18 15:13:07 ----D---- C:\AdwCleaner
2014-09-18 14:42:10 ----D---- C:\Program Files\trend micro
2014-09-17 22:24:37 ----D---- C:\rsit
2014-09-17 22:24:37 ----D---- C:\Program Files (x86)\trend micro
2014-09-14 14:02:58 ----A---- C:\Windows\system32\drivers\msgpioclx.sys
2014-09-10 22:38:35 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-09-10 22:34:10 ----SD---- C:\Windows\system32\CompatTel
2014-09-10 22:33:58 ----RD---- C:\Windows\BrowserChoice
2014-09-10 22:05:25 ----A---- C:\Windows\system32\termsrv.dll
2014-09-10 21:46:27 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-09-10 21:46:27 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-09-10 21:46:24 ----A---- C:\Windows\system32\mshtmled.dll
2014-09-10 21:46:23 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-09-10 21:46:22 ----A---- C:\Windows\system32\iernonce.dll
2014-09-10 21:46:21 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-09-10 21:46:21 ----A---- C:\Windows\system32\vbscript.dll
2014-09-10 21:46:21 ----A---- C:\Windows\system32\jscript9diag.dll
2014-09-10 21:46:21 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 21:46:21 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 21:46:16 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-09-10 21:46:15 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-09-10 21:46:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-09-10 21:46:15 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-09-10 21:46:15 ----A---- C:\Windows\system32\msrating.dll
2014-09-10 21:46:15 ----A---- C:\Windows\system32\jsproxy.dll
2014-09-10 21:46:15 ----A---- C:\Windows\system32\dxtrans.dll
2014-09-10 21:46:15 ----A---- C:\Windows\system32\dxtmsft.dll
2014-09-10 21:46:13 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-09-10 21:46:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-09-10 21:46:13 ----A---- C:\Windows\system32\msfeeds.dll
2014-09-10 21:46:13 ----A---- C:\Windows\system32\ieUnatt.exe
2014-09-10 21:46:13 ----A---- C:\Windows\system32\iedkcs32.dll
2014-09-10 21:46:13 ----A---- C:\Windows\system32\ie4uinit.exe
2014-09-10 21:46:12 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-09-10 21:46:12 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-09-10 21:46:12 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-09-10 21:46:12 ----A---- C:\Windows\system32\iesetup.dll
2014-09-10 21:46:10 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-09-10 21:46:10 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-09-10 21:46:10 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-09-10 21:46:10 ----A---- C:\Windows\system32\ieapfltr.dll
2014-09-10 21:46:09 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-09-10 21:46:09 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-09-10 21:46:09 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-09-10 21:46:07 ----A---- C:\Windows\system32\mshtml.dll
2014-09-10 21:46:01 ----A---- C:\Windows\system32\wininet.dll
2014-09-10 21:46:00 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-09-10 21:46:00 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-09-10 21:45:59 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-09-10 21:45:59 ----A---- C:\Windows\system32\urlmon.dll
2014-09-10 21:45:59 ----A---- C:\Windows\system32\iertutil.dll
2014-09-10 21:45:56 ----A---- C:\Windows\system32\ieframe.dll
2014-09-10 21:45:55 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-09-10 21:45:53 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-09-10 21:45:53 ----A---- C:\Windows\system32\jscript9.dll
2014-09-10 21:45:52 ----A---- C:\Windows\SYSWOW64\ReInfo.dll
2014-09-10 21:45:52 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2014-09-10 21:45:52 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-09-10 21:45:49 ----A---- C:\Windows\SYSWOW64\spp.dll
2014-09-10 21:45:49 ----A---- C:\Windows\SYSWOW64\ReAgent.dll
2014-09-10 21:45:49 ----A---- C:\Windows\system32\ReInfo.dll
2014-09-10 21:45:48 ----A---- C:\Windows\SYSWOW64\dcomp.dll
2014-09-10 21:45:48 ----A---- C:\Windows\SYSWOW64\AppXDeploymentClient.dll
2014-09-10 21:45:45 ----A---- C:\Windows\system32\spp.dll
2014-09-10 21:45:45 ----A---- C:\Windows\system32\ReAgent.dll
2014-09-10 21:45:43 ----A---- C:\Windows\SYSWOW64\aclui.dll
2014-09-10 21:45:43 ----A---- C:\Windows\system32\AppXDeploymentClient.dll
2014-09-10 21:45:42 ----A---- C:\Windows\SYSWOW64\ole32.dll
2014-09-10 21:45:42 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-09-10 21:45:40 ----A---- C:\Windows\system32\msftedit.dll
2014-09-10 21:45:40 ----A---- C:\Windows\system32\dcomp.dll
2014-09-10 21:45:37 ----A---- C:\Windows\system32\aclui.dll
2014-09-10 21:45:36 ----A---- C:\Windows\system32\ole32.dll
2014-09-10 21:45:35 ----A---- C:\Windows\system32\KernelBase.dll
2014-09-10 21:45:35 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-09-10 21:45:32 ----A---- C:\Windows\SYSWOW64\wlidprov.dll
2014-09-10 21:45:31 ----A---- C:\Windows\SYSWOW64\netcfgx.dll
2014-09-10 21:45:31 ----A---- C:\Windows\system32\wlidprov.dll
2014-09-10 21:45:29 ----A---- C:\Windows\system32\netcfgx.dll
2014-09-10 21:45:26 ----A---- C:\Windows\system32\drivers\wof.sys
2014-09-10 21:45:25 ----A---- C:\Windows\system32\drivers\dfsc.sys
2014-09-10 21:45:21 ----A---- C:\Windows\system32\msxml6.dll
2014-09-10 21:45:20 ----A---- C:\Windows\SYSWOW64\explorer.exe
2014-09-10 21:45:20 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2014-09-10 21:45:20 ----A---- C:\Windows\explorer.exe
2014-09-10 21:45:19 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-09-10 21:45:18 ----A---- C:\Windows\system32\mfreadwrite.dll
2014-09-10 21:45:18 ----A---- C:\Windows\system32\kernel32.dll
2014-09-10 21:45:18 ----A---- C:\Windows\system32\kerberos.dll
2014-09-10 21:45:17 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2014-09-10 21:45:17 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-09-10 21:45:17 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-09-10 21:45:17 ----A---- C:\Windows\system32\dnsapi.dll
2014-09-10 21:45:16 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2014-09-10 21:45:14 ----A---- C:\Windows\system32\Windows.Devices.Sensors.dll
2014-09-10 21:45:14 ----A---- C:\Windows\system32\rasapi32.dll
2014-09-10 21:45:13 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Sensors.dll
2014-09-10 21:45:13 ----A---- C:\Windows\system32\netlogon.dll
2014-09-10 21:45:12 ----A---- C:\Windows\system32\SessEnv.dll
2014-09-10 21:45:12 ----A---- C:\Windows\system32\GdiPlus.dll
2014-09-10 21:45:12 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-09-10 21:45:11 ----A---- C:\Windows\system32\profsvc.dll
2014-09-10 21:45:11 ----A---- C:\Windows\system32\AppXDeploymentExtensions.dll
2014-09-10 21:45:10 ----A---- C:\Windows\SYSWOW64\rasapi32.dll
2014-09-10 21:45:10 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2014-09-10 21:45:10 ----A---- C:\Windows\system32\drivers\clfs.sys
2014-09-10 21:45:09 ----A---- C:\Windows\SYSWOW64\SessEnv.dll
2014-09-10 21:45:09 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2014-09-10 21:45:09 ----A---- C:\Windows\system32\SensorsApi.dll
2014-09-10 21:45:08 ----A---- C:\Windows\SYSWOW64\SensorsApi.dll
2014-09-10 21:45:08 ----A---- C:\Windows\system32\WsmSvc.dll
2014-09-10 21:45:07 ----A---- C:\Windows\system32\Display.dll
2014-09-10 21:45:07 ----A---- C:\Windows\system32\dafWfdProvider.dll
2014-09-10 21:45:06 ----A---- C:\Windows\SYSWOW64\Display.dll
2014-09-10 21:45:06 ----A---- C:\Windows\system32\userenv.dll
2014-09-10 21:45:06 ----A---- C:\Windows\system32\sxproxy.dll
2014-09-10 21:45:06 ----A---- C:\Windows\system32\pdh.dll
2014-09-10 21:45:06 ----A---- C:\Windows\system32\davclnt.dll
2014-09-10 21:45:06 ----A---- C:\Windows\system32\AppxAllUserStore.dll
2014-09-10 21:45:05 ----A---- C:\Windows\SYSWOW64\AppxAllUserStore.dll
2014-09-10 21:45:04 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-09-10 21:45:04 ----A---- C:\Windows\system32\wlangpui.dll
2014-09-10 21:45:03 ----A---- C:\Windows\SYSWOW64\userenv.dll
2014-09-10 21:45:03 ----A---- C:\Windows\SYSWOW64\sxproxy.dll
2014-09-10 21:45:03 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2014-09-10 21:45:03 ----A---- C:\Windows\system32\Windows.Graphics.Printing.dll
2014-09-10 21:45:02 ----AC---- C:\Windows\system32\drivers\hidusb.sys
2014-09-10 21:45:02 ----A---- C:\Windows\SYSWOW64\pdh.dll
2014-09-10 21:45:02 ----A---- C:\Windows\system32\WSDMon.dll
2014-09-10 21:45:02 ----A---- C:\Windows\system32\w32tm.exe
2014-09-10 21:45:01 ----A---- C:\Windows\SYSWOW64\wlangpui.dll
2014-09-10 21:45:01 ----A---- C:\Windows\SYSWOW64\w32tm.exe
2014-09-10 21:45:01 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2014-09-10 21:45:01 ----A---- C:\Windows\system32\CredentialMigrationHandler.dll
2014-09-10 21:45:00 ----AC---- C:\Windows\system32\drivers\hidclass.sys
2014-09-10 21:45:00 ----A---- C:\Windows\SYSWOW64\CredentialMigrationHandler.dll
2014-09-10 21:45:00 ----A---- C:\Windows\system32\Windows.Devices.Scanners.dll
2014-09-10 21:45:00 ----A---- C:\Windows\system32\RMapi.dll
2014-09-10 21:45:00 ----A---- C:\Windows\system32\LocationApi.dll
2014-09-10 21:44:59 ----A---- C:\Windows\SYSWOW64\Windows.Graphics.Printing.dll
2014-09-10 21:44:59 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Scanners.dll
2014-09-10 21:44:59 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2014-09-10 21:44:59 ----A---- C:\Windows\system32\DevPropMgr.dll
2014-09-10 21:44:58 ----A---- C:\Windows\SYSWOW64\LocationApi.dll
2014-09-10 21:44:58 ----A---- C:\Windows\system32\SetNetworkLocation.dll
2014-09-10 21:44:58 ----A---- C:\Windows\system32\fvewiz.dll
2014-09-10 21:44:57 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2014-09-10 21:44:57 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2014-09-10 21:44:56 ----A---- C:\Windows\SYSWOW64\l2gpstore.dll
2014-09-10 21:44:56 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-09-10 21:44:56 ----A---- C:\Windows\system32\l2gpstore.dll
2014-09-10 21:44:56 ----A---- C:\Windows\system32\BdeHdCfgLib.dll
2014-09-10 21:33:39 ----A---- C:\Windows\system32\MrmCoreR.dll
2014-09-10 21:33:15 ----A---- C:\Windows\system32\shell32.dll
2014-09-10 21:33:14 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2014-09-10 21:33:13 ----A---- C:\Windows\system32\mstscax.dll
2014-09-10 21:33:10 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2014-09-10 21:33:09 ----A---- C:\Windows\system32\Windows.UI.Search.dll
2014-09-10 21:33:01 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-09-10 21:32:58 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-09-10 21:32:56 ----A---- C:\Windows\system32\gpsvc.dll
2014-09-10 21:32:53 ----A---- C:\Windows\system32\wlansvc.dll
2014-09-10 21:32:50 ----A---- C:\Windows\SYSWOW64\Windows.UI.Search.dll
2014-09-10 21:32:49 ----A---- C:\Windows\system32\SettingsHandlers.dll
2014-09-10 21:32:49 ----A---- C:\Windows\system32\mfmpeg2srcsnk.dll
2014-09-10 21:32:48 ----A---- C:\Windows\system32\drivers\srv2.sys
2014-09-10 21:32:47 ----A---- C:\Windows\SYSWOW64\mfmpeg2srcsnk.dll
2014-09-10 21:32:47 ----A---- C:\Windows\system32\workfolderssvc.dll
2014-09-10 21:32:47 ----A---- C:\Windows\system32\winmde.dll
2014-09-10 21:32:46 ----AC---- C:\Windows\system32\drivers\bthport.sys
2014-09-10 21:32:46 ----A---- C:\Windows\system32\wmpmde.dll
2014-09-10 21:32:46 ----A---- C:\Windows\system32\services.exe
2014-09-10 21:32:45 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2014-09-10 21:32:45 ----A---- C:\Windows\system32\Windows.Media.Streaming.dll
2014-09-10 21:32:45 ----A---- C:\Windows\system32\GeofenceMonitorService.dll
2014-09-10 21:32:44 ----A---- C:\Windows\system32\SearchFolder.dll
2014-09-10 21:32:44 ----A---- C:\Windows\system32\drivers\nwifi.sys
2014-09-10 21:32:44 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-09-10 21:32:43 ----A---- C:\Windows\system32\MFMediaEngine.dll
2014-09-10 21:32:43 ----A---- C:\Windows\system32\drivers\srvnet.sys
2014-09-10 21:32:42 ----A---- C:\Windows\SYSWOW64\GeofenceMonitorService.dll
2014-09-10 21:32:42 ----A---- C:\Windows\system32\srvsvc.dll
2014-09-10 21:32:42 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2014-09-10 21:32:41 ----AC---- C:\Windows\system32\drivers\volsnap.sys
2014-09-10 21:32:41 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2014-09-10 21:32:41 ----A---- C:\Windows\SYSWOW64\MFMediaEngine.dll
2014-09-10 21:32:41 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-09-10 21:32:41 ----A---- C:\Windows\system32\MDEServer.exe
2014-09-10 21:32:40 ----A---- C:\Windows\SYSWOW64\winmde.dll
2014-09-10 21:32:40 ----A---- C:\Windows\system32\Windows.Media.dll
2014-09-10 21:32:40 ----A---- C:\Windows\system32\mfsvr.dll
2014-09-10 21:32:39 ----A---- C:\Windows\SYSWOW64\Windows.Media.Streaming.dll
2014-09-10 21:32:39 ----A---- C:\Windows\SYSWOW64\SearchFolder.dll
2014-09-10 21:32:38 ----A---- C:\Windows\system32\win32spl.dll
2014-09-10 21:32:38 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-09-10 21:32:37 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2014-09-10 21:32:37 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2014-09-10 21:32:37 ----A---- C:\Windows\SYSWOW64\rdpencom.dll
2014-09-10 21:32:37 ----A---- C:\Windows\system32\wlanapi.dll
2014-09-10 21:32:37 ----A---- C:\Windows\system32\rdpencom.dll
2014-09-10 21:32:37 ----A---- C:\Windows\system32\defragsvc.dll
2014-09-10 21:32:37 ----A---- C:\Windows\system32\audiosrv.dll
2014-09-10 21:32:36 ----AC---- C:\Windows\system32\drivers\hdaudbus.sys
2014-09-10 21:32:36 ----A---- C:\Windows\SYSWOW64\Windows.Media.dll
2014-09-10 21:32:36 ----A---- C:\Windows\SYSWOW64\mfsvr.dll
2014-09-10 21:32:36 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2014-09-10 21:32:36 ----A---- C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-09-10 21:32:36 ----A---- C:\Windows\system32\dwmapi.dll
2014-09-10 21:32:35 ----A---- C:\Windows\system32\ploptin.dll
2014-09-10 21:32:35 ----A---- C:\Windows\system32\MFCaptureEngine.dll
2014-09-10 21:32:35 ----A---- C:\Windows\system32\drivers\fvevol.sys
2014-09-10 21:32:35 ----A---- C:\Windows\system32\AudioEng.dll
2014-09-10 21:32:34 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-09-10 21:32:34 ----A---- C:\Windows\system32\swprv.dll
2014-09-10 21:32:34 ----A---- C:\Windows\system32\resutils.dll
2014-09-10 21:32:33 ----AC---- C:\Windows\system32\drivers\msiscsi.sys
2014-09-10 21:32:33 ----A---- C:\Windows\SYSWOW64\MFCaptureEngine.dll
2014-09-10 21:32:33 ----A---- C:\Windows\system32\wlanmsm.dll
2014-09-10 21:32:33 ----A---- C:\Windows\system32\MSVideoDSP.dll
2014-09-10 21:32:33 ----A---- C:\Windows\system32\gpapi.dll
2014-09-10 21:32:32 ----A---- C:\Windows\system32\VSSVC.exe
2014-09-10 21:32:32 ----A---- C:\Windows\system32\drivers\storport.sys
2014-09-10 21:32:32 ----A---- C:\Windows\system32\clusapi.dll
2014-09-10 21:32:31 ----A---- C:\Windows\SYSWOW64\MSVideoDSP.dll
2014-09-10 21:32:31 ----A---- C:\Windows\SYSWOW64\gpapi.dll
2014-09-10 21:32:31 ----A---- C:\Windows\system32\wscsvc.dll
2014-09-10 21:32:31 ----A---- C:\Windows\system32\rpchttp.dll
2014-09-10 21:32:30 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2014-09-10 21:32:30 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2014-09-10 21:32:25 ----AC---- C:\Windows\system32\drivers\spaceport.sys
2014-09-10 21:32:25 ----A---- C:\Windows\SYSWOW64\propsys.dll
2014-09-10 21:32:25 ----A---- C:\Windows\system32\propsys.dll
2014-09-10 21:32:25 ----A---- C:\Windows\system32\mf.dll
2014-09-10 21:32:24 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2014-09-10 21:32:24 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-09-10 21:32:24 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-09-10 21:32:24 ----A---- C:\Windows\system32\AudioSes.dll
2014-09-10 21:32:23 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-09-10 21:32:23 ----A---- C:\Windows\system32\audiodg.exe
2014-09-10 21:32:22 ----A---- C:\Windows\system32\wintrust.dll
2014-09-10 21:32:22 ----A---- C:\Windows\system32\rdvidcrl.dll
2014-09-10 21:32:22 ----A---- C:\Windows\system32\mfpmp.exe
2014-09-10 21:32:22 ----A---- C:\Windows\system32\mfplat.dll
2014-09-10 21:32:22 ----A---- C:\Windows\system32\energyprov.dll
2014-09-10 21:32:21 ----A---- C:\Windows\SYSWOW64\clusapi.dll
2014-09-10 21:32:21 ----A---- C:\Windows\system32\srcore.dll
2014-09-10 21:32:20 ----A---- C:\Windows\system32\tsgqec.dll
2014-09-10 21:32:19 ----A---- C:\Windows\SYSWOW64\resutils.dll
2014-09-10 21:32:19 ----A---- C:\Windows\system32\WorkFoldersShell.dll
2014-09-10 21:32:19 ----A---- C:\Windows\system32\tlscsp.dll
2014-09-10 21:32:18 ----A---- C:\Windows\SYSWOW64\tlscsp.dll
2014-09-10 21:32:17 ----A---- C:\Windows\system32\WorkfoldersControl.dll
2014-09-10 21:32:16 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2014-09-10 21:32:15 ----A---- C:\Windows\SYSWOW64\mispace.dll
2014-09-10 21:32:15 ----A---- C:\Windows\system32\mispace.dll
2014-09-10 21:32:15 ----A---- C:\Windows\system32\BootMenuUX.dll
2014-09-10 21:32:14 ----A---- C:\Windows\system32\wlansec.dll
2014-09-10 21:32:13 ----A---- C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-09-10 21:32:13 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2014-09-10 21:32:12 ----A---- C:\Windows\system32\srclient.dll
2014-09-10 21:32:11 ----A---- C:\Windows\system32\rstrui.exe
2014-09-10 21:32:10 ----D---- C:\Windows\system32\MRT
2014-09-10 21:32:10 ----A---- C:\Windows\SYSWOW64\Windows.Shell.Search.UriHandler.dll
2014-09-10 21:32:10 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2014-09-10 21:32:10 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-09-10 21:32:10 ----A---- C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2014-09-10 21:32:09 ----A---- C:\Windows\SYSWOW64\wlanhlp.dll
2014-09-10 21:32:09 ----A---- C:\Windows\system32\wlanhlp.dll
2014-09-10 21:31:54 ----A---- C:\Windows\system32\MRT.exe
2014-09-10 21:18:31 ----A---- C:\Windows\system32\drivers\afd.sys
2014-09-10 21:12:40 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2014-09-10 21:12:40 ----A---- C:\Windows\system32\umpnpmgr.dll
2014-09-10 21:12:40 ----A---- C:\Windows\system32\drvinst.exe
2014-09-10 21:12:40 ----A---- C:\Windows\system32\drvcfg.exe
2014-09-10 21:11:58 ----A---- C:\Windows\system32\localspl.dll
2014-09-10 21:11:57 ----A---- C:\Windows\system32\IKEEXT.DLL
2014-09-10 21:11:57 ----A---- C:\Windows\system32\d3d9.dll
2014-09-10 21:11:56 ----A---- C:\Windows\SYSWOW64\d3d9.dll
2014-09-10 21:11:56 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2014-09-10 21:11:55 ----A---- C:\Windows\system32\mfcore.dll
2014-09-10 21:11:54 ----A---- C:\Windows\SYSWOW64\mfcore.dll
2014-09-10 21:11:54 ----A---- C:\Windows\system32\BFE.DLL
2014-09-10 21:11:53 ----A---- C:\Windows\system32\vpnike.dll
2014-09-10 21:11:53 ----A---- C:\Windows\system32\dhcpcore.dll
2014-09-10 21:11:52 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-09-10 21:11:52 ----A---- C:\Windows\SYSWOW64\dhcpcore.dll
2014-09-10 21:11:52 ----A---- C:\Windows\system32\ntdll.dll
2014-09-10 21:11:52 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2014-09-10 21:11:52 ----A---- C:\Windows\system32\bdesvc.dll
2014-09-10 21:11:52 ----A---- C:\Windows\system32\actxprxy.dll
2014-09-10 21:11:51 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2014-09-10 21:11:51 ----A---- C:\Windows\system32\SkyDriveShell.dll
2014-09-10 21:11:50 ----A---- C:\Windows\SYSWOW64\SkyDriveShell.dll
2014-09-10 21:11:50 ----A---- C:\Windows\system32\nshwfp.dll
2014-09-10 21:11:50 ----A---- C:\Windows\system32\framedynos.dll
2014-09-10 21:11:49 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2014-09-10 21:11:49 ----A---- C:\Windows\SYSWOW64\framedynos.dll
2014-09-10 21:11:49 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2014-09-10 21:11:49 ----A---- C:\Windows\system32\fveapi.dll
2014-09-10 21:11:49 ----A---- C:\Windows\system32\drivers\wfplwfs.sys
2014-09-10 21:11:49 ----A---- C:\Windows\system32\dhcpcore6.dll
2014-09-10 21:11:48 ----A---- C:\Windows\system32\ncobjapi.dll
2014-09-10 21:11:48 ----A---- C:\Windows\system32\drivers\agilevpn.sys
2014-09-10 21:11:47 ----A---- C:\Windows\system32\winbici.dll
2014-09-10 21:11:47 ----A---- C:\Windows\system32\framedyn.dll
2014-09-10 21:11:47 ----A---- C:\Windows\system32\BitLockerDeviceEncryption.exe
2014-09-10 21:11:46 ----A---- C:\Windows\SYSWOW64\ncobjapi.dll
2014-09-10 21:11:46 ----A---- C:\Windows\system32\drivers\vwifimp.sys
2014-09-10 21:11:45 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2014-09-10 21:11:45 ----A---- C:\Windows\SYSWOW64\Robocopy.exe
2014-09-10 21:11:45 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2014-09-10 21:11:45 ----A---- C:\Windows\system32\WebClnt.dll
2014-09-10 21:11:45 ----A---- C:\Windows\system32\Robocopy.exe
2014-09-10 21:11:45 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2014-09-10 21:11:45 ----A---- C:\Windows\system32\dhcpcsvc.dll
2014-09-10 21:11:44 ----A---- C:\Windows\SYSWOW64\framedyn.dll
2014-09-10 21:11:44 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2014-09-10 21:11:44 ----A---- C:\Windows\SYSWOW64\dhcpcsvc.dll
2014-09-10 21:11:44 ----A---- C:\Windows\SYSWOW64\d3d8thk.dll
2014-09-10 21:11:44 ----A---- C:\Windows\system32\drivers\vwififlt.sys
2014-09-10 21:11:44 ----A---- C:\Windows\system32\BulkOperationHost.exe
2014-09-10 21:11:43 ----A---- C:\Windows\system32\srms.dat
2014-09-10 21:11:43 ----A---- C:\Windows\system32\reseteng.dll
2014-09-10 21:11:43 ----A---- C:\Windows\system32\fveapibase.dll
2014-09-10 21:04:58 ----A---- C:\Windows\system32\osk.exe
2014-09-10 21:04:56 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-09-10 21:04:54 ----A---- C:\Windows\SYSWOW64\wusa.exe
2014-09-10 21:04:54 ----A---- C:\Windows\system32\wusa.exe
2014-09-10 21:04:53 ----A---- C:\Windows\SYSWOW64\mrt100.dll
2014-09-10 21:04:53 ----A---- C:\Windows\SYSWOW64\mrt_map.dll
2014-09-10 21:04:53 ----A---- C:\Windows\system32\mrt100.dll
2014-09-10 21:04:53 ----A---- C:\Windows\system32\mrt_map.dll
2014-09-10 21:04:52 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-09-10 21:04:52 ----A---- C:\Windows\system32\msxml3.dll
2014-09-10 21:04:38 ----A---- C:\Windows\system32\devinv.dll
2014-09-10 21:04:38 ----A---- C:\Windows\system32\aepic.dll
2014-09-10 21:04:38 ----A---- C:\Windows\system32\aepdu.dll
2014-09-10 21:04:38 ----A---- C:\Windows\system32\aeinv.dll
2014-09-10 21:03:37 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-09-10 21:03:37 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-09-10 21:03:17 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2014-09-10 21:03:05 ----A---- C:\Windows\system32\rdpcorets.dll
2014-09-10 21:01:56 ----A---- C:\Windows\SYSWOW64\certcli.dll
2014-09-10 21:01:56 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-09-10 21:01:56 ----A---- C:\Windows\system32\lsasrv.dll
2014-09-10 21:01:56 ----A---- C:\Windows\system32\drivers\cng.sys
2014-09-10 21:01:56 ----A---- C:\Windows\system32\certcli.dll
2014-09-10 21:01:56 ----A---- C:\Windows\system32\adtschema.dll
2014-09-10 21:00:59 ----A---- C:\Windows\system32\rpcrt4.dll
2014-09-10 21:00:58 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-09-10 20:59:01 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2014-09-10 20:59:01 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2014-09-10 20:59:01 ----A---- C:\Windows\system32\dxgi.dll
2014-09-10 20:59:01 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-09-10 20:59:01 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-09-10 20:59:01 ----A---- C:\Windows\system32\d3d11.dll
2014-09-10 20:59:00 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2014-09-10 20:59:00 ----A---- C:\Windows\system32\dwmcore.dll
2014-09-10 20:59:00 ----A---- C:\Windows\system32\cdd.dll
2014-09-10 20:57:07 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2014-09-10 20:57:05 ----A---- C:\Windows\system32\drivers\WdNisDrv.sys
2014-09-10 20:57:05 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2014-09-10 20:56:54 ----A---- C:\Windows\system32\SkyDriveTelemetry.dll
2014-09-10 20:56:53 ----A---- C:\Windows\system32\SyncEngine.dll
2014-09-10 20:56:53 ----A---- C:\Windows\system32\SkyDrive.exe
2014-09-10 20:45:05 ----A---- C:\Windows\system32\DWrite.dll
2014-09-10 20:45:04 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2014-09-10 20:45:04 ----A---- C:\Windows\system32\schedsvc.dll
2014-09-10 20:45:04 ----A---- C:\Windows\system32\FntCache.dll
2014-09-10 20:44:57 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2014-09-10 20:44:56 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2014-09-10 20:44:55 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-09-10 20:44:55 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-09-10 20:44:53 ----AC---- C:\Windows\system32\drivers\usbport.sys
2014-09-10 20:44:53 ----AC---- C:\Windows\system32\drivers\usbhub.sys
2014-09-10 20:44:53 ----A---- C:\Windows\system32\rsaenh.dll
2014-09-10 20:44:53 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2014-09-10 20:44:52 ----A---- C:\Windows\SYSWOW64\rsaenh.dll
2014-09-10 20:44:52 ----A---- C:\Windows\system32\WUDFSvc.dll
2014-09-10 20:44:52 ----A---- C:\Windows\system32\WUDFPlatform.dll
2014-09-10 20:44:52 ----A---- C:\Windows\system32\WUDFHost.exe
2014-09-10 20:44:52 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2014-09-10 20:44:52 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-09-10 20:44:51 ----AC---- C:\Windows\system32\drivers\usbuhci.sys
2014-09-10 20:44:51 ----AC---- C:\Windows\system32\drivers\USBHUB3.SYS
2014-09-10 20:44:51 ----AC---- C:\Windows\system32\drivers\usbehci.sys
2014-09-10 20:44:51 ----AC---- C:\Windows\system32\drivers\usbd.sys
2014-09-10 20:44:51 ----A---- C:\Windows\system32\hal.dll
2014-09-10 20:44:51 ----A---- C:\Windows\system32\DaOtpCredentialProvider.dll
2014-09-10 20:44:50 ----A---- C:\Windows\SYSWOW64\DaOtpCredentialProvider.dll
2014-09-10 20:44:24 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-09-10 20:44:24 ----A---- C:\Windows\system32\qedit.dll
2014-09-10 20:43:58 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-09-10 20:43:58 ----A---- C:\Windows\system32\msi.dll
2014-09-10 20:43:58 ----A---- C:\Windows\system32\authui.dll
2014-09-10 20:43:57 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-09-10 20:43:57 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-09-10 20:43:57 ----A---- C:\Windows\system32\msihnd.dll
2014-09-10 20:43:57 ----A---- C:\Windows\system32\consent.exe
2014-09-10 20:39:03 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-09-10 20:39:03 ----A---- C:\Windows\system32\win32k.sys
2014-09-10 20:39:03 ----A---- C:\Windows\system32\gdi32.dll
2014-09-10 20:38:29 ----A---- C:\Windows\system32\ubpm.dll
2014-09-10 20:38:28 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2014-09-10 20:38:28 ----A---- C:\Windows\system32\wucltux.dll
2014-09-10 20:38:28 ----A---- C:\Windows\system32\storewuauth.dll
2014-09-10 20:38:27 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-09-10 20:38:27 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-09-10 20:38:27 ----A---- C:\Windows\system32\wuwebv.dll
2014-09-10 20:38:27 ----A---- C:\Windows\system32\wuapp.exe
2014-09-10 20:27:31 ----A---- C:\Windows\system32\MDMAgent.exe
2014-09-10 12:31:14 ----A---- C:\Windows\SYSWOW64\twinui.dll
2014-09-10 12:31:14 ----A---- C:\Windows\SYSWOW64\twinui.appcore.dll
2014-09-10 12:31:14 ----A---- C:\Windows\SYSWOW64\MrmCoreR.dll
2014-09-10 12:31:13 ----A---- C:\Windows\system32\wuaueng.dll
2014-09-10 12:31:12 ----A---- C:\Windows\system32\twinui.dll
2014-09-10 12:31:12 ----A---- C:\Windows\system32\twinui.appcore.dll
2014-09-10 12:31:11 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-09-10 12:31:11 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2014-09-10 12:31:11 ----A---- C:\Windows\SYSWOW64\twinapi.appcore.dll
2014-09-10 12:31:11 ----A---- C:\Windows\system32\wups.dll
2014-09-10 12:31:11 ----A---- C:\Windows\system32\wuauclt.exe
2014-09-10 12:31:11 ----A---- C:\Windows\system32\wuapi.dll
2014-09-10 12:31:11 ----A---- C:\Windows\system32\WSShared.dll
2014-09-10 12:31:11 ----A---- C:\Windows\system32\twinapi.appcore.dll
2014-09-10 12:31:10 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-09-10 12:31:10 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-10 12:31:10 ----A---- C:\Windows\system32\wudriver.dll
2014-09-10 12:31:10 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-10 12:31:09 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-09-10 12:31:09 ----A---- C:\Windows\system32\WSReset.exe
2014-09-10 12:29:10 ----A---- C:\Windows\system32\WpcWebSync.dll
2014-09-10 12:29:10 ----A---- C:\Windows\system32\WpcMon.exe
2014-09-10 12:29:10 ----A---- C:\Windows\system32\Wpc.dll
2014-09-10 12:29:09 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2014-09-10 12:21:49 ----A---- C:\Windows\system32\wpccpl.dll
2014-09-10 12:21:43 ----A---- C:\Windows\system32\drivers\wpcfltr.sys
2014-09-10 01:45:38 ----A---- C:\Windows\SYSWOW64\msvcr120_clr0400.dll
2014-09-10 01:45:38 ----A---- C:\Windows\system32\msvcr120_clr0400.dll
2014-09-08 09:32:37 ----D---- C:\Users\Eva\AppData\Roaming\ocoll2e
2014-09-08 09:32:31 ----D---- C:\Program Files (x86)\IDM
2014-09-08 09:30:44 ----D---- C:\Program Files (x86)\Oxford
2014-09-07 00:21:15 ----D---- C:\ProgramData\Microsoft OneDrive
2014-09-07 00:12:16 ----D---- C:\Program Files\Microsoft Office 15
2014-09-06 10:46:21 ----D---- C:\Program Files\AVAST Software
2014-09-06 10:44:47 ----D---- C:\ProgramData\AVAST Software
2014-09-06 10:34:03 ----D---- C:\Program Files\CCleaner
2014-09-06 10:05:32 ----D---- C:\Program Files (x86)\Google
2014-09-06 10:04:16 ----D---- C:\Users\Eva\AppData\Roaming\Macromedia
2014-09-06 09:40:04 ----D---- C:\Users\Eva\AppData\Roaming\Adobe
2014-09-06 09:39:50 ----D---- C:\Users\Eva\AppData\Roaming\Intel
2014-09-06 09:37:53 ----SD---- C:\Users\Eva\AppData\Roaming\Microsoft
2014-09-05 22:50:26 ----D---- C:\Users\Eva\AppData\Roaming\vlc
2014-09-05 22:42:54 ----D---- C:\Program Files (x86)\VideoLAN
2014-09-05 21:12:22 ----D---- C:\Program Files (x86)\Check Point Software Technologies LTD
2014-09-05 21:12:20 ----D---- C:\Users\Eva\AppData\Roaming\Check Point Software Technologies LTD
2014-09-05 21:12:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-09-05 21:12:16 ----D---- C:\Program Files (x86)\CheckPoint
2014-09-05 21:07:21 ----D---- C:\ProgramData\CheckPoint
2014-09-05 21:05:52 ----D---- C:\Users\Eva\AppData\Roaming\Opera Software
2014-09-05 21:05:13 ----D---- C:\Program Files (x86)\Opera
2014-09-05 21:04:00 ----D---- C:\Users\Eva\AppData\Roaming\SUPERAntiSpyware.com
2014-09-05 21:03:43 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2014-09-05 21:03:43 ----D---- C:\Program Files\SUPERAntiSpyware
2014-09-05 21:02:43 ----D---- C:\Users\Eva\AppData\Roaming\IrfanView
2014-09-05 21:02:42 ----D---- C:\Program Files (x86)\IrfanView
2014-09-05 20:46:36 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2014-09-05 20:46:35 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2014-09-05 20:44:40 ----D---- C:\Users\Eva\AppData\Roaming\Winamp
2014-09-05 20:44:40 ----D---- C:\Program Files (x86)\Winamp
2014-09-05 20:39:41 ----D---- C:\Users\Eva\AppData\Roaming\Skype
2014-09-05 20:39:34 ----RD---- C:\Program Files (x86)\Skype
2014-09-05 20:39:31 ----D---- C:\ProgramData\Skype
2014-09-05 20:00:45 ----D---- C:\! e v i c k a
2014-09-05 19:54:01 ----D---- C:\Users\Eva\AppData\Roaming\GHISLER
2014-09-05 19:54:01 ----D---- C:\Program Files\totalcmd
2014-09-05 19:51:56 ----D---- C:\Users\Eva\AppData\Roaming\AVAST Software
2014-09-05 19:51:04 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-09-05 19:51:04 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-09-05 19:51:04 ----A---- C:\Windows\system32\drivers\aswsp.sys
2014-09-05 19:51:04 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2014-09-05 19:51:04 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-09-05 19:51:04 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-09-05 19:51:04 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-09-05 19:51:04 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-09-05 19:51:03 ----A---- C:\Windows\system32\aswBoot.exe
2014-09-05 19:50:58 ----A---- C:\Windows\avastSS.scr

======List of files/folders modified in the last 1 month======

2014-09-19 18:00:00 ----D---- C:\Windows\system32\sru
2014-09-19 17:59:04 ----SHD---- C:\Windows\Installer
2014-09-19 17:59:04 ----D---- C:\Windows\Temp
2014-09-19 17:59:03 ----RD---- C:\Program Files (x86)
2014-09-19 17:58:59 ----D---- C:\Windows\SysWOW64
2014-09-19 17:57:01 ----D---- C:\Windows\Prefetch
2014-09-19 17:50:55 ----RD---- C:\Windows\System32
2014-09-19 17:41:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-19 17:41:03 ----D---- C:\Windows\Inf
2014-09-19 17:08:29 ----D---- C:\Windows\system32\NDF
2014-09-19 00:29:26 ----SHD---- C:\System Volume Information
2014-09-19 00:27:45 ----HD---- C:\ProgramData
2014-09-18 20:19:03 ----D---- C:\Windows\Microsoft.NET
2014-09-18 17:02:54 ----D---- C:\Windows\system32\drivers
2014-09-18 16:37:52 ----D---- C:\Windows\system32\config
2014-09-18 16:32:39 ----D---- C:\Windows\AppReadiness
2014-09-18 16:32:38 ----HD---- C:\Program Files\WindowsApps
2014-09-18 15:20:15 ----D---- C:\Windows\system32\wdi
2014-09-18 14:42:10 ----RD---- C:\Program Files
2014-09-17 23:07:48 ----D---- C:\Windows\CbsTemp
2014-09-17 23:07:29 ----D---- C:\Windows\system32\catroot2
2014-09-17 23:06:52 ----D---- C:\Windows\WinSxS
2014-09-17 22:03:04 ----D---- C:\Windows\system32\Tasks
2014-09-17 00:50:07 ----D---- C:\Windows\system32\catroot
2014-09-15 02:36:27 ----RSD---- C:\Windows\assembly
2014-09-15 01:51:08 ----D---- C:\Windows\system32\drivers\UMDF
2014-09-14 02:39:41 ----D---- C:\Windows\rescache
2014-09-13 23:59:32 ----D---- C:\Windows\system32\DriverStore
2014-09-13 23:34:54 ----D---- C:\Windows\Logs
2014-09-11 01:08:08 ----D---- C:\Windows\WinStore
2014-09-11 01:08:08 ----D---- C:\Windows\SYSWOW64\slmgr
2014-09-11 01:08:08 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-09-11 01:08:08 ----D---- C:\Windows\SYSWOW64\oobe
2014-09-11 01:08:08 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-09-11 01:08:08 ----D---- C:\Windows\servicing
2014-09-11 01:08:08 ----D---- C:\Program Files\Windows Photo Viewer
2014-09-11 01:08:08 ----D---- C:\Program Files\Windows Media Player
2014-09-11 01:08:08 ----D---- C:\Program Files\Windows Mail
2014-09-11 01:08:08 ----D---- C:\Program Files\Windows Journal
2014-09-11 01:08:08 ----D---- C:\Program Files\Windows Defender
2014-09-11 01:08:08 ----D---- C:\Program Files\Internet Explorer
2014-09-11 01:08:08 ----D---- C:\Program Files\Common Files\System
2014-09-11 01:08:08 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2014-09-11 01:08:08 ----D---- C:\Program Files (x86)\Windows Media Player
2014-09-11 01:08:08 ----D---- C:\Program Files (x86)\Windows Mail
2014-09-11 01:08:08 ----D---- C:\Program Files (x86)\Windows Defender
2014-09-11 01:08:08 ----D---- C:\Program Files (x86)\Internet Explorer
2014-09-11 01:08:07 ----D---- C:\Windows\SYSWOW64\WCN
2014-09-11 01:08:07 ----D---- C:\Windows\SYSWOW64\wbem
2014-09-11 01:08:07 ----D---- C:\Windows\SYSWOW64\en-US
2014-09-11 01:08:07 ----D---- C:\Windows\SYSWOW64\drivers
2014-09-11 01:08:04 ----RD---- C:\Windows\ImmersiveControlPanel
2014-09-11 01:08:04 ----D---- C:\Windows\system32\Sysprep
2014-09-11 01:08:04 ----D---- C:\Windows\system32\slmgr
2014-09-11 01:08:04 ----D---- C:\Windows\system32\sk-SK
2014-09-11 01:08:04 ----D---- C:\Windows\system32\oobe
2014-09-11 01:08:04 ----D---- C:\Windows\system32\migwiz
2014-09-11 01:08:04 ----D---- C:\Windows\system32\cs-CZ
2014-09-11 01:08:04 ----D---- C:\Windows\PolicyDefinitions
2014-09-11 01:08:04 ----D---- C:\Windows
2014-09-11 01:08:02 ----D---- C:\Windows\system32\WCN
2014-09-11 01:08:02 ----D---- C:\Windows\system32\en-US
2014-09-11 01:08:01 ----D---- C:\Windows\system32\wbem
2014-09-11 01:08:01 ----D---- C:\Windows\system32\SystemResetPlatform
2014-09-11 01:08:01 ----D---- C:\Windows\Help
2014-09-11 01:07:56 ----D---- C:\Windows\system32\setup
2014-09-11 01:07:52 ----RD---- C:\Windows\ToastData
2014-09-11 01:07:51 ----D---- C:\Windows\system32\drivers\en-US
2014-09-11 01:07:51 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-09-10 22:34:10 ----D---- C:\Windows\system32\SecureBootUpdates
2014-09-10 22:34:00 ----D---- C:\Windows\system32\migration
2014-09-10 22:33:57 ----D---- C:\Windows\apppatch
2014-09-10 22:33:53 ----D---- C:\Windows\SYSWOW64\migration
2014-09-10 22:33:53 ----D---- C:\Windows\MediaViewer
2014-09-10 22:33:52 ----D---- C:\Windows\FileManager
2014-09-10 22:33:52 ----D---- C:\Windows\Camera
2014-09-10 22:33:47 ----D---- C:\Program Files\Common Files\microsoft shared
2014-09-10 21:32:06 ----D---- C:\Windows\debug
2014-09-08 09:31:58 ----RSD---- C:\Windows\Fonts
2014-09-07 04:46:35 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-09-07 00:20:48 ----SD---- C:\ProgramData\Microsoft
2014-09-07 00:17:56 ----D---- C:\Program Files (x86)\Common Files
2014-09-07 00:17:49 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-09-06 10:45:53 ----D---- C:\Windows\system32\restore
2014-09-06 10:41:58 ----D---- C:\ProgramData\McAfee
2014-09-06 10:41:58 ----D---- C:\Program Files\Common Files
2014-09-06 10:39:58 ----HD---- C:\Windows\ELAMBKUP
2014-09-06 10:05:34 ----D---- C:\Windows\Tasks
2014-09-06 09:46:39 ----D---- C:\Windows\SoftwareDistribution
2014-09-06 09:43:06 ----D---- C:\ProgramData\OEM
2014-09-06 09:40:48 ----SHD---- C:\$Recycle.Bin
2014-09-06 09:40:26 ----D---- C:\Windows\Panther
2014-09-06 09:40:17 ----D---- C:\ProgramData\EgisTec IPS
2014-09-06 09:37:52 ----RD---- C:\Users
2014-09-05 20:03:22 ----D---- C:\ProgramData\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-09-05 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-09-05 224896]
R0 MBI;@oem11.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\Windows\System32\drivers\MBI.sys [2013-12-10 29464]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-09-05 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-09-05 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-09-05 427360]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2014-06-20 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2014-06-20 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2014-06-20 62776]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 Vsdatant;@oem29.inf,%Vsdatant_Desc%;Zone Alarm Firewall Driver; C:\Windows\System32\drivers\vsdatant.sys [2014-07-23 450456]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-09-05 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-09-05 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-09-05 92008]
R2 eLock2FSCTLDriver;eLock2FSCTLDriver; C:\Windows\system32\DRIVERS\eLock2FSCTLDriver.sys [2014-06-20 26264]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-01-31 81920]
R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2013-11-07 1411384]
R3 DptfDevAcpiProc;DptfDevAcpiProc; C:\Windows\system32\DRIVERS\DptfDevAcpiProc.sys [2013-09-17 198808]
R3 DptfDevGen;DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [2013-09-17 78504]
R3 DptfManager;DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [2013-09-17 493240]
R3 GPIO;@oem1.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\Windows\System32\drivers\iaiogpioe.sys [2013-11-11 31232]
R3 iaioi2c;@oem2.inf,%Driver_Service.Desc%;I2C Controller Service; C:\Windows\System32\drivers\iaioi2ce.sys [2013-11-11 67584]
R3 ibtusb;@oem17.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R) 4.0 + HS Adapter; C:\Windows\system32\DRIVERS\ibtusb.sys [2014-01-22 149448]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-16 4222976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-03-20 3897944]
R3 IntcDAud;@oem6.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-01-16 450520]
R3 iwdbus;@oem9.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 LMDriver;@oem24.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\Windows\System32\drivers\LMDriver.sys [2013-07-17 21360]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-05-12 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-09-19 122584]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-05-12 64216]
R3 NETwNb64;@oem20.inf,___ %NIC_Service_DispName_WINB_64%;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\Windows\system32\DRIVERS\NETwbw02.sys [2013-12-05 3609056]
R3 RadioShim;@oem24.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\Windows\System32\drivers\RadioShim.sys [2013-07-17 14680]
R3 RTL8168;@oem13.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2013-12-18 839896]
R3 SynRMIHID;@oem19.inf,%SynRMIHID.SVCDESC%;Synaptics HID Service; C:\Windows\system32\DRIVERS\SynRMIHID.sys [2014-02-19 42224]
R3 TXEIx64;@oem14.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\Windows\System32\drivers\TXEIx64.sys [2014-01-15 88592]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2013-08-22 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2013-08-22 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-04-11 1200128]
S3 btmaux;@oem16.inf,%BTMAUX.ServiceDesc%;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2013-11-07 140600]
S3 GeneStor;@oem18.inf,%GENESTOR.SvcDesc%;Genesys Logic Storage Driver; C:\Windows\System32\drivers\GeneStor.sys [2014-01-18 107208]
S3 intaud_WaveExtensible;@oem8.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\Windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2014-01-27 167424]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 AdobeARMservice;Adobe Acrobat Update Service; c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-09-05 50344]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-11-07 1186168]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-11-07 1161592]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-08-01 2369720]
R2 DptfParticipantAcpiProcessorService;@oem10.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application; C:\Windows\system32\DptfParticipantProcessorService.exe [2013-09-17 117704]
R2 DptfPolicyCriticalService;@oem10.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Critical Service Application; C:\Windows\system32\DptfPolicyCriticalService.exe [2013-09-17 150760]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-11-21 631024]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-02 733696]
R2 LMSvc;Launch Manager Service; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [2014-01-18 459496]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-11-21 154864]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2014-07-23 3596240]
R3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [2014-02-05 197928]
R3 eLockServ;EgisTec eLock Service; C:\Program Files\Common Files\EgisTec CommonModule\eLock\eLockServ.exe [2014-01-15 24872]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2014-03-06 2573544]
R3 QASvc;Quick Access Service; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [2014-01-31 461544]
R3 RMSvc;Quick Access RadioMgr Service; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [2014-01-31 449768]
R3 UEIPSvc;User Experience Improvement Program; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [2014-01-25 222952]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-06 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-27 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-22 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-06 116648]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-02 822232]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-11-21 284912]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 150600]

-----------------EOF-----------------

#20 Příspěvek od **Márty84** » 19 zář 2014 20:25

MBAM odinstalujte, tim se smaze i karantena.

Pokki je svinstvo.

Postupujte podle navodu kolegy

vyosek píše: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Ulozte nejlepe na plochu

Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu

Probehne vytvoreni zalohy a nasledne prohledavani

Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Postupujte podle navodu kolegy

vyosek píše: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Kód: Vybrat vše
autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;
Nasledne kliknete na Run Script

PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

e_va · #21 Příspěvek od **e_va** » 19 zář 2014 21:59

ok, vezmu to per partes:

JRT (je to nějaké "holé", tak doufám, že je to ono

)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.7 (09.18.2014:2)
OS: Windows 8.1 x64
Ran by Eva on p 19. 09. 2014 at 22:44:52,46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 19. 09. 2014 at 22:58:00,83
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

e_va · #22 Příspěvek od **e_va** » 19 zář 2014 22:04

sakra práce Zoek se nechce stáhnout: chrome křičí "chyba sítě" a krom toho během stahování hulákal avast, že mě právě ochránil od nějaké strašlivé hrozby, tak mám podezření, že spolu tyto dvě hlášky budou souviset

A nebo je chyba mezi židlí a klávesnicí?

#23 Příspěvek od **Márty84** » 20 zář 2014 05:59

Bude to nejspis falesny poplach na ten program. Zkuste to stahnout treba v nouzovem rezimu s praci v siti. Pripadne na chvilicku vypnout antivir

e_va · #24 Příspěvek od **e_va** » 20 zář 2014 15:10

hm, no jasně, to mě mohlo taky napadnout

Tu to je:

Zoek.exe v5.0.0.0 Updated 20-September-2014
Tool run by Eva on so 20. 09. 2014 at 15:40:30,57.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Eva\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

20. 9. 2014 15:42:43 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1320900323-2956938217-1536712739-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} deleted successfully

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Check Point Software Technologies LTD deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Default\AppData\Local\Pokki deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
"C:\Windows\Installer\1af68.msi" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [05. 09. 2014 19:51]

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[05. 09. 2014 19:50]
ladimmjldcgbeamniagencjbodhnmgen - C:\Program Files\Acer ProShield\ChromeEx\EgisPBChromeExt.crx[05. 02. 2014 19:19]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
kgdcapepedmpopjkmdbjnmmmfgllnfek - C:\Users\Eva\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarm.crx[12. 02. 2014 01:07]

ZoneAlarm Chrome Toolbar - Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgdcapepedmpopjkmdbjnmmmfgllnfek
Online Accounts Extension - Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\ladimmjldcgbeamniagencjbodhnmgen

==== Chromium Fix ======================

C:\Users\Eva\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarm.crx deleted successfully
C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgdcapepedmpopjkmdbjnmmmfgllnfek deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://acer13.msn.com/?pc=ACJB"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://search.zonealarm.com/?src=nt&tbi ... tsId=&ver=&"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://search.zonealarm.com/?src=nt&tbi ... tsId=&ver=&"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://acer13.msn.com/?pc=ACJB"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{46A180A4-E3DE-49CB-8D61-2AB0C07E891C}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{46A180A4-E3DE-49CB-8D61-2AB0C07E891C} Bing Url="http://www.bing.com/search?q={searchTer ... TR&pc=ACJB"

==== Reset Google Chrome ======================

C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Eva\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Eva\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\203E62EEA6789D84098513925E9B9999 deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\kgdcapepedmpopjkmdbjnmmmfgllnfek deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE26E302-876A-48D9-9058-3129E5B99999} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\203E62EEA6789D84098513925E9B9999 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Eva\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Eva\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Eva\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=5908 folders=148 358961196 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Eva\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Eva\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on so 20. 09. 2014 at 16:07:23,04 ======================

#25 Příspěvek od **Márty84** » 22 zář 2014 12:51

Dejte novy log z RSIT

e_va · #26 Příspěvek od **e_va** » 22 zář 2014 16:03

zde:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Eva at 2014-09-22 17:02:15
Microsoft Windows 8.1
System drive C: has 229 GB (50%) free of 462 GB
Total RAM: 3978 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:02:22, on 22. 9. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17278)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\UMonit64.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\CyberLink\Face Login\YouCamService.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Eva.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com/?pc=ACJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: EgisPBIE - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files\Acer ProShield\x86\EgisPBIE.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files (x86)\CyberLink\Face Login\YouCamService.exe" /s
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @oem10.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application (DptfParticipantAcpiProcessorService) - Unknown owner - C:\Windows\system32\DptfParticipantProcessorService.exe (file missing)
O23 - Service: @oem10.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Critical Service Application (DptfPolicyCriticalService) - Unknown owner - C:\Windows\system32\DptfPolicyCriticalService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: EgisTec eLock Service (eLockServ) - Egis Technology Inc. - C:\Program Files\Common Files\EgisTec CommonModule\eLock\eLockServ.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Quick Access Service (QASvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\QASvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Quick Access RadioMgr Service (RMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: User Experience Improvement Program (UEIPSvc) - acer - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 11193 bytes

======Listing Processes======

wininit.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
C:\Windows\system32\WLANExt.exe 95831898832
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\Windows\system32\DptfParticipantProcessorService.exe
C:\Windows\system32\DptfPolicyCriticalService.exe
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files\Common Files\EgisTec CommonModule\eLock\eLockServ.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files\Acer\Acer Quick Access\QASvc.exe"
"C:\Program Files\Acer\Acer Quick Access\RMSvc.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe"
dashost.exe {3027b3fc-9eca-468b-a62ea9d420b1c286}
C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\WinLogon.exe -SpecialSession
-hiberboot
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {9BA05972-F6A8-11CF-A442-00A0C90A8F39} -Embedding
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files\EgisTec IPS\PMMUpdate.exe"
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Launch Manager\LMTray.exe"
"C:\Program Files\Acer ProShield\EgisTSR.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6876.0.123981358\69278121" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17 --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3408 --ignored=" --type=renderer " /prefetch:822062411
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_57/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="6876.2.1559417541\585976244" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_57/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="6876.3.737490141\2011816450" /prefetch:673131151
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\EgisTec IPS\EgisUpdate.exe"
C:\Windows\SysWOW64\UMonit64.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_57/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="6876.4.126929830\1128786651" /prefetch:673131151
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_57/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="6876.5.1345746218\1747930952" /prefetch:673131151
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_57/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="6876.6.426934398\798367453" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_57/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="6876.7.247504462\1411243231" /prefetch:673131151
"C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_57/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="6876.8.568731967\305334505" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_57/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="6876.9.2000419975\702435278" /prefetch:673131151
"C:\Program Files (x86)\CyberLink\Face Login\YouCamService.exe" /s
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Windows\system32\igfxext.exe" -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="6876.10.2038216498\614383094" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702

taskeng.exe {C2EB90D8-14D2-4037-8186-BD27DC253B3B}
"C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe"
"C:\Program Files\Acer\Acer Quick Access\QAEvent.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Quick Access\QAMsg.exe"
"C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe" -hide
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_57/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="6876.14.278306123\398708267" /prefetch:673131151
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe90_ Global\UsGthrCtrlFltPipeMssGthrPipe90 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 580 584 592 65536 588
"C:\Users\Eva\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-09-20 218776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9}]
EgisPBIE Sign-in Helper - C:\Program Files\Acer ProShield\EgisPBIE.dll [2014-02-05 721192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-09-05 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-09-20 2334416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9}]
EgisPBIE Sign-in Helper - C:\Program Files\Acer ProShield\x86\EgisPBIE.dll [2014-02-05 532264]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-09-05 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C08DF07A-3E49-4E25-9AB0-D3882835F153}]
QUICKfind BHO Object - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll [2007-02-16 457216]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-27 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-27 771568]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-27 770544]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-03-19 13672304]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2013-11-07 7818552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2014-09-17 7763736]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"YouCam Service"=C:\Program Files (x86)\CyberLink\Face Login\YouCamService.exe [2013-11-06 241416]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-09-05 4085896]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2014-07-23 134624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-16 624640]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Acer ProShield\EgisPwdFilter.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-09-21 19:48:08 ----RHD---- C:\MSOCache
2014-09-20 16:07:28 ----SHD---- C:\$RECYCLE.BIN
2014-09-20 16:04:57 ----A---- C:\Windows\zoek-delete.exe
2014-09-20 16:04:56 ----D---- C:\Windows\Temp
2014-09-20 15:40:02 ----D---- C:\zoek_backup
2014-09-19 22:44:49 ----D---- C:\Windows\ERUNT
2014-09-19 00:27:45 ----D---- C:\ProgramData\PDF Architect 2
2014-09-18 15:14:47 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-09-18 15:13:07 ----D---- C:\AdwCleaner
2014-09-18 14:42:10 ----D---- C:\Program Files\trend micro
2014-09-17 23:21:35 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2014-09-17 23:21:33 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-09-17 23:21:33 ----A---- C:\Windows\system32\authui.dll
2014-09-17 23:21:31 ----A---- C:\Windows\system32\shell32.dll
2014-09-17 23:21:30 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2014-09-17 23:21:28 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-09-17 23:21:26 ----A---- C:\Windows\system32\mstscax.dll
2014-09-17 23:21:25 ----A---- C:\Windows\system32\Windows.UI.Search.dll
2014-09-17 23:21:24 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-09-17 23:21:23 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-09-17 23:21:22 ----A---- C:\Windows\system32\d3d10warp.dll
2014-09-17 23:21:21 ----A---- C:\Windows\system32\SettingsHandlers.dll
2014-09-17 23:21:14 ----A---- C:\Windows\system32\mfcore.dll
2014-09-17 23:21:14 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-09-17 23:21:12 ----A---- C:\Windows\SYSWOW64\mfcore.dll
2014-09-17 23:21:11 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-09-17 23:21:11 ----A---- C:\Windows\system32\gpsvc.dll
2014-09-17 23:21:10 ----A---- C:\Windows\system32\wlansvc.dll
2014-09-17 23:21:09 ----A---- C:\Windows\system32\workfolderssvc.dll
2014-09-17 23:21:08 ----A---- C:\Windows\system32\Windows.Media.dll
2014-09-17 23:21:06 ----A---- C:\Windows\system32\iphlpsvc.dll
2014-09-17 23:21:05 ----A---- C:\Windows\system32\mfmp4srcsnk.dll
2014-09-17 23:21:05 ----A---- C:\Windows\system32\localspl.dll
2014-09-17 23:21:04 ----A---- C:\Windows\SYSWOW64\Windows.Media.dll
2014-09-17 23:21:04 ----A---- C:\Windows\SYSWOW64\mfmp4srcsnk.dll
2014-09-17 23:21:04 ----A---- C:\Windows\system32\drivers\srv.sys
2014-09-17 23:21:03 ----A---- C:\Windows\SYSWOW64\Windows.UI.Search.dll
2014-09-17 23:21:03 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-09-17 23:21:02 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2014-09-17 23:21:01 ----A---- C:\Windows\system32\SRH.dll
2014-09-17 23:21:01 ----A---- C:\Windows\system32\mfplat.dll
2014-09-17 23:21:00 ----A---- C:\Windows\system32\wuaueng.dll
2014-09-17 23:21:00 ----A---- C:\Windows\system32\printui.dll
2014-09-17 23:21:00 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-09-17 23:20:59 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2014-09-17 23:20:59 ----A---- C:\Windows\system32\drivers\srv2.sys
2014-09-17 23:20:58 ----A---- C:\Windows\system32\mispace.dll
2014-09-17 23:20:58 ----A---- C:\Windows\system32\drivers\netio.sys
2014-09-17 23:20:57 ----A---- C:\Windows\system32\XpsPrint.dll
2014-09-17 23:20:56 ----AC---- C:\Windows\system32\drivers\bthport.sys
2014-09-17 23:20:56 ----A---- C:\Windows\system32\netcfgx.dll
2014-09-17 23:20:55 ----A---- C:\Windows\SYSWOW64\mispace.dll
2014-09-17 23:20:55 ----A---- C:\Windows\system32\WorkfoldersControl.dll
2014-09-17 23:20:55 ----A---- C:\Windows\system32\AppxPackaging.dll
2014-09-17 23:20:54 ----A---- C:\Windows\SYSWOW64\printui.dll
2014-09-17 23:20:54 ----A---- C:\Windows\SYSWOW64\netcfgx.dll
2014-09-17 23:20:53 ----A---- C:\Windows\system32\aclui.dll
2014-09-17 23:20:52 ----A---- C:\Windows\SYSWOW64\SRH.dll
2014-09-17 23:20:51 ----AC---- C:\Windows\system32\drivers\spaceport.sys
2014-09-17 23:20:51 ----A---- C:\Windows\system32\wlanmsm.dll
2014-09-17 23:20:51 ----A---- C:\Windows\system32\srvsvc.dll
2014-09-17 23:20:50 ----A---- C:\Windows\system32\spoolsv.exe
2014-09-17 23:20:50 ----A---- C:\Windows\system32\mfreadwrite.dll
2014-09-17 23:20:49 ----AC---- C:\Windows\system32\drivers\usbccgp.sys
2014-09-17 23:20:49 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2014-09-17 23:20:49 ----A---- C:\Windows\SYSWOW64\AppxPackaging.dll
2014-09-17 23:20:49 ----A---- C:\Windows\SYSWOW64\aclui.dll
2014-09-17 23:20:48 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2014-09-17 23:20:48 ----A---- C:\Windows\system32\SHCore.dll
2014-09-17 23:20:47 ----AC---- C:\Windows\system32\drivers\volsnap.sys
2014-09-17 23:20:47 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Bluetooth.dll
2014-09-17 23:20:47 ----A---- C:\Windows\system32\puiobj.dll
2014-09-17 23:20:44 ----A---- C:\Windows\SYSWOW64\mftranscode.dll
2014-09-17 23:20:44 ----A---- C:\Windows\system32\storagewmi.dll
2014-09-17 23:20:43 ----A---- C:\Windows\SYSWOW64\SHCore.dll
2014-09-17 23:20:43 ----A---- C:\Windows\system32\mftranscode.dll
2014-09-17 23:20:43 ----A---- C:\Windows\system32\clusapi.dll
2014-09-17 23:20:42 ----A---- C:\Windows\system32\wuapi.dll
2014-09-17 23:20:42 ----A---- C:\Windows\system32\usbmon.dll
2014-09-17 23:20:42 ----A---- C:\Windows\system32\comdlg32.dll
2014-09-17 23:20:41 ----AC---- C:\Windows\system32\drivers\USBHUB3.SYS
2014-09-17 23:20:41 ----A---- C:\Windows\system32\winload.exe
2014-09-17 23:20:41 ----A---- C:\Windows\system32\WebClnt.dll
2014-09-17 23:20:40 ----A---- C:\Windows\system32\wisp.dll
2014-09-17 23:20:40 ----A---- C:\Windows\system32\defragsvc.dll
2014-09-17 23:20:39 ----A---- C:\Windows\system32\lsasrv.dll
2014-09-17 23:20:38 ----A---- C:\Windows\SYSWOW64\comdlg32.dll
2014-09-17 23:20:38 ----A---- C:\Windows\system32\winresume.exe
2014-09-17 23:20:37 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2014-09-17 23:20:37 ----A---- C:\Windows\system32\wsecedit.dll
2014-09-17 23:20:37 ----A---- C:\Windows\system32\drivers\srvnet.sys
2014-09-17 23:20:36 ----A---- C:\Windows\system32\user32.dll
2014-09-17 23:20:36 ----A---- C:\Windows\system32\profsvc.dll
2014-09-17 23:20:36 ----A---- C:\Windows\system32\drivers\nwifi.sys
2014-09-17 23:20:35 ----A---- C:\Windows\SYSWOW64\clusapi.dll
2014-09-17 23:20:35 ----A---- C:\Windows\system32\winmmbase.dll
2014-09-17 23:20:35 ----A---- C:\Windows\system32\drivers\ks.sys
2014-09-17 23:20:34 ----AC---- C:\Windows\system32\drivers\usbhub.sys
2014-09-17 23:20:34 ----A---- C:\Windows\system32\wpdbusenum.dll
2014-09-17 23:20:34 ----A---- C:\Windows\system32\WiFiDisplay.dll
2014-09-17 23:20:33 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2014-09-17 23:20:33 ----A---- C:\Windows\system32\win32spl.dll
2014-09-17 23:20:33 ----A---- C:\Windows\system32\rdpcorets.dll
2014-09-17 23:20:32 ----A---- C:\Windows\system32\rdvidcrl.dll
2014-09-17 23:20:32 ----A---- C:\Windows\system32\conhost.exe
2014-09-17 23:20:31 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2014-09-17 23:20:31 ----A---- C:\Windows\SYSWOW64\Display.dll
2014-09-17 23:20:31 ----A---- C:\Windows\system32\VAN.dll
2014-09-17 23:20:31 ----A---- C:\Windows\system32\SettingSync.dll
2014-09-17 23:20:30 ----A---- C:\Windows\SYSWOW64\storagewmi.dll
2014-09-17 23:20:30 ----A---- C:\Windows\system32\Display.dll
2014-09-17 23:20:30 ----A---- C:\Windows\system32\AppxSip.dll
2014-09-17 23:20:29 ----A---- C:\Windows\SYSWOW64\winmmbase.dll
2014-09-17 23:20:29 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2014-09-17 23:20:29 ----A---- C:\Windows\system32\WorkFoldersGPExt.dll
2014-09-17 23:20:28 ----A---- C:\Windows\SYSWOW64\wisp.dll
2014-09-17 23:20:28 ----A---- C:\Windows\system32\SndVol.exe
2014-09-17 23:20:28 ----A---- C:\Windows\system32\osk.exe
2014-09-17 23:20:27 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-09-17 23:20:27 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2014-09-17 23:20:26 ----A---- C:\Windows\system32\mfps.dll
2014-09-17 23:20:26 ----A---- C:\Windows\system32\DafPrintProvider.dll
2014-09-17 23:20:26 ----A---- C:\Windows\system32\bcryptprimitives.dll
2014-09-17 23:20:25 ----A---- C:\Windows\system32\httpprxm.dll
2014-09-17 23:20:25 ----A---- C:\Windows\system32\drivers\ndis.sys
2014-09-17 23:20:24 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2014-09-17 23:20:24 ----A---- C:\Windows\system32\drivers\NdisImPlatform.sys
2014-09-17 23:20:24 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2014-09-17 23:20:23 ----AC---- C:\Windows\system32\drivers\hdaudbus.sys
2014-09-17 23:20:23 ----A---- C:\Windows\system32\winmm.dll
2014-09-17 23:20:23 ----A---- C:\Windows\system32\Windows.Networking.dll
2014-09-17 23:20:22 ----A---- C:\Windows\SYSWOW64\AppxSip.dll
2014-09-17 23:20:22 ----A---- C:\Windows\system32\twinapi.dll
2014-09-17 23:20:22 ----A---- C:\Windows\system32\dwmapi.dll
2014-09-17 23:20:21 ----A---- C:\Windows\system32\wucltux.dll
2014-09-17 23:20:21 ----A---- C:\Windows\system32\drivers\bridge.sys
2014-09-17 23:20:20 ----A---- C:\Windows\SYSWOW64\wsecedit.dll
2014-09-17 23:20:20 ----A---- C:\Windows\system32\WSShared.dll
2014-09-17 23:20:20 ----A---- C:\Windows\system32\prnntfy.dll
2014-09-17 23:20:20 ----A---- C:\Windows\system32\GdiPlus.dll
2014-09-17 23:20:19 ----A---- C:\Windows\system32\WorkFoldersShell.dll
2014-09-17 23:20:18 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2014-09-17 23:20:18 ----A---- C:\Windows\SYSWOW64\prnntfy.dll
2014-09-17 23:20:18 ----A---- C:\Windows\system32\gpedit.dll
2014-09-17 23:20:17 ----A---- C:\Windows\SYSWOW64\winmm.dll
2014-09-17 23:20:16 ----A---- C:\Windows\SYSWOW64\puiapi.dll
2014-09-17 23:20:16 ----A---- C:\Windows\system32\puiapi.dll
2014-09-17 23:20:15 ----A---- C:\Windows\SYSWOW64\SndVol.exe
2014-09-17 23:20:15 ----A---- C:\Windows\system32\iasnap.dll
2014-09-17 23:20:14 ----A---- C:\Windows\SYSWOW64\VAN.dll
2014-09-17 23:20:14 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2014-09-17 23:20:14 ----A---- C:\Windows\system32\adhsvc.dll
2014-09-17 23:20:13 ----A---- C:\Windows\system32\wups.dll
2014-09-17 23:20:12 ----AC---- C:\Windows\system32\drivers\pci.sys
2014-09-17 23:20:12 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2014-09-17 23:20:11 ----A---- C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-09-17 23:20:11 ----A---- C:\Windows\system32\stobject.dll
2014-09-17 23:20:10 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2014-09-17 23:20:10 ----A---- C:\Windows\system32\wcmcsp.dll
2014-09-17 23:20:10 ----A---- C:\Windows\system32\AppxSysprep.dll
2014-09-17 23:20:09 ----A---- C:\Windows\system32\wwanconn.dll
2014-09-17 23:20:09 ----A---- C:\Windows\system32\dab.dll
2014-09-17 23:20:08 ----A---- C:\Windows\SYSWOW64\iasnap.dll
2014-09-17 23:20:08 ----A---- C:\Windows\SYSWOW64\gpedit.dll
2014-09-17 23:20:08 ----A---- C:\Windows\system32\wuauclt.exe
2014-09-17 23:20:07 ----A---- C:\Windows\SYSWOW64\rsaenh.dll
2014-09-17 23:20:07 ----A---- C:\Windows\system32\ActionCenter.dll
2014-09-17 23:20:06 ----A---- C:\Windows\system32\wlanapi.dll
2014-09-17 23:20:06 ----A---- C:\Windows\system32\rsaenh.dll
2014-09-17 23:20:05 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-09-17 23:20:05 ----A---- C:\Windows\system32\wups2.dll
2014-09-17 23:20:04 ----A---- C:\Windows\system32\wshbth.dll
2014-09-17 23:20:04 ----A---- C:\Windows\system32\schannel.dll
2014-09-17 23:20:03 ----A---- C:\Windows\SYSWOW64\Windows.Networking.dll
2014-09-17 23:20:03 ----A---- C:\Windows\SYSWOW64\SettingSync.dll
2014-09-17 23:20:02 ----A---- C:\Windows\system32\PrintDialogs.dll
2014-09-17 23:20:01 ----A---- C:\Windows\SYSWOW64\DafPrintProvider.dll
2014-09-17 23:20:00 ----A---- C:\Windows\system32\Windows.Devices.Bluetooth.dll
2014-09-17 23:20:00 ----A---- C:\Windows\system32\SearchFolder.dll
2014-09-17 23:20:00 ----A---- C:\Windows\system32\browser.dll
2014-09-17 23:19:59 ----A---- C:\Windows\SYSWOW64\wshbth.dll
2014-09-17 23:19:59 ----A---- C:\Windows\system32\wlansvcpal.dll
2014-09-17 23:19:58 ----A---- C:\Windows\SYSWOW64\stobject.dll
2014-09-17 23:19:56 ----A---- C:\Windows\SYSWOW64\KBDRUM.DLL
2014-09-17 23:19:56 ----A---- C:\Windows\SYSWOW64\ActionCenter.dll
2014-09-17 23:19:56 ----A---- C:\Windows\system32\Defrag.exe
2014-09-17 23:19:55 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-09-17 23:19:55 ----A---- C:\Windows\system32\KBDRUM.DLL
2014-09-17 23:19:53 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2014-09-17 23:19:52 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-09-17 23:19:51 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-09-17 23:19:51 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-09-17 23:19:51 ----A---- C:\Windows\system32\KBDRU.DLL
2014-09-17 23:19:51 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-09-17 23:19:50 ----A---- C:\Windows\SYSWOW64\user32.dll
2014-09-17 23:19:49 ----A---- C:\Windows\system32\BluetoothApis.dll
2014-09-17 23:19:48 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-09-17 23:19:48 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-09-17 23:19:48 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-09-17 23:19:48 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-09-17 23:19:43 ----AC---- C:\Windows\system32\drivers\bthpan.sys
2014-09-17 23:19:43 ----A---- C:\Windows\SYSWOW64\certcli.dll
2014-09-17 23:19:43 ----A---- C:\Windows\system32\certcli.dll
2014-09-17 23:19:42 ----A---- C:\Windows\SYSWOW64\PrintDialogs.dll
2014-09-17 23:19:42 ----A---- C:\Windows\system32\wwanmm.dll
2014-09-17 23:19:42 ----A---- C:\Windows\system32\SndVolSSO.dll
2014-09-17 23:19:42 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-09-17 23:19:41 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-09-17 23:19:41 ----A---- C:\Windows\system32\compstui.dll
2014-09-17 23:19:39 ----A---- C:\Windows\SYSWOW64\BluetoothApis.dll
2014-09-17 23:19:38 ----A---- C:\Windows\system32\wlansec.dll
2014-09-17 23:19:38 ----A---- C:\Windows\system32\rdpudd.dll
2014-09-17 23:19:35 ----A---- C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-09-17 23:19:34 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-17 23:19:34 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-17 23:19:33 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-09-17 23:19:33 ----A---- C:\Windows\system32\wudriver.dll
2014-09-17 23:19:31 ----A---- C:\Windows\SYSWOW64\KBDTT102.DLL
2014-09-17 23:19:31 ----A---- C:\Windows\system32\KBDTT102.DLL
2014-09-17 22:24:37 ----D---- C:\rsit
2014-09-17 22:24:37 ----D---- C:\Program Files (x86)\trend micro
2014-09-17 00:49:54 ----A---- C:\Windows\system32\WSDMon.dll
2014-09-17 00:49:54 ----A---- C:\Windows\system32\tcpmon.dll
2014-09-14 14:04:07 ----A---- C:\Windows\SYSWOW64\explorer.exe
2014-09-14 14:04:06 ----A---- C:\Windows\system32\uDWM.dll
2014-09-14 14:04:06 ----A---- C:\Windows\explorer.exe
2014-09-14 14:04:05 ----A---- C:\Windows\system32\twinui.dll
2014-09-14 14:04:01 ----A---- C:\Windows\SYSWOW64\twinui.dll
2014-09-14 14:03:58 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2014-09-14 14:03:58 ----A---- C:\Windows\system32\actxprxy.dll
2014-09-14 14:03:57 ----A---- C:\Windows\SYSWOW64\UXInit.dll
2014-09-14 14:03:57 ----A---- C:\Windows\system32\UXInit.dll
2014-09-14 14:02:58 ----A---- C:\Windows\system32\drivers\msgpioclx.sys
2014-09-10 22:38:35 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-09-10 22:34:10 ----SD---- C:\Windows\system32\CompatTel
2014-09-10 22:33:58 ----RD---- C:\Windows\BrowserChoice
2014-09-10 22:05:25 ----A---- C:\Windows\system32\termsrv.dll
2014-09-10 21:46:27 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-09-10 21:46:27 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-09-10 21:46:24 ----A---- C:\Windows\system32\mshtmled.dll
2014-09-10 21:46:23 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-09-10 21:46:22 ----A---- C:\Windows\system32\iernonce.dll
2014-09-10 21:46:21 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-09-10 21:46:21 ----A---- C:\Windows\system32\vbscript.dll
2014-09-10 21:46:21 ----A---- C:\Windows\system32\jscript9diag.dll
2014-09-10 21:46:21 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 21:46:21 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 21:46:16 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-09-10 21:46:15 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-09-10 21:46:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-09-10 21:46:15 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-09-10 21:46:15 ----A---- C:\Windows\system32\msrating.dll
2014-09-10 21:46:15 ----A---- C:\Windows\system32\jsproxy.dll
2014-09-10 21:46:15 ----A---- C:\Windows\system32\dxtrans.dll
2014-09-10 21:46:15 ----A---- C:\Windows\system32\dxtmsft.dll
2014-09-10 21:46:13 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-09-10 21:46:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-09-10 21:46:13 ----A---- C:\Windows\system32\msfeeds.dll
2014-09-10 21:46:13 ----A---- C:\Windows\system32\ieUnatt.exe
2014-09-10 21:46:13 ----A---- C:\Windows\system32\iedkcs32.dll
2014-09-10 21:46:13 ----A---- C:\Windows\system32\ie4uinit.exe
2014-09-10 21:46:12 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-09-10 21:46:12 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-09-10 21:46:12 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-09-10 21:46:12 ----A---- C:\Windows\system32\iesetup.dll
2014-09-10 21:46:10 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-09-10 21:46:10 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-09-10 21:46:10 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-09-10 21:46:10 ----A---- C:\Windows\system32\ieapfltr.dll
2014-09-10 21:46:09 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-09-10 21:46:09 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-09-10 21:46:09 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-09-10 21:46:07 ----A---- C:\Windows\system32\mshtml.dll
2014-09-10 21:46:01 ----A---- C:\Windows\system32\wininet.dll
2014-09-10 21:46:00 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-09-10 21:46:00 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-09-10 21:45:59 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-09-10 21:45:59 ----A---- C:\Windows\system32\urlmon.dll
2014-09-10 21:45:59 ----A---- C:\Windows\system32\iertutil.dll
2014-09-10 21:45:56 ----A---- C:\Windows\system32\ieframe.dll
2014-09-10 21:45:55 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-09-10 21:45:53 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-09-10 21:45:53 ----A---- C:\Windows\system32\jscript9.dll
2014-09-10 21:45:52 ----A---- C:\Windows\SYSWOW64\ReInfo.dll
2014-09-10 21:45:52 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2014-09-10 21:45:52 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-09-10 21:45:49 ----A---- C:\Windows\SYSWOW64\spp.dll
2014-09-10 21:45:49 ----A---- C:\Windows\SYSWOW64\ReAgent.dll
2014-09-10 21:45:49 ----A---- C:\Windows\system32\ReInfo.dll
2014-09-10 21:45:48 ----A---- C:\Windows\SYSWOW64\dcomp.dll
2014-09-10 21:45:48 ----A---- C:\Windows\SYSWOW64\AppXDeploymentClient.dll
2014-09-10 21:45:45 ----A---- C:\Windows\system32\spp.dll
2014-09-10 21:45:45 ----A---- C:\Windows\system32\ReAgent.dll
2014-09-10 21:45:43 ----A---- C:\Windows\system32\AppXDeploymentClient.dll
2014-09-10 21:45:42 ----A---- C:\Windows\SYSWOW64\ole32.dll
2014-09-10 21:45:42 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-09-10 21:45:40 ----A---- C:\Windows\system32\msftedit.dll
2014-09-10 21:45:40 ----A---- C:\Windows\system32\dcomp.dll
2014-09-10 21:45:36 ----A---- C:\Windows\system32\ole32.dll
2014-09-10 21:45:35 ----A---- C:\Windows\system32\KernelBase.dll
2014-09-10 21:45:32 ----A---- C:\Windows\SYSWOW64\wlidprov.dll
2014-09-10 21:45:31 ----A---- C:\Windows\system32\wlidprov.dll
2014-09-10 21:45:26 ----A---- C:\Windows\system32\drivers\wof.sys
2014-09-10 21:45:25 ----A---- C:\Windows\system32\drivers\dfsc.sys
2014-09-10 21:45:21 ----A---- C:\Windows\system32\msxml6.dll
2014-09-10 21:45:20 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2014-09-10 21:45:19 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-09-10 21:45:18 ----A---- C:\Windows\system32\kernel32.dll
2014-09-10 21:45:18 ----A---- C:\Windows\system32\kerberos.dll
2014-09-10 21:45:17 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-09-10 21:45:17 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-09-10 21:45:17 ----A---- C:\Windows\system32\dnsapi.dll
2014-09-10 21:45:16 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2014-09-10 21:45:14 ----A---- C:\Windows\system32\Windows.Devices.Sensors.dll
2014-09-10 21:45:14 ----A---- C:\Windows\system32\rasapi32.dll
2014-09-10 21:45:13 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Sensors.dll
2014-09-10 21:45:13 ----A---- C:\Windows\system32\netlogon.dll
2014-09-10 21:45:12 ----A---- C:\Windows\system32\SessEnv.dll
2014-09-10 21:45:12 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-09-10 21:45:11 ----A---- C:\Windows\system32\AppXDeploymentExtensions.dll
2014-09-10 21:45:10 ----A---- C:\Windows\SYSWOW64\rasapi32.dll
2014-09-10 21:45:10 ----A---- C:\Windows\system32\drivers\clfs.sys
2014-09-10 21:45:09 ----A---- C:\Windows\SYSWOW64\SessEnv.dll
2014-09-10 21:45:09 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2014-09-10 21:45:09 ----A---- C:\Windows\system32\SensorsApi.dll
2014-09-10 21:45:08 ----A---- C:\Windows\SYSWOW64\SensorsApi.dll
2014-09-10 21:45:08 ----A---- C:\Windows\system32\WsmSvc.dll
2014-09-10 21:45:07 ----A---- C:\Windows\system32\dafWfdProvider.dll
2014-09-10 21:45:06 ----A---- C:\Windows\system32\userenv.dll
2014-09-10 21:45:06 ----A---- C:\Windows\system32\sxproxy.dll
2014-09-10 21:45:06 ----A---- C:\Windows\system32\pdh.dll
2014-09-10 21:45:06 ----A---- C:\Windows\system32\davclnt.dll
2014-09-10 21:45:06 ----A---- C:\Windows\system32\AppxAllUserStore.dll
2014-09-10 21:45:05 ----A---- C:\Windows\SYSWOW64\AppxAllUserStore.dll
2014-09-10 21:45:04 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-09-10 21:45:04 ----A---- C:\Windows\system32\wlangpui.dll
2014-09-10 21:45:03 ----A---- C:\Windows\SYSWOW64\userenv.dll
2014-09-10 21:45:03 ----A---- C:\Windows\SYSWOW64\sxproxy.dll
2014-09-10 21:45:03 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2014-09-10 21:45:03 ----A---- C:\Windows\system32\Windows.Graphics.Printing.dll
2014-09-10 21:45:02 ----AC---- C:\Windows\system32\drivers\hidusb.sys
2014-09-10 21:45:02 ----A---- C:\Windows\SYSWOW64\pdh.dll
2014-09-10 21:45:02 ----A---- C:\Windows\system32\w32tm.exe
2014-09-10 21:45:01 ----A---- C:\Windows\SYSWOW64\wlangpui.dll
2014-09-10 21:45:01 ----A---- C:\Windows\SYSWOW64\w32tm.exe
2014-09-10 21:45:01 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2014-09-10 21:45:01 ----A---- C:\Windows\system32\CredentialMigrationHandler.dll
2014-09-10 21:45:00 ----AC---- C:\Windows\system32\drivers\hidclass.sys
2014-09-10 21:45:00 ----A---- C:\Windows\SYSWOW64\CredentialMigrationHandler.dll
2014-09-10 21:45:00 ----A---- C:\Windows\system32\Windows.Devices.Scanners.dll
2014-09-10 21:45:00 ----A---- C:\Windows\system32\RMapi.dll
2014-09-10 21:45:00 ----A---- C:\Windows\system32\LocationApi.dll
2014-09-10 21:44:59 ----A---- C:\Windows\SYSWOW64\Windows.Graphics.Printing.dll
2014-09-10 21:44:59 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Scanners.dll
2014-09-10 21:44:59 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2014-09-10 21:44:59 ----A---- C:\Windows\system32\DevPropMgr.dll
2014-09-10 21:44:58 ----A---- C:\Windows\SYSWOW64\LocationApi.dll
2014-09-10 21:44:58 ----A---- C:\Windows\system32\SetNetworkLocation.dll
2014-09-10 21:44:58 ----A---- C:\Windows\system32\fvewiz.dll
2014-09-10 21:44:57 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2014-09-10 21:44:56 ----A---- C:\Windows\SYSWOW64\l2gpstore.dll
2014-09-10 21:44:56 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-09-10 21:44:56 ----A---- C:\Windows\system32\l2gpstore.dll
2014-09-10 21:44:56 ----A---- C:\Windows\system32\BdeHdCfgLib.dll
2014-09-10 21:33:39 ----A---- C:\Windows\system32\MrmCoreR.dll
2014-09-10 21:33:14 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2014-09-10 21:33:10 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2014-09-10 21:32:49 ----A---- C:\Windows\system32\mfmpeg2srcsnk.dll
2014-09-10 21:32:47 ----A---- C:\Windows\SYSWOW64\mfmpeg2srcsnk.dll
2014-09-10 21:32:47 ----A---- C:\Windows\system32\winmde.dll
2014-09-10 21:32:46 ----A---- C:\Windows\system32\wmpmde.dll
2014-09-10 21:32:46 ----A---- C:\Windows\system32\services.exe
2014-09-10 21:32:45 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2014-09-10 21:32:45 ----A---- C:\Windows\system32\Windows.Media.Streaming.dll
2014-09-10 21:32:45 ----A---- C:\Windows\system32\GeofenceMonitorService.dll
2014-09-10 21:32:44 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-09-10 21:32:43 ----A---- C:\Windows\system32\MFMediaEngine.dll
2014-09-10 21:32:42 ----A---- C:\Windows\SYSWOW64\GeofenceMonitorService.dll
2014-09-10 21:32:42 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2014-09-10 21:32:41 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2014-09-10 21:32:41 ----A---- C:\Windows\SYSWOW64\MFMediaEngine.dll
2014-09-10 21:32:41 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-09-10 21:32:41 ----A---- C:\Windows\system32\MDEServer.exe
2014-09-10 21:32:40 ----A---- C:\Windows\SYSWOW64\winmde.dll
2014-09-10 21:32:40 ----A---- C:\Windows\system32\mfsvr.dll
2014-09-10 21:32:39 ----A---- C:\Windows\SYSWOW64\Windows.Media.Streaming.dll
2014-09-10 21:32:39 ----A---- C:\Windows\SYSWOW64\SearchFolder.dll
2014-09-10 21:32:37 ----A---- C:\Windows\SYSWOW64\rdpencom.dll
2014-09-10 21:32:37 ----A---- C:\Windows\system32\rdpencom.dll
2014-09-10 21:32:37 ----A---- C:\Windows\system32\audiosrv.dll
2014-09-10 21:32:36 ----A---- C:\Windows\SYSWOW64\mfsvr.dll
2014-09-10 21:32:35 ----A---- C:\Windows\system32\ploptin.dll
2014-09-10 21:32:35 ----A---- C:\Windows\system32\MFCaptureEngine.dll
2014-09-10 21:32:35 ----A---- C:\Windows\system32\drivers\fvevol.sys
2014-09-10 21:32:35 ----A---- C:\Windows\system32\AudioEng.dll
2014-09-10 21:32:34 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-09-10 21:32:34 ----A---- C:\Windows\system32\swprv.dll
2014-09-10 21:32:34 ----A---- C:\Windows\system32\resutils.dll
2014-09-10 21:32:33 ----AC---- C:\Windows\system32\drivers\msiscsi.sys
2014-09-10 21:32:33 ----A---- C:\Windows\SYSWOW64\MFCaptureEngine.dll
2014-09-10 21:32:33 ----A---- C:\Windows\system32\MSVideoDSP.dll
2014-09-10 21:32:33 ----A---- C:\Windows\system32\gpapi.dll
2014-09-10 21:32:32 ----A---- C:\Windows\system32\VSSVC.exe
2014-09-10 21:32:32 ----A---- C:\Windows\system32\drivers\storport.sys
2014-09-10 21:32:31 ----A---- C:\Windows\SYSWOW64\MSVideoDSP.dll
2014-09-10 21:32:31 ----A---- C:\Windows\SYSWOW64\gpapi.dll
2014-09-10 21:32:31 ----A---- C:\Windows\system32\wscsvc.dll
2014-09-10 21:32:31 ----A---- C:\Windows\system32\rpchttp.dll
2014-09-10 21:32:30 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2014-09-10 21:32:30 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2014-09-10 21:32:25 ----A---- C:\Windows\SYSWOW64\propsys.dll
2014-09-10 21:32:25 ----A---- C:\Windows\system32\propsys.dll
2014-09-10 21:32:25 ----A---- C:\Windows\system32\mf.dll
2014-09-10 21:32:24 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-09-10 21:32:24 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-09-10 21:32:24 ----A---- C:\Windows\system32\AudioSes.dll
2014-09-10 21:32:23 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-09-10 21:32:23 ----A---- C:\Windows\system32\audiodg.exe
2014-09-10 21:32:22 ----A---- C:\Windows\system32\wintrust.dll
2014-09-10 21:32:22 ----A---- C:\Windows\system32\mfpmp.exe
2014-09-10 21:32:22 ----A---- C:\Windows\system32\energyprov.dll
2014-09-10 21:32:21 ----A---- C:\Windows\system32\srcore.dll
2014-09-10 21:32:20 ----A---- C:\Windows\system32\tsgqec.dll
2014-09-10 21:32:19 ----A---- C:\Windows\SYSWOW64\resutils.dll
2014-09-10 21:32:19 ----A---- C:\Windows\system32\tlscsp.dll
2014-09-10 21:32:18 ----A---- C:\Windows\SYSWOW64\tlscsp.dll
2014-09-10 21:32:15 ----A---- C:\Windows\system32\BootMenuUX.dll
2014-09-10 21:32:13 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2014-09-10 21:32:12 ----A---- C:\Windows\system32\srclient.dll
2014-09-10 21:32:11 ----A---- C:\Windows\system32\rstrui.exe
2014-09-10 21:32:10 ----D---- C:\Windows\system32\MRT
2014-09-10 21:32:10 ----A---- C:\Windows\SYSWOW64\Windows.Shell.Search.UriHandler.dll
2014-09-10 21:32:10 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2014-09-10 21:32:10 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-09-10 21:32:10 ----A---- C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2014-09-10 21:32:09 ----A---- C:\Windows\SYSWOW64\wlanhlp.dll
2014-09-10 21:32:09 ----A---- C:\Windows\system32\wlanhlp.dll
2014-09-10 21:31:54 ----A---- C:\Windows\system32\MRT.exe
2014-09-10 21:18:31 ----A---- C:\Windows\system32\drivers\afd.sys
2014-09-10 21:12:40 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2014-09-10 21:12:40 ----A---- C:\Windows\system32\umpnpmgr.dll
2014-09-10 21:12:40 ----A---- C:\Windows\system32\drvinst.exe
2014-09-10 21:12:40 ----A---- C:\Windows\system32\drvcfg.exe
2014-09-10 21:11:57 ----A---- C:\Windows\system32\IKEEXT.DLL
2014-09-10 21:11:57 ----A---- C:\Windows\system32\d3d9.dll
2014-09-10 21:11:56 ----A---- C:\Windows\SYSWOW64\d3d9.dll
2014-09-10 21:11:56 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2014-09-10 21:11:54 ----A---- C:\Windows\system32\BFE.DLL
2014-09-10 21:11:53 ----A---- C:\Windows\system32\vpnike.dll
2014-09-10 21:11:53 ----A---- C:\Windows\system32\dhcpcore.dll
2014-09-10 21:11:52 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-09-10 21:11:52 ----A---- C:\Windows\SYSWOW64\dhcpcore.dll
2014-09-10 21:11:52 ----A---- C:\Windows\system32\ntdll.dll
2014-09-10 21:11:52 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2014-09-10 21:11:52 ----A---- C:\Windows\system32\bdesvc.dll
2014-09-10 21:11:51 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2014-09-10 21:11:51 ----A---- C:\Windows\system32\SkyDriveShell.dll
2014-09-10 21:11:50 ----A---- C:\Windows\SYSWOW64\SkyDriveShell.dll
2014-09-10 21:11:50 ----A---- C:\Windows\system32\nshwfp.dll
2014-09-10 21:11:50 ----A---- C:\Windows\system32\framedynos.dll
2014-09-10 21:11:49 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2014-09-10 21:11:49 ----A---- C:\Windows\SYSWOW64\framedynos.dll
2014-09-10 21:11:49 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2014-09-10 21:11:49 ----A---- C:\Windows\system32\fveapi.dll
2014-09-10 21:11:49 ----A---- C:\Windows\system32\drivers\wfplwfs.sys
2014-09-10 21:11:49 ----A---- C:\Windows\system32\dhcpcore6.dll
2014-09-10 21:11:48 ----A---- C:\Windows\system32\ncobjapi.dll
2014-09-10 21:11:48 ----A---- C:\Windows\system32\drivers\agilevpn.sys
2014-09-10 21:11:47 ----A---- C:\Windows\system32\winbici.dll
2014-09-10 21:11:47 ----A---- C:\Windows\system32\framedyn.dll
2014-09-10 21:11:47 ----A---- C:\Windows\system32\BitLockerDeviceEncryption.exe
2014-09-10 21:11:46 ----A---- C:\Windows\SYSWOW64\ncobjapi.dll
2014-09-10 21:11:46 ----A---- C:\Windows\system32\drivers\vwifimp.sys
2014-09-10 21:11:45 ----A---- C:\Windows\SYSWOW64\Robocopy.exe
2014-09-10 21:11:45 ----A---- C:\Windows\system32\Robocopy.exe
2014-09-10 21:11:45 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2014-09-10 21:11:45 ----A---- C:\Windows\system32\dhcpcsvc.dll
2014-09-10 21:11:44 ----A---- C:\Windows\SYSWOW64\framedyn.dll
2014-09-10 21:11:44 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2014-09-10 21:11:44 ----A---- C:\Windows\SYSWOW64\dhcpcsvc.dll
2014-09-10 21:11:44 ----A---- C:\Windows\SYSWOW64\d3d8thk.dll
2014-09-10 21:11:44 ----A---- C:\Windows\system32\drivers\vwififlt.sys
2014-09-10 21:11:44 ----A---- C:\Windows\system32\BulkOperationHost.exe
2014-09-10 21:11:43 ----A---- C:\Windows\system32\srms.dat
2014-09-10 21:11:43 ----A---- C:\Windows\system32\reseteng.dll
2014-09-10 21:11:43 ----A---- C:\Windows\system32\fveapibase.dll
2014-09-10 21:04:54 ----A---- C:\Windows\SYSWOW64\wusa.exe
2014-09-10 21:04:54 ----A---- C:\Windows\system32\wusa.exe
2014-09-10 21:04:53 ----A---- C:\Windows\SYSWOW64\mrt100.dll
2014-09-10 21:04:53 ----A---- C:\Windows\SYSWOW64\mrt_map.dll
2014-09-10 21:04:53 ----A---- C:\Windows\system32\mrt100.dll
2014-09-10 21:04:53 ----A---- C:\Windows\system32\mrt_map.dll
2014-09-10 21:04:52 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-09-10 21:04:52 ----A---- C:\Windows\system32\msxml3.dll
2014-09-10 21:04:38 ----A---- C:\Windows\system32\devinv.dll
2014-09-10 21:04:38 ----A---- C:\Windows\system32\aepic.dll
2014-09-10 21:04:38 ----A---- C:\Windows\system32\aepdu.dll
2014-09-10 21:04:38 ----A---- C:\Windows\system32\aeinv.dll
2014-09-10 21:03:37 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-09-10 21:03:37 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-09-10 21:01:56 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-09-10 21:01:56 ----A---- C:\Windows\system32\drivers\cng.sys
2014-09-10 21:01:56 ----A---- C:\Windows\system32\adtschema.dll
2014-09-10 21:00:59 ----A---- C:\Windows\system32\rpcrt4.dll
2014-09-10 21:00:58 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-09-10 20:59:01 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2014-09-10 20:59:01 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2014-09-10 20:59:01 ----A---- C:\Windows\system32\dxgi.dll
2014-09-10 20:59:01 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-09-10 20:59:01 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-09-10 20:59:01 ----A---- C:\Windows\system32\d3d11.dll
2014-09-10 20:59:00 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2014-09-10 20:59:00 ----A---- C:\Windows\system32\dwmcore.dll
2014-09-10 20:59:00 ----A---- C:\Windows\system32\cdd.dll
2014-09-10 20:57:07 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2014-09-10 20:57:05 ----A---- C:\Windows\system32\drivers\WdNisDrv.sys
2014-09-10 20:57:05 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2014-09-10 20:56:54 ----A---- C:\Windows\system32\SkyDriveTelemetry.dll
2014-09-10 20:56:53 ----A---- C:\Windows\system32\SyncEngine.dll
2014-09-10 20:56:53 ----A---- C:\Windows\system32\SkyDrive.exe
2014-09-10 20:45:05 ----A---- C:\Windows\system32\DWrite.dll
2014-09-10 20:45:04 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2014-09-10 20:45:04 ----A---- C:\Windows\system32\schedsvc.dll
2014-09-10 20:45:04 ----A---- C:\Windows\system32\FntCache.dll
2014-09-10 20:44:55 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-09-10 20:44:53 ----AC---- C:\Windows\system32\drivers\usbport.sys
2014-09-10 20:44:53 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2014-09-10 20:44:52 ----A---- C:\Windows\system32\WUDFSvc.dll
2014-09-10 20:44:52 ----A---- C:\Windows\system32\WUDFPlatform.dll
2014-09-10 20:44:52 ----A---- C:\Windows\system32\WUDFHost.exe
2014-09-10 20:44:52 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2014-09-10 20:44:52 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-09-10 20:44:51 ----AC---- C:\Windows\system32\drivers\usbuhci.sys
2014-09-10 20:44:51 ----AC---- C:\Windows\system32\drivers\usbehci.sys
2014-09-10 20:44:51 ----AC---- C:\Windows\system32\drivers\usbd.sys
2014-09-10 20:44:51 ----A---- C:\Windows\system32\hal.dll
2014-09-10 20:44:51 ----A---- C:\Windows\system32\DaOtpCredentialProvider.dll
2014-09-10 20:44:50 ----A---- C:\Windows\SYSWOW64\DaOtpCredentialProvider.dll
2014-09-10 20:44:24 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-09-10 20:44:24 ----A---- C:\Windows\system32\qedit.dll
2014-09-10 20:43:58 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-09-10 20:43:58 ----A---- C:\Windows\system32\msi.dll
2014-09-10 20:43:57 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-09-10 20:43:57 ----A---- C:\Windows\system32\msihnd.dll
2014-09-10 20:43:57 ----A---- C:\Windows\system32\consent.exe
2014-09-10 20:39:03 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-09-10 20:39:03 ----A---- C:\Windows\system32\win32k.sys
2014-09-10 20:39:03 ----A---- C:\Windows\system32\gdi32.dll
2014-09-10 20:38:29 ----A---- C:\Windows\system32\ubpm.dll
2014-09-10 20:38:28 ----A---- C:\Windows\system32\storewuauth.dll
2014-09-10 20:38:27 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-09-10 20:38:27 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-09-10 20:38:27 ----A---- C:\Windows\system32\wuwebv.dll
2014-09-10 20:38:27 ----A---- C:\Windows\system32\wuapp.exe
2014-09-10 20:27:31 ----A---- C:\Windows\system32\MDMAgent.exe
2014-09-10 12:31:14 ----A---- C:\Windows\SYSWOW64\twinui.appcore.dll
2014-09-10 12:31:14 ----A---- C:\Windows\SYSWOW64\MrmCoreR.dll
2014-09-10 12:31:12 ----A---- C:\Windows\system32\twinui.appcore.dll
2014-09-10 12:31:11 ----A---- C:\Windows\SYSWOW64\twinapi.appcore.dll
2014-09-10 12:31:11 ----A---- C:\Windows\system32\twinapi.appcore.dll
2014-09-10 12:31:09 ----A---- C:\Windows\system32\WSReset.exe
2014-09-10 12:29:10 ----A---- C:\Windows\system32\WpcWebSync.dll
2014-09-10 12:29:10 ----A---- C:\Windows\system32\WpcMon.exe
2014-09-10 12:29:10 ----A---- C:\Windows\system32\Wpc.dll
2014-09-10 12:29:09 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2014-09-10 12:21:49 ----A---- C:\Windows\system32\wpccpl.dll
2014-09-10 12:21:43 ----A---- C:\Windows\system32\drivers\wpcfltr.sys
2014-09-10 01:45:38 ----A---- C:\Windows\SYSWOW64\msvcr120_clr0400.dll
2014-09-10 01:45:38 ----A---- C:\Windows\system32\msvcr120_clr0400.dll
2014-09-08 09:32:37 ----D---- C:\Users\Eva\AppData\Roaming\ocoll2e
2014-09-08 09:32:31 ----D---- C:\Program Files (x86)\IDM
2014-09-08 09:30:44 ----D---- C:\Program Files (x86)\Oxford
2014-09-07 00:21:15 ----D---- C:\ProgramData\Microsoft OneDrive
2014-09-07 00:12:16 ----D---- C:\Program Files\Microsoft Office 15
2014-09-06 10:46:21 ----D---- C:\Program Files\AVAST Software
2014-09-06 10:44:47 ----D---- C:\ProgramData\AVAST Software
2014-09-06 10:34:03 ----D---- C:\Program Files\CCleaner
2014-09-06 10:05:32 ----D---- C:\Program Files (x86)\Google
2014-09-06 10:04:16 ----D---- C:\Users\Eva\AppData\Roaming\Macromedia
2014-09-06 09:40:04 ----D---- C:\Users\Eva\AppData\Roaming\Adobe
2014-09-06 09:39:50 ----D---- C:\Users\Eva\AppData\Roaming\Intel
2014-09-06 09:37:53 ----SD---- C:\Users\Eva\AppData\Roaming\Microsoft
2014-09-05 22:50:26 ----D---- C:\Users\Eva\AppData\Roaming\vlc
2014-09-05 22:42:54 ----D---- C:\Program Files (x86)\VideoLAN
2014-09-05 21:12:20 ----D---- C:\Users\Eva\AppData\Roaming\Check Point Software Technologies LTD
2014-09-05 21:12:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-09-05 21:12:16 ----D---- C:\Program Files (x86)\CheckPoint
2014-09-05 21:07:21 ----D---- C:\ProgramData\CheckPoint
2014-09-05 21:05:52 ----D---- C:\Users\Eva\AppData\Roaming\Opera Software
2014-09-05 21:05:13 ----D---- C:\Program Files (x86)\Opera
2014-09-05 21:04:00 ----D---- C:\Users\Eva\AppData\Roaming\SUPERAntiSpyware.com
2014-09-05 21:03:43 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2014-09-05 21:03:43 ----D---- C:\Program Files\SUPERAntiSpyware
2014-09-05 21:02:43 ----D---- C:\Users\Eva\AppData\Roaming\IrfanView
2014-09-05 21:02:42 ----D---- C:\Program Files (x86)\IrfanView
2014-09-05 20:46:36 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2014-09-05 20:46:35 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2014-09-05 20:44:40 ----D---- C:\Users\Eva\AppData\Roaming\Winamp
2014-09-05 20:44:40 ----D---- C:\Program Files (x86)\Winamp
2014-09-05 20:39:41 ----D---- C:\Users\Eva\AppData\Roaming\Skype
2014-09-05 20:39:34 ----RD---- C:\Program Files (x86)\Skype
2014-09-05 20:39:31 ----D---- C:\ProgramData\Skype
2014-09-05 20:00:45 ----D---- C:\! e v i c k a
2014-09-05 19:54:01 ----D---- C:\Users\Eva\AppData\Roaming\GHISLER
2014-09-05 19:54:01 ----D---- C:\Program Files\totalcmd
2014-09-05 19:51:56 ----D---- C:\Users\Eva\AppData\Roaming\AVAST Software
2014-09-05 19:51:04 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-09-05 19:51:04 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-09-05 19:51:04 ----A---- C:\Windows\system32\drivers\aswsp.sys
2014-09-05 19:51:04 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2014-09-05 19:51:04 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-09-05 19:51:04 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-09-05 19:51:04 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-09-05 19:51:04 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-09-05 19:51:03 ----A---- C:\Windows\system32\aswBoot.exe
2014-09-05 19:50:58 ----A---- C:\Windows\avastSS.scr

======List of files/folders modified in the last 1 month======

2014-09-22 17:02:22 ----D---- C:\Windows\Prefetch
2014-09-22 17:00:00 ----D---- C:\Windows\system32\sru
2014-09-22 12:38:03 ----D---- C:\Windows\Microsoft.NET
2014-09-21 22:20:41 ----RD---- C:\Windows\System32
2014-09-21 22:20:41 ----D---- C:\Windows\Inf
2014-09-21 22:20:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-20 20:18:15 ----D---- C:\Windows\rescache
2014-09-20 19:57:33 ----SHD---- C:\System Volume Information
2014-09-20 18:27:35 ----D---- C:\Windows\system32\config
2014-09-20 17:53:15 ----D---- C:\Windows\system32\DriverStore
2014-09-20 17:43:32 ----RSD---- C:\Windows\assembly
2014-09-20 16:05:46 ----D---- C:\Windows
2014-09-20 16:00:53 ----SHD---- C:\Windows\Installer
2014-09-20 16:00:48 ----RD---- C:\Program Files (x86)
2014-09-20 16:00:48 ----HD---- C:\ProgramData
2014-09-20 15:43:00 ----D---- C:\Windows\system32\drivers\etc
2014-09-20 15:40:09 ----D---- C:\Windows\SysWOW64
2014-09-20 14:37:47 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-09-20 14:14:41 ----D---- C:\Windows\WinSxS
2014-09-20 14:11:04 ----RD---- C:\Windows\ToastData
2014-09-20 14:10:55 ----D---- C:\Windows\WinStore
2014-09-20 14:10:55 ----D---- C:\Program Files\Windows Journal
2014-09-20 14:10:54 ----D---- C:\Windows\SYSWOW64\wbem
2014-09-20 14:10:54 ----D---- C:\Windows\SYSWOW64\setup
2014-09-20 14:10:54 ----D---- C:\Windows\SYSWOW64\en-US
2014-09-20 14:10:54 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-09-20 14:10:52 ----RD---- C:\Windows\ImmersiveControlPanel
2014-09-20 14:10:52 ----D---- C:\Windows\system32\wbem
2014-09-20 14:10:52 ----D---- C:\Windows\system32\drivers\en-US
2014-09-20 14:10:52 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-09-20 14:10:52 ----D---- C:\Windows\system32\drivers
2014-09-20 14:10:52 ----D---- C:\Windows\system32\cs-CZ
2014-09-20 14:10:52 ----D---- C:\Windows\system32\Boot
2014-09-20 14:10:51 ----D---- C:\Windows\system32\setup
2014-09-20 14:10:51 ----D---- C:\Windows\system32\oobe
2014-09-20 14:10:51 ----D---- C:\Windows\system32\en-US
2014-09-20 14:10:47 ----RSD---- C:\Windows\Fonts
2014-09-20 14:10:46 ----D---- C:\Windows\apppatch
2014-09-20 14:10:44 ----D---- C:\Windows\SYSWOW64\migration
2014-09-20 14:10:44 ----D---- C:\Windows\SYSWOW64\InputMethod
2014-09-20 14:10:44 ----D---- C:\Windows\system32\migration
2014-09-19 23:14:25 ----D---- C:\Windows\CbsTemp
2014-09-19 21:44:35 ----D---- C:\Windows\system32\NDF
2014-09-18 16:32:39 ----D---- C:\Windows\AppReadiness
2014-09-18 16:32:38 ----HD---- C:\Program Files\WindowsApps
2014-09-18 15:20:15 ----D---- C:\Windows\system32\wdi
2014-09-18 14:42:10 ----RD---- C:\Program Files
2014-09-17 23:07:29 ----D---- C:\Windows\system32\catroot2
2014-09-17 22:03:04 ----D---- C:\Windows\system32\Tasks
2014-09-17 00:50:07 ----D---- C:\Windows\system32\catroot
2014-09-15 01:51:08 ----D---- C:\Windows\system32\drivers\UMDF
2014-09-13 23:34:54 ----D---- C:\Windows\Logs
2014-09-11 01:08:08 ----D---- C:\Windows\SYSWOW64\slmgr
2014-09-11 01:08:08 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-09-11 01:08:08 ----D---- C:\Windows\SYSWOW64\oobe
2014-09-11 01:08:08 ----D---- C:\Windows\servicing
2014-09-11 01:08:08 ----D---- C:\Program Files\Windows Photo Viewer
2014-09-11 01:08:08 ----D---- C:\Program Files\Windows Media Player
2014-09-11 01:08:08 ----D---- C:\Program Files\Windows Mail
2014-09-11 01:08:08 ----D---- C:\Program Files\Windows Defender
2014-09-11 01:08:08 ----D---- C:\Program Files\Internet Explorer
2014-09-11 01:08:08 ----D---- C:\Program Files\Common Files\System
2014-09-11 01:08:08 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2014-09-11 01:08:08 ----D---- C:\Program Files (x86)\Windows Media Player
2014-09-11 01:08:08 ----D---- C:\Program Files (x86)\Windows Mail
2014-09-11 01:08:08 ----D---- C:\Program Files (x86)\Windows Defender
2014-09-11 01:08:08 ----D---- C:\Program Files (x86)\Internet Explorer
2014-09-11 01:08:07 ----D---- C:\Windows\SYSWOW64\WCN
2014-09-11 01:08:07 ----D---- C:\Windows\SYSWOW64\drivers
2014-09-11 01:08:04 ----D---- C:\Windows\system32\Sysprep
2014-09-11 01:08:04 ----D---- C:\Windows\system32\slmgr
2014-09-11 01:08:04 ----D---- C:\Windows\system32\sk-SK
2014-09-11 01:08:04 ----D---- C:\Windows\system32\migwiz
2014-09-11 01:08:04 ----D---- C:\Windows\PolicyDefinitions
2014-09-11 01:08:02 ----D---- C:\Windows\system32\WCN
2014-09-11 01:08:01 ----D---- C:\Windows\system32\SystemResetPlatform
2014-09-11 01:08:01 ----D---- C:\Windows\Help
2014-09-10 22:34:10 ----D---- C:\Windows\system32\SecureBootUpdates
2014-09-10 22:33:53 ----D---- C:\Windows\MediaViewer
2014-09-10 22:33:52 ----D---- C:\Windows\FileManager
2014-09-10 22:33:52 ----D---- C:\Windows\Camera
2014-09-10 22:33:47 ----D---- C:\Program Files\Common Files\microsoft shared
2014-09-10 21:32:06 ----D---- C:\Windows\debug
2014-09-07 00:20:48 ----SD---- C:\ProgramData\Microsoft
2014-09-07 00:17:56 ----D---- C:\Program Files (x86)\Common Files
2014-09-07 00:17:49 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-09-06 10:45:53 ----D---- C:\Windows\system32\restore
2014-09-06 10:41:58 ----D---- C:\ProgramData\McAfee
2014-09-06 10:41:58 ----D---- C:\Program Files\Common Files
2014-09-06 10:39:58 ----HD---- C:\Windows\ELAMBKUP
2014-09-06 10:05:34 ----D---- C:\Windows\Tasks
2014-09-06 09:46:39 ----D---- C:\Windows\SoftwareDistribution
2014-09-06 09:43:06 ----D---- C:\ProgramData\OEM
2014-09-06 09:40:26 ----D---- C:\Windows\Panther
2014-09-06 09:40:17 ----D---- C:\ProgramData\EgisTec IPS
2014-09-06 09:37:52 ----RD---- C:\Users
2014-09-05 20:03:22 ----D---- C:\ProgramData\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-09-05 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-09-05 224896]
R0 MBI;@oem11.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\Windows\System32\drivers\MBI.sys [2013-12-10 29464]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-09-05 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-09-05 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-09-05 427360]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2014-06-20 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2014-06-20 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2014-06-20 62776]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 Vsdatant;@oem29.inf,%Vsdatant_Desc%;Zone Alarm Firewall Driver; C:\Windows\System32\drivers\vsdatant.sys [2014-07-23 450456]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-09-05 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-09-05 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-09-05 92008]
R2 eLock2FSCTLDriver;eLock2FSCTLDriver; C:\Windows\system32\DRIVERS\eLock2FSCTLDriver.sys [2014-06-20 26264]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-01-31 81920]
R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2013-11-07 1411384]
R3 DptfDevAcpiProc;DptfDevAcpiProc; C:\Windows\system32\DRIVERS\DptfDevAcpiProc.sys [2013-09-17 198808]
R3 DptfDevGen;DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [2013-09-17 78504]
R3 DptfManager;DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [2013-09-17 493240]
R3 GPIO;@oem1.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\Windows\System32\drivers\iaiogpioe.sys [2013-11-11 31232]
R3 iaioi2c;@oem2.inf,%Driver_Service.Desc%;I2C Controller Service; C:\Windows\System32\drivers\iaioi2ce.sys [2013-11-11 67584]
R3 ibtusb;@oem17.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R) 4.0 + HS Adapter; C:\Windows\system32\DRIVERS\ibtusb.sys [2014-01-22 149448]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-16 4222976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-03-20 3897944]
R3 IntcDAud;@oem6.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-01-16 450520]
R3 iwdbus;@oem9.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 LMDriver;@oem24.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\Windows\System32\drivers\LMDriver.sys [2013-07-17 21360]
R3 NETwNb64;@oem20.inf,___ %NIC_Service_DispName_WINB_64%;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\Windows\system32\DRIVERS\NETwbw02.sys [2013-12-05 3609056]
R3 RadioShim;@oem24.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\Windows\System32\drivers\RadioShim.sys [2013-07-17 14680]
R3 RTL8168;@oem13.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2013-12-18 839896]
R3 SynRMIHID;@oem19.inf,%SynRMIHID.SVCDESC%;Synaptics HID Service; C:\Windows\system32\DRIVERS\SynRMIHID.sys [2014-02-19 42224]
R3 TXEIx64;@oem14.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\Windows\System32\drivers\TXEIx64.sys [2014-01-15 88592]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2013-08-22 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-07-24 1200640]
S3 btmaux;@oem16.inf,%BTMAUX.ServiceDesc%;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2013-11-07 140600]
S3 GeneStor;@oem18.inf,%GENESTOR.SvcDesc%;Genesys Logic Storage Driver; C:\Windows\System32\drivers\GeneStor.sys [2014-01-18 107208]
S3 intaud_WaveExtensible;@oem8.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\Windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2014-01-27 167424]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 AdobeARMservice;Adobe Acrobat Update Service; c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-09-05 50344]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-11-07 1186168]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-11-07 1161592]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-08-12 2428088]
R2 DptfParticipantAcpiProcessorService;@oem10.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application; C:\Windows\system32\DptfParticipantProcessorService.exe [2013-09-17 117704]
R2 DptfPolicyCriticalService;@oem10.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Critical Service Application; C:\Windows\system32\DptfPolicyCriticalService.exe [2013-09-17 150760]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-11-21 631024]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-02 733696]
R2 LMSvc;Launch Manager Service; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [2014-01-18 459496]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-11-21 154864]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2014-07-23 3596240]
R3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [2014-02-05 197928]
R3 eLockServ;EgisTec eLock Service; C:\Program Files\Common Files\EgisTec CommonModule\eLock\eLockServ.exe [2014-01-15 24872]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2014-03-06 2573544]
R3 QASvc;Quick Access Service; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [2014-01-31 461544]
R3 RMSvc;Quick Access RadioMgr Service; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [2014-01-31 449768]
R3 UEIPSvc;User Experience Improvement Program; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [2014-01-25 222952]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-06 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-27 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-22 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-06 116648]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-02 822232]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-11-21 284912]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 150600]

-----------------EOF-----------------

#27 Příspěvek od **Márty84** » 22 zář 2014 17:25

Jeste jeden sken a budeme mazat.

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

e_va · #28 Příspěvek od **e_va** » 22 zář 2014 21:43

uff, tu to je

Trochu mě děsí, jakou bude vyžadovat péči, až nebude nový ale například rok starý

OTL logfile created on: 22. 9. 2014 19:23:22 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Eva\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17278)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

3,88 Gb Total Physical Memory | 1,65 Gb Available Physical Memory | 42,45% Memory free
4,57 Gb Paging File | 1,79 Gb Available in Paging File | 39,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450,76 Gb Total Space | 223,99 Gb Free Space | 49,69% Space Free | Partition Type: NTFS

Computer Name: EVA | User Name: Eva | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/09/22 19:21:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Eva\Desktop\OTL.exe
PRC - [2014/09/12 11:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/09/05 19:51:21 | 004,085,896 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014/09/05 19:50:54 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/09/04 05:01:19 | 000,852,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/07/23 02:18:36 | 003,596,240 | ---- | M] (Check Point Software Technologies Ltd.) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2014/07/23 02:12:50 | 000,134,624 | ---- | M] (Check Point Software Technologies Ltd.) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2014/07/03 17:37:32 | 000,093,712 | ---- | M] (Check Point Software Technologies, Ltd.) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
PRC - [2014/04/30 08:51:10 | 004,065,648 | ---- | M] (Ghisler Software GmbH) -- C:\Program Files\totalcmd\TOTALCMD.EXE
PRC - [2014/03/06 20:41:10 | 000,259,304 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
PRC - [2014/02/26 20:13:00 | 000,053,248 | ---- | M] () -- C:\Windows\SysWOW64\UMonit64.exe
PRC - [2013/11/07 17:35:02 | 001,161,592 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2013/11/07 17:34:40 | 001,186,168 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2013/11/06 14:26:48 | 000,241,416 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\Face Login\YouCamService.exe

========== Modules (No Company Name) ==========

MOD - [2014/09/05 19:50:57 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/09/05 19:50:56 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2014/09/04 05:01:18 | 000,331,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppgooglenaclpluginchrome.dll
MOD - [2014/09/04 05:01:17 | 014,891,848 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll
MOD - [2014/09/04 05:01:16 | 008,577,864 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
MOD - [2014/09/04 05:01:12 | 001,098,056 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
MOD - [2014/09/04 05:01:10 | 000,174,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
MOD - [2014/09/04 05:01:09 | 001,660,232 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
MOD - [2014/04/30 08:51:10 | 000,123,536 | ---- | M] () -- C:\Program Files\totalcmd\WCMZIP32.DLL
MOD - [2014/02/26 20:13:00 | 000,053,248 | ---- | M] () -- C:\Windows\SysWOW64\UMonit64.exe

========== Services (SafeList) ==========

SRV:64bit: - [2014/09/05 19:50:54 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/08/12 00:56:36 | 002,428,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2014/07/24 15:41:39 | 002,898,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014/07/24 09:28:58 | 001,600,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/07/23 01:31:23 | 000,172,344 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2014/04/06 13:20:36 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/03/24 04:31:14 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/03/24 04:31:14 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/03/14 08:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/03/08 07:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 20:41:04 | 002,573,544 | ---- | M] (Acer Incorporated) [On_Demand | Running] -- C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2014/03/06 09:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/02/22 17:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/02/22 11:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/02/22 11:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/02/22 11:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/02/22 11:25:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/02/22 11:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/02/06 12:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/02/05 19:37:04 | 000,197,928 | ---- | M] (Egis Technology Inc. ) [On_Demand | Running] -- C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV:64bit: - [2014/01/31 20:46:24 | 000,449,768 | ---- | M] (Acer Incorporate) [On_Demand | Running] -- C:\Program Files\Acer\Acer Quick Access\RMSvc.exe -- (RMSvc)
SRV:64bit: - [2014/01/31 20:46:18 | 000,461,544 | ---- | M] (Acer Incorporate) [On_Demand | Running] -- C:\Program Files\Acer\Acer Quick Access\QASvc.exe -- (QASvc)
SRV:64bit: - [2014/01/25 08:47:26 | 000,222,952 | ---- | M] (acer) [On_Demand | Running] -- C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe -- (UEIPSvc)
SRV:64bit: - [2014/01/18 16:20:22 | 000,459,496 | ---- | M] (Acer Incorporate) [Auto | Running] -- C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe -- (LMSvc)
SRV:64bit: - [2014/01/15 23:12:38 | 000,024,872 | ---- | M] (Egis Technology Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\EgisTec CommonModule\eLock\eLockServ.exe -- (eLockServ)
SRV:64bit: - [2013/12/10 09:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/11/23 06:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/11/21 03:00:20 | 003,674,864 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2013/11/21 02:59:58 | 000,284,912 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2013/11/21 02:59:38 | 000,631,024 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2013/11/21 02:58:50 | 000,154,864 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2013/09/17 16:50:56 | 000,150,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DptfPolicyCriticalService.exe -- (DptfPolicyCriticalService)
SRV:64bit: - [2013/09/17 16:50:56 | 000,117,704 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DptfParticipantProcessorService.exe -- (DptfParticipantAcpiProcessorService)
SRV:64bit: - [2013/08/22 13:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 13:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 13:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 13:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 13:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 12:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 12:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 11:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 11:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 11:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 11:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 11:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 11:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 11:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 11:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/07/02 05:08:48 | 000,822,232 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe -- (Intel(R)
SRV:64bit: - [2013/07/02 05:08:32 | 000,733,696 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe -- (Intel(R)
SRV - [2014/09/12 11:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/07/24 15:41:39 | 002,898,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/07/23 02:18:36 | 003,596,240 | ---- | M] (Check Point Software Technologies Ltd.) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2014/07/03 17:37:32 | 000,093,712 | ---- | M] (Check Point Software Technologies, Ltd.) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe -- (ZAPrivacyService)
SRV - [2014/04/03 20:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/03/14 08:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/01/27 08:33:12 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/11/07 17:35:02 | 001,161,592 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2013/11/07 17:34:40 | 001,186,168 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2013/08/22 05:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 04:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2012/04/24 23:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/09/05 19:51:20 | 000,427,360 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014/09/05 19:51:00 | 001,041,168 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014/09/05 19:51:00 | 000,224,896 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/09/05 19:51:00 | 000,092,008 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014/09/05 19:51:00 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/09/05 19:51:00 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/09/05 19:51:00 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014/09/05 19:50:59 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/08/15 02:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/07/24 17:28:38 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/07/24 17:28:38 | 000,412,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/07/24 13:42:22 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/07/23 00:51:52 | 000,450,456 | ---- | M] (Check Point Software Technologies Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2014/06/20 01:11:05 | 000,062,776 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2014/06/20 01:11:05 | 000,022,648 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2014/06/20 01:11:05 | 000,020,520 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2014/06/20 01:08:38 | 000,026,264 | ---- | M] (Egis Technology Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eLock2FSCTLDriver.sys -- (eLock2FSCTLDriver)
DRV:64bit: - [2014/05/01 15:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/03/24 04:30:57 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/03/24 04:30:57 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/03/24 04:27:03 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/03/20 05:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/13 14:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/08 22:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/02/22 18:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/02/22 17:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/02/22 17:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/02/22 17:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/22 17:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/02/22 14:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/02/19 13:20:30 | 000,042,224 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynRMIHID.sys -- (SynRMIHID)
DRV:64bit: - [2014/01/22 04:22:52 | 000,149,448 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibtusb.sys -- (ibtusb)
DRV:64bit: - [2014/01/18 00:43:34 | 000,107,208 | ---- | M] (GenesysLogic) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GeneStor.sys -- (GeneStor)
DRV:64bit: - [2014/01/16 21:16:04 | 000,450,520 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2014/01/16 21:08:34 | 004,222,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2014/01/15 23:21:46 | 000,088,592 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TXEIx64.sys -- (TXEIx64)
DRV:64bit: - [2013/12/27 01:30:20 | 000,038,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013/12/27 01:30:20 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/12/18 21:35:22 | 000,839,896 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013/12/10 12:53:00 | 000,029,464 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\MBI.sys -- (MBI)
DRV:64bit: - [2013/12/05 20:54:56 | 003,609,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwbw02.sys -- (NETwNb64)
DRV:64bit: - [2013/12/04 20:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013/11/11 04:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/11/11 03:54:30 | 000,031,232 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iaiogpioe.sys -- (GPIO)
DRV:64bit: - [2013/11/11 03:54:29 | 000,067,584 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iaioi2ce.sys -- (iaioi2c)
DRV:64bit: - [2013/11/07 17:35:32 | 001,411,384 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2013/11/07 17:35:26 | 000,140,600 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2013/11/01 13:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/10/26 03:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/10/05 17:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/09/17 16:50:54 | 000,493,240 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DptfManager.sys -- (DptfManager)
DRV:64bit: - [2013/09/17 16:50:54 | 000,078,504 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DptfDevGen.sys -- (DptfDevGen)
DRV:64bit: - [2013/09/17 16:50:52 | 000,198,808 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DptfDevAcpiProc.sys -- (DptfDevAcpiProc)
DRV:64bit: - [2013/09/14 16:06:57 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/08/22 21:11:06 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/08/22 21:11:03 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/22 15:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 15:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 14:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 14:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 14:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 14:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 14:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 14:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 14:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 14:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 14:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 14:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 14:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 14:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 14:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 14:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 14:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 14:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 14:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 14:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 14:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 14:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 14:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 14:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 14:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 14:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 14:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 14:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 14:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 13:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 13:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 13:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 13:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 13:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 13:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 13:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 13:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 13:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 13:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 13:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 13:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 13:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 13:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 13:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 13:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 13:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 13:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 13:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 13:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 13:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 10:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/13 01:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 02:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 20:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 21:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/17 11:59:00 | 000,021,360 | ---- | M] (Acer Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMDriver.sys -- (LMDriver)
DRV:64bit: - [2013/07/17 11:59:00 | 000,014,680 | ---- | M] (Acer Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RadioShim.sys -- (RadioShim)
DRV:64bit: - [2013/06/18 16:45:43 | 004,649,440 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETwew02.sys -- (NETwNe64)
DRV:64bit: - [2011/07/22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{46A180A4-E3DE-49CB-8D61-2AB0C07E891C}: "URL" = http://www.bing.com/search?q={searchTer ... TR&pc=ACJB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{46A180A4-E3DE-49CB-8D61-2AB0C07E891C}: "URL" = http://www.bing.com/search?q={searchTer ... TR&pc=ACJB

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1320900323-2956938217-1536712739-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
IE - HKU\S-1-5-21-1320900323-2956938217-1536712739-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com/?pc=ACJB
IE - HKU\S-1-5-21-1320900323-2956938217-1536712739-1001\..\SearchScopes,DefaultScope = {46A180A4-E3DE-49CB-8D61-2AB0C07E891C}
IE - HKU\S-1-5-21-1320900323-2956938217-1536712739-1001\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1320900323-2956938217-1536712739-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1320900323-2956938217-1536712739-1001\..\SearchScopes\{46A180A4-E3DE-49CB-8D61-2AB0C07E891C}: "URL" = http://www.bing.com/search?q={searchTer ... TR&pc=ACJB
IE - HKU\S-1-5-21-1320900323-2956938217-1536712739-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}: C:\Program Files\Acer ProShield\FFExt [2014/06/20 01:05:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{d4da7309-b89a-45ec-8ebb-cfb2ae13618b}: C:\Program Files\Acer ProShield\FFExt20 [2014/06/20 01:05:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/09/05 19:51:02 | 000,000,000 | ---D | M]

[2014/09/05 21:12:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_1\
CHR - Extension: No name found = C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_1\
CHR - Extension: No name found = C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: No name found = C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: No name found = C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: No name found = C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_1\
CHR - Extension: No name found = C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\ladimmjldcgbeamniagencjbodhnmgen\1.0_1\
CHR - Extension: No name found = C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: No name found = C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\

O1 HOSTS File: ([2014/09/20 15:43:00 | 000,000,753 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (EgisPBIE Sign-in Helper) - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files\Acer ProShield\EgisPBIE.dll (Egis Technology Inc.)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (EgisPBIE Sign-in Helper) - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files\Acer ProShield\x86\EgisPBIE.dll (Egis Technology Inc.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [YouCam Service] C:\Program Files (x86)\CyberLink\Face Login\YouCamService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies Ltd.)
O4 - HKU\S-1-5-21-1320900323-2956938217-1536712739-1001..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 87.216.1.65 87.216.1.66
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EF928C0A-7037-4AA1-B779-44EF08F512FE}: DhcpNameServer = 87.216.1.65 87.216.1.66
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FD105C23-1D9B-451F-BCEB-882DCE09DF22}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014/09/22 19:21:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Eva\Desktop\OTL.exe
[2014/09/21 19:48:08 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2014/09/20 16:07:28 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/09/20 16:04:56 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2014/09/20 16:04:56 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Local\Temp
[2014/09/20 15:40:02 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2014/09/19 22:44:49 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/09/19 22:44:19 | 001,019,328 | ---- | C] (Thisisu) -- C:\Users\Eva\Desktop\JRT.exe
[2014/09/19 00:27:45 | 000,000,000 | ---D | C] -- C:\ProgramData\PDF Architect 2
[2014/09/18 21:34:14 | 000,000,000 | ---D | C] -- C:\Users\Eva\Desktop\pamplonaa
[2014/09/18 17:01:48 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Local\Programs
[2014/09/18 15:14:47 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/09/18 15:13:07 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/09/18 14:42:10 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/09/17 23:21:35 | 016,874,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Xaml.dll
[2014/09/17 23:21:33 | 002,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/09/17 23:21:33 | 002,318,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/09/17 23:21:30 | 012,730,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Xaml.dll
[2014/09/17 23:21:26 | 006,649,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/09/17 23:21:25 | 008,652,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Search.dll
[2014/09/17 23:21:24 | 007,424,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/09/17 23:21:23 | 005,777,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/09/17 23:21:22 | 002,389,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/09/17 23:21:21 | 002,696,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingsHandlers.dll
[2014/09/17 23:21:14 | 002,141,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfcore.dll
[2014/09/17 23:21:12 | 002,145,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfcore.dll
[2014/09/17 23:21:09 | 001,600,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\workfolderssvc.dll
[2014/09/17 23:21:08 | 001,231,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.dll
[2014/09/17 23:21:05 | 001,029,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2014/09/17 23:21:05 | 000,818,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfmp4srcsnk.dll
[2014/09/17 23:21:04 | 000,889,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Media.dll
[2014/09/17 23:21:04 | 000,674,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfmp4srcsnk.dll
[2014/09/17 23:21:03 | 005,833,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Search.dll
[2014/09/17 23:21:03 | 002,574,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2014/09/17 23:21:02 | 000,707,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
[2014/09/17 23:21:01 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SRH.dll
[2014/09/17 23:21:01 | 000,882,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
[2014/09/17 23:21:00 | 001,182,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printui.dll
[2014/09/17 23:20:59 | 002,410,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2014/09/17 23:20:58 | 001,287,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mispace.dll
[2014/09/17 23:20:58 | 000,475,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2014/09/17 23:20:57 | 001,992,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2014/09/17 23:20:56 | 000,486,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcfgx.dll
[2014/09/17 23:20:55 | 001,029,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mispace.dll
[2014/09/17 23:20:55 | 000,770,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WorkfoldersControl.dll
[2014/09/17 23:20:55 | 000,544,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppxPackaging.dll
[2014/09/17 23:20:54 | 001,057,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\printui.dll
[2014/09/17 23:20:54 | 000,391,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcfgx.dll
[2014/09/17 23:20:53 | 001,018,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aclui.dll
[2014/09/17 23:20:52 | 001,741,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SRH.dll
[2014/09/17 23:20:51 | 000,412,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spaceport.sys
[2014/09/17 23:20:51 | 000,371,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll
[2014/09/17 23:20:50 | 000,360,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2014/09/17 23:20:49 | 000,889,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aclui.dll
[2014/09/17 23:20:49 | 000,474,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AppxPackaging.dll
[2014/09/17 23:20:49 | 000,355,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2014/09/17 23:20:48 | 000,645,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SHCore.dll
[2014/09/17 23:20:48 | 000,302,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll
[2014/09/17 23:20:47 | 000,439,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.Bluetooth.dll
[2014/09/17 23:20:47 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\puiobj.dll
[2014/09/17 23:20:44 | 002,397,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storagewmi.dll
[2014/09/17 23:20:44 | 000,180,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mftranscode.dll
[2014/09/17 23:20:43 | 000,477,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SHCore.dll
[2014/09/17 23:20:43 | 000,427,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clusapi.dll
[2014/09/17 23:20:43 | 000,205,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mftranscode.dll
[2014/09/17 23:20:42 | 001,660,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2014/09/17 23:20:42 | 000,828,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/09/17 23:20:42 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comdlg32.dll
[2014/09/17 23:20:42 | 000,287,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usbmon.dll
[2014/09/17 23:20:41 | 001,519,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2014/09/17 23:20:41 | 000,468,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBHUB3.SYS
[2014/09/17 23:20:40 | 000,487,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv
[2014/09/17 23:20:40 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wisp.dll
[2014/09/17 23:20:39 | 001,488,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2014/09/17 23:20:39 | 001,417,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/09/17 23:20:38 | 001,356,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2014/09/17 23:20:37 | 001,463,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsecedit.dll
[2014/09/17 23:20:36 | 001,519,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2014/09/17 23:20:35 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clusapi.dll
[2014/09/17 23:20:35 | 000,160,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmmbase.dll
[2014/09/17 23:20:34 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WiFiDisplay.dll
[2014/09/17 23:20:33 | 003,360,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014/09/17 23:20:33 | 000,806,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2014/09/17 23:20:33 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\puiobj.dll
[2014/09/17 23:20:32 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdvidcrl.dll
[2014/09/17 23:20:32 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2014/09/17 23:20:31 | 001,817,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Display.dll
[2014/09/17 23:20:31 | 000,576,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSync.dll
[2014/09/17 23:20:31 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VAN.dll
[2014/09/17 23:20:31 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanapi.dll
[2014/09/17 23:20:30 | 001,844,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Display.dll
[2014/09/17 23:20:30 | 001,404,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\storagewmi.dll
[2014/09/17 23:20:30 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppxSip.dll
[2014/09/17 23:20:29 | 000,388,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2014/09/17 23:20:29 | 000,127,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winmmbase.dll
[2014/09/17 23:20:29 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WorkFoldersGPExt.dll
[2014/09/17 23:20:28 | 000,834,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2014/09/17 23:20:28 | 000,211,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVol.exe
[2014/09/17 23:20:28 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wisp.dll
[2014/09/17 23:20:27 | 000,667,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/09/17 23:20:26 | 000,387,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcryptprimitives.dll
[2014/09/17 23:20:26 | 000,263,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DafPrintProvider.dll
[2014/09/17 23:20:26 | 000,233,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2014/09/17 23:20:25 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpprxm.dll
[2014/09/17 23:20:24 | 000,335,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bcryptprimitives.dll
[2014/09/17 23:20:24 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys
[2014/09/17 23:20:23 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.dll
[2014/09/17 23:20:23 | 000,123,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmm.dll
[2014/09/17 23:20:22 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinapi.dll
[2014/09/17 23:20:22 | 000,125,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmapi.dll
[2014/09/17 23:20:22 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AppxSip.dll
[2014/09/17 23:20:21 | 001,705,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/09/17 23:20:20 | 001,656,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\GdiPlus.dll
[2014/09/17 23:20:20 | 001,319,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsecedit.dll
[2014/09/17 23:20:20 | 000,923,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSShared.dll
[2014/09/17 23:20:20 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prnntfy.dll
[2014/09/17 23:20:19 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WorkFoldersShell.dll
[2014/09/17 23:20:18 | 001,290,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2014/09/17 23:20:18 | 001,089,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpedit.dll
[2014/09/17 23:20:18 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prnntfy.dll
[2014/09/17 23:20:16 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\puiapi.dll
[2014/09/17 23:20:16 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\puiapi.dll
[2014/09/17 23:20:15 | 000,180,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVol.exe
[2014/09/17 23:20:14 | 000,448,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VAN.dll
[2014/09/17 23:20:14 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adhsvc.dll
[2014/09/17 23:20:13 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/09/17 23:20:12 | 000,756,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSShared.dll
[2014/09/17 23:20:11 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\stobject.dll
[2014/09/17 23:20:11 | 000,263,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SystemSettingsAdminFlows.exe
[2014/09/17 23:20:10 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdvidcrl.dll
[2014/09/17 23:20:10 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcmcsp.dll
[2014/09/17 23:20:10 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppxSysprep.dll
[2014/09/17 23:20:09 | 000,432,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanconn.dll
[2014/09/17 23:20:09 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dab.dll
[2014/09/17 23:20:08 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpedit.dll
[2014/09/17 23:20:08 | 000,054,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/09/17 23:20:07 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionCenter.dll
[2014/09/17 23:20:06 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanapi.dll
[2014/09/17 23:20:06 | 000,216,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rsaenh.dll
[2014/09/17 23:20:05 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2014/09/17 23:20:05 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014/09/17 23:20:03 | 000,459,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSync.dll
[2014/09/17 23:20:03 | 000,432,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.dll
[2014/09/17 23:20:02 | 000,557,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PrintDialogs.dll
[2014/09/17 23:20:01 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DafPrintProvider.dll
[2014/09/17 23:20:00 | 001,126,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFolder.dll
[2014/09/17 23:20:00 | 000,659,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.Bluetooth.dll
[2014/09/17 23:19:59 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlansvcpal.dll
[2014/09/17 23:19:56 | 000,832,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ActionCenter.dll
[2014/09/17 23:19:56 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercfg.cpl
[2014/09/17 23:19:56 | 000,183,808 | ---- | C] (Microsoft Corp.) -- C:\Windows\SysNative\Defrag.exe
[2014/09/17 23:19:56 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRUM.DLL
[2014/09/17 23:19:55 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2014/09/17 23:19:55 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRUM.DLL
[2014/09/17 23:19:53 | 001,351,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll
[2014/09/17 23:19:52 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercfg.cpl
[2014/09/17 23:19:51 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDYAK.DLL
[2014/09/17 23:19:51 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU1.DLL
[2014/09/17 23:19:51 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBASH.DLL
[2014/09/17 23:19:51 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU.DLL
[2014/09/17 23:19:49 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BluetoothApis.dll
[2014/09/17 23:19:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDYAK.DLL
[2014/09/17 23:19:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU1.DLL
[2014/09/17 23:19:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBASH.DLL
[2014/09/17 23:19:48 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU.DLL
[2014/09/17 23:19:43 | 000,436,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2014/09/17 23:19:43 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2014/09/17 23:19:42 | 001,144,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanmm.dll
[2014/09/17 23:19:42 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PrintDialogs.dll
[2014/09/17 23:19:42 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVolSSO.dll
[2014/09/17 23:19:42 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTAT.DLL
[2014/09/17 23:19:41 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\compstui.dll
[2014/09/17 23:19:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTAT.DLL
[2014/09/17 23:19:39 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\BluetoothApis.dll
[2014/09/17 23:19:38 | 000,443,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlansec.dll
[2014/09/17 23:19:38 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2014/09/17 23:19:35 | 002,100,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SystemSettingsAdminFlowUI.dll
[2014/09/17 23:19:34 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/09/17 23:19:34 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/09/17 23:19:33 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/09/17 23:19:33 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/09/17 23:19:31 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTT102.DLL
[2014/09/17 23:19:31 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTT102.DLL
[2014/09/17 22:24:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2014/09/17 22:24:37 | 000,000,000 | ---D | C] -- C:\rsit
[2014/09/17 00:49:54 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDMon.dll
[2014/09/17 00:49:54 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpmon.dll
[2014/09/14 14:04:07 | 002,084,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2014/09/14 14:04:06 | 002,374,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2014/09/14 14:04:06 | 000,796,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uDWM.dll
[2014/09/14 14:04:05 | 013,423,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll
[2014/09/14 14:04:01 | 011,818,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll
[2014/09/14 14:03:58 | 002,860,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
[2014/09/14 14:03:57 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2014/09/14 14:03:57 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2014/09/14 14:02:58 | 000,146,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msgpioclx.sys
[2014/09/10 22:38:35 | 000,706,016 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/09/10 22:38:35 | 000,105,440 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/09/10 22:34:10 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2014/09/10 22:33:58 | 000,000,000 | R--D | C] -- C:\Windows\BrowserChoice
[2014/09/10 21:46:27 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/09/10 21:46:27 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/09/10 21:46:24 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/09/10 21:46:23 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/09/10 21:46:22 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/09/10 21:46:21 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/09/10 21:46:21 | 000,547,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/09/10 21:46:21 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/09/10 21:46:21 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/09/10 21:46:16 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/09/10 21:46:15 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/09/10 21:46:15 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/09/10 21:46:15 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/09/10 21:46:13 | 000,727,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/09/10 21:46:13 | 000,707,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/09/10 21:46:13 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/09/10 21:46:13 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/09/10 21:46:13 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/09/10 21:46:12 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/09/10 21:46:12 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/09/10 21:46:10 | 000,775,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/09/10 21:46:10 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/09/10 21:46:10 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/09/10 21:46:10 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/09/10 21:46:09 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/09/10 21:46:09 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/09/10 21:46:09 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/09/10 21:45:58 | 002,014,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/09/10 21:45:57 | 002,104,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/09/10 21:45:53 | 005,833,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/09/10 21:45:52 | 002,270,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2014/09/10 21:45:52 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReInfo.dll
[2014/09/10 21:45:49 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgent.dll
[2014/09/10 21:45:49 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ReInfo.dll
[2014/09/10 21:45:48 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dcomp.dll
[2014/09/10 21:45:48 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AppXDeploymentClient.dll
[2014/09/10 21:45:45 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ReAgent.dll
[2014/09/10 21:45:45 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spp.dll
[2014/09/10 21:45:43 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentClient.dll
[2014/09/10 21:45:40 | 002,900,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2014/09/10 21:45:40 | 000,356,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dcomp.dll
[2014/09/10 21:45:36 | 001,542,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2014/09/10 21:45:35 | 001,112,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/09/10 21:45:32 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlidprov.dll
[2014/09/10 21:45:31 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlidprov.dll
[2014/09/10 21:45:26 | 000,157,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wof.sys
[2014/09/10 21:45:20 | 001,306,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentServer.dll
[2014/09/10 21:45:18 | 001,291,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/09/10 21:45:17 | 000,655,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2014/09/10 21:45:14 | 000,669,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasapi32.dll
[2014/09/10 21:45:14 | 000,291,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.Sensors.dll
[2014/09/10 21:45:13 | 000,834,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netlogon.dll
[2014/09/10 21:45:13 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.Sensors.dll
[2014/09/10 21:45:11 | 000,924,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentExtensions.dll
[2014/09/10 21:45:10 | 000,376,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\clfs.sys
[2014/09/10 21:45:09 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SensorsApi.dll
[2014/09/10 21:45:08 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SensorsApi.dll
[2014/09/10 21:45:07 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dafWfdProvider.dll
[2014/09/10 21:45:06 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll
[2014/09/10 21:45:06 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppxAllUserStore.dll
[2014/09/10 21:45:06 | 000,113,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userenv.dll
[2014/09/10 21:45:06 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2014/09/10 21:45:06 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sxproxy.dll
[2014/09/10 21:45:05 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AppxAllUserStore.dll
[2014/09/10 21:45:04 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlangpui.dll
[2014/09/10 21:45:03 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Graphics.Printing.dll
[2014/09/10 21:45:03 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sxproxy.dll
[2014/09/10 21:45:02 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll
[2014/09/10 21:45:02 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\w32tm.exe
[2014/09/10 21:45:01 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlangpui.dll
[2014/09/10 21:45:01 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\w32tm.exe
[2014/09/10 21:45:01 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CredentialMigrationHandler.dll
[2014/09/10 21:45:00 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\LocationApi.dll
[2014/09/10 21:45:00 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.Scanners.dll
[2014/09/10 21:45:00 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2014/09/10 21:45:00 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMapi.dll
[2014/09/10 21:45:00 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CredentialMigrationHandler.dll
[2014/09/10 21:44:59 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Graphics.Printing.dll
[2014/09/10 21:44:59 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.Scanners.dll
[2014/09/10 21:44:59 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevPropMgr.dll
[2014/09/10 21:44:58 | 000,794,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fvewiz.dll
[2014/09/10 21:44:58 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\LocationApi.dll
[2014/09/10 21:44:58 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetNetworkLocation.dll
[2014/09/10 21:44:56 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmWmiPl.dll
[2014/09/10 21:44:56 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BdeHdCfgLib.dll
[2014/09/10 21:44:56 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\l2gpstore.dll
[2014/09/10 21:44:56 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\l2gpstore.dll
[2014/09/10 21:33:39 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MrmCoreR.dll
[2014/09/10 21:33:14 | 007,173,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Data.Pdf.dll
[2014/09/10 21:33:10 | 005,104,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Data.Pdf.dll
[2014/09/10 21:32:49 | 000,765,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfmpeg2srcsnk.dll
[2014/09/10 21:32:47 | 001,403,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmde.dll
[2014/09/10 21:32:47 | 000,669,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfmpeg2srcsnk.dll
[2014/09/10 21:32:46 | 001,379,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2014/09/10 21:32:46 | 000,407,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe
[2014/09/10 21:32:45 | 001,222,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.Streaming.dll
[2014/09/10 21:32:45 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\GeofenceMonitorService.dll
[2014/09/10 21:32:45 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014/09/10 21:32:44 | 000,364,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2014/09/10 21:32:43 | 000,955,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFMediaEngine.dll
[2014/09/10 21:32:42 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GeofenceMonitorService.dll
[2014/09/10 21:32:42 | 000,337,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2014/09/10 21:32:41 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFMediaEngine.dll
[2014/09/10 21:32:41 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014/09/10 21:32:41 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MDEServer.exe
[2014/09/10 21:32:41 | 000,305,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2014/09/10 21:32:40 | 001,209,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winmde.dll
[2014/09/10 21:32:40 | 000,491,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfsvr.dll
[2014/09/10 21:32:39 | 000,982,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Media.Streaming.dll
[2014/09/10 21:32:37 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpencom.dll
[2014/09/10 21:32:37 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpencom.dll
[2014/09/10 21:32:36 | 000,387,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfsvr.dll
[2014/09/10 21:32:35 | 000,463,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll
[2014/09/10 21:32:35 | 000,324,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFCaptureEngine.dll
[2014/09/10 21:32:35 | 000,032,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ploptin.dll
[2014/09/10 21:32:34 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\resutils.dll
[2014/09/10 21:32:33 | 000,285,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFCaptureEngine.dll
[2014/09/10 21:32:33 | 000,201,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSVideoDSP.dll
[2014/09/10 21:32:33 | 000,130,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpapi.dll
[2014/09/10 21:32:32 | 000,372,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/09/10 21:32:31 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2014/09/10 21:32:31 | 000,178,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSVideoDSP.dll
[2014/09/10 21:32:30 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2014/09/10 21:32:25 | 001,466,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
[2014/09/10 21:32:25 | 000,609,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2014/09/10 21:32:24 | 000,518,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2014/09/10 21:32:24 | 000,467,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2014/09/10 21:32:23 | 000,244,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\audiodg.exe
[2014/09/10 21:32:22 | 000,307,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2014/09/10 21:32:22 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\energyprov.dll
[2014/09/10 21:32:22 | 000,028,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe
[2014/09/10 21:32:21 | 000,467,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2014/09/10 21:32:20 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2014/09/10 21:32:19 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\resutils.dll
[2014/09/10 21:32:19 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tlscsp.dll
[2014/09/10 21:32:18 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tlscsp.dll
[2014/09/10 21:32:15 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BootMenuUX.dll
[2014/09/10 21:32:13 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEndpointBuilder.dll
[2014/09/10 21:32:12 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2014/09/10 21:32:11 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2014/09/10 21:32:10 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2014/09/10 21:32:10 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Shell.Search.UriHandler.dll
[2014/09/10 21:32:10 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Shell.Search.UriHandler.dll

e_va · #29 Příspěvek od **e_va** » 22 zář 2014 21:44

[2014/09/10 21:32:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014/09/10 21:32:09 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanhlp.dll
[2014/09/10 21:32:09 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanhlp.dll
[2014/09/10 21:12:40 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvinst.exe
[2014/09/10 21:12:40 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2014/09/10 21:12:40 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvcfg.exe
[2014/09/10 21:11:57 | 002,125,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d9.dll
[2014/09/10 21:11:53 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpnike.dll
[2014/09/10 21:11:52 | 001,726,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2014/09/10 21:11:52 | 000,412,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2014/09/10 21:11:51 | 000,567,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2014/09/10 21:11:51 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDriveShell.dll
[2014/09/10 21:11:50 | 000,717,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2014/09/10 21:11:50 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\framedynos.dll
[2014/09/10 21:11:50 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SkyDriveShell.dll
[2014/09/10 21:11:49 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fveapi.dll
[2014/09/10 21:11:49 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2014/09/10 21:11:49 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2014/09/10 21:11:49 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\framedynos.dll
[2014/09/10 21:11:49 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2014/09/10 21:11:49 | 000,136,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wfplwfs.sys
[2014/09/10 21:11:48 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncobjapi.dll
[2014/09/10 21:11:47 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\framedyn.dll
[2014/09/10 21:11:47 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winbici.dll
[2014/09/10 21:11:47 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BitLockerDeviceEncryption.exe
[2014/09/10 21:11:46 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncobjapi.dll
[2014/09/10 21:11:45 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Robocopy.exe
[2014/09/10 21:11:45 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Robocopy.exe
[2014/09/10 21:11:45 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2014/09/10 21:11:44 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\framedyn.dll
[2014/09/10 21:11:44 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BulkOperationHost.exe
[2014/09/10 21:11:43 | 000,997,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\reseteng.dll
[2014/09/10 21:11:43 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fveapibase.dll
[2014/09/10 21:04:54 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wusa.exe
[2014/09/10 21:04:54 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wusa.exe
[2014/09/10 21:04:53 | 000,086,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mrt_map.dll
[2014/09/10 21:04:53 | 000,080,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mrt_map.dll
[2014/09/10 21:04:53 | 000,028,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mrt100.dll
[2014/09/10 21:04:53 | 000,026,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mrt100.dll
[2014/09/10 21:04:38 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/09/10 21:04:38 | 000,527,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/09/10 21:04:38 | 000,385,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2014/09/10 21:04:38 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2014/09/10 21:03:37 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe
[2014/09/10 21:03:37 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe
[2014/09/10 21:01:56 | 000,735,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2014/09/10 21:01:56 | 000,735,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2014/09/10 21:00:59 | 001,273,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2014/09/10 20:59:01 | 002,141,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2014/09/10 20:59:01 | 001,779,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2014/09/10 20:59:01 | 000,517,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2014/09/10 20:59:01 | 000,379,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2014/09/10 20:59:00 | 002,133,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll
[2014/09/10 20:59:00 | 001,764,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll
[2014/09/10 20:59:00 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2014/09/10 20:57:07 | 000,257,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdFilter.sys
[2014/09/10 20:57:05 | 000,123,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdNisDrv.sys
[2014/09/10 20:57:05 | 000,035,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdBoot.sys
[2014/09/10 20:56:54 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDriveTelemetry.dll
[2014/09/10 20:56:53 | 004,756,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SyncEngine.dll
[2014/09/10 20:56:53 | 001,120,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDrive.exe
[2014/09/10 20:45:05 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014/09/10 20:44:53 | 000,440,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014/09/10 20:44:52 | 000,428,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014/09/10 20:44:52 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2014/09/10 20:44:52 | 000,209,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2014/09/10 20:44:51 | 000,423,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll
[2014/09/10 20:44:51 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DaOtpCredentialProvider.dll
[2014/09/10 20:44:51 | 000,027,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014/09/10 20:44:50 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DaOtpCredentialProvider.dll
[2014/09/10 20:44:24 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/09/10 20:44:24 | 000,488,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/09/10 20:43:58 | 002,790,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014/09/10 20:43:57 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2014/09/10 20:43:57 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2014/09/10 20:43:57 | 000,114,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2014/09/10 20:39:03 | 001,336,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/09/10 20:38:29 | 000,201,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ubpm.dll
[2014/09/10 20:38:28 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll
[2014/09/10 20:38:27 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/09/10 20:38:27 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/09/10 20:38:27 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/09/10 20:38:27 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/09/10 20:27:31 | 000,623,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MDMAgent.exe
[2014/09/10 12:31:14 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.appcore.dll
[2014/09/10 12:31:14 | 000,629,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MrmCoreR.dll
[2014/09/10 12:31:12 | 001,054,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.appcore.dll
[2014/09/10 12:31:11 | 000,555,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinapi.appcore.dll
[2014/09/10 12:31:11 | 000,419,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinapi.appcore.dll
[2014/09/10 12:31:09 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSReset.exe
[2014/09/10 12:29:10 | 003,118,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2014/09/10 12:29:10 | 003,048,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WpcMon.exe
[2014/09/10 12:29:10 | 002,861,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WpcWebSync.dll
[2014/09/10 12:29:09 | 002,344,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2014/09/10 12:21:49 | 002,834,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpccpl.dll
[2014/09/10 12:21:43 | 000,055,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wpcfltr.sys
[2014/09/10 01:45:38 | 000,875,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr120_clr0400.dll
[2014/09/10 01:45:38 | 000,869,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr120_clr0400.dll
[2014/09/09 01:52:33 | 000,000,000 | ---D | C] -- C:\Users\Eva\Documents\Vlastní šablony Office
[2014/09/08 09:32:48 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Local\ocoll2e
[2014/09/08 09:32:37 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Roaming\ocoll2e
[2014/09/08 09:32:32 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oxford
[2014/09/08 09:32:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oxford
[2014/09/08 09:32:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IDM
[2014/09/08 09:30:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oxford
[2014/09/07 01:46:23 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Local\Adobe
[2014/09/07 00:21:37 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Local\Microsoft Help
[2014/09/07 00:21:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2014/09/07 00:17:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/09/07 00:13:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2014/09/07 00:12:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15
[2014/09/06 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Local\Acer Aspire R7 Tutorial
[2014/09/06 10:46:21 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/09/06 10:44:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/09/06 10:34:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/09/06 10:34:03 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/09/06 10:06:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/09/06 10:05:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/09/06 10:05:24 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Local\Google
[2014/09/06 10:04:16 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Roaming\Macromedia
[2014/09/06 10:03:19 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Local\Diagnostics
[2014/09/06 10:00:00 | 000,000,000 | -HSD | C] -- C:\Users\Eva\AppData\Local\EmieUserList
[2014/09/06 10:00:00 | 000,000,000 | -HSD | C] -- C:\Users\Eva\AppData\Local\EmieSiteList
[2014/09/06 09:47:50 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Local\EgisTec
[2014/09/06 09:47:13 | 000,000,000 | R--D | C] -- C:\Users\Eva\OneDrive
[2014/09/06 09:42:04 | 000,000,000 | ---D | C] -- C:\Users\Eva\Documents\Youcam
[2014/09/06 09:42:01 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Local\CyberLink
[2014/09/06 09:41:02 | 000,000,000 | ---D | C] -- C:\Users\Eva\Documents\Moje přijaté soubory
[2014/09/06 09:40:17 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Local\EgisTec IPS
[2014/09/06 09:40:15 | 000,000,000 | R--D | C] -- C:\Users\Eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/09/06 09:40:15 | 000,000,000 | R--D | C] -- C:\Users\Eva\Searches
[2014/09/06 09:40:15 | 000,000,000 | R--D | C] -- C:\Users\Eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/09/06 09:40:14 | 000,000,000 | R--D | C] -- C:\Users\Eva\Contacts
[2014/09/06 09:40:04 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Roaming\Adobe
[2014/09/06 09:40:02 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Local\VirtualStore
[2014/09/06 09:39:57 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Local\Packages
[2014/09/06 09:39:50 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Roaming\Intel
[2014/09/06 09:38:10 | 000,000,000 | -HSD | C] -- C:\Users\Eva\AppData\Local\Temporary Internet Files
[2014/09/06 09:38:10 | 000,000,000 | -HSD | C] -- C:\Users\Eva\Šablony
[2014/09/06 09:38:10 | 000,000,000 | -HSD | C] -- C:\Users\Eva\Soubory cookie
[2014/09/06 09:38:10 | 000,000,000 | -HSD | C] -- C:\Users\Eva\SendTo
[2014/09/06 09:38:10 | 000,000,000 | -HSD | C] -- C:\Users\Eva\Poslední
[2014/09/06 09:38:10 | 000,000,000 | -HSD | C] -- C:\Users\Eva\Okolní tiskárny
[2014/09/06 09:38:10 | 000,000,000 | -HSD | C] -- C:\Users\Eva\Okolní síť
[2014/09/06 09:38:10 | 000,000,000 | -HSD | C] -- C:\Users\Eva\Documents\Obrázky
[2014/09/06 09:38:10 | 000,000,000 | -HSD | C] -- C:\Users\Eva\Nabídka Start
[2014/09/06 09:38:10 | 000,000,000 | -HSD | C] -- C:\Users\Eva\Local Settings
[2014/09/06 09:38:10 | 000,000,000 | -HSD | C] -- C:\Users\Eva\Documents\Hudba
[2014/09/06 09:38:10 | 000,000,000 | -HSD | C] -- C:\Users\Eva\AppData\Local\History
[2014/09/06 09:38:10 | 000,000,000 | -HSD | C] -- C:\Users\Eva\Documents\Filmy
[2014/09/06 09:38:10 | 000,000,000 | -HSD | C] -- C:\Users\Eva\Dokumenty
[2014/09/06 09:38:10 | 000,000,000 | -HSD | C] -- C:\Users\Eva\Data aplikací
[2014/09/06 09:38:10 | 000,000,000 | -HSD | C] -- C:\Users\Eva\AppData\Local\Data aplikací
[2014/09/06 09:37:53 | 000,000,000 | --SD | C] -- C:\Users\Eva\AppData\Roaming\Microsoft
[2014/09/06 09:37:53 | 000,000,000 | R--D | C] -- C:\Users\Eva\Videos
[2014/09/06 09:37:53 | 000,000,000 | R--D | C] -- C:\Users\Eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/09/06 09:37:53 | 000,000,000 | R--D | C] -- C:\Users\Eva\Saved Games
[2014/09/06 09:37:53 | 000,000,000 | R--D | C] -- C:\Users\Eva\Pictures
[2014/09/06 09:37:53 | 000,000,000 | R--D | C] -- C:\Users\Eva\Music
[2014/09/06 09:37:53 | 000,000,000 | R--D | C] -- C:\Users\Eva\Links
[2014/09/06 09:37:53 | 000,000,000 | R--D | C] -- C:\Users\Eva\Favorites
[2014/09/06 09:37:53 | 000,000,000 | R--D | C] -- C:\Users\Eva\Downloads
[2014/09/06 09:37:53 | 000,000,000 | R--D | C] -- C:\Users\Eva\Documents
[2014/09/06 09:37:53 | 000,000,000 | R--D | C] -- C:\Users\Eva\Desktop
[2014/09/06 09:37:53 | 000,000,000 | R--D | C] -- C:\Users\Eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/09/06 09:37:53 | 000,000,000 | R--D | C] -- C:\Users\Eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/09/06 09:37:53 | 000,000,000 | -H-D | C] -- C:\Users\Eva\AppData
[2014/09/06 09:37:53 | 000,000,000 | ---D | C] -- C:\Users\Eva\Roaming
[2014/09/06 09:37:53 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Local\Microsoft
[2014/09/06 09:37:53 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/09/06 00:45:15 | 000,000,000 | ---D | C] -- C:\Users\Eva\Desktop\Acer
[2014/09/05 22:50:26 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Roaming\vlc
[2014/09/05 22:43:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/09/05 22:42:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2014/09/05 21:12:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[2014/09/05 21:12:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/09/05 21:12:20 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Roaming\Check Point Software Technologies LTD
[2014/09/05 21:12:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CheckPoint
[2014/09/05 21:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2014/09/05 21:05:52 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Roaming\Opera Software
[2014/09/05 21:05:52 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Local\Opera Software
[2014/09/05 21:05:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2014/09/05 21:04:00 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Roaming\SUPERAntiSpyware.com
[2014/09/05 21:03:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2014/09/05 21:03:43 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2014/09/05 21:03:43 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2014/09/05 21:02:55 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
[2014/09/05 21:02:43 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Roaming\IrfanView
[2014/09/05 21:02:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[2014/09/05 20:46:36 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2014/09/05 20:46:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2014/09/05 20:46:35 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2014/09/05 20:45:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2014/09/05 20:44:40 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Roaming\Winamp
[2014/09/05 20:44:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2014/09/05 20:39:44 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Local\Skype
[2014/09/05 20:39:41 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Roaming\Skype
[2014/09/05 20:39:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/09/05 20:39:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/09/05 20:39:34 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2014/09/05 20:39:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2014/09/05 20:00:45 | 000,000,000 | ---D | C] -- C:\! e v i c k a
[2014/09/05 20:00:00 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Local\GHISLER
[2014/09/05 19:54:02 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2014/09/05 19:54:01 | 000,000,000 | ---D | C] -- C:\Program Files\totalcmd
[2014/09/05 19:54:01 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Roaming\GHISLER
[2014/09/05 19:51:56 | 000,000,000 | ---D | C] -- C:\Users\Eva\AppData\Roaming\AVAST Software
[2014/09/05 19:51:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/09/05 19:51:04 | 001,041,168 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/09/05 19:51:04 | 000,427,360 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2014/09/05 19:51:04 | 000,093,568 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/09/05 19:51:04 | 000,092,008 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/09/05 19:51:04 | 000,079,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/09/05 19:51:03 | 000,307,344 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/09/05 19:50:58 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr

========== Files - Modified Within 30 Days ==========

[2014/09/22 19:28:39 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/09/22 19:21:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Eva\Desktop\OTL.exe
[2014/09/22 19:10:00 | 000,000,954 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/09/22 16:54:26 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/09/22 16:52:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/09/21 22:20:41 | 001,745,984 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/09/21 22:20:41 | 000,741,472 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014/09/21 22:20:41 | 000,724,024 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/09/21 22:20:41 | 000,152,460 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014/09/21 22:20:41 | 000,136,442 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/09/20 16:06:01 | 000,483,024 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/09/20 16:05:50 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/09/20 16:05:48 | 3337,158,656 | -HS- | M] () -- C:\hiberfil.sys
[2014/09/20 15:43:00 | 000,000,753 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/09/20 15:40:01 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2014/09/20 15:37:18 | 001,290,752 | ---- | M] () -- C:\Users\Eva\Desktop\zoek.exe
[2014/09/19 22:44:21 | 001,019,328 | ---- | M] (Thisisu) -- C:\Users\Eva\Desktop\JRT.exe
[2014/09/18 21:30:28 | 000,001,114 | ---- | M] () -- C:\Users\Eva\Desktop\Paint.lnk
[2014/09/18 15:08:50 | 001,373,475 | ---- | M] () -- C:\Users\Eva\Desktop\adwcleaner_3.310.exe
[2014/09/18 14:41:59 | 001,222,144 | ---- | M] () -- C:\Users\Eva\Desktop\RSITx64.exe
[2014/09/15 01:54:57 | 000,001,413 | ---- | M] () -- C:\Users\Eva\Desktop\Opera.lnk
[2014/09/15 01:51:09 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/09/14 15:58:42 | 013,086,480 | ---- | M] () -- C:\Users\Eva\Desktop\Celta YL.pdf
[2014/09/08 09:32:32 | 000,002,227 | ---- | M] () -- C:\Users\Public\Desktop\Oxford Collocations Dictionary.lnk
[2014/09/06 10:34:04 | 000,000,838 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/09/05 22:43:14 | 000,001,090 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/09/05 21:13:51 | 000,431,395 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2014/09/05 21:03:46 | 000,001,824 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2014/09/05 21:02:55 | 000,001,018 | ---- | M] () -- C:\Users\Eva\Desktop\IrfanView.lnk
[2014/09/05 20:46:37 | 000,000,999 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2014/09/05 20:06:28 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014/09/05 19:54:04 | 000,001,011 | ---- | M] () -- C:\Users\Eva\Desktop\Total Commander.lnk
[2014/09/05 19:51:20 | 000,427,360 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2014/09/05 19:51:00 | 001,041,168 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/09/05 19:51:00 | 000,307,344 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/09/05 19:51:00 | 000,224,896 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/09/05 19:51:00 | 000,092,008 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/09/05 19:51:00 | 000,079,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/09/05 19:51:00 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/09/05 19:51:00 | 000,029,208 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014/09/05 19:50:59 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/09/05 19:50:58 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/09/05 04:36:23 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2014/09/05 04:31:58 | 000,527,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/09/05 02:48:14 | 000,738,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/09/02 22:06:15 | 000,706,016 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/09/02 22:06:15 | 000,105,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2014/09/22 19:28:39 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/09/20 16:04:57 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2014/09/20 15:37:17 | 001,290,752 | ---- | C] () -- C:\Users\Eva\Desktop\zoek.exe
[2014/09/18 21:30:28 | 000,001,114 | ---- | C] () -- C:\Users\Eva\Desktop\Paint.lnk
[2014/09/18 15:08:49 | 001,373,475 | ---- | C] () -- C:\Users\Eva\Desktop\adwcleaner_3.310.exe
[2014/09/18 14:41:58 | 001,222,144 | ---- | C] () -- C:\Users\Eva\Desktop\RSITx64.exe
[2014/09/17 23:19:30 | 000,387,391 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2014/09/15 01:54:57 | 000,001,413 | ---- | C] () -- C:\Users\Eva\Desktop\Opera.lnk
[2014/09/15 01:51:09 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/09/14 15:54:55 | 013,086,480 | ---- | C] () -- C:\Users\Eva\Desktop\Celta YL.pdf
[2014/09/10 21:11:43 | 000,050,745 | ---- | C] () -- C:\Windows\SysNative\srms.dat
[2014/09/08 09:32:32 | 000,002,227 | ---- | C] () -- C:\Users\Public\Desktop\Oxford Collocations Dictionary.lnk
[2014/09/06 10:34:04 | 000,000,838 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/09/06 10:05:34 | 000,000,954 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/09/06 10:05:33 | 000,000,950 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/09/06 09:43:48 | 000,002,158 | ---- | C] () -- C:\Users\Eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
[2014/09/06 09:41:01 | 000,001,280 | ---- | C] () -- C:\Users\Eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Správce zvuku HD.lnk
[2014/09/06 09:40:04 | 000,001,430 | ---- | C] () -- C:\Users\Eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/09/06 09:37:53 | 000,000,369 | ---- | C] () -- C:\Users\Eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
[2014/09/06 09:37:53 | 000,000,369 | ---- | C] () -- C:\Users\Eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
[2014/09/05 22:43:14 | 000,001,090 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/09/05 21:12:48 | 000,431,395 | ---- | C] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2014/09/05 21:05:19 | 000,001,149 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2014/09/05 21:03:46 | 000,001,824 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2014/09/05 21:02:55 | 000,001,018 | ---- | C] () -- C:\Users\Eva\Desktop\IrfanView.lnk
[2014/09/05 20:46:37 | 000,000,999 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2014/09/05 20:06:28 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014/09/05 19:54:04 | 000,001,011 | ---- | C] () -- C:\Users\Eva\Desktop\Total Commander.lnk
[2014/09/05 19:51:04 | 000,224,896 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/09/05 19:51:04 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/09/05 19:51:04 | 000,029,208 | ---- | C] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014/06/20 00:33:08 | 000,172,097 | ---- | C] () -- C:\Windows\SysWow64\NoMSGuninstall.exe
[2014/06/20 00:33:08 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\UMonit64.exe
[2014/06/20 00:33:08 | 000,001,519 | ---- | C] () -- C:\Windows\SysWow64\_IconCfg0.ini
[2014/06/20 00:33:08 | 000,000,973 | ---- | C] () -- C:\Windows\SysWow64\ProductName.ini
[2014/06/20 00:26:32 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2014/03/31 05:33:35 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2014/03/31 05:33:06 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2014/03/31 05:17:49 | 000,299,520 | ---- | C] () -- C:\Windows\SysWow64\igdmd32.dll
[2014/03/31 05:17:49 | 000,182,272 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2014/03/31 05:17:48 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
[2014/03/31 05:17:45 | 000,004,606 | ---- | C] () -- C:\Windows\SysWow64\DptfInvalidPolicyRemover.ini
[2013/08/22 17:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013/08/22 17:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013/08/22 16:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013/08/22 09:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013/08/22 05:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2013/08/22 01:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/08/22 01:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2013/07/02 04:44:46 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2014/06/20 01:06:07 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/07/24 17:20:40 | 021,266,336 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/07/24 15:46:53 | 018,760,328 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 11:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 04:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 11:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/09/05 19:51:56 | 000,000,000 | ---D | M] -- C:\Users\Eva\AppData\Roaming\AVAST Software
[2014/09/05 21:12:22 | 000,000,000 | ---D | M] -- C:\Users\Eva\AppData\Roaming\Check Point Software Technologies LTD
[2014/09/05 19:58:38 | 000,000,000 | ---D | M] -- C:\Users\Eva\AppData\Roaming\GHISLER
[2014/09/05 21:02:43 | 000,000,000 | ---D | M] -- C:\Users\Eva\AppData\Roaming\IrfanView
[2014/09/08 09:32:48 | 000,000,000 | ---D | M] -- C:\Users\Eva\AppData\Roaming\ocoll2e
[2014/09/05 21:05:52 | 000,000,000 | ---D | M] -- C:\Users\Eva\AppData\Roaming\Opera Software

========== Purity Check ==========

========== Custom Scans ==========

< >
[2013/08/22 16:45:54 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2014/09/06 10:05:33 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014/09/06 10:05:34 | 000,000,954 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: AGP440.SYS >
[2013/08/22 14:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\Windows\SysNative\drivers\AGP440.sys
[2013/08/22 14:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_36be84f8fc597ea3\AGP440.sys
[2013/08/22 14:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17238_none_ab0b455c927bd60f\AGP440.sys
[2014/09/20 17:53:21 | 000,000,012 | ---- | M] () MD5=AC26F500DB64617F336315BB5A0FDBE1 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\AGP440.sys

< MD5 for: ATAPI.SYS >
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\SysNative\drivers\atapi.sys
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_64aa4354da84c2df\atapi.sys
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.3.9600.16384_none_cdf68824f580d510\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2014/02/22 13:24:36 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\SysWOW64\autochk.exe
[2014/02/22 13:24:36 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_76c6a414dd35029f\autochk.exe
[2014/02/22 14:17:06 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\Windows\SysNative\autochk.exe
[2014/02/22 14:17:06 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_d2e53f98959273d5\autochk.exe

< MD5 for: CDROM.SYS >
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\SysNative\drivers\cdrom.sys
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_42e9c29f0affc440\cdrom.sys
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.3.9600.16384_none_5067bbed77be70be\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2013/08/22 12:01:39 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=0EFE4B5884A8032617826A4D76F80969 -- C:\Windows\SysNative\cryptsvc.dll
[2013/08/22 12:01:39 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=0EFE4B5884A8032617826A4D76F80969 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.3.9600.16384_none_66bdf96f6ec6545d\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2014/08/23 09:13:24 | 002,084,520 | ---- | M] (Microsoft Corporation) MD5=195822ACCDAA2B4815DD01BAFC335595 -- C:\Windows\SysWOW64\explorer.exe
[2014/08/23 09:13:24 | 002,084,520 | ---- | M] (Microsoft Corporation) MD5=195822ACCDAA2B4815DD01BAFC335595 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4cc798c1821453a8\explorer.exe
[2014/09/20 17:56:36 | 000,270,774 | ---- | M] () MD5=2195687491E604BA42961470EDA7660E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_42acff334d876b54\explorer.exe
[2014/09/20 18:08:21 | 000,220,250 | ---- | M] () MD5=286928E00AD34E9F88EB5BFA52660A70 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_4d01a98581e82d4f\explorer.exe
[2014/09/14 01:30:16 | 000,015,546 | ---- | M] () MD5=347EFF7EC89C3EB4F72F2408E1C4E16D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_4cfaa3b381ee81a0\explorer.exe
[2014/09/14 01:30:09 | 000,238,918 | ---- | M] () MD5=5177BB4FECDDB9CDBCF10EF65916968D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_4ceff22781f6788c\explorer.exe
[2014/09/20 17:56:30 | 000,271,249 | ---- | M] () MD5=667BC926C7CB889BF276A5FEA316CAEE -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_42adfbb14d868a5d\explorer.exe
[2014/09/14 00:16:32 | 000,169,957 | ---- | M] () MD5=6D919C26DCB567396CD2E119B8E4310E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_42a5f9614d8dbfa5\explorer.exe
[2014/08/23 09:48:28 | 002,374,784 | ---- | M] (Microsoft Corporation) MD5=ACDBE1ED38167C8B01B8F63161BB2CEA -- C:\Windows\explorer.exe
[2014/08/23 09:48:28 | 002,374,784 | ---- | M] (Microsoft Corporation) MD5=ACDBE1ED38167C8B01B8F63161BB2CEA -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4272ee6f4db391ad\explorer.exe
[2014/09/20 18:08:28 | 000,219,647 | ---- | M] () MD5=B75E9C8434D53F8C187D352FA7F692D4 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17249_none_4cf7d9e381ef6297\explorer.exe
[2014/09/20 18:08:14 | 000,208,662 | ---- | M] () MD5=C131BC6F12417306A9C8469CA49110B1 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_4d02a60381e74c58\explorer.exe
[2014/09/20 17:56:41 | 000,270,403 | ---- | M] () MD5=C20A0C44E241606430009E7F126A1125 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17249_none_42a32f914d8ea09c\explorer.exe
[2014/09/14 00:16:27 | 000,283,735 | ---- | M] () MD5=FA98C5D746E7C9E0912E88AC44FF9926 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_429b47d54d95b691\explorer.exe

e_va · #30 Příspěvek od **e_va** » 22 zář 2014 21:44

< MD5 for: HAL.DLL >
[2014/06/02 04:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\Windows\SysNative\hal.dll
[2014/06/02 04:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17196_none_9bde68c32da7abbb\hal.dll
[2014/09/14 00:17:43 | 000,024,467 | ---- | M] () MD5=2635F50EAF3E1B4A8D32B21E1203E130 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17031_none_9c1a44f32d7b883b\hal.dll

< MD5 for: IASTORV.SYS >
[2013/08/22 14:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2013/08/22 14:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_5069105fb236ae4b\iaStorV.sys
[2013/08/22 14:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_6.3.9600.16384_none_9fcfb2835bbf0103\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2013/08/22 14:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\Windows\SysNative\drivers\isapnp.sys
[2013/08/22 14:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_36be84f8fc597ea3\isapnp.sys
[2013/08/22 14:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17238_none_ab0b455c927bd60f\isapnp.sys
[2014/09/20 17:53:22 | 000,000,012 | ---- | M] () MD5=AC26F500DB64617F336315BB5A0FDBE1 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\isapnp.sys

< MD5 for: LSASS.EXE >
[2013/08/22 15:25:35 | 000,045,008 | ---- | M] (Microsoft Corporation) MD5=F6F209DDB94959BA104FC8FC87C53759 -- C:\Windows\SysNative\lsass.exe
[2013/08/22 15:25:35 | 000,045,008 | ---- | M] (Microsoft Corporation) MD5=F6F209DDB94959BA104FC8FC87C53759 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.16408_none_2e8484166600f08e\lsass.exe

< MD5 for: NDIS.SYS >
[2014/09/14 00:32:48 | 000,144,548 | ---- | M] () MD5=6FF1A14DC17A19F68C45B759E57F8F54 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16405_none_4a6b5fcffbc14927\ndis.sys
[2014/09/20 17:59:26 | 000,025,682 | ---- | M] () MD5=D2D6A481A75207BF24E9D48C61B7F012 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17031_none_4a46d083fbdd5ca3\ndis.sys
[2014/06/05 16:00:18 | 001,118,040 | ---- | M] (Microsoft Corporation) MD5=E4B4BE2D7750849C07589DA0B0AABA01 -- C:\Windows\SysNative\drivers\ndis.sys
[2014/06/05 16:00:18 | 001,118,040 | ---- | M] (Microsoft Corporation) MD5=E4B4BE2D7750849C07589DA0B0AABA01 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17199_none_4a0df531fc06cc28\ndis.sys

< MD5 for: NETLOGON.DLL >
[2014/03/06 09:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) MD5=2468C21E34C49E4735B4BA430D448E91 -- C:\Windows\SysNative\netlogon.dll
[2014/03/06 09:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) MD5=2468C21E34C49E4735B4BA430D448E91 -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_ee9e39a60bd3552e\netlogon.dll
[2014/09/14 01:46:26 | 000,058,552 | ---- | M] () MD5=35048C9600694C3BF01D644D1AAE62BE -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_f8cac1a04051b0c6\netlogon.dll
[2014/03/06 08:29:17 | 000,688,640 | ---- | M] (Microsoft Corporation) MD5=582918F96C2B7E1E3AE17D08DB6DAC41 -- C:\Windows\SysWOW64\netlogon.dll
[2014/03/06 08:29:17 | 000,688,640 | ---- | M] (Microsoft Corporation) MD5=582918F96C2B7E1E3AE17D08DB6DAC41 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_f8f2e3f840341729\netlogon.dll
[2014/09/14 00:38:59 | 000,108,975 | ---- | M] () MD5=D817ED82C2A0E1CED9B396826F52F7CB -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_ee76174e0bf0eecb\netlogon.dll

< MD5 for: NVRAID.SYS >
[2013/08/22 14:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\Windows\SysNative\drivers\nvraid.sys
[2013/08/22 14:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvraid.sys
[2013/08/22 14:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2013/08/22 14:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\Windows\SysNative\drivers\nvstor.sys
[2013/08/22 14:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvstor.sys
[2013/08/22 14:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvstor.sys

< MD5 for: SCECLI.DLL >
[2013/08/22 04:48:17 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=1F142D5BD1C3869C5D902779B6FEC3EF -- C:\Windows\SysWOW64\scecli.dll
[2013/08/22 04:48:17 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=1F142D5BD1C3869C5D902779B6FEC3EF -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_3320ecb8e1733781\scecli.dll
[2013/08/22 11:55:43 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=1F1B8D07708E40E54C55B392C78ECCE2 -- C:\Windows\SysNative\scecli.dll
[2013/08/22 11:55:43 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=1F1B8D07708E40E54C55B392C78ECCE2 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_28cc4266ad127586\scecli.dll

< MD5 for: SMSS.EXE >
[2014/02/22 17:43:03 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\Windows\SysNative\smss.exe
[2014/02/22 17:43:03 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.17031_none_6f522891bc9cbe45\smss.exe

< MD5 for: SVCHOST.EXE >
[2013/08/22 07:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\SysWOW64\svchost.exe
[2013/08/22 07:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_4a5b1e2820e75323\svchost.exe
[2013/08/22 14:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\Windows\SysNative\svchost.exe
[2013/08/22 14:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459\svchost.exe

< MD5 for: TCPIP.SYS >
[2014/09/14 00:47:22 | 000,223,198 | ---- | M] () MD5=889B53B7C56665B0277CC00EF4051DE4 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17085_none_a3dd562d3a5c82ed\tcpip.sys
[2014/09/14 00:47:10 | 000,483,322 | ---- | M] () MD5=88BB7357D258AD2915307496DA6AC292 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16521_none_a41a54d33a2f4e0d\tcpip.sys
[2014/09/20 18:04:11 | 000,242,003 | ---- | M] () MD5=90511DE4535E8829764B1E1E220F56DB -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17136_none_a41467f93a330db6\tcpip.sys
[2014/09/14 00:47:28 | 000,225,256 | ---- | M] () MD5=A8DBD4B1BA356AA5C05F858E40FD0B08 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17088_none_a3e0570b3a59cef2\tcpip.sys
[2014/09/14 00:47:16 | 000,237,133 | ---- | M] () MD5=D40C5B54A079A4AE257C9619E1DF0D3F -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17039_none_a41766f13a305c94\tcpip.sys
[2014/09/14 00:47:03 | 000,487,478 | ---- | M] () MD5=F1DA84FCC72F5C107716C27DDBAA4D23 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16423_none_a41c53813a2d8394\tcpip.sys
[2014/07/24 16:57:08 | 002,515,264 | ---- | M] (Microsoft Corporation) MD5=FEBAA7D782E30882FFF1CBCBBE8AD467 -- C:\Windows\SysNative\drivers\tcpip.sys
[2014/07/24 16:57:08 | 002,515,264 | ---- | M] (Microsoft Corporation) MD5=FEBAA7D782E30882FFF1CBCBBE8AD467 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17238_none_a4166a733a313d8b\tcpip.sys

< MD5 for: USERINIT.EXE >
[2013/08/22 12:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\Windows\SysNative\userinit.exe
[2013/08/22 12:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_cce71a20a5a6fe7f\userinit.exe
[2013/08/22 04:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\Windows\SysWOW64\userinit.exe
[2013/08/22 04:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_70c87e9ced498d49\userinit.exe

< MD5 for: WINLOGON.EXE >
[2014/02/22 11:45:48 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- C:\Windows\SysNative\winlogon.exe
[2014/02/22 11:45:48 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17031_none_60b45365a8c2ccdb\winlogon.exe

< MD5 for: WS2_32.DLL >
[2013/08/22 07:17:54 | 000,313,488 | ---- | M] (Microsoft Corporation) MD5=428AF7FA03FF09CE1CD373ABFEBAD8A3 -- C:\Windows\SysWOW64\ws2_32.dll
[2013/08/22 07:17:54 | 000,313,488 | ---- | M] (Microsoft Corporation) MD5=428AF7FA03FF09CE1CD373ABFEBAD8A3 -- C:\Windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_87577549e9ef9b02\ws2_32.dll
[2013/08/22 15:25:35 | 000,355,872 | ---- | M] (Microsoft Corporation) MD5=6F997D98C6A30D79C622811FBAB9119E -- C:\Windows\SysNative\ws2_32.dll
[2013/08/22 15:25:35 | 000,355,872 | ---- | M] (Microsoft Corporation) MD5=6F997D98C6A30D79C622811FBAB9119E -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_e37610cda24d0c38\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[3 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[11 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\Panther\*.tmp files -> C:\Windows\Panther\*.tmp -> ]
[2 C:\Windows\System32\catroot\*.tmp files -> C:\Windows\System32\catroot\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014/09/07 01:46:23 | 000,000,000 | ---D | M] -- C:\Users\Eva\AppData\Roaming\Adobe
[2014/09/05 19:51:56 | 000,000,000 | ---D | M] -- C:\Users\Eva\AppData\Roaming\AVAST Software
[2014/09/05 21:12:22 | 000,000,000 | ---D | M] -- C:\Users\Eva\AppData\Roaming\Check Point Software Technologies LTD
[2014/09/05 19:58:38 | 000,000,000 | ---D | M] -- C:\Users\Eva\AppData\Roaming\GHISLER
[2014/09/06 09:39:50 | 000,000,000 | ---D | M] -- C:\Users\Eva\AppData\Roaming\Intel
[2014/09/05 21:02:43 | 000,000,000 | ---D | M] -- C:\Users\Eva\AppData\Roaming\IrfanView
[2014/09/06 10:04:16 | 000,000,000 | ---D | M] -- C:\Users\Eva\AppData\Roaming\Macromedia
[2014/09/19 19:34:07 | 000,000,000 | --SD | M] -- C:\Users\Eva\AppData\Roaming\Microsoft
[2014/09/08 09:32:48 | 000,000,000 | ---D | M] -- C:\Users\Eva\AppData\Roaming\ocoll2e
[2014/09/05 21:05:52 | 000,000,000 | ---D | M] -- C:\Users\Eva\AppData\Roaming\Opera Software
[2014/09/22 19:23:12 | 000,000,000 | ---D | M] -- C:\Users\Eva\AppData\Roaming\Skype
[2014/09/05 21:04:00 | 000,000,000 | ---D | M] -- C:\Users\Eva\AppData\Roaming\SUPERAntiSpyware.com
[2014/09/21 00:54:25 | 000,000,000 | ---D | M] -- C:\Users\Eva\AppData\Roaming\vlc
[2014/09/05 21:01:12 | 000,000,000 | ---D | M] -- C:\Users\Eva\AppData\Roaming\Winamp

< %APPDATA%\*.exe /s >
[2014/03/06 17:01:54 | 000,207,368 | ---- | M] (Check Point Software Technologies LTD) -- C:\Users\Eva\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\uninstall.exe
[2014/09/05 21:12:21 | 000,200,824 | ---- | M] (Check Point Software Technologies LTD) -- C:\Users\Eva\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\uninstall_d.exe
[2014/03/06 14:18:22 | 000,729,384 | ---- | M] (Check Point Software Technologies LTD) -- C:\Users\Eva\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarm4ffx.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"SUPERAntiSpyware" = C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe -- [2014/09/17 00:54:27 | 007,763,736 | ---- | M] (SUPERAntiSpyware)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014/09/22 19:28:39 | 000,000,512 | ---- | M] () MD5=662A32FA3E37D771BB7CF319C1348451 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2008/04/26 00:53:28 | 000,010,687 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\Oxford Word Skills Intermediate\OWS Intermediate CD-ROM\data\content\notebook_audio\cracked.mp3
[2008/04/28 20:51:54 | 000,017,165 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\Oxford Word Skills Intermediate\OWS Intermediate CD-ROM\data\content\wordlist_audio\cracked.mp3
[2014/09/20 14:28:13 | 000,003,072 | ---- | M] () -- \Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cracked.com_0.localstorage
[2014/09/20 14:28:13 | 000,003,608 | ---- | M] () -- \Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cracked.com_0.localstorage-journal

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2011/04/08 15:44:20 | 000,004,179 | ---- | M] () -- \! e v i c k a\= MUSIC =\SONGY\- ALBA -\P I N K\Pink - Can't Take Me Home 2000\READ ME !!! Storm-Uploaders.txt
[2011/04/08 15:44:20 | 000,004,179 | ---- | M] () -- \! e v i c k a\= MUSIC =\SONGY\- ALBA -\P I N K\Pink - Missundaztood 2001\READ ME !!! Storm-Uploaders.txt
[2011/04/08 15:44:20 | 000,004,179 | ---- | M] () -- \! e v i c k a\= MUSIC =\SONGY\- ALBA -\P I N K\Pink - Try This 2003\READ ME !!! Storm-Uploaders.txt
[2014/07/30 06:00:40 | 000,006,888 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Eva\AppData\Local\Pokki\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\0b58b62e0b6796431f68bebf7ecc5506382a4481\images\loader-2x.gif.vir
[2014/07/30 06:00:40 | 000,004,613 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Eva\AppData\Local\Pokki\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\0b58b62e0b6796431f68bebf7ecc5506382a4481\images\loader.gif.vir
[2014/01/23 07:54:38 | 000,268,440 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2014/01/23 07:54:38 | 000,019,080 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013/11/06 14:27:05 | 000,126,728 | ---- | M] () -- \Program Files (x86)\CyberLink\Face Login\Koan\pyloader.dll
[2013/11/06 06:06:35 | 000,021,556 | ---- | M] () -- \Program Files (x86)\CyberLink\Face Login\subsys\Uploader\PyUploader.kc
[2013/11/06 06:06:35 | 000,173,016 | ---- | M] () -- \Program Files (x86)\CyberLink\Face Login\subsys\Uploader\_PyUploader.pyd
[2008/12/15 17:19:10 | 000,002,828 | ---- | M] () -- \Program Files (x86)\Oxford\Oxford Collocations Dictionary\components\uriloader.xpt
[2014/09/05 19:50:53 | 000,071,968 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2014/09/05 19:50:53 | 000,085,376 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2014/02/09 12:01:58 | 000,003,282 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_01.scale-100.png
[2014/02/09 12:01:58 | 000,003,471 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_01.scale-140.png
[2014/02/09 12:01:58 | 000,001,754 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_01.scale-180.png
[2014/02/09 12:01:58 | 000,003,303 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_02.scale-100.png
[2014/02/09 12:01:58 | 000,003,447 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_02.scale-140.png
[2014/02/09 12:01:58 | 000,001,752 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_02.scale-180.png
[2014/02/09 12:01:58 | 000,003,290 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_03.scale-100.png
[2014/02/09 12:01:58 | 000,003,450 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_03.scale-140.png
[2014/02/09 12:01:58 | 000,001,745 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_03.scale-180.png
[2014/02/09 12:01:58 | 000,003,307 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_04.scale-100.png
[2014/02/09 12:01:58 | 000,003,478 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_04.scale-140.png
[2014/02/09 12:01:58 | 000,001,752 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_04.scale-180.png
[2014/02/09 12:01:58 | 000,003,272 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_05.scale-100.png
[2014/02/09 12:01:58 | 000,003,456 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_05.scale-140.png
[2014/02/09 12:01:58 | 000,001,752 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_05.scale-180.png
[2014/02/09 12:01:58 | 000,003,303 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_06.scale-100.png
[2014/02/09 12:01:58 | 000,003,458 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_06.scale-140.png
[2014/02/09 12:01:58 | 000,001,754 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_06.scale-180.png
[2014/02/09 12:01:58 | 000,003,286 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_07.scale-100.png
[2014/02/09 12:01:58 | 000,003,469 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_07.scale-140.png
[2014/02/09 12:01:58 | 000,001,766 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_07.scale-180.png
[2014/02/09 12:01:58 | 000,003,298 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_08.scale-100.png
[2014/02/09 12:01:58 | 000,003,456 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_08.scale-140.png
[2014/02/09 12:01:58 | 000,001,745 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_08.scale-180.png
[2014/06/20 00:08:50 | 000,000,856 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.BingTravel_3.0.2.309_x64__8wekyb3d8bbwe\js\HtmlFileLoader.js
[2014/06/20 00:03:56 | 000,001,160 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\modernpeople\appframe\backgroundloader.js
[2014/06/20 00:04:06 | 000,004,996 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\modernshareanything\sharedataloader.js
[2014/06/20 00:04:07 | 000,002,125 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\modernsharetarget\sharemaildataloader.js
[2014/06/20 00:16:23 | 000,043,128 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2014/09/05 20:40:25 | 000,018,544 | ---- | M] () -- \Users\Eva\AppData\Local\Microsoft\Windows\INetCache\IE\HQLCDVBY\AdLoader-0ee9685baf8ff395a7119d551063e2d4.min[1].js
[2014/09/10 23:12:13 | 000,018,715 | ---- | M] () -- \Users\Eva\AppData\Local\Microsoft\Windows\INetCache\IE\LCVFDBNV\AdLoader-a5fa12058ddb9a8919d6906ba95d7c57.min[1].js
[2014/09/10 23:12:12 | 000,001,980 | ---- | M] () -- \Users\Eva\AppData\Local\Microsoft\Windows\INetCache\IE\V5HJ5RC6\AdLoader[1].htm
[2014/09/18 16:59:13 | 000,002,942 | ---- | M] () -- \Users\Eva\AppData\Local\Microsoft\Windows\INetCache\Low\IE\07TRGBPD\rmsloaderdelayed[1].js
[2014/09/19 16:57:19 | 000,002,942 | ---- | M] () -- \Users\Eva\AppData\Local\Microsoft\Windows\INetCache\Low\IE\12K6J873\rmsloaderdelayed[1].js
[2014/09/06 10:03:21 | 000,002,942 | ---- | M] () -- \Users\Eva\AppData\Local\Microsoft\Windows\INetCache\Low\IE\EP6IH0V8\rmsloaderdelayed[1].js
[2014/07/24 14:53:16 | 000,072,638 | ---- | M] () -- \Users\Eva\AppData\Local\Skype\Apps\login\images\loader.gif
[2014/07/24 14:53:16 | 000,003,032 | ---- | M] () -- \Users\Eva\AppData\Local\Skype\Apps\login\images\loader.png
[2014/07/24 14:53:16 | 000,006,012 | ---- | M] () -- \Users\Eva\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014/07/24 14:53:16 | 000,021,956 | ---- | M] () -- \Users\Eva\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014/07/24 14:53:16 | 000,009,772 | ---- | M] () -- \Users\Eva\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2013/08/22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 05:55:19 | 000,036,352 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013/08/22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 05:55:19 | 000,036,352 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2013/08/22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2014/03/31 06:56:23 | 000,592,677 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.efi
[2014/03/31 06:56:21 | 000,536,051 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.exe
[2014/09/14 00:01:18 | 000,598,463 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17031_none_2142a5b03956989d\hvloader.efi
[2014/09/14 00:01:16 | 000,542,292 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17031_none_2142a5b03956989d\hvloader.exe
[2014/09/14 00:01:28 | 000,598,454 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17039_none_214aa800394f6355\hvloader.efi
[2014/09/14 00:01:25 | 000,542,288 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17039_none_214aa800394f6355\hvloader.exe
[2013/08/22 13:21:30 | 000,046,592 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_36b27bfc6399d5ce\dmloader.dll
[2013/08/22 15:25:37 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:37 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:36 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 13:45:31 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 13:45:33 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 13:45:35 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 13:45:30 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 13:45:40 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 13:45:44 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-1.dll
[2014/06/20 00:41:27 | 000,000,465 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb.manifest
[2014/09/14 02:21:24 | 000,009,588 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winload.efi.mui_35ee487d
[2014/09/14 02:21:24 | 000,009,604 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winload.exe.mui_3bc5b827
[2014/09/14 02:21:24 | 000,007,885 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winresume.efi.mui_f412814e
[2014/09/14 02:21:24 | 000,007,900 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winresume.exe.mui_ff8b5358
[2014/03/31 05:47:52 | 000,000,462 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759.manifest
[2014/03/31 07:05:28 | 000,009,321 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759_winload.efi.mui_35ee487d
[2014/03/31 07:05:28 | 000,009,332 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759_winload.exe.mui_3bc5b827
[2014/03/31 07:05:28 | 000,007,774 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759_winresume.efi.mui_f412814e
[2014/03/31 07:05:28 | 000,007,774 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759_winresume.exe.mui_ff8b5358
[2014/09/19 23:12:40 | 000,000,547 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd.manifest
[2014/09/20 18:19:59 | 000,724,249 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winload.efi_75834aa0
[2014/09/20 18:20:02 | 000,660,625 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winload.exe_75835076
[2014/09/20 18:20:04 | 000,646,411 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winresume.efi_85cd069f
[2014/09/20 18:20:07 | 000,587,303 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winresume.exe_85cd1215
[2013/08/22 17:34:52 | 000,000,596 | ---- | M] () -- \Windows\WinSxS\FileMaps\programdata_microsoft_network_downloader_7fafaef6d33e4371.cdf-ms
[2014/06/19 23:57:22 | 000,000,463 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_2400ceb4d1008089.manifest
[2013/08/22 21:08:49 | 000,000,459 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_en-us_67571a10b7fadce7.manifest
[2014/06/20 00:40:28 | 000,000,465 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb.manifest
[2014/03/31 05:41:31 | 000,000,462 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759.manifest
[2013/08/22 17:22:38 | 000,000,542 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16384_none_4be51a3d409de6bc.manifest
[2014/03/31 04:33:37 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16411_none_4c2dcab94067d447.manifest
[2014/03/31 04:29:55 | 000,000,546 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16415_none_4c31cbe1406439a3.manifest
[2014/03/31 05:04:36 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16452_none_4c038b5340875d62.manifest
[2014/03/31 05:41:39 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17031_none_4c180c814078312e.manifest
[2014/09/17 23:05:14 | 000,000,547 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd.manifest
[2013/08/22 05:55:19 | 000,036,352 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_da93e078ab3c6498\dmloader.dll
[2013/08/22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-1.dll
[2014/01/17 18:07:06 | 000,004,613 | ---- | M] () -- \zoek_backup\C_Users_Default User_AppData_Local_Pokki\Engine\frames\frame\loader.gif
[2014/01/17 18:07:06 | 000,006,888 | ---- | M] () -- \zoek_backup\C_Users_Default User_AppData_Local_Pokki\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\images\loader-2x.gif
[2014/01/17 18:07:06 | 000,004,613 | ---- | M] () -- \zoek_backup\C_Users_Default User_AppData_Local_Pokki\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\images\loader.gif
[2014/01/17 18:07:06 | 000,004,613 | ---- | M] () -- \zoek_backup\C_Users_Default_AppData_Local_Pokki\Engine\frames\frame\loader.gif
[2014/01/17 18:07:06 | 000,006,888 | ---- | M] () -- \zoek_backup\C_Users_Default_AppData_Local_Pokki\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\images\loader-2x.gif
[2014/01/17 18:07:06 | 000,004,613 | ---- | M] () -- \zoek_backup\C_Users_Default_AppData_Local_Pokki\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\images\loader.gif

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2011/01/27 20:48:32 | 000,043,093 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Fact Sheets\serial_ff08.pdf
[2011/01/27 20:26:32 | 000,039,902 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Fact Sheets\serial_ff09.pdf
[2011/01/27 20:26:32 | 000,043,081 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Fact Sheets\serial_ff10.pdf
[2011/01/27 20:26:32 | 000,041,984 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Fact Sheets\serial_ff11.pdf
[2011/01/27 19:55:18 | 000,045,976 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Fact Sheets\serial_ff12.pdf
[2011/01/27 19:55:18 | 000,050,023 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Fact Sheets\serial_ff13.pdf
[2011/01/27 20:04:02 | 000,052,418 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Fact Sheets\serial_ff14.pdf
[2011/01/27 20:04:02 | 000,052,289 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Fact Sheets\serial_ff15.pdf
[2011/01/27 20:04:02 | 000,038,672 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Fact Sheets\serial_ff16.pdf
[2011/01/27 20:49:18 | 000,049,756 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Fact Sheets\serial_ff17.pdf
[2011/01/27 20:49:18 | 000,057,775 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Fact Sheets\serial_ff18.pdf
[2011/01/27 20:49:18 | 000,031,614 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Fact Sheets\serial_ff19.pdf
[2011/01/27 20:49:18 | 000,174,632 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Fact Sheets\serial_ff20.pdf
[2011/01/27 20:45:58 | 000,126,799 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Fact Sheets\serial_ff21.pdf
[2011/01/27 20:45:58 | 000,051,940 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Fact Sheets\serial_ff22.pdf
[2011/01/27 20:45:58 | 000,036,982 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Fact Sheets\serial_ff23.pdf
[2011/01/27 20:45:58 | 000,062,178 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Fact Sheets\serial_ff24.pdf
[2011/01/27 20:05:58 | 000,129,123 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Fact Sheets\serial_ff25.pdf
[2011/01/27 20:05:58 | 000,066,382 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Fact Sheets\serial_ff26.pdf
[2011/01/27 20:05:58 | 000,128,936 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Fact Sheets\serial_ff27.pdf
[2011/01/27 20:32:26 | 000,061,015 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Fact Sheets\serial_ff28.pdf
[2011/01/27 20:32:26 | 000,051,563 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Fact Sheets\serial_ff29.pdf
[2011/01/27 20:32:28 | 000,043,876 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Fact Sheets\serial_ff30.pdf
[2011/01/27 19:57:24 | 000,071,987 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Fact Sheets\serial_ff31.pdf
[2011/01/27 20:42:14 | 000,151,185 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Funsheets\serial_funsheets23_00.pdf
[2011/01/27 20:47:14 | 000,047,024 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Funsheets\serial_funsheets24_00.pdf
[2011/01/27 20:47:14 | 000,058,932 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Funsheets\serial_funsheets25_00.pdf
[2011/01/27 20:47:14 | 000,034,109 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Funsheets\serial_funsheets26_00.pdf
[2011/01/27 20:47:14 | 000,050,719 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Funsheets\serial_funsheets27_00.pdf
[2011/01/27 20:36:40 | 000,038,646 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Funsheets\serial_funsheets28_00.pdf
[2011/01/27 20:36:40 | 000,064,083 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Funsheets\serial_funsheets29_00.pdf
[2011/01/27 20:36:40 | 000,060,246 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Funsheets\serial_funsheets30_00.pdf
[2011/01/27 20:28:42 | 000,071,837 | ---- | M] () -- \! e v i c k a\- TEACHING -\AJ\!_učebnice\x_ostatni - PROBRAT!!!\ESL,E-BOOKS\Upload Pack 2\Reading\Tommy Tales\Funsheets\serial_funsheets31_00.pdf
[2004/05/03 12:11:12 | 000,019,456 | ---- | M] () -- \! e v i c k a\= FILMY =\= ! OSTATNI =\= CINEMA =\rejstřík 2003\dokument wordu\Serialy2.doc
[2014/07/09 03:45:06 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2014/07/09 03:45:33 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2014/06/20 00:02:01 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2014/06/20 00:02:01 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/06/24 00:12:42 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/20 00:02:02 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2014/07/09 03:45:06 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014/09/10 23:50:19 | 002,803,200 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\cf112546e5e77b821db19d8b958cfeee\System.Runtime.Serialization.ni.dll
[2014/09/10 23:50:19 | 000,000,980 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\cf112546e5e77b821db19d8b958cfeee\System.Runtime.Serialization.ni.dll.aux
[2014/09/15 02:36:21 | 000,009,728 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtdf6812ee#\d7c19ec0784ce130d53d43af71a371db\System.Runtime.Serialization.Primitives.ni.dll
[2014/09/15 02:36:21 | 000,000,300 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtdf6812ee#\d7c19ec0784ce130d53d43af71a371db\System.Runtime.Serialization.Primitives.ni.dll.aux
[2014/09/10 22:52:19 | 003,529,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\f6de3320a1178d9bfd2ec30bc8b07bc0\System.Runtime.Serialization.ni.dll
[2014/09/10 22:52:19 | 000,000,980 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\f6de3320a1178d9bfd2ec30bc8b07bc0\System.Runtime.Serialization.ni.dll.aux
[2013/08/22 17:32:39 | 000,001,032 | ---- | M] () -- \Windows\Inf\c_multiportserial.inf
[2014/06/20 00:02:10 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/10 02:55:16 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 02:55:16 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013/08/10 02:55:16 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2014/06/05 05:33:14 | 000,113,952 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013/08/10 02:55:16 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2014/07/24 05:20:32 | 001,059,536 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/08/10 02:55:49 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013/08/10 02:55:49 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2014/06/24 00:12:42 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/20 00:01:59 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/07/09 03:45:07 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014/07/24 05:20:32 | 001,059,536 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013/08/10 02:55:16 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 02:55:16 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/08/10 02:55:16 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/08/10 02:55:16 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/08/10 02:55:49 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013/08/10 02:55:49 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2014/06/20 00:02:10 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/06/05 05:33:14 | 000,113,952 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2014/06/24 00:12:50 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/20 00:01:58 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2014/07/09 03:45:34 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014/07/24 05:20:21 | 001,059,536 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013/08/10 02:41:27 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 02:41:27 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/08/10 02:41:28 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/08/10 02:41:28 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/08/10 02:42:08 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013/08/10 02:42:08 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2014/06/20 00:02:06 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/06/05 05:33:14 | 000,113,952 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2013/08/22 23:12:22 | 000,008,827 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~cs-CZ~6.3.9600.16384.cat
[2013/08/22 22:40:12 | 000,000,781 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~cs-CZ~6.3.9600.16384.mum
[2013/08/22 15:08:06 | 000,008,830 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~en-US~6.3.9600.16384.cat
[2013/08/22 14:36:48 | 000,000,781 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~en-US~6.3.9600.16384.mum
[2013/08/22 14:55:01 | 000,008,827 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat
[2013/08/22 08:47:48 | 000,000,511 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.mum
[2013/08/22 05:48:16 | 000,015,872 | ---- | M] () -- \Windows\System32\serialui.dll
[2013/08/22 23:12:22 | 000,008,827 | ---- | M] () -- \Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~cs-CZ~6.3.9600.16384.cat
[2013/08/22 15:08:06 | 000,008,830 | ---- | M] () -- \Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~en-US~6.3.9600.16384.cat
[2013/08/22 14:55:01 | 000,008,827 | ---- | M] () -- \Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat
[2014/06/20 00:01:20 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2013/08/22 21:09:15 | 000,000,232 | ---- | M] () -- \Windows\System32\DriverStore\en-US\c_multiportserial.inf_loc
[2013/08/22 08:57:38 | 000,001,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\c_multiportserial.inf_amd64_7875073d426d59a6\c_multiportserial.inf
[2013/08/22 13:40:08 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_1be60ad3a61e5531\serial.sys
[2013/08/22 21:09:21 | 000,005,120 | ---- | M] () -- \Windows\System32\en-US\serialui.dll.mui
[2013/08/22 05:48:16 | 000,015,872 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2014/06/20 00:01:20 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2013/08/22 21:09:21 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\en-US\serialui.dll.mui
[2013/08/22 21:09:15 | 000,000,232 | ---- | M] () -- \Windows\WinSxS\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_35eaebe6834354eb\c_multiportserial.inf_loc
[2013/08/22 08:57:38 | 000,001,032 | ---- | M] () -- \Windows\WinSxS\amd64_c_multiportserial.inf_31bf3856ad364e35_6.3.9600.16384_none_91b10a007e43beff\c_multiportserial.inf
[2014/09/14 00:32:36 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_b0eacafe7f4d1992\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2014/06/20 00:01:58 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.17226_cs-cz_b12d926c7f1ac114\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2014/09/14 00:32:40 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.20708_cs-cz_b1ceee03982636a5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2014/06/20 00:01:20 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_3f29419cb7a1caf0\serialui.dll.mui
[2013/08/22 21:09:21 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.3.9600.16384_en-us_827f8cf89e9c274e\serialui.dll.mui
[2013/08/22 13:13:54 | 000,017,920 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.3.9600.16384_none_e5c00198f2a1c32d\serialui.dll
[2014/09/14 00:52:20 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_4e32729c2675dfcf\System.RunTime.Serialization.Resources.dll
[2014/06/20 00:02:01 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.3.9600.17226_cs-cz_4e753a0a26438751\System.RunTime.Serialization.Resources.dll
[2014/09/14 00:52:22 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.3.9600.20708_cs-cz_4f1695a13f4efce2\System.RunTime.Serialization.Resources.dll
[2014/06/20 00:01:03 | 000,009,728 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_b574829120336a99\serial.sys.mui
[2013/08/22 21:09:15 | 000,010,240 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_f8cacded072dc6f7\serial.sys.mui
[2013/08/22 13:40:08 | 000,083,456 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf_31bf3856ad364e35_6.3.9600.16384_none_e95610bc8c554aa7\serial.sys
[2014/09/14 01:02:38 | 000,003,691 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..alization.resources_b03f5f7f11d50a3a_4.0.9600.16384_cs-cz_1da5c476c59b0e5b\System.RunTime.Serialization.resources.dll
[2014/06/05 05:33:14 | 000,113,952 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..alization.resources_b03f5f7f11d50a3a_4.0.9600.17238_cs-cz_1da069eec59ff302\System.RunTime.Serialization.resources.dll
[2014/09/14 01:02:39 | 000,003,304 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..alization.resources_b03f5f7f11d50a3a_4.0.9600.20720_cs-cz_06d276aedf4770c6\System.RunTime.Serialization.resources.dll
[2013/08/10 02:41:27 | 000,142,104 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9600.16384_none_f73c7de0bb1de286\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 02:41:28 | 000,029,432 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..lization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_64635c6af076b012\System.Runtime.Serialization.Primitives.dll
[2014/06/20 00:02:06 | 000,027,920 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..ters.soap.resources_b03f5f7f11d50a3a_4.0.9600.16384_cs-cz_65f374ee29342685\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/10 02:41:27 | 000,029,392 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_031841e9b021a288\System.Runtime.Serialization.Json.dll
[2013/08/10 02:41:28 | 000,029,896 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_ea3019bcd508d7f5\System.Runtime.Serialization.Xml.dll
[2014/09/14 01:02:46 | 000,018,929 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_afcfdcce0af8e4ba\System.Runtime.Serialization.dll
[2014/07/24 05:20:21 | 001,059,536 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.17238_none_afca82460afdc961\System.Runtime.Serialization.dll
[2014/09/14 01:02:50 | 000,004,122 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.20720_none_98fc8f0624a54725\System.Runtime.Serialization.dll
[2013/08/10 02:42:08 | 000,045,720 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_1f92ce7ac9b9f399\System.Xml.Serialization.dll
[2013/08/10 02:42:08 | 000,029,848 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_0b1c65bd7b1ef04c\System.Xml.XmlSerializer.dll
[2014/09/14 01:00:12 | 000,000,531 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.16384_none_f057a9271ce694b1\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/24 00:12:50 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.17226_none_f0517be51cec2cbf\System.Runtime.Serialization.Formatters.Soap.dll
[2014/09/14 01:00:12 | 000,000,491 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.20708_none_d981a48b36959176\System.Runtime.Serialization.Formatters.Soap.dll
[2014/09/14 01:07:04 | 000,000,643 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.16384_none_9fc99c9c7c4c05c7\System.Runtime.Serialization.dll
[2014/09/14 01:07:08 | 000,000,425 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.17226_none_9fc36f5a7c519dd5\System.Runtime.Serialization.dll
[2014/07/09 03:45:34 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.17231_none_9fc4e18c7c503707\System.Runtime.Serialization.dll
[2014/09/14 01:07:10 | 000,000,440 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.20708_none_88f3980095fb028c\System.Runtime.Serialization.dll
[2014/09/14 01:07:13 | 000,000,619 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.20717_none_88f4af1295fa0242\System.Runtime.Serialization.dll
[2014/09/14 01:07:16 | 000,000,643 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_daa0a966d0440060\System.Runtime.Serialization.dll
[2014/09/14 01:07:20 | 000,000,425 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_da9a7c24d049986e\System.Runtime.Serialization.dll
[2014/07/09 03:45:33 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17231_none_da9bee56d04831a0\System.Runtime.Serialization.dll
[2014/09/14 01:07:23 | 000,000,440 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_c3caa4cae9f2fd25\System.Runtime.Serialization.dll
[2014/09/14 01:07:25 | 000,000,619 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20717_none_c3cbbbdce9f1fcdb\System.Runtime.Serialization.dll
[2014/06/19 23:53:47 | 000,000,276 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf-languagepack_31bf3856ad364e35_6.3.9600.16384_cs-cz_c3036df581d2c4e4.manifest
[2013/08/22 21:08:17 | 000,000,281 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf-languagepack_31bf3856ad364e35_6.3.9600.16384_en-us_0659b95168cd2142.manifest
[2013/08/22 21:08:30 | 000,000,249 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_35eaebe6834354eb.manifest
[2013/08/22 17:20:14 | 000,000,210 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf_31bf3856ad364e35_6.3.9600.16384_none_91b10a007e43beff.manifest
[2013/08/22 15:25:34 | 000,000,297 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.3.9600.16384_none_0273ed2980a1f589.manifest
[2013/08/22 17:22:11 | 000,001,512 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-serial-classextension_31bf3856ad364e35_6.3.9600.16384_none_26d3123b2d2a9360.manifest
[2013/08/22 17:22:07 | 000,000,110 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.3.9600.16384_none_1d7b32f2da6cfe0c.manifest
[2013/08/22 17:24:27 | 000,000,402 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_031841e9b021a288.manifest
[2013/08/22 17:24:29 | 000,000,401 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_ea3019bcd508d7f5.manifest
[2013/08/22 17:24:24 | 000,000,420 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_afcfdcce0af8e4ba.manifest
[2014/09/10 01:25:37 | 000,000,420 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.17238_none_afca82460afdc961.manifest
[2014/09/10 01:25:37 | 000,000,413 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.20720_none_98fc8f0624a54725.manifest
[2013/08/22 17:24:28 | 000,000,397 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_1f92ce7ac9b9f399.manifest
[2013/08/22 17:24:27 | 000,000,403 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_0b1c65bd7b1ef04c.manifest
[2013/08/22 17:24:13 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.16384_none_9fc99c9c7c4c05c7.manifest
[2014/09/10 20:35:44 | 000,000,404 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.17226_none_9fc36f5a7c519dd5.manifest
[2014/09/10 20:34:09 | 000,000,404 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.17231_none_9fc4e18c7c503707.manifest
[2014/09/10 20:35:44 | 000,000,407 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.20708_none_88f3980095fb028c.manifest
[2014/09/10 20:34:09 | 000,000,406 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.20717_none_88f4af1295fa0242.manifest
[2013/08/22 17:24:13 | 000,000,416 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_daa0a966d0440060.manifest
[2014/09/10 20:35:44 | 000,000,413 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_da9a7c24d049986e.manifest
[2014/09/10 20:34:09 | 000,000,412 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17231_none_da9bee56d04831a0.manifest
[2014/09/10 20:35:44 | 000,000,415 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_c3caa4cae9f2fd25.manifest
[2014/09/10 20:34:09 | 000,000,414 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20717_none_c3cbbbdce9f1fcdb.manifest
[2013/08/22 17:24:29 | 000,000,418 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_61eedd30ec040245.manifest
[2013/08/22 17:24:24 | 000,000,430 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_dde82ee214ba2d3d.manifest
[2013/08/22 17:24:13 | 000,000,400 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.16384_none_ed2ffed67c428df1.manifest
[2014/09/10 20:35:44 | 000,000,399 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.17226_none_ed29d1947c4825ff.manifest
[2014/09/10 20:34:09 | 000,000,401 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.17231_none_ed2b43c67c46bf31.manifest
[2014/09/10 20:35:44 | 000,000,399 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.20708_none_d659fa3a95f18ab6.manifest
[2014/09/10 20:34:09 | 000,000,401 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.20717_none_d65b114c95f08a6c.manifest
[2014/06/19 23:58:57 | 000,000,448 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.16384_cs-cz_25789e4d6d93f144.manifest
[2013/08/22 21:08:58 | 000,000,149 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.16384_en-us_80951863a93f3c56.manifest
[2014/09/10 01:25:36 | 000,000,449 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.17238_cs-cz_257343c56d98d5eb.manifest
[2014/09/10 01:25:35 | 000,000,149 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.17238_en-us_808fbddba94420fd.manifest
[2014/09/10 01:25:36 | 000,000,445 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.20720_cs-cz_0ea55085874053af.manifest
[2014/09/10 01:25:35 | 000,000,148 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.20720_en-us_69c1ca9bc2eb9ec1.manifest
[2014/06/19 23:58:35 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.16384_cs-cz_7adb458f8b8eae0b.manifest
[2013/08/22 21:08:56 | 000,000,152 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.16384_en-us_d5f7bfa5c739f91d.manifest
[2014/09/10 20:35:43 | 000,000,406 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.17226_cs-cz_7ad5184d8b944619.manifest
[2014/09/10 20:35:42 | 000,000,151 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.17226_en-us_d5f19263c73f912b.manifest
[2014/09/10 20:34:09 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.17231_cs-cz_7ad68a7f8b92df4b.manifest
[2014/09/10 20:34:08 | 000,000,152 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.17231_en-us_d5f30495c73e2a5d.manifest
[2014/09/10 20:35:43 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.20708_cs-cz_640540f3a53daad0.manifest
[2014/09/10 20:35:42 | 000,000,151 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.20708_en-us_bf21bb09e0e8f5e2.manifest
[2014/09/10 20:34:08 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.20717_cs-cz_64065805a53caa86.manifest
[2014/09/10 20:34:08 | 000,000,152 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.20717_en-us_bf22d21be0e7f598.manifest
[2013/08/22 17:24:24 | 000,000,419 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_0d0d9cf22bac10f4.manifest
[2013/08/22 17:24:27 | 000,000,471 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.16384_none_c8108d2e85eed25d.manifest
[2014/09/10 01:25:37 | 000,000,471 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.17238_none_c80b32a685f3b704.manifest
[2014/09/10 01:25:37 | 000,000,465 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.20720_none_b13d3f669f9b34c8.manifest
[2013/08/22 17:24:13 | 000,000,422 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.16384_none_1d733470a3e98f24.manifest
[2014/09/10 20:35:44 | 000,000,421 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.17226_none_1d6d072ea3ef2732.manifest
[2014/09/10 20:34:09 | 000,000,422 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.17231_none_1d6e7960a3edc064.manifest
[2014/09/10 20:35:44 | 000,000,421 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.20708_none_069d2fd4bd988be9.manifest
[2014/09/10 20:34:09 | 000,000,423 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.20717_none_069e46e6bd978b9f.manifest
[2013/08/22 17:24:28 | 000,000,447 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.serialization_b77a5c561934e089_4.0.9600.16384_none_5aaf0d34c0033202.manifest
[2013/08/22 17:24:24 | 000,000,420 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_3cc4c9f9340d8755.manifest
[2013/08/22 17:24:56 | 000,000,411 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_224de03de4c02966.manifest
[2014/09/10 20:35:43 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_2247b2fbe4c5c174.manifest
[2014/09/10 20:34:09 | 000,000,412 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17231_none_2249252de4c45aa6.manifest
[2014/09/10 20:35:43 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_0b77dba1fe6f262b.manifest
[2014/09/10 20:34:09 | 000,000,411 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20717_none_0b78f2b3fe6e25e1.manifest
[2013/08/10 02:55:16 | 000,142,104 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9600.16384_none_0dbd81c1c9e100df\System.Runtime.Serialization.Formatters.Soap.dll
[2014/09/14 01:16:00 | 000,000,531 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.16384_none_63202903e7dbbda6\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/24 00:12:42 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.17226_none_6319fbc1e7e155b4\System.Runtime.Serialization.Formatters.Soap.dll
[2014/09/14 01:16:01 | 000,000,491 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.20708_none_4c4a2468018aba6b\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/20 00:02:10 | 000,027,920 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_4.0.9600.16384_cs-cz_c6e6982dc37909d8\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/09/14 01:16:02 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.3.9600.16384_cs-cz_1c493f6fe173c69f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/06/20 00:02:01 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.3.9600.17226_cs-cz_1c43122de1795ead\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/09/14 01:16:02 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.3.9600.20708_cs-cz_05733ad3fb22c364\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/10 02:55:16 | 000,029,392 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_61eedd30ec040245\System.Runtime.Serialization.Json.dll
[2013/08/10 02:55:16 | 000,029,432 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_dde82ee214ba2d3d\System.Runtime.Serialization.Primitives.dll
[2014/09/14 01:16:05 | 000,000,663 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.16384_none_ed2ffed67c428df1\System.Runtime.Serialization.dll
[2014/09/14 01:16:08 | 000,000,436 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.17226_none_ed29d1947c4825ff\System.Runtime.Serialization.dll
[2014/07/09 03:45:07 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.17231_none_ed2b43c67c46bf31\System.Runtime.Serialization.dll
[2014/09/14 01:16:10 | 000,000,452 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.20708_none_d659fa3a95f18ab6\System.Runtime.Serialization.dll
[2014/09/14 01:16:13 | 000,000,632 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.20717_none_d65b114c95f08a6c\System.Runtime.Serialization.dll
[2014/09/14 01:16:14 | 000,003,691 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.16384_cs-cz_25789e4d6d93f144\System.RunTime.Serialization.resources.dll
[2014/06/05 05:33:14 | 000,113,952 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.17238_cs-cz_257343c56d98d5eb\System.RunTime.Serialization.resources.dll
[2014/09/14 01:16:15 | 000,003,304 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.20720_cs-cz_0ea55085874053af\System.RunTime.Serialization.resources.dll
[2014/09/14 01:16:15 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.16384_cs-cz_7adb458f8b8eae0b\System.RunTime.Serialization.Resources.dll
[2014/09/14 01:16:16 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.17226_cs-cz_7ad5184d8b944619\System.RunTime.Serialization.Resources.dll
[2014/06/20 00:02:02 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.17231_cs-cz_7ad68a7f8b92df4b\System.RunTime.Serialization.Resources.dll
[2014/09/14 01:16:16 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.20708_cs-cz_640540f3a53daad0\System.RunTime.Serialization.Resources.dll
[2014/09/14 01:16:16 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.20717_cs-cz_64065805a53caa86\System.RunTime.Serialization.Resources.dll
[2013/08/10 02:55:16 | 000,029,896 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_0d0d9cf22bac10f4\System.Runtime.Serialization.Xml.dll
[2014/09/14 01:16:20 | 000,018,929 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.16384_none_c8108d2e85eed25d\System.Runtime.Serialization.dll
[2014/07/24 05:20:32 | 001,059,536 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.17238_none_c80b32a685f3b704\System.Runtime.Serialization.dll
[2014/09/14 01:16:23 | 000,004,122 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.20720_none_b13d3f669f9b34c8\System.Runtime.Serialization.dll
[2014/09/14 01:16:25 | 000,000,663 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.16384_none_1d733470a3e98f24\System.Runtime.Serialization.dll
[2014/09/14 01:16:28 | 000,000,436 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.17226_none_1d6d072ea3ef2732\System.Runtime.Serialization.dll
[2014/07/09 03:45:06 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.17231_none_1d6e7960a3edc064\System.Runtime.Serialization.dll
[2014/09/14 01:16:31 | 000,000,452 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.20708_none_069d2fd4bd988be9\System.Runtime.Serialization.dll
[2014/09/14 01:16:34 | 000,000,632 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.20717_none_069e46e6bd978b9f\System.Runtime.Serialization.dll
[2013/08/10 02:55:49 | 000,045,720 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.serialization_b77a5c561934e089_4.0.9600.16384_none_5aaf0d34c0033202\System.Xml.Serialization.dll
[2013/08/10 02:55:49 | 000,029,848 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_3cc4c9f9340d8755\System.Xml.XmlSerializer.dll
[2014/09/14 02:05:06 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_54cc2f7ac6efa85c\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/06/20 00:01:59 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.17226_cs-cz_550ef6e8c6bd4fde\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/09/14 02:05:13 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.20708_cs-cz_55b0527fdfc8c56f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/06/20 00:01:20 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_e30aa618ff4459ba\serialui.dll.mui
[2013/08/22 21:09:21 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.3.9600.16384_en-us_2660f174e63eb618\serialui.dll.mui
[2013/08/22 05:48:16 | 000,015,872 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.3.9600.16384_none_89a166153a4451f7\serialui.dll
[2014/09/14 02:16:22 | 000,000,663 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_224de03de4c02966\System.Runtime.Serialization.dll
[2014/09/14 02:16:25 | 000,000,436 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_2247b2fbe4c5c174\System.Runtime.Serialization.dll
[2014/07/09 03:45:06 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17231_none_2249252de4c45aa6\System.Runtime.Serialization.dll
[2014/09/14 02:16:28 | 000,000,452 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_0b77dba1fe6f262b\System.Runtime.Serialization.dll
[2014/09/14 02:16:31 | 000,000,632 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20717_none_0b78f2b3fe6e25e1\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 237 bytes -> C:\Users\Eva\OneDrive:ms-properties

< End of report >

VIRY.CZ

preventivka

Re: preventivka

Re: preventivka

Re: preventivka

Re: preventivka

Re: preventivka

Re: preventivka

Re: preventivka

Re: preventivka

Re: preventivka

Re: preventivka

Re: preventivka

Re: preventivka

Re: preventivka

Re: preventivka

Re: preventivka